Scan compound files

January 10, 2024

ID 131852

A common technique of concealing viruses and other malware is to implant them in compound files, such as archives or databases. To detect viruses and other malware that are hidden in this way, the compound file has to be unpacked, which may slow down scanning. You can limit the set of compound files to be scanned, thus speeding up scanning.

To configure scanning of compound files:

  1. Open Kaspersky Security Center Administration Console.
  2. Do one of the following:
    • To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
    • To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
  3. In the list of tasks, select the required virus scan task for Light Agent for Linux and open the Settings: <Task name> window by double-clicking it.
  4. In the properties window of the task, select the Settings section in the list on the left.
  5. In the right part of the window, in the Security level section, click the Settings button.
  6. In the Virus scan window that opens, on the Scope tab, in the Scan compound files section, specify the types of compound files that you want to scan by selecting the corresponding check boxes: packed files, archives, self-extracting archives, mail databases or mail files.
  7. Click the Additional button.
  8. In the Compound files window that opens, in the Time limit section, do one of the following:
    • If you want the application to skip files when the specified time runs out, select the Skip files that are scanned for longer than and specify the value you need in the Maximum scan time field.
    • If you do not want the application to skip files when the specified time runs out, clear the Skip files that are scanned for longer than check box.
  9. In the Size limit section, do one of the following:
    • If you want the application to unpack large compound files, clear the Do not unpack large compound files check box.
    • If you do not want the application to unpack large compound files, select the Do not unpack large compound files check box and specify the required value in the Maximum file size field.

      A file is considered large if its size exceeds the value in the Maximum file size field.

    Kaspersky Security application scans large files that are extracted from archives, regardless of whether the Do not unpack large compound files check box is set.

  10. In the Compound files window, click OK.
  11. Click OK in the Virus scan window.
  12. Click the Apply button.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.