iSwift and iChecker in Kaspersky Endpoint Security 10 for Windows
This article concerns Kaspersky Endpoint Security 10 for Windows:
- Service Pack 2 Maintenance Release 4 (version 10.3.3.304)
- Service Pack 2 Maintenance Release 3 (version 10.3.3.275)
- Service Pack 2 Maintenance Release 2 (version 10.3.0.6294)
- Service Pack 2 Maintenance Release 1 (version 10.3.0.6294)
- Service Pack 2 (version 10.3.0.6294)
- Service Pack 1 Maintenance Release 4 (version 10.2.6.3733)
iSwift and iChecker are the technologies which allow processing user’s files by the antivirus protection components of Kaspersky Endpoint Security 10 for Windows quicker.
iSwift and iChecker are used by File Anti-Virus and scan tasks.
The iSwift and iChecker technologies must be used for some time since the application installation so that they collect necessary information about the files on your computer to enhance the performance efficiently.
iChecker
How it works
The iChecker technology calculates and remembers checksums for scanned objects. A checksum is a digital signature of a file which helps to identify it as genuine.
When the file is modified, the checksum changes as well.
The iChecker technology saves the information about changed checksums to a special chart and compares the current checksum with the earlier one.
If the checksums are different, then the file has been changed. The application checks it for viruses once again.
If the checksums match, the file is excluded from the scan scope.
The algorithm also takes into account antivirus databases release date and the date when the scan settings have been changed.
Advantages
- The file is not scanned again if it was moved to a different folder because its checksum does not change.
- iChecker also checks such objects as email attachments and startup objects.
- The technology uses the features of the Windows operating system to optimize the first scan of startup objects during the first scan task since the application installation.
Limitations
- The technology cannot process large files, because calculating the checksum for it takes longer than scanning the file.
- The technology supports limited number of formats (exe, dll, lnk, ttf, inf, sys, com, chm, zip, rar).
iSwift
How it works
The iSwift technology is the iChecker technology modified for the NTFS file system.
The NTFS file system assigns each object with the NTFS identifier. iSwift then compares the NTFS identifier with the values from its database.
If the values and the identifiers do not match, the object is scanned.
iSwift calculates the time since the first and latest scans of the object. It does not use the information about the scans performed in between.
The algorithm also takes into account antivirus databases release date and the date when the scan settings have been changed.
Advantages
- iSwift is quicker than iChecker because it does not calculate checksums.
- The technology is compatible with objects of all formats, types, and sizes.
Limitations
- The file is scanned again when it is copied to a different location because the technology is location-based.
- It is only applicable to NTFS.
How to enable iSwift and iChecker
To enable or disable the use of iSwift or iChecker for File Anti-Virus, do the following:
For File Anti-Virus
- On the client computer, open the application interface and go to Settings.
- In the left frame, expand Anti-Virus protection and click File Anti-Virus.
- In the Security level section, click Settings.
- Go to the Additional tab and select or clear check boxes for iSwift technology and iChecker technology.
- Click OK.
- In the main window, click Save to apply the changes.
For scan tasks
- On the client computer, open the application interface and go to Settings.
- In the left frame, expand Scheduled tasks.
- Select the task:
- Full scan.
- Critical Areas Scan.
- Custom Scan.
- In the Security level section, click Settings.
- Go to the Additional tab and select or clear check boxes for iSwift technology and iChecker technology.
- Click OK.
- Click Save to apply the changes.
