The File Threat Protection component lets you prevent infection of the file system of the computer. By default, the File Threat Protection component resides permanently in the computer's RAM and scans all files that are opened, saved, or run in real time. The component scans files on all computer drives, including connected drives. The component provides computer protection with the help of anti-virus databases, the Kaspersky Security Network cloud service, and heuristic analysis.
The component scans the files accessed by the user or application. If a malicious file is detected, Kaspersky Endpoint Security blocks the file operation. The application then disinfects or deletes the malicious file, depending on the settings of the File Threat Protection component.
When attempting to access a file whose contents reside in OneDrive cloud storage, Kaspersky Endpoint Security downloads and scans the file contents.