Hello. I have Sophos for mac v 8.16c. For whatever reason, I was working and on-access scanning was randomly disabled. I went into the preferences and I can't re-enable on-access scanning, even with administrator privaleges. I have tried restarting my computer and reinstalling sophos, but none of those fixed my issue. Can anybody help me with my problem?
I forgot to mention, I am running Mac OSX 10.8.4
MusicMan wrote:
Dear Mr. Cook,
Thank you for your response! The issue seems to inexplicably resolved itself, and the program appears to be functioning normally (I hope!). I must be living right, for the moment.
Until later, thank you again sir!
Glad to hear this, its consistent with what we believe is happening (the product will "self-heal" when it can). We'd really like to track down the root cause though, even though the final outcome is good, its not working as perfectly as we'd like. If you spot this situation again please drop me a note so we can investigate more.
---
Bob Cook (bob.cook@sophos.com) Director, Software Development
I had this problem earlier today for the second time, so after reboot failed to fix I followed the uninstall/reinstall route which has worked (had the same problem last December, when this fix also worked).
Then, following hints in this thread have tried to dig a little deeper - to see if I could find anything new to add.
Sophos Anti-Virus.log has repeated error: Fatal Error: The main virus data file is missing
A short while before the errors start /var/install.log has entries starting: Sophos Installer[16817]: [SMEInstallController.m:209] Installing he version 9.2.4
The entries proceed as normal up to the point: Sophos Installer[16817]: [SMEAggregateInstallStrategy.m:71] "installer.localPayload.cacheManifestComponents" success: YES
and then there is a wait of a few seconds over 30 minutes before the next message has
Sophos Installer[16818]: [SophosDistantObject.m:196] An exception was encountered while messaging the server: NSPortTimeoutException. Retrying: 1 attempt(s)
This message appears a second time, followed by a traceback starting
1 InstallationDeployer 0x000000010f3a224a -[SMEInstallationReceiptService removeComponentsByPlan:] + 60,
This is then followed by an error: Sophos Installer[16817]: [SMERemoteRemoveComponentsStrategy.m:65] Unable to remove components
Then finally after a number of Status messages (several with 'success: NO' ) the message: Sophos Installer[16817]: [SMEInstallController.m:297] Installation complete
This is consistent with some earlier comments of the problem arising after communication issues between the host computer and Sophos.
Hope this helps.
Hi,
I've had the on-access scanning disabled problem twice. Once today, once about a week or 10 days ago. Both times I was able to un-install Sophos, download a new copy and re-install to fix issue.
Running Macbook Pro 11,2, OSX 10.9.5, Sophos AV home edition 9.2.2, threat detection engine 3.55.0.
Please let me know if there's anything I can send in to help the developers find the problem.
SAV has stopped scanning on access again (this is the 3rd time in about 6 months). Again reboot does not fix, so remove SAV and reinstall and it is working again.
Checking logs entries are essentially identical to last time (see my post of 19th March), except that Timeout for messaging the server in /var/install.log is now 2 hours (was 30 mins).
Hope that this problem can be fixed soon.
Hi Serranonymous,
Thanks for the response. Yes I am still using MacOS 10.8.5 and SAV 9.2.x.
(Note that I have applied all Apple updates within less than 1 week of their release, but I don't remember the details over the last few months)
Also on both this occasion and the one on 18 March /var/install.log reported '[SMEInstallController.m:209] Installing he version 9.2.4'
Note on all three occasions I have had the problem I have gone to the Sophos web-site to download the latest version for the reinstall, but as it turns out the unzipped files are all dated the same - 8 Oct 2014.
Let me know if you need any further info.
P.S. I note in another thread "Sophos Antvirus is not running" that on 4-24-2015 you posted that a fix for that problem (perhaps the same as I am seeing) should go out within the next month - do you have any update on that?
Looks like I’’’’m now part of the access scan problem group. Using Mac 10.10.3, Sophos 9.2.2 and with the Yosemite update installed since it became available, no problems until today. This may have occurred once before but it’’’’s been a long time and with an earlier OS. Cannot point to any possible explanation. Ran the uninstaller, redownloaded, all seems fine now but want to share in case there’’’’s a wider issue. Thanks for helping with what is truly a great product.
hookc wrote:
Looks like I’’’’m now part of the access scan problem group. Using Mac 10.10.3, Sophos 9.2.2 and with the Yosemite update installed since it became available, no problems until today. This may have occurred once before but it’’’’s been a long time and with an earlier OS. Cannot point to any possible explanation. Ran the uninstaller, redownloaded, all seems fine now but want to share in case there’’’’s a wider issue. Thanks for helping with what is truly a great product.
I'm sorry you are having problems - we'd love to find out what is causing it and fix it. Next time you see it, can you run some commands in Terminal and send me the results:
find /Library/Sophos\ Anti-Virus/VDL/ -type f -exec md5 '{}' \; > ~/Desktop/sav-diagnostics.log
sudo /Library/Caches/com.sophos.sau/CID/Sophos\ Installer.app/Contents/MacOS/tools/InstallationDeployer --install
tail -n 200 /var/log/install.log >> ~/Desktop/sav-diagnostics.log
find /Library/Sophos\ Anti-Virus/VDL/ -type f -exec md5 '{}' \; >> ~/Desktop/sav-diagnostics.log
We have seen an instance where the installer has been unable to write the VDL files correctly, which prevents the on-access scanner from starting. This is consistent with the symptoms described, but its hard to figure out what went wrong without more intensive diagnostics at the time it happens. This is a theory, and we are trying to prove it. The commands I've listed above will record the checksum of the existing VDL files and then attempt to invoke the installer to repair your installation. If successful, and our theory is correct, the VDL files will have been updated and the on-access scanner will start running again.
You should note that one of those commands requires sudo, and I always caution people about using sudo. The command I've given you requires sudo and is safe to use, but in general you should always be cautious.
There should be a log file created on your desktop named "sav-diagnostics.log". It may reveal if our theory is correct, and it would be helpful if you could send it to me. It would be really useful to have the log file whether it fixes the problem or not.
---
Bob Cook (bob.cook@sophos.com) Director, Software Development
I have experienced this problem recurring now (and many versions ago I was familiar and did the reinstall). Before doing the reinstall I looked in this thread to see if there was new information and saw this note. I've now tried it with these results. Help!
Jonathan:~ silversj1$ find /Library/Sophos\ Anti-Virus/VDL/ -type f -exec md5 '{}' \; > ~/Desktop/sav-diagnostics.log
Jonathan:~ silversj1$ sudo /Library/Caches/com.sophos.sau/CID/Sophos\ Installer.app/Contents/MacOS/tools/InstallationDeployer --install
Password:
sudo: /Library/Caches/com.sophos.sau/CID/Sophos Installer.app/Contents/MacOS/tools/InstallationDeployer: command not found
Jonathan:~ silversj1$