Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

SOPHOS AV - NOT WHAT THEY SAY IT IS

May 1, 2012 4:35AM PDT

Hello, I am in the midst of a very serious issue, which already has lost me thousands of dollars due to Sophos AV. In short:

SOPHOS AV HAS BECOME IT'S OWN SORT OF VIRUS TO ME.

This is not a joke, and I'm not interested in arguing the point. I have already been down that road with Sophos company/tech support. I not only found them to be UNSYMPATHETIC, and UNCONCERNED, but a slip from the representative, showed me they know of this very serious issue, and are not in any hurry to fix it. it all started out simple enough.

I installed Sophos AV for ONLY THREE HOURS. I did not like user interface, so I uninstalled it with their uninstaller. I checked it, made sure it was purged, I made sure no traces were left. In a few days I think about five, my machine was progressively slowing down, finally to a non functional state. My finder was crashing, or freezing - Sound familiar? We stress about such things, and often never know the why of it. Then the spinning wheel, long periods of time, then just... non workable.

I ran EVERY diagnostic imaginable... the MAC disks, I went into the Single User Mode, Disk Warrior, Snow Leopard Cache Cleaner, directory tools, you name it. They said my drive was functioning normally. I was upset, as I make my living with my machine, and I have, as of today lost ten days of income, at a cost of a few thousand, with kids, and an empty bank account.

I kept booting into single user mode, on one particular boot, I happened to catch an error of sorts and I saw the name 'SOPHOS Anti Virus.' I opened a terminal window, and pulled up my firewall logs - - - you will not believe this..

Sophos had, in a manner of speaking taken over my machine. When I checked my system logs, I was astounded to find Sophos making querys into my machine EVERY TEN SECONDS at tree per second.

My system resources were being bled away from functional work! That was all that was wrong. Sophos has in effect, become a virus in itself. But worse, because it is from the Sophos server.

I counted in one and a half hours, over 4500, yes, FOUR THOUSAND, FIVE HUNDRED, QUERYS. My diagnostics were correct. Nothing was wrong with my machine, except for Sophos.

The standard searches I did, did not show any more Sophos files in the machine. So I got Onyx, and toggled 'show hidden files.' Then I went to 'Mac Help Mate,' and did a search, and WOW, I found about thirty or more files, and many were over 1 mg. So, I manually cleared the machine, and put the files into a data shredder. I checked, and rechecked. My machine was immediately back to speed, and humming along nicely. But...I just checked. It's been two hours since I purged my machine, now the messages are coming in at 6 to 10 or more, EVERY TEN SECONDS.

I am exhausted, out of money, and looking at a very difficult outcome. I do not know what to do. Sophos, does NOT care. When I told them I was losing my business, they told me to go online for 'free' tech support. I told them I did NOT want tech support, I wanted their program off my unit. I kept getting directed to online support.

Read they forums. They are NOT about support in truth. They are about propagating their own agenda. IF, they were actually concerned, when I told them their servers were not letting go, and I can't work, it made no difference. They told me to go online and see what I can find out.

I think if only one person had this problem, they shoud be at least interested what is up. I do not think I am an isolated case. Most regular users, i.e. students, kids, household types, are not aware of single user, or terminal. I just almost accidently fell on to the root of my problem. If anyone can help, Please, I need it. But, at this point, I'm about out of money.

It would not suprise me, if Sophos wrote malware to create their on market. Create it, be the one to 'cure' it. Then you be the hero. On my word, their tech guys were not suprised. As I was reading my syslogs to them, I heard him quoting the message as I was reading. Oops...

Discussion is locked

- Collapse -
I have one question.
May 1, 2012 4:39AM PDT

Wouldn't we need a virus for us to need an antivirus?

You say this is on an Apple yet we don't have any virus yet. Why would I install an antivirus today?
Bob

- Collapse -
Re no Virus
May 1, 2012 5:09AM PDT

In the past, there were virus's for mac, but very rare. Sometime agin, I recall one that 'nestled within Microsoft Word. That was quite a few years ago. Then there was an occasional, what they call 'malevolent.' html. They were not that serious. Until now, I've never had a virus. But don't kid yourself. They are being developed for the mac, and sooner or later, they will be openly noticed.

When someone writes a virus, they usually have to destroy a machine in the process. MAC's, being so much more expensive, and the architecture of the os what it is, made writing a virus much more difficult and expensive. A lot of the guys writing the virus's, were young, in school, and had not lot of money to destroy a machine to write one. With the pentium now in the mac, and with pc's and mac's getting closer in other ways, and the costs somewhat coming down, the possibilities and availability are making it easier.

I don't want to argue the point, but as you, I never had virus protection until now. I would not be getting a program, after all the years I[ve used mac, unless there was a reason. There is. I am not interested in forcing such an idea, I am doing what I am doing by having AV, because I see the need coming.

Anyway, even if you are TOTALLY correct, i still have the issue with SOPHOS.

This one I'm using is an older mac. I use it primarily for graphics, video and music editing.
Last crop of the dual mirrored door G4's. 2 gigs Ram 1.25 ghrz processor. 'Three hd drvs. two optical drives, one burner, and It's in great shape. I have a forth drive running Linux.

- Collapse -
In other words, I'm not going to install Sophos.
May 1, 2012 5:15AM PDT

The macro virus was not a "virus" at all but folk will label it as such. Same for malware or a bad web site.

Said software is well known to drag on the machine. It does that because it ... well let's just say it has to do that to scan everything.

Sophos will be a drag on a machine like you presented. We see the same thing on Windows.
Bob

- Collapse -
What OS is running on the G4?
May 1, 2012 9:08AM PDT

Just curious as the last virus for a Mac was back when System 7 was king.

P