Determining whether to scan archive files
Applies To: Forefront Client Security
Client Security lets you control whether to include archive files in scans. Examples of archive files are .zip and .cab files. Scanning archived files might increase the time required to complete a scan, but malware can install itself and attempt to hide in these locations.
Client Security identifies whether a file is an archive by the file's data type, not by the file name extension.
The types of files that Client Security regards as archive files are extensible by updates. Archive files include (but are not limited to) the following file types:
ACE
ARC
ARJ
CAB
CHM
CPIO
CPT
HAP
InstallShield packages
ISO
LHA
LHZ
LZH
Nullsoft installer packages
OLE2
PDF
Q (Quantum)
RAR
SIT (but not SITX)
TAR
Wise Installer packages
ZIP
ZOO
By default, a new Client Security policy includes archive files in scans.
Note
If you exclude an archive file type by using the Extensions box, Client Security does not scan that type of archive file, even when you have selected the Scan archive files check box.
To configure whether Client Security scans archive files
In the Client Security console, create or edit a policy. For details about how to create or edit a policy, see Creating, editing, copying, and deleting policies.
In the New Policy or Edit Policy dialog box, click the Advanced tab.
Under Malware scan options, either select or clear the Scan archive files check box, as appropriate.
After you finish creating or editing the policy, click OK.
To apply the policy to client computers, you must deploy the policy. For information about deploying a policy, see Deploying and undeploying policies.