How to bypass scanner for something it thinks is a "virus"

Question

In this case, its the daz loader. Sophos thinks its a virus. I know its not. I added it to the policy as excluded, however on my machine, some other files give the option to "authorize" a file as OK.

All i get for this file is "move" or "delete", neither of which I want to do.

Putting it as an exclusion is probably good for future stuff, but it will be sitting in my quarantine till i do something with it which i dont like. How to whitelist something that sophos is convinced is a virus? specifically http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/W32~AutoRun-BSY.aspx

I know its not, and while it may be of questionable leaglity, that is really none of sophos's business.

This thread was automatically locked due to age.

ruckus · Accepted Answer

You can only authorize items detected as Potentially Unwanted Applications under Application Control. It isn't possible to whitelist (authorize) items detected as Troj, W32, Mal, and others. When the item is detected as W32/... the options will be - as you have experienced - to either cleanup, move, or delete.

I asked SophosLabs to check the detection for v2.2.1 (I provided them a sample) and they confirmed it is correct. You should be aware that Sophos isn't alone in detecting the file as malicious.

From what I can tell the program has no legal purpose as it's only intended to break Microsoft's WAT. Sophos isn't in the business of allowing or disallowing pirated software, however we certainly do not encourage it. In this case it's worked out that we prevent a dubious piece of software from running.

If the program has a non-obvious legitimate reason to be allowed please post back. :45585