Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 5336 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Quarantine Manager

Debv

When I'm in Quarantine Manager and try to clean up threat tab it is just grayed out.  I've hit Action Required above and still I am grayed out.  I have unlocked the lock below.  How do I get the grayed out clean up threat to become live so I can clean my viruses?  Thanks very much for your help.

:13767


This thread was automatically locked due to age.
  • 0

    Good Day Debv

    please check your rights on your user account, you probably dont have the sufficient rights to do clean up in the quarantine manager for Sophos.

    To rectify this, please add your user account in the following groups: Sophos Administrator

    the groups are found on your local machine, follow the following path: Right click my computer | manage | locaol users and groups | groups 

    if you are running a domain and a active directory, you will need to add your account in the same group which is found on the active directory as well.

    log off the machine and log on, now you should be able to do a clean up.

    Kind regards

    :14189
  • 0

    I want to manage what's in quarantine on my endpoints remotely using the console, is this possible....i've been hunting and pecking around this interface and cannot find where its done, if its even possible??

    :25687
  • 0

    HI,

    Well it doesn't look the same but you can take similar actions from SEC to action detections on the client.  For example, if you detect a virus with cleanup available for example, Eicar http://www.eicar.org/85-0-Download.html on the client, it will appear in the client QM, if auto-cleanup is on, it'll probably get cleaned up before you even get to the QM.  However, if autocleanup isn't on it will appear in the QM .  It will also appear if you right click on the machine in SEC and choose "Resolve alerts and Errors", from there you can initiate cleanup as you would at the client.

    You can also do this for Adware and PUAs if detection is on.  As a test you can use something like psexec.exe or pskill.exe available from: http://live.sysinternals.com.

    Another example might be a suspicious behaviour/files detection. You would get an alert and you can choose to authorise it. In the AV policy you can see these in the Authorization Manager.

    Regards,

    Jak

    :25689