Scanned file types and exclusions

By default, Sophos Endpoint Security and Control scans file types that are vulnerable to viruses. The file types that are scanned by default not only differ between operating systems, but also change as the product is updated.

To see a list of the file types that are scanned by default, go to a computer with the relevant operating system, open Sophos Endpoint Security and Control or Sophos Anti-Virus, and then look for the extensions configuration page.

You can also choose to scan additional file types or exempt some file types from scanning.

Windows

To see a list of the file types scanned by default on a Windows computer:

  1. Open Sophos Endpoint Security and Control.
  2. Under Anti-virus and HIPS, click Configure anti-virus and HIPS, and then click On-demand extensions and exclusions.

macOS

Sophos Anti-Virus for macOS scans all file extensions during on-access scanning.

Linux or UNIX

To make changes on a Linux computer, use the savconfig and savscan commands as described in the Sophos Anti-Virus for Linux configuration guide.

To make changes on a UNIX computer, use the savscan command as described in the Sophos Anti-Virus for UNIX configuration guide.