Detection of other types of objects

Windows

macOS

Linux

Regardless of the configured application settings, Kaspersky Endpoint Security always detects and blocks viruses, worms, Trojans, and malicious tools. They can cause significant harm to a computer.

You can additionally enable the detection of the following types of objects:

• Legitimate software that can be used by intruders to damage your computer or personal data. Although they do not have any malicious functions, such applications can be exploited by intruders. For details on legitimate software that can be used by intruders to damage your computer or personal data, please refer to the Kaspersky IT Encyclopedia website.
• Windows Adware. Adware programs display banner ads in the interfaces of other programs and redirect search queries to advertising web pages.
• Windows Auto-dialers. Auto-dialers can surreptitiously establish phone connections using a modem. Such applications are also legitimate software that can be used by hackers to compromise the device or user data.
• Windows Packers. To hide malware from detection by an anti-virus, hackers pack it using special packers. Kaspersky experts have identified packers that are the most popular amongst hackers.

Advanced Disinfection Technology

Windows

Typically, Kaspersky Endpoint Security terminate detected malware before the computer becomes infected. The Advanced Disinfection Technology protects the computer from already active malware (active infection), thus minimizing the risk of data loss and the threat spreading.

If this technology is enabled, when malicious activity is detected, Kaspersky Endpoint Security displays a pop-up notification. In its notification, Kaspersky Endpoint Security offers the user the option to perform Advanced Disinfection of the computer. After the user approves this procedure, Kaspersky Endpoint Security neutralizes the threat and then restarts the computer. The advanced disinfection technology uses considerable computing resources, which may slow down other applications.

When the application is in process of detecting an active infection, some operating system functionality can be unavailable. The availability of the operating system is restored when Advanced Disinfection is complete and the computer is restarted.

If Kaspersky Endpoint Security is installed on a computer running Windows for Servers, Kaspersky Endpoint Security does not show the notification. Therefore, you cannot select an action to disinfect an active threat. To disinfect a threat, you need to enable Advanced Disinfection technology in the application settings and enable immediate Advanced Disinfection in the Malware Scan task settings. Then, you need to start a Malware Scan task.

Block access to files during scans

Linux

If this checkbox is selected, the application blocks access to files on the device while the File Threat Protection and Anti-Cryptor components perform a scan, as well as during a Removable Drives Scan.

If the check box is cleared, access to any file is allowed for the duration of the scan, and the scan runs in asynchronous mode.

Object logging settings

Linux

Log clean objects. If this check box is selected, the application logs the ObjectProcessed event for all scanned objects.

Log unprocessed objects. If this check box is selected, the application logs an ObjectNotProcessed event.

Log packed objects. If this check box is selected, the application logs an PackedObjectDetected event.