Kaspersky Anti-Virus 2017
English

Limitations and warnings

Kaspersky Anti-Virus has a number of limitations that are not critical to operation of the application.

Limitations on upgrades from a previous version of the application

The application can be upgraded if the following versions of Kaspersky Anti-Virus are installed on your computer:

  • Kaspersky Anti-Virus 2014
  • Kaspersky Anti-Virus 2015
  • Kaspersky Anti-Virus 2016

Upgrades from earlier versions of the application are not supported.

After an upgrade from a previous version of the application, Kaspersky Anti-Virus starts automatically even if automatic startup of the application is disabled in the settings that have been saved. When the operating system restarts afterwards, Kaspersky Anti-Virus does not start automatically if automatic startup of the application is disabled in the settings that have been saved.

When a previous version of Kaspersky Anti-Virus is upgraded, the following application settings are replaced with default settings:

  • Kaspersky Anti-Virus display settings
  • Scan schedule
  • Participation in Kaspersky Security Network
  • File Anti-Virus protection level
  • Mail Anti-Virus protection level
  • Update sources
  • List of trusted web addresses
  • URL Advisor settings

Limitations on the operation of certain components and automatic processing of files

Infected files and malicious links are processed automatically according to rules created by Kaspersky Lab specialists. You cannot modify these rules manually. Rules can be updated following an update of databases and application modules.

If a device scan is started from My Kaspersky portal, files will be processed automatically based on the rules specified in the application. Files detected on a device can be processed automatically by request from My Kaspersky portal without your confirmation, even if interactive protection is enabled in the application.

Limitations on connection to Kaspersky Security Network

During its operation, the application may query Kaspersky Security Network for information. If data from Kaspersky Security Network could not be retrieved, the application makes decisions based on local anti-virus databases.

Limitations of System Watcher functionality

Protection against cryptors (malware that encrypts user files) has the following limitations:

  • The Temp system folder is used to support this functionality. If the system drive with the Temp folder has insufficient disk space to create temporary files, protection against cryptors is not provided. In this case, the application does not display a notification that files are not backed up (protection is not provided).
  • Temporary files are deleted automatically when you close Kaspersky Anti-Virus or disable the System Watcher component.
  • In case of an emergency termination of Kaspersky Anti-Virus, temporary files are not deleted automatically. To delete temporary files, clear the Temp folder manually. To do so, open the Run window (Run command under Windows XP) and in the Open field type %TEMP%. Click OK.

Encrypted connections scan limitations

Due to technical limitations of the implementation of scanning algorithms, scanning of encrypted connections does not support certain extensions of the TLS 1.0 protocol and later versions (particularly NPN and ALPN). Connections via these protocols may be limited. Browsers with SPDY protocol support use the HTTP over TLS protocol instead of SPDY even if the server to which the connection is established supports SPDY. This does not affect the level of connection security. If the server supports only the SPDY protocol and it is impossible to establish the connection via the HTTPS protocol, the application does not monitor the connection established.

Kaspersky Anti-Virus does not support processing of HTTPS/2 Proxy traffic. The application does not process traffic transmitted via extensions of the HTTP/2 protocol.

Kaspersky Anti-Virus monitors only those protected connection which it is able to decrypt. The application does not monitor connections added to the list of exclusions (Websites link in the Network settings window). The following components perform decryption and scanning of encrypted traffic by default:

  • Web Anti-Virus
  • URL Advisor

Kaspersky Anti-Virus decrypts encrypted traffic while the user is using the Google Chrome browser if the Kaspersky Protection extension is disabled in this browser.

Specifics of infected file processing by application components

By default, Kaspersky Anti-Virus can delete infected files that cannot be disinfected. Removal by default can be performed during file processing by such components as Mail Anti-Virus, File Anti-Virus, during scan tasks, and also when System Watcher detects malicious activity of applications.

Warning about changes in IM Anti-Virus functionality

Beginning with the 2016 version of Kaspersky Anti-Virus, the IM Anti-Virus component does not scan messages transmitted via the IRC protocol.

IM Anti-Virus supports only the following ICQ versions: ICQ 8 – ICQ 8.3. Later versions are not supported.

About personal data contained in report files

Report files are stored locally on your computer. Path to report files: %allusersprofile%\Kaspersky Lab\AVP17.0.0\Report\Database.

Reports are stored in the following files:

  • reports.db
  • reports.db-wal
  • reports.db-shm (does not contain any personal data)

Report files are protected against unauthorized access if self-defense is enabled in Kaspersky Anti-Virus. If self-defense is disabled, report files are not protected.

Report files can contain personal data obtained during operation of protection components, such as File Anti-Virus component, Mail Anti-Virus, and Web Anti-Virus.

Report files can contain the following personal data:

  • IP address of the user's device
  • Online browsing history
  • Versions of the browser and operating system
  • Names of cookies and other files and paths to them
  • Email address, sender, message subject

Specifics of the Autorun process operation

The autorun process logs the results of its operation. Data is logged in text files named “kl-autorun-<date><time>.log”. To view data, open the Run window (Run command under Windows XP) and in the Open field type %TEMP% and click OK.

All trace files are saved at the path to setup files that were downloaded during operation of the autorun process. Data is stored for the duration of operation of the autorun process and deleted permanently when this process is terminated. Data is not sent anywhere.

Kaspersky Anti-Virus limitations under Microsoft Windows 10 with the Device Guard mode enabled:

Operation of the following functionality is partly limited:

  • Rootkit search and disinfection (postponed disinfection of files after computer restart; detection of malware that creates autorun keys in the registry)
  • Heuristic Analysis (emulation of the startup of malicious applications)

About logging of events in the Windows event log that are related to the End User License Agreement and Kaspersky Security Network

Events involving accepting and declining the terms of the End User License Agreement, and also accepting and declining participation in Kaspersky Security Network, are recorded in the Windows event log.

Limitations on local address reputation checks in Kaspersky Security Network

Links to local resources are not scanned in Kaspersky Security Network.

Warning about applications that collect information

If an application that collects information and sends it to be processed is installed on your computer, Kaspersky Anti-Virus may classify this application as malware. To avoid this, you can exclude the application from scanning by configuring Kaspersky Anti-Virus as described in this document.

Warning about the creation of an application installation report

An installation report file is created when the application is installed to a computer. If application installation completed with an error, an installation report file is saved and you can send it to Kaspersky Lab Technical Support. You can view the contents of the installation report file by clicking the link in the application window. If the application is successfully installed, the installation report file is immediately deleted from your computer.

Application limitations under Microsoft Windows 10 RS5

In Microsoft Windows 10 RS5, you can enable a special mode where the operating system supports case-sensitive names of files and folders.

If the case-sensitive mode is enabled, Kaspersky Anti-Virus has the following limitations:

  • If the case-sensitive mode is enabled for any folder in the Kaspersky Anti-Virus installation path, you cannot install the application to the specified path.
  • If the case-sensitive mode is enabled for some files and folders after Kaspersky Anti-Virus installation, some application components may not work properly with those files and folders.
Article ID: 85549, Last review: Sep 4, 2018
Page top