- Sophos Antivirus Is Not Running Back In
- Sophos Software
- How Good Is Sophos Security
- Sophos Antivirus Is Not Running Slow
I've been running Windows 10 exclusively for about three years. I ditched paid antivirus and have been using Windows built-in antivirus (workstations only, of course) for about two years. I have not experienced a single virus outbreak. Your mileage may vary of course. I use WSUS to push out the AV updates.
- If Sophos Anti-Virus is not already installed on the computer either use SAV32CLI from the Sophos CD or download an emergency copy on an uninfected computer, extract it and write it to CD. At the command prompt type CD C: Program files Sophos SWEEP for NT (or, if you are using a CD, insert it and type CD D: WIN32 I386 SAV32CLI or CD D: SAV32CLI).
- Go up to Central and grab the latest full PC protection package/installer. Try installing that onto the machine to see if it is able to install successfully and clean up the existing Sophos install with a nice new fresh one. If that works, then try this: - disable tamper protection - DONT stop any sophos services.
Apple has released a new security mechanism called Secure Kernel Extension Loading (SKEL) in MacOS 10.13. This affects all applications/software using non-Apple kernel extensions and users are required to manually add the affected applications/software into the trusted list before the applications/software can be used. This allows the kernel extensions to load and is required for Sophos Anti-Virus to function properly. Users of MacOS 10.13 are required to do the following steps for newly installed Sophos Anti-Virus:
Sophos Home Premium has one of the shortest feature lists in the antivirus world, but poke around in the web-based Settings menus for a while and you'll find one unusual extra: a simple parental. Scenario 4 - The Mac doesn't have available slots to load Sophos Home This issue occurs when the Mac runs out of virtual slots to load applications (this usually happens when virtual machines are installed, and similar software is being used). Follow these steps to correct that: There are too many applications that register virtual devices.
1. After installing Sophos Anti-virus, go to “Security & Privacy” under Apple System Preferences.
2. At the bottom of the window, you will see “System software from developer “Sophos” was blocked from loading”. Click “Allow”.
Once authorized, all future Sophos kernel extensions are allowed, even after uninstallation. This step is not required again on a reinstallation. Kernel extensions already installed during an upgrade from MacOS 10.12 are automatically authorized.
For details, please refer to
Advisory: Apple MacOS 10.13 High Sierra Support:https://community.sophos.com/kb/en-us/127413#Sophos
Let me set the scene: You’re happily running a scan with Sophos Anti-Virus for Mac 9…
…and before the scan completes you see a warning in the Scans window that says Issues detected…
The questions now are: What are these issues detected? How do I fix them? Why does the scan report Issues detected and then also No threats found? Surely the only issues should be that the scan found threats right?
Spoiler: These issues are nothing to worry about.
The ‘issues’ are caused by the scanner finding encrypted and/or corrupt files and simply not being able to access them.
On your Mac there will be a number of encrypted files and the scanner is not able to access them because they are…encrypted. Protected. Locked. It should not be able to access them otherwise what’s the point of the file being encrypted? If SAV can break in whenever it wants and have a peek then so can other programs and the encryption is pointless.
Your Mac is also going to have a few ‘corrupt’ files. Well…they may not be exactly corrupt. The structure of the file – or more precisely the file header – is not recognizable to Sophos Antivirus.
When any application (like SAV) ‘reads in’ a file it expects certain information, in a certain order. Usually there is a header, where global information about the particular file is kept.
If this information is not what SAV expects then the file is deemed corrupt. In actuality the file is most likely a system file or a file called only by a particular program that knows how to access or use it – nothing other than that program may be able to work with the file.
So shouldn’t you worry that Sophos didn’t scan these files? They could be malicious right? You don’t need to worry. Yes SAV didn’t scan the file, however the file itself cannot run on its own and hence cannot cause a problem to your computer.
I did say that the file could be called by another program, so maybe that program is malware? Maybe but if it’s able to run (execute on Mac OS X) then it has to properly present itself to the operating system and hence it cannot appear as a ‘corrupt’ file and therefore SAV would properly scan that program.
So the takeaway from this is: You’re absolutely fine. Don’t worry.
I want to see these corrupt and encrypted files
A reasonable request. Open Console from Spotlight…
From the left-hand menu select the Sophos log for the type of scan you ran.
In the screenshot below the ‘Issues detected’ was reported during a ‘Scan this Mac’ scan and hence is under the Scans > Scan Local Drives section. If you run a custom scan the log would be listed under ‘Scan’ > theNameYouGaveTheScan.
Recreate the problem with sweep
You can recreate the behavior with the command line version of Sophos Antivirus (sweep). Open Terminal…
…and then type in the command below and press enter.
sweep /Library/Caches/
Sophos Antivirus Is Not Running Back In
Tip: If you don’t see any errors try another folder like /Library/ (without the Caches/ bit) for example.
The program will quickly run a scan on the Caches folder and you will see something like this in the scan summary in the Terminal window…
5628 files swept in 25 seconds.
4 errors were encountered.
No viruses were discovered.
Ending Sophos Anti-Virus.
The ‘X errors were encountered’ is the same thing as the Issues detected message that is reported in the graphical frontend of SAV – sweep doesn’t report anything to the frontend so Terminal is the only place you’ll see issues for this scan.
Sophos Software
Above the scan summary you will be able to see the actual files that caused the errors. It will be different messages for different computers but you may see Could not open messages etc.
How Good Is Sophos Security
![Not Not](/uploads/1/1/8/6/118657378/486838488.png)
Sophos Antivirus Is Not Running Slow
Again: Don’t lose any sleep over these messages.