2. Further Configuration and Setting up Manual and Scheduled Scans

2.1. Configuring On-access Scanning

The OS X client is configured with on-access scanning enabled. This means that when you open a file on your computer Sophos will first check whether it contains malware before it allows the file to be opened. Sophos Anti-Virus on-access settings are configured as follows.
  • Scanning of network drives is disabled
  • Disinfection is enabled
  • If items cannot be disinfected, access to them will be blocked

In this section we provide details on how to change these settings, and on the most common options that you might want to change. For full details of all of the settings consult the Sophos Anti-Virus 8 for Mac OS X Help document.

To access the settings click on the shield in the menu bar and select [Open Sophos Anti-Virus Preferences...].

The Sophos application will open together with two windows — the main Sophos window will open it and also the preferences window shown below. In the preferences window click on On-access Scanning.

Before you can make any changes to the configuration the padlock in the bottom left of the screen needs to be open. If it isn't, click on the padlock and enter your password when prompted.

Near the top of the page you will be able to see whether On-access scanning is enabled, and you have the option to turn it off using the Stop Scanning button (not recommended).

On-access scanning is enabled by default in the Sophos client and you should normally leave it running.

Next on the page are a couple of options that can be changed that affect which files Sophos checks for malware.

These are the options to scan [Inside archives and compressed files] and [Files on network volumes]. Enabling these options will mean that Sophos checks more files for malware, but may slow down the checking.

At the bottom of the page are the settings that control what Sophos does if it finds a virus.

By default disinfection is enabled and access to infected files is denied and the files moved to a standard location if this fails. The default location that Sophos uses is /Users/Shared/Infected. This gives you the chance to inspect any infected files, attempt to disinfect them, and if that fails to try and recover data from them before deleting them from your system. If you prefer to delete any infected files immediately then choose the Delete infected files option but we would recommend that you don't configure on-access scanning this way as occasionally it could lead to legitimate files being deleted by accident.

2.2. Configuring Other Preferences

2.2.1. AutoUpdate Preferences

You shouldn't normally need to alter the AutoUpdate settings unless your IT officer or OUCS staff have asked you to.

Occasionally you may need to check that you are using the correct set of credentials. The FAQ page explains how to check whether you are using an up to date set of credentials.

2.2.2. Logging and Messaging Preferences

Click on Logging to view or change the log settings and on Messaging to control the way that Sophos alerts you about malware. Normally you should not need to alter any of these settings. If you want to view the log file you can do this from the Logging window by clicking on View Log....

2.3. On-demand (Immediate) Scanning

The on-access scanning gives you constant protection against viruses and other malware that might be contained in any files on your computer. In addition you can perform on-demand scans of all or part of your hard disk. As with on-access scanning you can also configure options that control the way that on-demand scans work.

To configure on-demand scans, open Sophos Anti-Virus by clicking on the Sophos shield in the menu bar and selecting [Open Sophos Anti-Virus...] from the menu. You can also open Sophos Anti-Virus from the Applications folder.

The main Sophos Anti-Virus window will appear as show. Once the Sophos program opens you can start a scan immediately by clicking on Scan Now.

2.3.1. Configuring On-demand Preferences

To configure the options for the scan, select [Preferences...] from the [Sophos Anti-Virus] menu.

When the preferences window opens, if necessary click on On-demand Scanning to view the options for on-demand scans. Before you can make any changes to the configuration the padlock in the bottom left of the screen needs to be open. If it isn't, click on the padlock and enter your password when prompted.

The default options for on-demand scans are shown below. By default cleanup isn't enabled so you may want to change this setting, for example to [Clean up infected files]. If you choose this setting, a further setting will appear allowing you to choose what to do if cleanup fails.

Sophos scanning options

In the screen shown below the default options have been changed so that Sophos will attempt to clean up any threats found and if this fails will move them to the folder /Users/Shared/Infected. We generally don't recommend setting either of the settings When a threat is found and If cleanup fails to Delete infected files as on rare occasions Sophos may delete a legitimate file. It is better to simply move the files which would allow you to retrieve them later if necessary.

Sophos scanning options

2.3.2. Custom Scans

You can also set up a custom scan such as a scan that will check part of your hard disk. To do this return the first Sophos Anti-Virus window and if necessary click on the arrow next to Custom Scans to expand the window.

Click on the plus at the bottom left of the screen to create a new scan. You can set similar options as for the standard scan, as well as selecting what part of the Mac to scan. For full information refer to the Sophos Anti-Virus 8 for Mac OS X Help document.

2.4. Further Information

For further information please refer to the Sophos Anti-Virus 8 for Mac OS X Help document.

Up: Contents Previous: 1. Installing and Updating Sophos