Scan settings

The table describes the settings that control the following types of scans: Full Scan, Quick Scan, Selective Scan, and Context Menu Scan.

Settings

Description

Security level

Kaspersky Anti-Virus uses various sets of settings for scanning. The sets of settings that are stored in the application are called security levels:

  • Maximum. Kaspersky Anti-Virus scans all types of files. When scanning compound files, Kaspersky Anti-Virus also scans mail-format files.
  • Optimal. Kaspersky Anti-Virus scans only specified file formats on all hard drives, network drives, removable storage media of the computer, and embedded OLE objects. Kaspersky Anti-Virus does not scan archives and installation packages.
  • Low. Kaspersky Anti-Virus only scans new and changed files with certain file extensions on all of the computer's hard drives, removable drives, and network drives. Kaspersky Anti-Virus does not scan compound files.

Action on threat detection

  • Ask user. If Kaspersky Anti-Virus detects an infected or probably infected object during a scan, it immediately notifies you of this event and prompts you for an action to take on the detected object.

    This option is available if the Perform recommended actions automatically check box is cleared under Settings → General.

  • Select action automatically. When infected or probably infected objects are detected, Kaspersky Anti-Virus performs the action that is recommended by Kaspersky specialists.
    • Kaspersky Anti-Virus first tries to disinfect an infected object. If disinfection fails, it deletes the file.
    • Kaspersky Anti-Virus deletes a probably infected object if the Delete malicious tools, adware, auto-dialers and suspicious packers check box is selected. If the check box is cleared, Kaspersky Anti-Virus does not delete a probably infected object. Instead, a notification about the detection of this object is displayed in the Notification Center (click the Details button in the main application window to open it).

    This option is available if the Perform recommended actions automatically check box is selected under Settings → General.

  • Disinfect; delete if disinfection fails. If this option is selected, Kaspersky Anti-Virus automatically attempts to disinfect all infected files that are detected. If disinfection fails, Kaspersky Anti-Virus deletes the objects.
  • Disinfect; block if disinfection fails. If you select this action, then Kaspersky Anti-Virus will automatically try to disinfect all infected files that it finds. If disinfection fails, Kaspersky Anti-Virus will add information about the infected files that it finds to the list of detected objects.
  • Notify. If this option is selected, Kaspersky Anti-Virus will add information about infected files that it finds to the list of detected objects.

Before attempting to disinfect or delete an infected file, Kaspersky Anti-Virus creates a backup copy in case you subsequently need to restore the file or it becomes possible to disinfect it later.

Edit scan scope

(not available in the Context Menu Scan settings)

Clicking the link opens a window with a list of objects that Kaspersky Anti-Virus can scan. Depending on the type of scan (Full Scan, Quick Scan or Selective Scan), various objects will be included by default in the list.

You can add objects to the list or delete the objects that you add.

To remove an object from the scan, you do not have to delete the object from the list. All you need to do is untick the box next to the object name.

Scan schedule

(not available in the Context Menu Scan settings)

Manually. Run mode in which you can start scan manually at a time when it is convenient for you.

By schedule. Scan run mode in which Kaspersky Anti-Virus runs the scan task according to the schedule you have created. If you select this scan run mode, you can also run the scan task manually.

Run scan as

Clicking the link opens a window in which you can choose to run the scan with a particular user's rights.

By default the scan task is run in the name of the user with whose rights you are registered in the operating system. The protection scope may include network drives or other objects that require special rights to access. You can specify a user that possesses the required rights in the Kaspersky Anti-Virus settings and run the scan task on behalf of this user.

File types

Kaspersky Anti-Virus treats files without extensions as executables. Kaspersky Anti-Virus always scans them, regardless of the file types you have selected for scanning.

All files. If this setting is enabled, Kaspersky Anti-Virus scans all files without exception (all formats and extensions).

Files scanned by format. If you select this setting, Kaspersky Anti-Virus will scan only potentially infected files. Before searching for malicious code in a file, its internal header is analyzed to determine the file format (for example, TXT, DOC, EXE). The scan also looks for files with particular file extensions.

Files scanned by extension. If you select this setting, Kaspersky Anti-Virus will scan only potentially infected files. The file format is determined based on the extension of a file.

Scan only new and changed files

Scans only new files and those files that have been modified since the last time they were scanned. This will allow you to save time performing the scan. This scan mode applies both to simple and compound files.

Skip files that are scanned for longer than

Limits the duration for scanning a single object. After the specified amount of time has run out, Kaspersky Anti-Virus will stop the file scan. This will allow you to save time performing the scan.

Scan archives

Scans archives in the following formats: RAR, ARJ, ZIP, CAB, LHA, JAR, and ICE.

Scan distribution packages

The check box enables/disables the scanning of third-party distribution packages.

Scan files in Microsoft Office formats

Scans Microsoft Office files (DOC, DOCX, XLS, PPT and other Microsoft extensions). Office format files also include OLE objects.

Parse email formats

This check box enables / disables the option for Kaspersky Anti-Virus to scan files in email formats and mail databases.

The application fully scans only Microsoft Outlook, Windows Mail/Microsoft Outlook Express and EML mail file formats, and only if the computer has the Microsoft Outlook x86 mail client.

If this check box is selected, Kaspersky Anti-Virus parses the email format file and analyzes each component (body, attachments) for viruses.

If this check box is cleared, Kaspersky Anti-Virus scans the email format file as a single object.

Scan password-protected archives

If the check box is ticked, Kaspersky Anti-Virus scans password-protected archives. Before files contained in the archive can be scanned, a request for password will be displayed on the screen.

If the check box is not ticked, Kaspersky Anti-Virus skips scanning password-protected archives.

Do not unpack large compound files

Maximum file size

If the check box is ticked, then Kaspersky Anti-Virus does not scan compound files that are larger than the specified value.

If this check box is cleared, Kaspersky Anti-Virus scans compound files of all sizes.

Kaspersky Anti-Virus scans large files that are extracted from archives regardless of whether the check box is ticked or not.

Heuristic analysis

A technique for detecting threats that cannot be identified using the current version of the Kaspersky application databases. It allows you to find files that may contain unknown malware or a new modification of a known malware program.

When scanning files for malicious code, the heuristic analyzer executes instructions in the executable files. The number of instructions that are executed by the heuristic analyzer depends on the level that is specified for the heuristic analyzer. The heuristic analysis level sets the balance between the thoroughness of searches for new threats, the load on the operating system resources, and the time required for heuristic analysis.

iSwift Technology

This technology is a development of the iChecker technology for computers using the NTFS file system.

There are limitations to iSwift Technology: it is bound to a specific file's location in the file system and works only with objects in the NTFS file system.

iChecker Technology

This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from the scan using a special algorithm that takes into account the release date of Kaspersky Anti-Virus databases, the date when the file was scanned last, and any changes made to the scan settings. There are limitations to iChecker Technology: it does not work with large files and applies only to files with a structure that the application recognizes (for example, EXE, DLL, LNK, TTF, INF, SYS, COM, CHM, ZIP, and RAR).

Page top