Sophos Anti-Virus: a full system scan and how to run it

Sometimes a malware description specifies that cleanup should be performed after a full system scan (full scan), to ensure all components of the threat have been found.

What is a full scan?

• Memory is scanned
• The Windows registry is scanned
• All local hard drives are scanned
• The user running the scan is both a Windows administrator and a Sophos administrator. This is to ensure that files with limted user access and permissions do not escape being scanned.

How to run a full scan

• To run a full scan locally on a client computer:
  1. Log on as a user with full administrative rights. 
  2. Right-click the Sophos Anti-Virus shield icon and select 'Open Sophos Anti-Virus'.
  3. Select 'Scan my computer' and allow the scan to run.
     NOTE: 'Scan my computer' runs with the exclusion and extension settings defined for 'right click' scans. It has memory and registry scanning turned on. However, it may not be regarded as a full scan if it is not run by an appropriate user.
     
     
• To run a full scan from the console:
  1. Open Enterprise Console.
  2. Right-click the target group or computers.
  3. From the menu, select 'Full system scan'.
  4. Click 'OK' to run the scan.
  5. When the scan has finished, check the console for alerts.
  6. Right-click any infected computers, or groups, and select 'Clean up detected items'.
  7. Click 'OK' to clean up the affected computers.