Hi,

Some antivirus products skip scanning certain files on the basis of their file extension, if they have file extensions that indicate they are non executable files.  It seems like the -all option pertains to this.

The quick and full scan options on the otherhand will change the areas that the scanner will look.

In summary, full vs quick changes LOCATION scanned.

"-all" changes makes ALL file TYPES get scanned regardless of whether they appear to be executable or not.

It seems like if you don't pick "-all" it will ignore files that aren't executable / infectable.

Yes that's correct. In a nutshell,

• OPTIONS -all, does scan all your files (see also this Help topic http://openforum.sophos.com/t5/Mac-tools-help/Help-scanning-for-threats/td-p/40)
• ENGINE CONTROL OPTIONS - is just that, it controls which parts of the file the engine scans in the file it is scanning.
  
  -f Full scan, this scans all areas/contents of a file, including those that are not usually considered vulnerable to infection. It therefore takes longer.
  -q Quick scan, this scans just those areas/contents of a file that are known to be vulnerable to infection, it is therefore quicker.

Hope this helps clarify.

---

sandy wrote:

… all areas/contents of a file, including those that are not usually considered vulnerable …

---

OK, that makes sense alongside How large is a piece of Malware? (highlights). 

Suggestion

Add explanations to man sweep