|Anti-virus and HIPS policy / On-demand and scheduled scanning|
For more information, see Managing roles and sub-estates.
To configure the scanning settings for a scheduled scan:
|Adware and PUAs||
|Suspicious files||Suspicious files display certain characteristics (for example,
dynamic decompression code) that are commonly, but not exclusively,
found in malware. However, these characteristics are not sufficiently
strong for the file to be identified as a new piece of malware.
Note: This setting applies only to Sophos Endpoint Security and Control for Windows.
|Rootkits||A rootkit is a Trojan or technology that is used to hide the presence of a malicious object (process, file, registry key, or network port) from the computer user or administrator.|
|Scan inside archive files||Scan the contents of archives and other compressed files.
We don't recommend that you scan inside archive files during a scheduled scan, as it will add a significant amount of time to the scan. We recommend instead that you use on-access scanning (on-read and on-write) to protect your network. Any malware components of an unpacked archive will be blocked by the on-read and on-write scanners when they are accessed.
If you would like to scan all archives on a few computers using a scheduled scan, we recommend that you do the following:
|Scan system memory||Detect malware hiding in the computer's system memory (the memory that is used by the operating system).|
|Run scan at lower priority||On Windows Vista and above, run the scheduled scan with lower priority so that it has minimal impact on user applications.|
For detailed advice about adjusting the default scanning settings for a scheduled scan, see Sophos knowledgebase article 63985.