Scanning compound files

A common technique of concealing viruses and other malware is to implant them in compound files, such as archives or databases. To detect viruses and other malware that are hidden in this way, the compound file has to be unpacked, which may slow down scanning. You can limit the set of compound files to be scanned, thus speeding up scanning.

To configure scanning of compound files:

  1. Open Kaspersky Security Center Administration Console.
  2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
  3. In the workspace, select the Tasks tab.
  4. Select a Light Agent for Linux virus scan policy in the list of policies and open the Properties: <Task name> window in one of the following ways:
    • By double-clicking.
    • Right-click to bring up the context menu of the task and select Settings.
    • By clicking the Configure task settings link is located on the right of the list of tasks in the section with task settings.
  5. In the window of Light Agent for Linux virus scan task properties, select the Settings section in the list on the left.

    The task settings will appear in the right part of the window.

  6. In the Security level section, click the Settings button.

    The Virus Scan window opens.

  7. In the Virus scan window, on the Scope tab, in the Scan of compound files section, specify the types of compound files that you want to scan by selecting the corresponding check boxes: packed files, archives, self-extracting archives, mail databases or mail format files.
  8. Click the Additional button.

    The Compound files window opens.

  9. In the Time limit section, do one of the following:
    • If you want the application to skip files when the specified time runs out, select the Skip files that are scanned for longer than and specify the value you need in the Maximum scan time field.
    • If you do not want the application to skip files when the specified time runs out, clear the Skip files that are scanned for longer than check box.
  10. In the Size limit section, do one of the following:
    • If you want the application to unpack large compound files, clear the Do not unpack large compound files check box.
    • If you do not want the application to unpack large compound files, select the Do not unpack large compound files check box and specify the required value in the Maximum file size field.

      A file is considered large if its size exceeds the value in the Maximum file size field.

    Kaspersky Security application scans large files that are extracted from archives, regardless of whether the Do not unpack large compound files check box is set.

  11. In the Compound files window, click OK.
  12. Click OK in the Virus scan window.
  13. Click the Apply button.
Page top