Sophos causing widespread system disruptions

I realize this is an old thread that I just discovered, and I'm embarrassed to have downloaded this software and just wasted an hour trying to install (failed) and uninstall (failed). I've come to the conclusion that this software is a total scam. DO NOT INSTALL. DO NOT WASTE YOUR TIME. Awful experience. Stay away.

Along with many other I feel that the presence of an antivirus on an OS X system is becoming increasingly necessary in today's virus/malware filled world..

What you and many others may feel is not relevant, and the assumption that an antivirus on an OS X system is not already implemented in OS X is an incorrect one that has led many users down a path of abject misery. The vast majority of Mac problems reported on this site are the direct result of acting upon feelings or reliance upon myth.

Sophos has been a problem with Mavericks. I have personally tested all the products you mentioned on a brand new Mac running Mavericks and determined all of them to be worthless, at best. Developers have had the better part of a year to adapt their software for Mavericks compatibility. If Sophos couldn't get theirs ready in that amount of time, how well do you suppose they will react to legitimate malware threats that could arise at any moment - threats that are specifically designed to act in an insidious manner and are difficult to eradicate?

OS X already includes everything it needs to protect itself from viruses and malware. Keep it updated with software updates from Apple.

A much better strategy for protecting your Mac is to observe the following simple principles, most of which apply equally well to any computing platform:

• Never install any product that claims to "speed up", "clean up", "optimize", or "accelerate" your Mac. Without exception, they will do the opposite.
• Never install pirated or "cracked" software, software obtained from dubious websites, or other questionable sources. Illegally obtained software is almost certain to contain malware.
• Don’t supply your password in response to a popup window requesting it, unless you know what it is and the reason your credentials are required.
• Don’t open email attachments from email addresses that you do not recognize, or click links contained in an email:
  • Most of these are scams that direct you to fraudulent sites that attempt to convince you to disclose personal information.
  • Such "phishing" attempts are the 21st century equivalent of a social exploit that has existed since the dawn of civilization. Don’t fall for it.
  • Apple will never ask you to reveal personal information in an email. If you receive an unexpected email from Apple saying your account will be closed unless you take immediate action, just ignore it. If your iTunes or App Store account becomes disabled for valid reasons, you will know when you try to buy something or log in to this support site, and are unable to.
• Don’t install browser extensions unless you understand their purpose. Go to the Safari menu > Preferences > Extensions. If you see any extensions that you do not recognize or understand, simply click the Uninstall button and they will be gone.
• Don’t install Java unless you are certain that you need it:
  • Java, a non-Apple product, is a potential vector for malware. If you are required to use Java, be mindful of that possibility.
  • Disable Java in Safari > Preferences > Security.
  • Despite its name JavaScript is unrelated to Java. No malware can infect your Mac through JavaScript. It’s OK to leave it enabled.
• Block browser popups: Safari menu > Preferences > Security > and check "Block popup windows":
  • Popup windows are useful and required for some websites, but popups have devolved to become a common means to deliver targeted advertising that you probably do not want.
  • Popups themselves cannot infect your Mac, but many contain resource-hungry code that will slow down Internet browsing.
  • If you ever see a popup indicating it detected registry errors, that your Mac is infected with some ick, or that you won some prize, it is 100% fraudulent. Ignore it.
• Ignore hyperventilating popular media outlets that thrive by promoting fear and discord with entertainment products arrogantly presented as "news". Learn what real threats actually exist and how to arm yourself against them:
  • The most serious threat to your data security is phishing. To date, most of these attempts have been pathetic and are easily recognized, but that is likely to change in the future as criminals become more clever.
  • OS X viruses do not exist, but intentionally malicious or poorly written code, created by either nefarious or inept individuals, is nothing new.
  • Never install something without first knowing what it is, what it does, how it works, and how to get rid of it when you don’t want it any more.
  • If you elect to use "anti-virus" software, familiarize yourself with its limitations and potential to cause adverse effects, and apply the principle immediately preceding this one.
  • Most such utilities will only slow down and destabilize your Mac while they look for viruses that do not exist, conveying no benefit whatsoever - other than to make you "feel good" about security, when you should actually be exercising sound judgment, derived from accurate knowledge, based on verifiable facts.
• Do install updates from Apple as they become available. No one knows more about Macs and how to protect them than the company that builds them.

Summary: Use common sense and caution when you use your Mac, just like you would in any social context. There is no product, utility, or magic talisman that can protect you from all the evils of mankind.

Andromeda48 wrote:

I realise I may not necesasrily be able to get any conrete answers but I'd appreciate hearing any ideas or even similar experiences you might have.. even if only to satisfy my own paranoia haha.

Here is a concrete answer for you - don't use any antivirus or "clean up" software. It isn't necessary and, as you discovered, will only cause disruption.

Hello

Couple of comments.

1) Anti-virus software can interfere with installers. Historically it has been advised to turn anti-virus off when running installers.

2) Anti-virus software can interfere with drivers whether resident or plug-in.

3) If it is caused by Sophos, only Sophos should know why and how to fix it. You'd better report this issue to Sophos and let them fix it.

Kind regards,

H

You've discovered for yourself what every advanced user knows: Sophos, like all other commercial "security" software, is worse than the mostly imaginary threat that it pretends to be defending against.

What you are suggesting is like saying we should vaccinate the family dog with a drug that puts our loving pet into a coma, because we want to protect the unvaccinated cats of the world?

While it is possible for you on a Mac to manually transfer an infected file from one Windows system to another, or you to forward an infected email, it is not going to happen automatically. That is to say the malware can not currently become active on the Mac and do the infection without your intervention. If the hack your email provider and send infected emails in your name, A/V software on you Mac is not going to stop that.

Basically, your cure for another species is not healthy for Macs using current A/V packages.

No. That never, ever happens.

Andromeda48 wrote:

... Although as you say most threats/infections don't inherently affect OS X in itself, Is there not a chance that the system can act as a carrier or host for PC based infections which may be transferred via local network connections or shared USB storage devices?

I realize what I wrote is lengthy but the essence of it is that there are threats inherent in what you do with your Mac or any computer.

1. You can mitigate those threats by following commonsense practices
2. Delegating that responsibility to software is an ineffective defense
3. Assuming that any product will protect you from those threats is a hazardous attitude that is likely to result in overlooking point #1 above.

PC / Windows users are responsible for their own defenses, and bear their own consequences for having chosen an inherently insecure and infection-prone computing platform.

BobHarris summarized anything else I could say more eloquently than I could have said it.