Does "Move threat to Folder" -- not actually work?

---

bobcook wrote:

Hi Mark,

Sounds like what you want is the action "Cleanup when threat is found" and if cleanup is unsuccessful you want "Delete threat". This should cover your needs.

You say that you still need to visit the QM to clean things up. Can you tell me a little about the threats "stuck" in the QM? e.g. what is the threat name, where on your disk is it located, etc. A screen shot of your QM window might be super useful. Sounds like you might have some threats which aren't getting cleaned or deleted automatically, and that just isn't right.

---

Hi Bob

I have never been able to get Sophos to clean up threats automatically. I was getting so annoyed with being pestered with requests to clean up Windows threats that I moved to ClamX for a while. If I don't repond to clean the threats almost immediately, they end up being copied into Time Machine.

Here is my latest log file showing two threats, both well known and both needed doing by hand:

com.sophos.autoupdate: Info: Checked primary server at 08:15 on 20 Feburary 2013
com.sophos.autoupdate: Sophos Anti-Virus was updated
com.sophos.autoupdate:
com.sophos.intercheck: 2013-02-20 08:15:34 +0000 Threat: 'Mal/Phish-A' detected in /Volumes/Internal 1/Users/mark/Library/Mail/V2/IMAP-tennent-mark@imap.aquiss.net/INBOX.mbox/0DDC4176-56B5-4BC5-9783-EC171F69BC1F/Data/1/2/2/Attachments/221174/2/Tax.Refund.Confidential.Message.htm
com.sophos.intercheck: Cleaned up threat
com.sophos.intercheck:
com.sophos.intercheck: 2013-02-20 08:18:28 +0000 Threat: 'Mal/Phish-A' detected in /Volumes/Internal 1/Users/mark/Library/Mail/V2/Mailboxes/Junk (Aquiss IMAP).mbox/0DDC4176-56B5-4BC5-9783-EC171F69BC1F/Data/1/2/2/Attachments/221188/2/Tax.Refund.Confidential.Message.htm
com.sophos.intercheck: Cleaned up threat

Tried to attach screen dump but link not working.

Mark

---

bobcook wrote:

Hi Mark,

Sounds like what you want is the action "Cleanup when threat is found" and if cleanup is unsuccessful you want "Delete threat". This should cover your needs.

You say that you still need to visit the QM to clean things up. Can you tell me a little about the threats "stuck" in the QM? e.g. what is the threat name, where on your disk is it located, etc. A screen shot of your QM window might be super useful. Sounds like you might have some threats which aren't getting cleaned or deleted automatically, and that just isn't right.

---

Hi Bob

I have never been able to get Sophos to clean up threats automatically. I was getting so annoyed with being pestered with requests to clean up Windows threats that I moved to ClamX for a while. If I don't repond to clean the threats almost immediately, they end up being copied into Time Machine.

Here is my latest log file showing two threats, both well known and both needed doing by hand:

com.sophos.autoupdate: Info: Checked primary server at 08:15 on 20 Feburary 2013
com.sophos.autoupdate: Sophos Anti-Virus was updated
com.sophos.autoupdate:
com.sophos.intercheck: 2013-02-20 08:15:34 +0000 Threat: 'Mal/Phish-A' detected in /Volumes/Internal 1/Users/mark/Library/Mail/V2/IMAP-tennent-mark@imap.aquiss.net/INBOX.mbox/0DDC4176-56B5-4BC5-9783-EC171F69BC1F/Data/1/2/2/Attachments/221174/2/Tax.Refund.Confidential.Message.htm
com.sophos.intercheck: Cleaned up threat
com.sophos.intercheck:
com.sophos.intercheck: 2013-02-20 08:18:28 +0000 Threat: 'Mal/Phish-A' detected in /Volumes/Internal 1/Users/mark/Library/Mail/V2/Mailboxes/Junk (Aquiss IMAP).mbox/0DDC4176-56B5-4BC5-9783-EC171F69BC1F/Data/1/2/2/Attachments/221188/2/Tax.Refund.Confidential.Message.htm
com.sophos.intercheck: Cleaned up threat

Tried to attach screen dump but link not working.

Mark