Remove Virus-Infected File Using Sophos Quarantine Manager

If Sophos detects that your Mac has a virus-infected file on it, here are instructions on how to use the Quarantine Manager to get rid of the infection. Previously, I’ve endorsed the use of an anti-virus application and specifically recommend Sophos or ClamXav.

  • Click on the Sophos shield icon near your clock.  It looks like this: Sophos Shield
  • Select Open Quarantine Manager. Use the attached picture as a guide.
  • From the Quaratine Manager window, click the padlock to unlock that window. Type in your Mac user account password when prompted.
  • Click the Clean Up Threat button. Sophos will then try to remove the infection.
Sophos will try to either remove the infection from the file or delete the file itself. Typically it’s successful at this. However, there are times when it will not be successful. If this occurs you’ll see a notification that the clean-up failed. At this point you’ll need to manually delete the infected file by following these steps:
  • Click on one of the infected files then click the Reveal in Finder button.
  • Wait a few seconds for a Finder window to open and display the infected file.
  • Drag the infected file to the Trash, presuming you’re sure you don’t need that file.

[Important Note: Please make sure that you’re not trying to remove a virus from a backup created by Time Machine. Time Machine stores backup copies of your files on external hard drives. These files have read-only permissions. This means that these files can be opened (read) but they can’t be deleted. This prevents one from accidentally deleting a backup copy of a file. However, if you have a virus-infected file in your Time Machine backup you’re also prevented from being able to delete that file. This is fine since the virus can’t do any harm anyway.]

Sophos Clean-Up

Leave a Reply