The protection scope refers to the objects that the component scans during its operation. The protection scopes of different components have different properties. The location and type of files to be scanned are properties of the protection scope of File Anti-Virus. By default, File Anti-Virus scans only infectable files that are stored on hard drives, removable drives, and network drives of a virtual machine. You can expand or restrict the protection scope by adding or removing scan objects, or by changing the type of files to be scanned.
A file which, due to its structure or format, can be used by intruders as a "container" to store and spread malicious code. As a rule, these are executable files, with such file extensions as .com, .exe, and .dll. There is a fairly high risk of intrusion of malicious code in such files.
To create the File Anti-Virus protection scope in the Administration Console:
Open Kaspersky Security Center Administration Console.
In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
In the workspace, select the Policies tab.
Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
In the policy properties window, select the File Anti-Virus section in the list on the left.
In the right part of the window, in the Security level section, click the Settings button.
In the File Anti-Virus window that opens, on the General tab, in the File types section, specify the types of files you want to scan using File Anti-Virus:
If you want to scan all files, select All files.
Select Files scanned by format if you want to scan files of the formats that, according to Kaspersky experts, are currently most susceptible to infection.
Select Files scanned by extension if you want to scan files with extensions that, according to Kaspersky experts, are currently most susceptible to infection.
When selecting the type of files to scan, remember the following information:
There are some file formats (such as .txt) for which the probability of intrusion of malicious code and its subsequent activation is quite low. At the same time, there are file formats that contain or may contain executable code (such as .exe, .dll, and .doc). The risk of intrusion and activation of malicious code in such files is quite high.
An intruder can send a virus or other malware to your virtual machine in an executable file that has had its extension changed to .txt. If you select scanning of files by extension, such a file is skipped by the scan. If scanning of files by format is selected, then regardless of the extension, File Anti-Virus analyzes the file header. This analysis may reveal that the file is in .exe format. Such a file is thoroughly scanned for viruses and other malware.
The list of scanned extensions and the list of scanned file formats are changed dynamically in order to match the current need to maintain your virtual machine security.
In the Protection scope section, create the File Anti-Virus protection scope.
To add a new object to the list of objects to be scanned:
Click the Add button.
In the Select object window that opens, select an object and click Add.
Click OK.
All objects that are selected in the Select object window are displayed in the File Anti-Virus window, in the Protection scope list.
To change the path to an object:
Select the object in the list of objects and click Edit.
In the Select object window that opens, in the Object field, specify another path to the object and click OK.
To remove an object from the protection scope:
Select the object in the list of objects and click Delete.
In the removal confirmation window, click Yes.
To exclude an object from the protection scope without removing it, clear the check box next to the object in the Protection scope list. The object remains on the list of objects to be scanned, though it is excluded from scanning by File Anti-Virus.
Click OK in the File Anti-Virus window.
Click the Apply button.
To create the File Anti-Virus protection scope in the local interface:
In the left part of the window, in the Anti-Virus protection section, select File Anti-Virus.
In the right part of the window, the File Anti-Virus component's settings are displayed.
If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.