This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Eicar inside ISO file and inside zip within a zip file is not scanned/detected.

SEC 5.5.1

So i have been testing sophos alot, and for some reason it will not scan inside .iso files or a zip within a zip file.

I placed Eicar-test files on a ISO file and when i ran the right click "scan now" it just cleard the file instantly, the same happend with the zip file with in a zip file.

I tried this on a diffrent AV- software and it found this files instantly.

Is there anyway to configure sophos to actually scan iso-files and inside of a zip file without using sav32cli.exe with the -zip command?

Best Regards

This thread was automatically locked due to age.

Parents

0 Jasmin over 4 years ago

Hi Tobbe_h

Please refer to this document and check the step no. 7 which has a setting for the archive file scanning.

Please verify that this option is enabled on your console and the policy is applied to the machine properly but this will significantly slow down the PC.

Regards,

Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Cancel
Vote Up 0 Vote Down

Cancel
0 Tobbe_h over 4 years ago in reply to Jasmin

Jasmin said:

Hi Tobbe_h

Please refer to this document and check the step no. 7 which has a setting for the archive file scanning.

Please verify that this option is enabled on your console and the policy is applied to the machine properly but this will significantly slow down the PC.

Hi Jasmin.

Yes we have checked the "scan inside archive files" option, but if its a compressed file within a compressed file it will not be scanned.

I will test if the on access scan" will pick up the Eicar files when i unzip it from the zip-file.

Any thoughts about the iso-file issue?

BR

T
Cancel
Vote Up 0 Vote Down

Cancel
0 Jasmin over 4 years ago in reply to Tobbe_h

Hi Tobbe_h

You can probably mention the iso extension file in the on-access scanning option. Please refer to this document and check the below options are correctly configured.

1. Scan all files are checked.

2. Check whether .iso extention is mentioned in the "Additional file type extensions to be scanned".

Regards,

Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Jasmin over 4 years ago in reply to Tobbe_h

Hi Tobbe_h

You can probably mention the iso extension file in the on-access scanning option. Please refer to this document and check the below options are correctly configured.

1. Scan all files are checked.

2. Check whether .iso extention is mentioned in the "Additional file type extensions to be scanned".

Regards,

Jasmin
Community Support Engineer | Sophos Support
Sophos Support Videos | Knowledge Base | @SophosSupport | Sign up for SMS Alerts |
If a post solves your question use the 'This helped me' link
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data