This article describes the steps to configure on-demand scans on Sophos anti-virus for UNIX. An on-demand scan is a scan that you initiate. You can scan anything from a single file to everything on your computer that you have permission to read. You can either manually run an on-demand scan or schedule it to run unattended.
The command that you type to run an on-demand scan is savscan.
The following sections are covered:
Applies to the following Sophos products and versions Sophos Anti-Virus for Unix
You can type more than one directory or file in the same command.
You can type more than one filesystem in the same command.
In this section, where path appears in a command, it refers to the path to be scanned.
By default, Sophos Anti-Virus scans only executables. To see a full list of the file types that Sophos
Anti-Virus scans by default, type savscan -vv.
savscan path -all
Note:This makes scanning take longer, can compromise performance on servers, and can cause
false virus reports
You can configure Sophos Anti-Virus to scan inside all archive types.
Note: The threat detection engine only scans archived files that are up to 8GB (when decompressed).
This is because it supports the POSIX ustar archive format, which does not accommodate larger files.
savscan path -archive
Archives that are “nested” within other archives (for example, a TAR archive within a ZIP archive) are scanned recursively. If you have numerous complex archives, the scan may take longer to run. Bear this in mind when scheduling unattended scans.
savscan path -tar -zip
By default, Sophos Anti-Virus does not scan items on remote computers (that is, does not traverse remote mount points).
savscan path --no-stay-on-machine
By default, Sophos Anti-Virus scans symbolically linked items.
savscan path --no-follow-symlinks
To avoid scanning items more than once, use the option --backtrack-protection.
Sophos Anti-Virus can be configured not to scan items that are beyond the starting filesystem (that is, not to traverse mount points).
savscan path --stay-on-filesystem
savscan fred harry -exclude tom peter
savscan /home/fred -exclude /home/fred/games
savscan fred harry -exclude tom peter -include bill
By default, Sophos Anti-Virus does not scan file types that UNIX defines as executables.
savscan path --examine-x-bit
Sophos Anti-Virus still scans files that have filename extensions that are in its own list as well. To see a list of these filename extensions, type savscan -vv.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.