About the Real-Time File Protection task

Support

Support for business applications

Kaspersky Embedded Systems Security 3.x

Real-Time File Protection

About the Real-Time File Protection task

October 25, 2023

ID 146659

When the Real-Time File Protection task is running, Kaspersky Embedded Systems Security for Windows scans the following protected device objects when they are accessed:

Operating system objects.
NTFS alternate data streams.
Master boot records and boot sectors on local hard drives and external devices.

When any application writes or reads a file on the protected device, Kaspersky Embedded Systems Security for Windows intercepts the file, scans it for threats, and, if a threat is detected, performs a default action or an action you have specified: try to disinfect, move to Quarantine, or delete it. Before disinfection or deletion, Kaspersky Embedded Systems Security for Windows saves an encrypted copy of the source file to the Backup folder.

Kaspersky Embedded Systems Security for Windows also detects malware for processes running under Windows Subsystem for Linux. For such processes, the Real-Time File Protection task applies action defined by the current configuration.

Kaspersky Professional Services

Implementation services. Health check and security system configuration. Contact us if you need expert help.

Kaspersky Premium Support (MSA): High‑priority incident processing

Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.