Scan settings

The table describes the settings that control the following types of scans: Full Scan, Quick Scan, Selective Scan, and Instant File Scan.

Settings	Description
Security level	Kaspersky uses various sets of settings for scanning. The sets of settings that are stored in the application are called security levels: Extreme. The Kaspersky application scans all types of files. When scanning compound files, the application also scans mail-format files. Optimal. The Kaspersky application scans only specified file formats on all hard drives, network drives, removable storage media of the computer, and embedded OLE objects. The application does not scan archives and installation packages. Low. The Kaspersky application only scans new and changed files with certain file extensions on all of the computer’s hard drives, removable drives, and network drives. The application does not scan compound files.
Action on threat detection	Ask user. If the Kaspersky application detects an infected or probably infected object during a scan, it immediately notifies you of this event and prompts you for an action to take on the detected object. This option is available if the Perform recommended actions automatically check box is cleared under Settings → Security settings → Exclusions and actions on object detection. Select action automatically. When infected or probably infected objects are detected, Kaspersky performs the action that is recommended by Kaspersky specialists: Kaspersky first tries to disinfect an infected object. If disinfection fails, it deletes the file. Kaspersky deletes a probably infected object if the Delete malicious tools, adware, auto-dialers and suspicious packers check box is selected. If the check box is cleared, the application does not delete a probably infected object. Instead, a notification about the detection of this object is displayed in the Notification Center (click the Details button in the main application window to open it). This option is available if the Perform recommended actions automatically check box is selected under Settings → Security settings → Exclusions and actions on object detection. Disinfect, delete if disinfection fails. If this option is selected, the application automatically attempts to disinfect all infected files that are detected. If disinfection fails, the application deletes the objects. Disinfect, block if disinfection fails. If you select this action, then Kaspersky will automatically try to disinfect all infected files that it finds. If disinfection fails, the application will add information about the infected files that it finds to the list of detected objects. Notify. If this option is selected, the Kaspersky application will add information about infected files that it finds to the list of detected objects. Before attempting to disinfect or delete an infected file, the application creates a backup copy in case you subsequently need to restore the file or it becomes possible to disinfect it later.
Edit scan scope (not available in the Context Menu Scan settings)	Clicking the link opens a window with a list of objects that the Kaspersky application can scan. Depending on the type of scan (Full Scan, Quick Scan or Selective Scan), various objects will be included by default in the list. You can add objects to the list or delete the objects that you add. To remove an object from the scan, you do not have to delete the object from the list. All you need to do is clear the check box next to the object name.
Scan schedule (not available in the Context Menu Scan settings)	Manually. Run mode in which you can start scan manually at a time when it is convenient for you. By schedule. Scan run mode in which the application runs the scan task according to the schedule you have created. If you select this scan run mode, you can also run the scan task manually.
Run scan as	Clicking the link opens a window in which you can choose to run the scan with a particular user’s rights. By default the scan task is run in the name of the user with whose rights you are registered in the operating system. The protection scope may include network drives or other objects that require special rights to access. You can specify a user that possesses the required rights in the application settings and run the scan task on behalf of this user.
File types	The Kaspersky application treats files without extensions as executables. The application always scans them, regardless of the file types you have selected for scanning. All files. If this setting is enabled, Kaspersky scans all files without exception (all formats and extensions). Files scanned by format. If you select this setting, the application will scan only potentially infected files. Before searching for malicious code in a file, its internal header is analyzed to determine the file format (for example, TXT, DOC, EXE). The scan also looks for files with particular file extensions. A file that, due to its structure or format, can be used by criminals as a "container" to store and spread malicious code. As a rule, they are executable files, for example, files with the extensions COM, EXE, DLL, etc. The risk of penetration of malicious code into such files is quite high. Files scanned by extension. If you select this setting, the application will scan only potentially infected files. The file format is determined based on the extension of a file.
Scan only new and modified files	Scans only new files and those files that have been modified since the last time they were scanned. This will allow you to save time performing the scan. This scan mode applies both to simple and compound files.
Skip objects scanned longer than N seconds	Limits the duration for scanning a single object. After the specified amount of time has run out, the application will stop the file scan. This will allow you to save time performing the scan.
Scan archives	Scan ZIP, GZIP, BZIP, RAR, TAR, ARJ, CAB, LHA, JAR, ICE and other archives. The application scans archives not only by their extension, but by their format as well. When checking archives, the application performs a recursive unpacking. This allows to detect threats inside multi-level archives (archive within an archive).
Scan distribution packages	The check box enables/disables the scanning of third-party distribution packages.
Scan files in Microsoft Office formats	Scans Microsoft Office files (DOC, DOCX, XLS, PPT and other Microsoft extensions). Office format files also include OLE objects. The Kaspersky application scans office format files that are smaller than 1 MB, regardless of whether the check box is selected or not.
Scan email formats	This check box enables / disables the option for Kaspersky to scan files in email formats and mail databases. The application fully scans only Microsoft Outlook, Windows Mail/Microsoft Outlook Express and EML mail file formats, and only if the computer has the Microsoft Outlook x86 mail client. If this check box is selected, Kaspersky parses the email format file and analyzes each component (body, attachments) for viruses. If this check box is cleared, Kaspersky scans the email format file as a single object.
Scan password-protected archives	If the check box is selected, the application scans password-protected archives. Before files contained in the archive can be scanned, a request for password will be displayed on the screen. If the check box is not selected, the application skips scanning password-protected archives.
Do not unpack large compound files Maximum file size	If the check box is selected, the application does not scan compound files that are larger than the specified value. If this check box is cleared, the application scans compound files of all sizes. The application scans large files that are extracted from archives regardless of whether the check box is selected or not.
Heuristic Analysis	A technique for detecting threats that cannot be identified using the current version of the Kaspersky application databases. It allows you to find files that may contain unknown malware or a new modification of a known malware program. When scanning files for malicious code, the heuristic analyzer executes instructions in the executable files. The number of instructions that are executed by the heuristic analyzer depends on the level that is specified for the heuristic analyzer. The heuristic analysis level sets the balance between the thoroughness of searches for new threats, the load on the operating system resources, and the time required for heuristic analysis.
iSwift Technology	This technology is a development of the iChecker technology for computers using the NTFS file system. There are limitations to iSwift Technology: it is bound to a specific file's location in the file system and works only with objects in the NTFS file system. When you upgrade the Kaspersky application to a new version, the iSwift technology is enabled for all scan types, even if it was previously disabled.
iChecker Technology	This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from the scan using a special algorithm that takes into account the release date of the Kaspersky application databases, the date when the file was scanned last, and any changes made to the scan settings. There are limitations to iChecker Technology: it does not work with large files and applies only to files with a structure that the application recognizes (for example, EXE, DLL, LNK, TTF, INF, SYS, COM, CHM, ZIP, and RAR).

Page top