Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 55876 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

On-access scanning disabled itself, will not allow me to turn it back on; on-demand scan not working

suzanne

Hello and thank you in advance to anyone who can help me.  I have two issues:

(1) On-access scanning turned itself off and I am not able to turn it back on.  When I clicked on the button next to "the on-access scanner is off", it just says "Start scanning" and is greyed.

(2) When I try to do an on-demand scan, it scans for less than a second and stops.  Message says no threats but "issues detected".

Here is a log I came across if this helps:

Sophos Anti-Virus
Product version: 9.2.7
Copyright Copyright 1993-2012 Sophos Ltd. All rights reserved.

Scan name: "Scan Local Drives"
Scan items:
Configuration:
    Scan inside archives and compressed files: Yes
    Automatically clean up threats: Yes
    Action on infected files: Delete
    Live Protection enabled: Yes

Scan started at 2015-08-07 15:38:45 -0400

New volume detected at /
Unable to initialize threat detection engine: virus data missing or unusable.

Scan stopped at 2015-08-07 15:38:45 -0400.

:1021535


This thread was automatically locked due to age.
  • 0

    Forgot to mention th at I rebooted and nothing changed.

    This is a new MacBook Pro, maybe a month old, running Yosemite 10.10.4

    :1021536
  • 0

    Hello suzanne,

    Can you tell me what files you have in the folder "/Library/Sophos Anti-Virus/VDL"? I'm guessing its empty, but want to confirm.

    The product should eventually fix itself but you can prompt it by running this command from the Terminal:

    sudo /Library/Caches/com.sophos.sau/CID/Sophos\ Installer.app/Contents/MacOS/tools/InstallationDeployer --install

    That should run the installer to "repair" the current installation.

    I'd really like to get a copy of the log file "/var/log/install.log" from your computer, to better understand where things might have gone wrong.

    :1021537

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

  • 0

    Thank you so much for your quick reply.  I am running out now for a couple hours but would like to get you all the information you've requested.  I'm not very technical.  The more information you could give me about how to do that, the faster I can do that.

    :1021538
  • 0

    Hello suzanne,

    In the Applications folder, inside the Utilities folder, you can find an application "Console" which allows you to view log files on your system. You can select which log to view on the left side. This will allow you to see the file "/var/log/install.log" and you can copy/paste the contents of that log to an email.

    In the same Utilities folder you will find the application "Terminal" where you can type in the command I gave below.

    Hope this helps.

    :1021539

    ---

    Bob Cook (bob.cook@sophos.com) Director, Software Development

  • 0

    Bob,

    I'm having the same problem as Suzanne. Is the step you've suggested the best fix, or will Sophos release an update soon to fix the problem? I've also uninstalled and reinstalled, with the only sign of progress being that the system scan works. Sophos still greyed out and "on-access scanning" is disabled, much to my dismay.

    I'm not sure I have 100% confidence in putting a code into Terminal that could erase/impact data on my new Macbook.

    Thanks,

    Lauren

    :1021541
  • 0
    So what I've discovered while suffering the same issues, is that it seems that the definitions file (that is regularly updated from the sophos server) becomes unusable for some reason. Re-downloads from the server don't help, leading me to believe that the def file on the server is actually the problem. This has happened several times in the past, but eventually solves itself with the next iteration of the file.

    When the corrupted or blank def file is downloaded scanning goes offline due to an unusable file error when it's trying to use said def file.

    Sophos needs to look into their definition file distribution and close the loop on validating it post-distribution (i.e. test clients).
  • 0 in reply to lfd88
    Hi Lauren,

    Sorry about the slow reply on this. As long as you are careful when you copy / paste the command that Bob provided, it won't erase anything from your Mac.

    That said, the uninstall / reinstall should have accomplished the same thing, so I'm not sure why you're still having the same problem.
  • 0 in reply to JayBryon

    Hey Jay,

    What you say makes sense, but we definitely validate the definition files before we distribute them. If we didn't, millions of users would be very unhappy with us!

    For some reason the file is becoming corrupt during the download. One thing you can try is forcing a cache update by running the below command:

    sudo rm -rf /Library/Caches/com.sophos.sau/ ; /usr/bin/SophosUpdate

  • 0
    I am using the free version of Sophos for years, without major issues. After updating to 9.4 Sophos worked fine until the 1st automatic update. In my case after the 1st AutoUpate "on Access scanning" is deactivated. And I am not able to activate it again. I also tried a complete uninstall and installed Sophos again. The problem always occurs after the next Auto Update.
    The listed Terminal commands don't work.
  • 0 in reply to Bolt1963
    Same problem… app will not load. While watching Activity Monitor… Sophos Anti-Virus times out with "Not Responding". SophosUIServer has "Not Responding" also. Crash log for SAV indicates "Terminating app for Crash log due to uncaught exception". SophosUIServer indicates "Library not loaded".

    I have installed/uninstalled many times with and without System reboots. Turned off Little Snitch filtering… even created Little Snitch rules completely allowing all Sophos activity to pass. Nada!

    The listed Terminal commands do not work for me either.

    I hate to say it… but this anomaly does not give a vote of confidence toward protecting users from the bad guys! Many users are having same/similar problems as posted at various tech sites… including this one.
Unfiltered HTML