Boot sector scan task (Boot_Scan ID:4)
January 20, 2022
ID 194522
This section contains information about the boot sector scan task.
Boot sector scan task lets you scan boot sectors not specifying a scan scope.
Below are the settings that you can specify for the boot sector scan task.
All available values and default values for each setting are described.
UseExcludeMasks
Enables or disables the scan exclusion of objects specified using the ExcludeMasks setting.
Available values:
Yes—Exclude objects specified by the ExcludeMasks setting
No—Do not exclude objects specified by the ExcludeMasks setting
Default value: No
ExcludeMasks
Excludes objects from scanning by name or mask. You can use this setting to exclude an individual file from the specified scan scope by name or exclude several files at once using masks in command shell format.
The default value is not defined.
UseExcludeThreats
Enables or disables the scan exclusion of objects with threats specified using the ExcludeThreats setting.
Available values:
Yes—Exclude from scanning the objects containing threats specified using the ExcludeThreats setting
No—Do not exclude from scanning the objects containing threats specified using the ExcludeThreats setting
Default value: No
ExcludeThreats
Excludes objects from scanning by the name of the threats detected in them. Before specifying a value for this setting, make sure that the UseExcludeThreats setting is enabled.
In order to exclude a single object from scanning, specify the full name of the threat detected in this object – the Kaspersky Endpoint Security string with the decision that the object is infected.
E.g., you may be using a utility to collect information about your network. To keep Kaspersky Endpoint Security from blocking it, add the full name of the threat contained in it to the list of threats excluded from scanning.
You can find the full name of the threat detected in the object in the Kaspersky Endpoint Security log. You can also find the full name of the threat on the website of the Virus Encyclopedia. To find the name of a threat, enter the application name in the Search field.
The setting value is case-sensitive.
The default value is not defined.
ReportCleanObjects
Enables or disables logging of information about scanned objects that Kaspersky Endpoint Security has deemed non-infected.
You can enable this setting, for example, to make sure that a particular object has been scanned by Kaspersky Endpoint Security.
Available values:
Yes—Log information about non-infected objects
No—Do not log information about non-infected objects
Default value: No
ReportUnprocessedObjects
Enables or disables logging of information about files that have not been processed for some reason.
Available values:
Yes—Log the information about unprocessed objects. Setting this parameter value to Yes for a long period is not recommended, since logging a large amount of information may reduce the application performance.
No—Do not log the information about unprocessed objects
Default value: No
UseAnalyzer
Enables or disables Heuristic Analyzer.
Heuristic analysis helps the application to detect threats even before they become known to virus analysts.
Available values:
Yes—Enable Heuristic Analyzer
No—Disable Heuristic Analyzer
Default value: Yes
HeuristicLevel
Heuristic analysis level.
You can specify the heuristic analysis level. The heuristic analysis level sets the balance between the thoroughness of searches for threats, the load on the operating system's resources, and the scan duration. The higher the heuristic analysis level, the more resources and time are required for scanning.
Available values:
Light—The least thorough scan with minimal load on the system
Medium—Medium heuristic analysis level; balanced load on the system
Deep—The most thorough scan with maximal load on the operating system
Recommended—Recommended value
Default value: Recommended
Action
Selection of the action to be performed by Kaspersky Endpoint Security on infected objects.
Available values:
Cure—Kaspersky Endpoint Security attempts to disinfect an object. If disinfection fails (for example, if the type of object or the type of threat in the object cannot be disinfected) Kaspersky Endpoint Security leaves the object unchanged.
Skip—Kaspersky Endpoint Security does not attempt to disinfect or delete an infected object. Information about the infected object is logged
Default value: Cure
