You can obtain the list of executable files stored on client devices in one of the following ways:
Enabling notifications about applications startup in Kaspersky Endpoint Security policy
To enable notifications about applications startup:
When a user attempts to start executable files, information about these files is added to the list of executable files on a client device. Kaspersky Endpoint Security sends this information to Network Agent, and then Network Agent sends it to Administration Server.
Creating an inventory task
The feature of inventorying executable files is available for the following applications:
You can reduce load on the database while obtaining information about the installed applications. To do this, we recommend that you run an inventory task on reference devices on which a standard set of software is installed. The preferable number of devices is 1-3.
We strongly do not recommend running the inventory task when using the following databases: MySQL, PostgreSQL, SQL Server Express Edition, MariaDB (all editions).
To create an inventory task for executable files on client devices:
The list of tasks is displayed.
The New task wizard starts. Follow the steps of the wizard.
After the New task wizard is complete, the Inventory task is created and configured. If you want, you can change the settings for the created task. The newly created task is displayed in the list of tasks.
For a detailed description of the inventory task, refer to the following Helps:
After the Inventory task is performed, the list of executable files installed on managed devices is formed and you can view the list.
During inventory, the following formats of executable files can be detected (depending on the option that you select in the inventory task properties): MZ, COM, PE, NE, SYS, CMD, BAT, PS1, JS, VBS, REG, MSI, CPL, DLL, JAR, and HTML.
Viewing the list of executable files stored on managed devices
To view the list of executable files stored on client devices,
In the main menu, go to Operations → Third-party applications → Executable files.
The page displays the list of executable files installed on client devices.
If necessary, you can send the executable file of the managed device to the device where your Kaspersky Security Center Cloud Console is open.
To send an executable file:
Before you send the executable file, make sure that the managed device has a direct connection to the Administration Server, by selecting the Do not disconnect from the Administration Server check box. The maximum total number of devices with the Do not disconnect from the Administration Server option selected is 300.
The selected executable file is downloaded for further sending to the device where your Kaspersky Security Center Cloud Console is open.