Threat with no filename/path, can't be removed. So what do I do?

Sounds weird.  It's the real time scanner detecting this.  If there is no path logged I would assume the scanner can't tell where the file is, or the file isn't on disk, or the disk it is on (or folder it is in) is causing a problem for the scanner (just throwing out ideas).

What does an on demand scan show?  You may want to run a scan, but exclude the /Volumes/<Time Machine folder> path to speed it up - at least on the first run.

Maybe then you can examine the on demand scan log (in Console) and see if the same thing is detected.

Hi,

Has there been any follow-up to this situation? Has anyone else had this problem? I have two apparent "malware issues" as of today, but there is no filename/path for either of them in the Quarantine Manager; I get this in the console:

com.sophos.intercheck: 2014-07-07 12:23:46 -0400 Threat: 'Mal/Generic-S' detected in
com.sophos.intercheck:                              Access to the file denied
com.sophos.intercheck:
com.sophos.intercheck: 2014-07-07 12:24:13 -0400 Threat: 'Mal/Phish-A' detected in
com.sophos.intercheck:                              Access to the file denied

Anyone have suggestions about what to do?

Thanks!

---

tc485 wrote:

Hi,

Has there been any follow-up to this situation? Has anyone else had this problem?

---

I have the identical problem. Like you I'm guessing it is related to Time Machine. It's very frustrating because it keeps coming back but I can't clean it up. It's starting to feel like spam. Moreover, I have the auto threat clean-up option set so it should be deleting the threat when it finds it, yet it isn't. I'd really like to get this resolved. Did you ever find a resolution?

I have this problem as well :smileysad:

I keep getting the following screenshot:

This is the results of my scan log:  

"Scan name: "Scan Local Drives"
Scan items:
Configuration:
Scan inside archives and compressed files: Yes
Automatically clean up threats: No
Action on infected files: Report only
Live Protection enabled: Yes

Scan started at 2014-09-11 11:56:51 +0100

New volume detected at /Volumes/Backup
New volume detected at /
New volume detected at /Volumes/Storage

Scan completed at 2014-09-11 13:13:50 +0100.
1040344 items scanned, 0 threats detected, 0 issues"

This is appearing almost daily and driving me nuts, I have watched your videos and checked Time Machine and cannot find this file anywhere on my mac!

Has anobody got a solution to this or should I uninstall Sophos?

I have the same issue, after installing Sofphos for Mac  (v 9.011).  Two threats found, but no filename and no paths.  Says action available - cleanup, but the cleanup then fails.

Mal/DownLdr-AC

OSX/RSpug-gen

I do not have a time machine backup, so that does not appear to be the issue.

Any ideas? 

Addendum -  Initially, when I clicked on each item, no path was show (either next to the item, or in the info below after clicking on each item).  

However, I then restarted the machine, launched Sophos, and did a full scan of the drive (which had not completed previously).  Once the scan was complete, the same two items were shown, with no path next to them. However, now when I clicked on them, a path was shown in the space below.   I removed the items manually, and cleared them from the quarantine list. 

I have the same type of problem, specifically with a mal/generic-s file.  Additionally, I have some macs that are scanning that report "issues detected" but there is nothing showing up in the Quarantine Manager.  I have tried to clean up the mal/generic-s threat but it keeps failing.  I do not get an option message for manual removal.

Issues detected is mentioned lots of times on here - please search for a previous thread.

For the disappearing path/folder issue: It could be down to the location of the file detected.  Some suggestions:

- Try the ‘‘‘‘Reveal in Finder’’’’ button.
- If you haven’’’’t already done so: Clear the item from the Quarantine Manager. Then rescan the Mac to see if the item is detected again.
- Cancel any current scan, disconnect external drives (like backup drives etc.), close down other applications, and then re-scan the Mac (as a test to see if it helps).

I am also having this same problem.  I just downloaded this program after hearing rave reviews on the Apple Support web site.  So far I'm less than thrilled.  Does anyone have a solution for this problem that does not involve spending hours rescanning my system for the umpteenth time, or as someone else commented, should I just uninstall Sophos.

Threats listed without a filename are almost always coming from a Time Machine backup. Apple changed the behavior of their Time Machine storage mechanism and it often does not return proper filepath information to non-Time Machine applications (the filesystem API returns an empty string for the full path). We have changes in the most recent version (9.1.5) to skip Time Machine volumes for the on-access scanner. Any threats that are present in your backup would be discovered when you try to restore them, and of course that will tell you the full path in the normal disk.

For now, you can simply remove these entries from your QM and ignore them.