Process and kernel memory scan task (Memory_Scan ID:5)

This section contains information about the Process and kernel memory scan task.

Process and kernel memory scan task lets you scan the process memory and kernel memory not specifying a scan scope.

Below are the settings that you can specify for the Process and kernel memory scan task.

All available values and default values for each setting are described.


Enables or disables the scan exclusion of objects with threats specified using the ExcludeThreats setting.

Available values:

Yes—Exclude from scanning the objects containing threats specified using the ExcludeThreats setting

No—Do not exclude from scanning the objects containing threats specified using the ExcludeThreats setting

Default value: No


Excludes objects from scanning by the name of the threats detected in them. Before specifying a value for this setting, make sure that the UseExcludeThreats setting is enabled.

In order to exclude a single object from scanning, specify the full name of the threat detected in this object—the Kaspersky Endpoint Security string with the decision that the object is infected.

E.g., you may be using a utility to collect information about your network. To keep Kaspersky Endpoint Security from blocking it, add the full name of the threat contained in it to the list of threats excluded from scanning.

You can find the full name of the threat detected in the object in the Kaspersky Endpoint Security log. You can also find the full name of the threat on the website of the Virus Encyclopedia. To find the name of a threat, enter the application name in the Search field.

The setting value is case-sensitive.

The default value is not defined.


Enables or disables logging of information about scanned objects that Kaspersky Endpoint Security has deemed non-infected.

You can enable this setting, for example, to make sure that a particular object has been scanned by Kaspersky Endpoint Security.

Available values:

Yes—Log information about non-infected objects.

No—Do not log information about non-infected objects.

Default value: No


Enables or disables logging of information about files that have not been processed for some reason.

Available values:

Yes—Log the information about unprocessed objects. Setting this parameter value to Yes for a long period is not recommended, since logging a large amount of information may reduce the application performance.

No—Do not log the information about unprocessed objects.

Default value: No


Selection of the action to be performed by Kaspersky Endpoint Security on infected objects.

Available values:

Disinfect—Kaspersky Endpoint Security attempts to disinfect an object. If disinfection fails (for example, if the type of object or the type of threat in the object cannot be disinfected) Kaspersky Endpoint Security leaves the object unchanged.

Skip—Kaspersky Endpoint Security does not attempt to disinfect or delete an infected object. Information about the infected object is logged.

Default value: Disinfect

Page top