Scan --Right or Wrong?

---

gemini12 wrote:

Hi-

I've been using Sophos on my MacBook Air w/Yosemite.  It scans just fine, pretty quickly actually, and completes within 10 minutes or so. 

I wonder why, towards the end of the scan, I notice that the scan hangs up on some files with strange names and labels. It will hang on these files, but then, they aren't quarantiend or anything.  I just wonder why it hangs --is it thinking? Could these wierd sounding files be potential malware or trojans.  One is something like "sawosx.he.zip. 

Also, why does Sophos insist on runnig on my Admin account? 

I notice that people are noting how many files Sophos has identified. I have run a couple other programs and they generally find something.  This program hasn't found anything yet.  

Thanks for the input. 

---

Thanks for the good questions. The scanner needs to open files in order to scan them, and sometimes these files are large archives (the zip file you quoted would qualify). Because these files can take a while to scan, the progress bar will appear to stop. Because you may be interested to know the filename of where the scan is currently working we print the name of the archive. Sometimes those archive filenames make sense (because you downloaded them) and sometimes they don't because they can be part of the system or other applications. We don't print the filename of every file we are scanning simply because it would flash to quickly to be useful.

Administrative priviliges are required to access all files on disk, and also we require them to change the preferences. You can scan without administrative priviliges but of course the scanner won't read all files.

If you are uncertain whether the software is working to detect things correctly you can use the standard EICAR test file. This is a safe file that all anti-virus vendors use as a sample to verify the product is working as expected. You can download it from www.eicar.org.