PortalProtect can scan and block
compressed files according to how you configure the scanning options. When PortalProtect detects a virus, it blocks the file or
executes a pre-configured action.
|
Note
PortalProtect cannot clean a virus if the
compression layer is greater than 1. However, you can configure PortalProtect to block and quarantine or scan and
delete compressed files.
|
Compression and archiving are among the most common methods of file storage, especially
for
file transfers - like email attachments, FTP, and HTTP. Compressed files must first
be
decompressed before any virus detection can occur.
Recognizing the importance of decompression for detecting viruses, Trend Micro is committed to supporting all major
decompression routines, present and future.
PortalProtect currently supports the following
compression types:
-
Extraction–used when multiple files have been compressed or archived into a single
file:
PKZIP, LHA, LZH, ARJ, MIME, MSCF, TAR, GZIP, BZIP2, RAR, AMG, and ACE.
-
Expansion–used when only a single file has been compressed or archived into a single
file:
PKLITE, PKLITE32, LZEXE, DIET, ASPACK, UPX, MSCOMP, LZW, MACBIN, Petite, PEPack, and
WWPack.
-
Decoding–used when a file has been converted from binary to ASCII, a method that is
widely
employed by email systems: UUCODE and BINHEX.
For other compression file types, PortalProtect
scans the entire compressed file, rather than each individual file contained within
the
compressed file.