<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta name="copyright" content="(C) Copyright 2005"/>
<meta name="DC.rights.owner" content="(C) Copyright 2005"/>
<meta name="security" content="public"/>
<meta name="Robots" content="index,follow"/>
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="task"/>
<meta name="DC.Title" content="Configure on-access scanning to automatically clean up threats"/>
<meta name="DC.Relation" scheme="URI" content="../concepts/Configuring_on-access_scanning.html"/>
<meta name="DC.Format" content="XHTML"/>
<meta name="DC.Identifier" content="task_18772580AD1C47ADAEA9BC655BA49693"/>
<meta name="DC.Language" content="en-us"/>
<link rel="stylesheet" type="text/css" href="../commonltr.css"/>
<link rel="stylesheet" type="text/css" href="../DITA.css"/>
<title>Configure on-access scanning to automatically clean up threats</title>
</head>
<body id="task_18772580AD1C47ADAEA9BC655BA49693"><a name="task_18772580AD1C47ADAEA9BC655BA49693"><!-- --></a>


  <h1 class="topictitle1">Configure on-access scanning to automatically clean up threats</h1>


  <div>
    <div class="section" id="task_18772580AD1C47ADAEA9BC655BA49693__context_7954B5D419C44A65B682648CC3B171D0"><a name="task_18772580AD1C47ADAEA9BC655BA49693__context_7954B5D419C44A65B682648CC3B171D0"><!-- --></a><p>To deal with threats, we recommend that you use Quarantine Manager (see <a href="../concepts/Dealing_with_threats.html#concept_A817324E55F14A119F13A6242EF32C8E" title="">Dealing with threats</a>). However, you can configure on-access scanning to automatically clean up threats that it detects.</p>
<div class="important"><span class="importanttitle">Important:</span> <span class="keyword">Sophos Anti-Virus</span> does not ask for confirmation before cleaning up a
        threat.</div>
<p>To configure on-access scanning to automatically clean up threats:</p>
</div>

    <a name="task_18772580AD1C47ADAEA9BC655BA49693__steps_110D89D7F8904F40A73466005F4F2D65"><!-- --></a><ol id="task_18772580AD1C47ADAEA9BC655BA49693__steps_110D89D7F8904F40A73466005F4F2D65">
      <li id="task_18772580AD1C47ADAEA9BC655BA49693__step_D48D5E55DCF3457A8EDFE43124A77BA4"><a name="task_18772580AD1C47ADAEA9BC655BA49693__step_D48D5E55DCF3457A8EDFE43124A77BA4"><!-- --></a><span>Choose <span class="menucascade">
      <span class="uicontrol">Sophos Anti-Virus</span>
       &gt; <span class="uicontrol">Preferences</span>
     </span>.</span></li>
<li id="task_18772580AD1C47ADAEA9BC655BA49693__step_81F97BE6DE164D23B37F77718EDBD896"><a name="task_18772580AD1C47ADAEA9BC655BA49693__step_81F97BE6DE164D23B37F77718EDBD896"><!-- --></a><span>Click <span class="uicontrol">On-access Scanning</span>.</span></li>
<li id="task_18772580AD1C47ADAEA9BC655BA49693__step_18FAD14E2A0B4EF2AC42268E7158D6C5"><a name="task_18772580AD1C47ADAEA9BC655BA49693__step_18FAD14E2A0B4EF2AC42268E7158D6C5"><!-- --></a><span>If some settings are dimmed, click the lock icon and type an administrator name and password.</span></li>
<li id="task_18772580AD1C47ADAEA9BC655BA49693__step_10F6838EE0AF42ECA6EACAAB43C2F07F"><a name="task_18772580AD1C47ADAEA9BC655BA49693__step_10F6838EE0AF42ECA6EACAAB43C2F07F"><!-- --></a><span>Choose “<span class="uicontrol">Clean up threat</span>” from the “<span class="uicontrol">When a threat is found</span>” pop-up menu.</span></li>
<li id="task_18772580AD1C47ADAEA9BC655BA49693__step_44B9A317E28F49638BB48590C1374B62"><a name="task_18772580AD1C47ADAEA9BC655BA49693__step_44B9A317E28F49638BB48590C1374B62"><!-- --></a><span>From the “<span class="uicontrol">If cleanup fails</span>” pop-up menu, choose what action <span class="keyword">Sophos Anti-Virus</span> should take if cleanup fails:</span><a name="task_18772580AD1C47ADAEA9BC655BA49693__choices_207F06614B1C4B58944E45F4C32F90FB"><!-- --></a><ul id="task_18772580AD1C47ADAEA9BC655BA49693__choices_207F06614B1C4B58944E45F4C32F90FB"><li id="task_18772580AD1C47ADAEA9BC655BA49693__choice_E236DE806C574B01B4889D9AC0F04194"><a name="task_18772580AD1C47ADAEA9BC655BA49693__choice_E236DE806C574B01B4889D9AC0F04194"><!-- --></a>To deny access to the threat, choose “<span class="uicontrol">Deny access</span>”.</li>
<li id="task_18772580AD1C47ADAEA9BC655BA49693__choice_2716F8FE308B4E08BEFF06823B4CF200"><a name="task_18772580AD1C47ADAEA9BC655BA49693__choice_2716F8FE308B4E08BEFF06823B4CF200"><!-- --></a>To delete the threat, choose “<span class="uicontrol">Delete threat</span>”.</li>
<li id="task_18772580AD1C47ADAEA9BC655BA49693__choice_99A4E65FE5E24AD9A9091D6F428C134C"><a name="task_18772580AD1C47ADAEA9BC655BA49693__choice_99A4E65FE5E24AD9A9091D6F428C134C"><!-- --></a><p>To move the threat to another folder to prevent it being run, choose “<span class="uicontrol">Deny access and move threat</span>”.</p>
 <p>By default, the threats are moved to <span class="filepath">/Users/Shared/Infected/</span>. To choose a different folder, click <span class="uicontrol">Choose Folder</span>, and enter the folder in the dialog.</p>
</li>
</ul>
</li>

    </ol>

    <div class="section" id="task_18772580AD1C47ADAEA9BC655BA49693__result_BAA826C55CD34A74B3ED2F60E9C9689E"><a name="task_18772580AD1C47ADAEA9BC655BA49693__result_BAA826C55CD34A74B3ED2F60E9C9689E"><!-- --></a><p>Any actions that <span class="keyword">Sophos Anti-Virus</span> takes against threats are logged in the <span class="keyword">Sophos Anti-Virus</span> log.</p>
<div class="important"><span class="importanttitle">Important:</span> Cleaning up a threat might not be able to undo all the actions the threat has taken on this Mac. For example, if the threat changed the value of a setting, the cleanup process might not know the original setting. You might have to verify the Mac’s configuration. Cleaning up an infected document does not repair any changes the threat has made to the document.</div>
</div>

	
    
  </div>

<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="../concepts/Configuring_on-access_scanning.html" title="">Configuring on-access scanning</a></div>
</div>
</div>

</body>
</html>