By default, Sophos Anti-Virus for Windows 2000+, version 7 and above, detects potentially unwanted applications (PUAs) and spyware, and displays an alert in Enterprise Console and on the local computer.
Generic (cloud-based) PUA detection is also available.
You can deal with these alerts in Enterprise Console or locally.
What to do
1. Authorizing programs with Enterprise Console
To check the application, click the Enterprise Console 'Alert and error details' tab. Select the name of the program and read the analysis details. Decide whether you want to authorize the file.
- Check which anti-virus and HIPS policy is used by the group(s) of computers you want to configure.
- Find the group in the Groups pane.
- Right-click it.
- Select View group policy details.
- In the Policies pane, double-click 'Anti-virus and HIPS'.
- Double-click the policy you want to change.
- In the 'Anti-virus and HIPS policy' dialog box, click 'Authorization'. In the Authorization Manager dialog box, the Adware/PUAs tab is displayed.
- Find the program that has been detected and move it from the 'Known' list to the 'Authorized' list.
- Click 'OK'.
This will authorize that program for all computers running the policy that you changed.
2. Authorizing programs on the local computer
This will authorize the program on a single computer.
- Go to Start|Programs|Sophos|Sophos Anti-Virus and run the 'Sophos Anti-Virus' program.
- Select 'Configure Sophos Anti-Virus'.
- Select 'Authorization'.
- In the Authorization Manager dialog box, find the program that has been detected and move it from the 'Known' list to the 'Authorized' list.
- Click 'OK'.