Re: System file not repaired???
On Dec 13, 2011, at 8:16 PM, Dan wrote: this iMac was rock solid until recently I installed Sophos anti virus. From this moment I notice a lot of hard drive action in the background due to Sophos av (I know this from looking at Sophos Icon in the menu bar). Anyone has more info to shed some light on this... By default most AV softwares seem to check too much, I think. That initial long scan is probably what you're seeing. Tell it to stop. Then tell it to just watch your Download and Mail folders (specific places where an incoming file will land). Sadly, unless Sophos has dramatically changed their product (and it's not included with our Campus license) you cannot specify anything below the level of mounted, internal volume to scan. That's right, you can't even scan a USB thumb drive. :-( Once upon a time Sophos was a good, unobtrusive AV solution for Macs. Alas, they've not really improved the product in years. It's still mostly unobtrusive (And you should just let it get it's scan done already), but it's not as usable as ClamXAv. It is with some redness in my face that I have to say that I installed Sophos AV without any virus problems on my iMac. That's ok. Malware *is* becoming an issue for us. It's time. Best to be prepared. We recommend either Sophos or ClamXav. ClamXAv is working well for me; it keeps finding stuff (all PC viruses and phishing mails) in my University mail account that MS's mighty mighty Enterprise-grade BPOS lets through...(and note, that should be said in a voice so dripping with acid sarcasm and disdain as to put an Alien queen to shameBPOS really is a Big Pile of S___ ) That said, I still don't run AV on any of my personal macs, haven't since the demise of the late, great Disinfectant. Which, not coincidentally, about the last time an actual Mac virus was widespread in the wild. http://www.autsys.com/sti/tech/autostart9805.html Still have the MacAddict disk they shipped infected with that one... -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs -- You received this message because you are a member of the iMac Group, a group for those using Apple iMacs and eMacs. The list FAQ is at http://lowendmac.com/imac/list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to imaclist@googlegroups.com To leave this group, send email to imaclist+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/imaclist
Re: System file not repaired???
At 9:18 AM -0700 12/14/2011, Bruce Johnson wrote: On Dec 13, 2011, at 8:16 PM, Dan wrote: By default most AV softwares seem to check too much, I think. That initial long scan is probably what you're seeing. Tell it to stop. Then tell it to just watch your Download and Mail folders (specific places where an incoming file will land). Sadly, unless Sophos has dramatically changed their product (and it's not included with our Campus license) you cannot specify anything below the level of mounted, internal volume to scan. oOo LOL I guess that shows how long it's been since I played with it! Thanks for pointing that limiation out. it's not as usable as ClamXAv. I've gotten very comfortable with ClamXav. I don't even mind ClamXav Sentry's ugly menu bar icon anymore... - Dan. -- - Psychoceramic Emeritus; South Jersey, USA, Earth. -- You received this message because you are a member of the iMac Group, a group for those using Apple iMacs and eMacs. The list FAQ is at http://lowendmac.com/imac/list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to imaclist@googlegroups.com To leave this group, send email to imaclist+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/imaclist
Re: System file not repaired???
On Dec 14, 2011, at 8:18 AM, Bruce Johnson wrote: That said, I still don't run AV on any of my personal macs, haven't since the demise of the late, great Disinfectant. Which, not coincidentally, about the last time an actual Mac virus was widespread in the wild. http://www.autsys.com/sti/tech/ autostart9805.html Still have the MacAddict disk they shipped infected with that one... Is there any interest in resurrecting Disinfectant? It might be useful to have support for removing the AutoStart worm or the ability to run it in OS X. Josh -- You received this message because you are a member of the iMac Group, a group for those using Apple iMacs and eMacs. The list FAQ is at http://lowendmac.com/imac/list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to imaclist@googlegroups.com To leave this group, send email to imaclist+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/imaclist
Re: System file not repaired???
On Dec 14, 2011, at 11:01 AM, Joshua Juran wrote: On Dec 14, 2011, at 8:18 AM, Bruce Johnson wrote: That said, I still don't run AV on any of my personal macs, haven't since the demise of the late, great Disinfectant. Which, not coincidentally, about the last time an actual Mac virus was widespread in the wild. http://www.autsys.com/sti/tech/autostart9805.html Still have the MacAddict disk they shipped infected with that one... Is there any interest in resurrecting Disinfectant? It might be useful to have support for removing the AutoStart worm or the ability to run it in OS X. Not really, John Norstadt gave up chasing Word Macro viruses and retired the project. http://tidbits.com/article/4876 He is, by the way, an amazing guy: http://www.norstad.org/autobiography.html I expect that any modern AV product removes the autostart worm , after all, it's not that much bother to include the 15 or so Mac viruses, ever, among the hundreds of thousands of Windows threats. The ability to run the Autostart worm in OS X might be intriguing8-P -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs -- You received this message because you are a member of the iMac Group, a group for those using Apple iMacs and eMacs. The list FAQ is at http://lowendmac.com/imac/list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to imaclist@googlegroups.com To leave this group, send email to imaclist+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/imaclist
System file not repaired???
Ref. iMac Intel Core i3 3,06GHz OS 10.6.8 While repairing permission? files with Disk Utility (Tool?) I got the following message (I decide to use Disk Utility because of problems accessing some Web sites in Safari...) ATTENTION : le fichier SUID « System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent » a été modifié et ne sera pas réparé. Which means grosso modo Oups the file SUID Syst... has been modified and will not be repaired. Now what is this System file doing and why did Disk Utility not repaired it? Tried OnyX with same result... Now bis, how can I repaired it? I do not want to give bad reputation to anyone, but this iMac was rock solid until recently I installed Sophos anti virus. From this moment I notice a lot of hard drive action in the background due to Sophos av (I know this from looking at Sophos Icon in the menu bar). Anyone has more info to shed some light on this... It is with some redness in my face that I have to say that I installed Sophos AV without any virus problems on my iMac. It is a perfect example of a solution being worst than the problem? Hope you can help, JCT -- You received this message because you are a member of the iMac Group, a group for those using Apple iMacs and eMacs. The list FAQ is at http://lowendmac.com/imac/list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to imaclist@googlegroups.com To leave this group, send email to imaclist+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/imaclist
Re: System file not repaired???
At 2:56 PM -0500 12/12/2011, Jean-Claude Touzin wrote: iMac Intel Core i3 3,06GHz OS 10.6.8 While repairing permission? files with Disk Utility (Tool?) I got the following message ATTENTION : le fichier SUID « System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent » a été modifié et ne sera pas réparé. Ignore that message. It's one of very annoying wrong-error error messages that the Repair Permissions feature gives. Apple has known about this problem for a long time and never bothered to fix it. http://support.apple.com/kb/ts1448 (I decide to use Disk Utility because of problems accessing some Web sites in Safari...) You've reached for the wrong tool. This is the equivalent of cleaning the seats inside your car because there are potholes on the road outside. If you could describe in more detail the actual problem with Safari, perhaps we could help. Of course, the first thing to try is to clear Safari's caches. this iMac was rock solid until recently I installed Sophos anti virus. From this moment I notice a lot of hard drive action in the background due to Sophos av (I know this from looking at Sophos Icon in the menu bar). Anyone has more info to shed some light on this... By default most AV softwares seem to check too much, I think. That initial long scan is probably what you're seeing. Tell it to stop. Then tell it to just watch your Download and Mail folders (specific places where an incoming file will land). It is with some redness in my face that I have to say that I installed Sophos AV without any virus problems on my iMac. That's ok. Malware *is* becoming an issue for us. It's time. Best to be prepared. We recommend either Sophos or ClamXav. HTH, - Dan. -- - Psychoceramic Emeritus; South Jersey, USA, Earth. -- You received this message because you are a member of the iMac Group, a group for those using Apple iMacs and eMacs. The list FAQ is at http://lowendmac.com/imac/list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to imaclist@googlegroups.com To leave this group, send email to imaclist+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/imaclist
