In this section

• Home
• Support
• Knowledgebase
• Articles

Online support

• Knowledgebase
• Virus disinfection

Product maintenance

• Downloads and updates
• Documentation
• Software lifecycle

Contact support

• Talk to an expert
• Send a sample
• Email us

Support services

• Overview
• Technical Support
• Professional Services
• Technical Training

Sophos Anti-Virus for Windows 2000+: 'alert only' mode

The 'alert only' behavioral rule in Sophos Anti-Virus for Windows 2000+, version 7 and above, warns of files that are suspected to be malicious. However, as the identification has not been confirmed by a precise identity, the files are not automatically prevented from running, or automatically deleted.

Note: This only happens in 'alert only' mode. In all other modes, suspicious files will be blocked.

What to do

• If you believe the file to be legitimate, or are not sure, please send us a sample.
• To remove files detected by alert only rules, do as follows.
  1. Open Sophos Anti-Virus.
  2. Open Quarantine Manager.
  3. Select the item in question.
  4. Delete or authorize it.

Technical details

The 'alert only' rules scan all intercepted files, but if they trigger against a file, although an entry will be added to Quarantine Manager, the file will be allowed to continue running.

If you need more information or guidance, then please contact technical support.

• Article ID: 22774
• Created: 19 Jan 2007
• Last updated: 5 Nov 2008

Rate this article Choose a rating Very useful Quite useful Moderately useful Not very useful Not useful at all

•  Read our search tips
• Contact one of our experts
• Suggest an improvement