With one Sophos command, how to virus scan All?

Question

Question: 
 With one Sophos command, how to virus scan All? 
 
 All means: 
 
 All memory (RAM) 
 All HDD (hard disk drives plugged in) 
 All SDD (solid state drives plugged in) 
 All USB memory sticks plugged into usb 2.0 port 
 All USB ports (android tablet plugged into usb 2.0 port)

Installed: 
 sav-linux-free-9.tgz 
 352 MB (369,423,602 bytes) 
 
 Updates February 2020: 
 sudo /opt/sophos-av/bin/savupdate 
 Updating from versions - SAV: 9.16.0, Engine: 3.77.1, Data: 5.72 
 
 Operating System 
 Ubuntu 19.10 
 
 Command issued: 
 /opt/sophos-av/bin/savdstatus 
 Sophos Anti-Virus is active 
 
 sudo /opt/sophos-av/bin/savdstatus -vv 
 Sophos Anti-Virus is active and on-access scanning is running 
 
 The following commands did not scan ALL: 
 sudo savscan / -all -archive 
 savscan / -all -archive 
 
 sudo savscan / -all 
 savscan / -all

sudo savscan / -archive 
 savscan / -archive 
 
 Question: 
 With one Sophos command, how to virus scan All? 
 
 --

DianneY · Accepted Answer

Hello Joseph Joseph4 
 Running savscan / -all on on-demand scanning (versus a scheduled scan) will only scan an internal list of file types to scan. 
 If you would configure a scheduled scan , it should scan all files, regardless of extension, and will also detect mounted file systems, which you can configure. 
 Please also have a look at this KB article for more information: 
 Sophos Anti-Virus for Linux and Unix: Comparison chart of savscan and scheduled scan 
 
 More information here too Sophos AV for Linux Config Guide

DianneY · Answer

Hello Joseph Joseph4 
 One thing I missed was that you have the free edition (sav-linux-free-9.tgz) and this document should provide information for the version you have - https://docs.sophos.com/esg/SAV-Linux/help/en-us/PDF/sav_linux_fsg.pdf 
 If our community members would have any input for your inquiry, they are more than welcome to post them.

QC · Answer

Hello Joseph Joseph4 , 
 given that On-Access scanning is running (as your initial post shows) - what would be the purpose of this scan all ? What should it detect? 
 RAM isn't scanned on Linux (again - what do you think it could find?) 
 Whether a disk is an HDD or an SSD doesn't matter - as does the connection type. A supported mounted filesystem on a device that presents itself as storage is scanned - in case of an android tablet it depends on the tablet what part of its storage it exposes. All DVDs - it's not clear what you mean. You don't have several DVD drives, do you? Or are you talking about ISOs mounted as virtual DVDs, similarily CDs. 
 Last but not least: A frequent complete scan isn't necessary. If you really insist of scanning a disk or medium you haven't scanned before you'd not want to (re-)scan the whole system, it'll literally take hours if not days. Maybe I misunderstand your question but looking for an ALL command does - IMO - not make much sense. 
 Christian P.S.: How long do you use Linux or are you new to it?

Jasmin · Answer

Hi Joseph Joseph4 Linux OS and SAV for Linux are quite different from Windows and Behaviour of SAV on windows. Even on windows when you insert a new USB drive or a DVD drive, SAV does on-access scanning without notifying you and will not give you the pop-up that device is free from virus or etc., it will try to automatically clean the threat if it is detected and will mention that in Sophos client logs for windows. Everything is same for SAV for Linux, it will just give you the pop-up when it'll detect the threat while scanning the newly inserted device through on-access scanning. Please refer the section 7 of this document . Basically, every new device will be scanned through SAV for Linux whenever they are inserted but will not give you pop-up about they are virus-free unless that device has any malicious software or file. What is the Sophos command to scan All the files, : -f is the switch for it. All archive files: - -zip -qzip -arj -cmz -tar -rar -cab Scan inside specific archive types All boot sectors, All master boot records - -bs -bs= -nbs -mbr -nmbr -cdr= These options control whether bootsectors and mbrs are scanned on a Windows NTFS hard disk drive with 100,000 files? - https://community.sophos.com/kb/en-us/114372 2. What is the Sophos command to scan All newly inserted mediums? - All the mediums will be scanned through the on-access scan whenever they are inserted. There is no single command to access them at one go.