Filtering Files in Archive by Their Extensions
|
Filtering Files in Archive by Their Extensions |
|
|
If you need to detect archives containing files with certain extensions and treat them as suspicious objects, you can use the SuspiciousTypesInsideContainer variable: 1.In the hosts and groups tree, select the DrWebScanSrv_1.0 -> Application Settings. 2.Set as a value of the SuspiciousTypesInsideContainer variable a list of file extensions in the following format: exe;vbs;scr First of all, the archive will be scanned for infected objects. If an infected object is detected, the application will treat as in infected object and will apply the relevant action to it. If nothing is found, the application will scan it for files with the specified extensions. If a file with the specified extension is detected, the application will treat is as a suspicious object. |