In this window, you can configure file scan settings while File Threat Protection is enabled.
File Threat Protection settings
Setting |
Description |
---|---|
Scan archives |
This check box enables or disables scan of archives. If this check box is selected, Kaspersky Endpoint Security scans archives. To scan an archive, the application has to unpack it first, which may slow down scanning. You can reduce the duration of archive scans by enabling and configuring the Skip file if scan takes longer than (sec) and Skip file larger than (MB) settings in the General scan settings section. If this check box is cleared, Kaspersky Endpoint Security does not scan archives. This check box is cleared by default. |
Scan SFX archives |
This check box enables or disables self-extracting archive scans. Self-extracting archives are archives that contain an executable extraction module. If this check box is selected, Kaspersky Endpoint Security scans self-extracting archives. If this check box is cleared, Kaspersky Endpoint Security does not scan self-extracting archives. This check box is available if the Scan archives check box is unchecked. This check box is cleared by default. |
Scan mail databases |
This check box enables or disables scans of mail databases of Microsoft Outlook, Outlook Express, The Bat!, and other mail applications. If this check box is selected, Kaspersky Endpoint Security scans mail database files. If this check box is cleared, Kaspersky Endpoint Security does not scan mail database files. This check box is cleared by default. |
Scan mail format files |
This check box enables or disables scan of files of plain-text email messages. If this check box is selected, Kaspersky Endpoint Security scans plain-text messages. If this check box is cleared, Kaspersky Endpoint Security does not scan plain-text messages. This check box is cleared by default. |
Skip text files |
Temporary exclusion of files in text format from scans. If the checkbox is selected, Kaspersky Endpoint Security does not scan text files if they are reused by the same process for 10 minutes after the most recent scan. This setting makes it possible to optimize scans of application logs. If this check box is unselected, Kaspersky Endpoint Security scans text files. This check box is cleared by default. |
Skip file if scan takes longer than (sec) |
In this field, you can specify the maximum time to scan a file, in seconds. After the specified time, Kaspersky Endpoint Security stops scanning the file. Available values: 0–9999. If the value is set to 0, the scan time is unlimited. Default value: 60. |
Skip file larger than (MB) |
In this field, you can specify the maximum size of a file to scan, in megabytes. Available values: 0–999999. If the value is set to 0, Kaspersky Endpoint Security scans files of any size. Default value: 0. |
Log clean objects |
This check box enables or disables the logging of ObjectProcessed type events. If this check box is selected, Kaspersky Endpoint Security logs ObjectProcessed type events for all scanned objects. If this check box is cleared, Kaspersky Endpoint Security does not log ObjectProcessed type events. This check box is cleared by default. |
Log unprocessed objects |
This check box enables or disables the logging ObjectNotProcessed type events if a file cannot be processed during a scan. If this check box is selected, Kaspersky Endpoint Security logs ObjectNotProcessed type events. If this check box is cleared, Kaspersky Endpoint Security does not log ObjectNotProcessed type events. This check box is cleared by default. |
Log packed objects |
This check box enables or disables the logging of PackedObjectDetected type events for all packed objects that are detected. If this check box is selected, Kaspersky Endpoint Security logs PackedObjectDetected type events. If this check box is cleared, Kaspersky Endpoint Security does not log PackedObjectDetected type events. This check box is cleared by default. |
Use iChecker technology |
This check box enables or disables scan of only new and modified since the last scan files. If the check box is selected, Kaspersky Endpoint Security scans only new or modified since the last scan files. If the check box is cleared, Kaspersky Endpoint Security scans files regardless to the date of creation or modification. The check box is selected by default. If Kaspersky Endpoint Security is used in Light Agent mode to protect virtual environments, the use of the iChecker technology is not supported. Scan optimization is implemented by means of the Protection Server. |
Use heuristic analysis |
This check box enables or disables heuristic analysis during file scans. The check box is selected by default. |
Heuristic analysis level |
If the Use heuristic analysis check box is selected, you can select the heuristic analysis level in the drop-down list:
|