The scan scope refers to the locations and extensions of files of virtual machines that are scanned by Kaspersky Security when it performs a scan task.
If a scan scope has not been configured, Kaspersky Security scans all files of virtual machines.
When scanning virtual machines running Windows operating systems, Kaspersky Security does not scan files in network folders. Kaspersky Security is able to scan files in network folders only when the user or an application accesses those files. If you want to scan files in network folders regularly, you must create a task for scanning virtual machines that have shared files and folders, and include those files and folders into the scan task scope.
When scanning virtual machines running Linux operating systems, Kaspersky Security scans files in CIFS network file systems if the directories in which the CIFS network file systems are mounted are included in the task scan scope. Scanning files in NFS network file systems is not supported.
You can define the scan scope of a task while creating the task (the Defining the scan scope step) or in the task properties after it is created (the Scan scope section).
To configure the scan scope of the task:
You can exclude objects of the following types from the scan scope:
The *
and ?
characters in the paths to excluded folders are not supported. The folder path must be absolute.
Kaspersky Security ignores the case of characters in paths to files and folders that are excluded from the scan scope.
You can save a configured list of exclusions to file using the Export button or load a previously saved list of exclusions from file using the Import button. To import or export a list of exclusions, you can use a file in XML format. You can also import a list of exclusions from a file in DAT format. Using a file in DAT format, you can import a list of exclusions that was generated in other Kaspersky applications.
The application distribution kit includes the microsoft_file_exclusions.xml file with the list of exclusions recommended by Microsoft Corporation (see the Microsoft website for the list of exclusions recommended by Microsoft). The microsoft_file_exclusions.xml file is located in the setup folder of the Kaspersky Security administration plug-in on the computer on which the Kaspersky Security Center Administration Console is installed. You can import this file into exclusions of the scan task. After the import is completed, Kaspersky Security does not scan the objects recommended by Microsoft when it performs a scan task. You can view and edit the list of these objects in the Files and folders table.
If your exclusions list uses an environment variable that has multiple values depending on the bit rate of the application that uses it, in 64-bit Windows operating systems, objects corresponding to all values of the variable are excluded from the scan scope. For example, if you use the %ProgramFiles% variable, objects located in the C:\Program Files folder and in the C:\Program Files (x86) folder are excluded from the scan scope.
To do so, select one of the options below:
You can type file extensions in the field by separating them with a blank space, or by typing each extension in a new line. File extensions may contain any characters except . * | \ : " < > ? /
. If an extension includes a blank space, the extension should be typed inside quotation marks: "doc x"
.
If you have selected Scan files with the following extensions only in the drop-down list but have not specified the extensions of files to scan, Kaspersky Security scans all files.
Folders excluded from the scan have a higher priority than file extensions that are included in the scan scope. If a file is located in a folder that is excluded from the scan, the application skips this file even if its extension is included in the scan scope.
When scanning virtual machines running Linux operating systems, Kaspersky Security is case sensitive regarding the characters in paths to files and directories included in the scan scope. When scanning virtual machines running Windows operating systems, paths to files and folders are not case sensitive.
If your list of objects requiring scanning uses an environment variable that has multiple values depending on the bit rate of the application that uses it, in 64-bit Windows operating systems, objects corresponding to all values of the variable are included in the scan scope. For example, if you use the %ProgramFiles% variable, objects located in the C:\Program Files folder and in the C:\Program Files (x86) folder are included in the scan scope.