About File Threat Protection

File Threat Protection prevents infection of the file system of the computer. The File Threat Protection task is automatically created with the default settings when you install Kaspersky Endpoint Security to the computer. By default, the File Threat Protection task starts automatically when Kaspersky Endpoint Security starts. The task resides in the computer's RAM and scans all opened, saved, and active files.

While File Threat Protection task is running, Kaspersky Endpoint Security scans all namespaces on all supported operating systems if the general application setting NamespaceMonitoring is set to Yes.

Additionally for Astra Linux, a custom virus scan task (Scan_File) allows scanning files from another namespaces (within mandatory sessions).

You must have the Kaspersky Endpoint Security administrator privileges (admin role) to be able to stop and start the File Threat Protection task from the command line.

You cannot create custom File Threat Protection tasks. You can modify the settings of the predefined File Threat Protection task.

Real-time protection settings are contained in the configuration file used by the File Threat Protection task.

About infected files

Kaspersky Endpoint Security uses anti-virus databases when scanning files. These databases contain files with fragments of malicious code and the algorithms used for disinfecting objects that contain such threats. Anti-virus databases enable detection of known threats in the files being scanned.

If a file contains code that fully matches the code of a known threat, Kaspersky Endpoint Security assigns the status of Infected to the file.

Page top