This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Eicar inside ISO file and inside zip within a zip file is not scanned/detected.

SEC 5.5.1

So i have been testing sophos alot, and for some reason it will not scan inside .iso files or a zip within a zip file.

I placed Eicar-test files on a ISO file and when i ran the right click "scan now" it just cleard the file instantly, the same happend with the zip file with in a zip file.

I tried this on a diffrent AV- software and it found this files instantly.

Is there anyway to configure sophos to actually scan iso-files and inside of a zip file without using sav32cli.exe with the -zip command?

 

Best Regards

T



This thread was automatically locked due to age.
Parents Reply Children
  • Jasmin said:

    Hi  

    Please refer to this document and check the step no. 7 which has a setting for the archive file scanning.

    Please verify that this option is enabled on your console and the policy is applied to the machine properly but this will significantly slow down the PC.  

     

     

    Hi Jasmin.

    Yes we have checked the "scan inside archive files" option, but if its a compressed file within a compressed file it will not be scanned.

    I will test if the on access scan" will pick up the Eicar files when i unzip it from the zip-file.

     

    Any thoughts about the iso-file issue?

     

    BR

    T

  • Hi  

    You can probably mention the iso extension file in the on-access scanning option. Please refer to this document and check the below options are correctly configured.

    1. Scan all files are checked.

    2. Check whether .iso extention is mentioned in the "Additional file type extensions to be scanned".

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support

    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link