Scan from context menu

Kaspersky Endpoint Security lets you run a scan of individual files for viruses and other malware from the context menu (see the figure below).

When performing a scan from the context menu, Kaspersky Endpoint Security does not scan files whose contents are located in OneDrive cloud storage.

Scan from context menu

How to configure Scan from Context Menu in Administration Console (MMC)

How to configure Scan from Context Menu in the Web Console and Cloud Console

How to configure Scan from Context Menu in the application interface

Scan from Context Menu task settings

Parameter

Description

Security level

Kaspersky Endpoint Security can use different groups of settings for running a scan. These groups of settings that are stored in the application are called security levels:

  • High. Kaspersky Endpoint Security scans all types of files. When scanning compound files, the application also scans mail-format files.
  • Recommended. Kaspersky Endpoint Security scans only the specified file formats on all hard drives, network drives, and removable storage media of the computer, and also embedded OLE objects. The application does not scan archives or installation packages.
  • Low. Kaspersky Endpoint Security scans only new or modified files with the specified extensions on all hard drives, removable drives, and network drives of the computer. The application does not scan compound files.

Action on threat detection

Disinfect; delete if disinfection fails. If this option is selected, the application automatically attempts to disinfect all infected files that are detected. If disinfection fails, the application deletes the files.

Disinfect; block if disinfection fails. If this option is selected, Kaspersky Endpoint Security automatically attempts to disinfect all infected files that are detected. If disinfection is not possible, Kaspersky Endpoint Security adds the information about the infected files that are detected to the list of active threats.

Notify. If this option is selected, Kaspersky Endpoint Security adds the information about infected files to the list of active threats on detection of these files.

File types

Kaspersky Endpoint Security considers files without an extension as executable ones. The application always scans executable files regardless of the file types that you select for scanning.

All files. If this setting is enabled, Kaspersky Endpoint Security checks all files without exception (all formats and extensions).

Files scanned by format. If this setting is enabled, the application scans infectable files only. Before scanning a file for malicious code, the internal header of the file is analyzed to determine the format of the file (for example, .txt, .doc, or .exe). The scan also looks for files with particular file extensions.

Files scanned by extension. If this setting is enabled, the application scans infectable files only. The file format is then determined based on the file's extension.

By default, Kaspersky Endpoint Security scans files by their format. Scanning files by extension is less safe because a malicious file can have an extension that is not on the list of potentially infectable (for example, .123).

Scan only new and changed files

Scans only new files and those files that have been modified since the last time they were scanned. This helps reduce the duration of a scan. This mode applies both to simple and to compound files.

Skip objects scanned longer than N seconds

This sets a time limit for scanning a single object. After the specified amount of time, the application stops scanning a file. This helps reduce the duration of a scan.

Scan archives

Scanning ZIP, GZIP, BZIP, RAR, TAR, ARJ, CAB, LHA, JAR, ICE, and other archives. The application scans archives not only by extension, but also by format. When checking archives, the application performs a recursive unpacking. This allows to detect threats inside multi-level archives (archive within an archive).

Scan distribution packages

The check box enables or disables scanning of distribution packages.

Scan files in Microsoft Office formats

Scans Microsoft Office files (DOC, DOCX, XLS, PPT and other Microsoft extensions). Office format files include OLE objects as well.

Scan email formats

Scanning email format files and the email database. The application scans PST and OST files used by MS Outlook and Windows Mail/Outlook Express mail clients as well as EML files.

Kaspersky Endpoint Security does not support the 64-bit version of MS Outlook email client. This means that Kaspersky Endpoint Security does not scan MS Outlook files (PST and OST files) if a 64-bit version of MS Outlook is installed on the computer, even if mail is included in the scan scope.

If the check box is selected, Kaspersky Endpoint Security splits the mail-format file into its components (header, body, attachments) and scans them for threats.

If this check box is cleared, Kaspersky Endpoint Security scans the mail-format file as a single file.

Scan password-protected archives

If the check box is selected, the application scans password-protected archives. Before files in an archive can be scanned, you are prompted to enter the password.

If the check box is cleared, the application skips scanning of password-protected archives.

Do not unpack large compound files

If this check box is selected, the application does not scan compound files if their size exceeds the specified value.

If this check box is cleared, the application scans compound files of all sizes.

The application scans large files that are extracted from archives regardless of whether the check box is selected or not.

Machine learning and signature analysis

The machine learning and signature analysis method uses the Kaspersky Endpoint Security databases that contain descriptions of known threats and ways to neutralize them. Protection that uses this method provides the minimum acceptable security level.

Based on the recommendations of Kaspersky experts, machine learning and signature analysis is always enabled.

Heuristic Analysis

The technology was developed for detecting threats that cannot be detected by using the current version of Kaspersky application databases. It detects files that may be infected with an unknown virus or a new variety of a known virus.

When scanning files for malicious code, the heuristic analyzer executes instructions in the executable files. The number of instructions that are executed by the heuristic analyzer depends on the level that is specified for the heuristic analyzer. The heuristic analysis level ensures a balance between the thoroughness of searching for new threats, the load on the resources of the operating system, and the duration of heuristic analysis.

iSwift Technology

This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from scanning by using a special algorithm that takes into account the release date of Kaspersky Endpoint Security databases, the date that the file was last scanned on, and any modifications to the scanning settings. The iSwift technology is an advancement of the iChecker technology for the NTFS file system.

iChecker Technology

This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from scans by using a special algorithm that takes into account the release date of Kaspersky Endpoint Security databases, the date when the file was last scanned, and any modifications to the scan settings. There are limitations to iChecker Technology: it does not work with large files and applies only to files with a structure that the application recognizes (for example, EXE, DLL, LNK, TTF, INF, SYS, COM, CHM, ZIP, and RAR).

Page top