Virus scan
October 10, 2024
ID 207386
A virus scan is a one-time full or custom scan of files on a computer performed by Kaspersky Endpoint Security. Kaspersky Endpoint Security can perform multiple virus scan tasks at the same time.
By default, Kaspersky Endpoint Security creates one predefined virus scan task—full scan. The application scans all objects located on local drives of the computer, as well as all mounted and shared objects that are accessed via the Samba and NFS protocols with the recommended security settings.
Computer CPU will be occupied during a full disk scan. It is recommended to run the full scan task when the business is idle.
Users can create custom virus scan tasks.
By default, Kaspersky Endpoint Security also creates a predefined custom virus scan task.
If the application was restarted by the watchdog or manually by a user during a virus scan run, a task is interrupted. The application logs the OnDemandTaskInterrupted event.
Virus scan task settings
Setting | Description |
|---|---|
Scan archives | This check box enables or disables scan of archives. If this check box is selected, Kaspersky Endpoint Security scans archives. The application detects infected objects in archives, but does not disinfect them. Select this action for a more detailed scan. To scan an archive, the application has to unpack it first, which may slow down scanning. You can reduce the archive scan duration by enabling and configuring the Skip object if scan takes longer than (sec) and/or Skip objects larger than (MB) parameters. If this check box is cleared, Kaspersky Endpoint Security does not scan archives. This check box is selected by default. |
Scan SFX archives | This check box enables or disables scanning of self-extracting archives. Self-extracting archives are archives that contain an executable extraction module. If this check box is selected, Kaspersky Endpoint Security scans self-extracting archives. If this check box is cleared, Kaspersky Endpoint Security does not scan self-extracting archives. This check box is available if the Scan archives check box is cleared. This check box is selected by default. |
Scan mail databases | This check box enables or disables scan of mail databases of Microsoft Outlook, Outlook Express, The Bat!, and other mail applications. If this check box is selected, Kaspersky Endpoint Security scans mail database files. If this check box is cleared, Kaspersky Endpoint Security does not scan mail database files. This check box is cleared by default. |
Scan mail formats | This check box enables or disables scan of files of plain-text email messages. If this check box is selected, Kaspersky Endpoint Security scans plain-text messages. If this check box is cleared, Kaspersky Endpoint Security does not scan plain-text messages. This check box is cleared by default. |
Skip object if scan takes longer than (sec) | The field for specifying the maximum time to scan an object, in seconds. After the specified time is reached, Kaspersky Endpoint Security stops scanning the object. Available values: Default value: |
Skip objects larger than (MB) | The field for specifying the maximum size of an archive to scan, in megabytes. Available values: Default value: |
Log clean objects | This check box enables or disables logging the events of the If this check box is selected, Kaspersky Endpoint Security logs the events of the If this check box is cleared, Kaspersky Endpoint Security does not log the events of the This check box is cleared by default. |
Log unprocessed objects | This check box enables or disables logging the events of the If this check box is selected, Kaspersky Endpoint Security logs the events of the If this check box is cleared, Kaspersky Endpoint Security does not log the events of the This check box is cleared by default. |
Log packed objects | This check box enables or disables logging the events of the If this check box is selected, Kaspersky Endpoint Security logs the events of the If this check box is cleared, Kaspersky Endpoint Security does not log the events of the This check box is cleared by default. |
Use iChecker technology | This check box enables or disables scan of only new and modified since the last scan files. If the check box is selected, Kaspersky Endpoint Security scans only new or modified since the last scan files. If the check box is cleared, Kaspersky Endpoint Security scans files regardless to the date of creation or modification. This check box is selected by default. |
Use heuristic analysis | This check box enables or disables heuristic analysis during an object scan. This check box is selected by default. |
Heuristic analysis level | If the Use heuristic analysis check box is selected, you can select the heuristic analysis level in the drop-down list:
|
Actions on infected objects | In this section, you can select the actions to be performed by Kaspersky Endpoint Security on an infected object that has been detected. In the first drop-down list, you can select the action to be performed first:
|
Scan scopes | Table that contains objects that are scanned by the Virus scan task. You can add, configure, delete, move up, or move down scan scopes in the table. |
You can also configure exclusion scopes, exclusions by mask, and by threat name for the Virus scan task in the Exclusion scopes section.
