Configuring virus scan task settings for Light Agent for Linux

You can perform the following actions to configure the virus scan task settings for Light Agent for Linux:

• Change the security level.
• Change the action that is performed by the application on detection of an infected file.
• Create the task scan scope.
• Configure scanning of compound files.
• Configure Heuristic Analyzer.
• Configure the usage of iChecker scanning technology.

This section describes how to configure the Virus scan task settings using the Administration Console. You can also configure the Virus scan task settings using the Web Console when modifying the task settings in the task properties window.

Changing the security level

To perform scan tasks the application uses various combinations of settings. These groups of settings are called security levels. You can select one of the preset security levels or configure security level settings on your own. There are three security levels: High, Recommended, and Low. The Recommended security level is considered the optimal setting, and is recommended by Kaspersky.

To change the security level:

1. Open Kaspersky Security Center Administration Console.
2. Do one of the following:
   • To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
   • To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
3. In the list of tasks, select the required virus scan task for Light Agent for Linux and open the Settings: <Task name> window by double-clicking it.
4. In the properties window of the task, select the Settings section in the list on the left.
5. In the right part of the window, in the Security level section, do one of the following:
   • If you want to install one of the pre-installed security levels (High, Recommended, or Low), use the slider to select one.
   • If you want to configure a custom security level, click the Settings button and, in the window that opens, specify the settings with the name of a scan task.

     After you configure a custom security level, the name of the security level in the Security level section changes to Custom.

   • To change the security level to Recommended, click the Default button.
6. Click the Apply button.

Changing the action to take on infected files

To change the action on infected files:

1. Open Kaspersky Security Center Administration Console.
2. Do one of the following:
   • To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
   • To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
3. In the list of tasks, select the required virus scan task for Light Agent for Linux and open the Settings: <Task name> window by double-clicking it.
4. In the properties window of the task, select the Settings section in the list on the left.
5. In the right part of the window, in the Action on threat detection section, select the required option:
   • Disinfect. Delete if disinfection fails.
   • Disinfect.
   • Delete.
   • Inform.

   The Disinfect. Delete if disinfection fails option is selected by default.

   When files are deleted or disinfected, their copies are saved in Backup.

6. Click the Apply button.

Creating the task scan scope

The scan scope refers to the locations of files which are scanned by the application while running a scan task. You can expand or narrow the scan scope by adding or removing objects to be scanned by the application.

To create the scan scope:

1. Open Kaspersky Security Center Administration Console.
2. Do one of the following:
   • To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
   • To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
3. In the list of tasks, select the required virus scan task for Light Agent for Linux and open the Settings: <Task name> window by double-clicking it.
4. In the properties window of the task, select the Settings section in the list on the left.
5. In the right part of the window, in the Scan scope section, click the Settings button.
6. In the Scan scope window that opens, create the scan scope:
   • To add a new object to the list of objects to be scanned:
     1. Click the Add button.
     2. In the Select object window that opens, in the Object field, enter the path to the object and click Add.
     3. Click OK in the Select object window.

     The added object appears in the list of objects in the Scan scope window.

   • To change the path to an object:
     1. Select the object in the list of objects and click Edit.
     2. In the Select object window that opens, in the Object field, specify another path to the object and click OK.
   • To remove an object from the scan scope:
     1. Select the object in the list of objects and click Delete.
     2. In the removal confirmation window click Yes.

     You cannot remove or edit objects that are included in the default scan scope.

   • If you want to exclude an object from the scan scope, clear the check box next to the object in the Scan scope list. The object remains on the list of objects to be scanned, but it is not scanned when the scan task runs.
7. In the Scan scope window, click OK.
8. Click the Apply button.

Scan compound files

A common technique of concealing viruses and other malware is to implant them in compound files, such as archives or databases. To detect viruses and other malware that are hidden in this way, the compound file has to be unpacked, which may slow down scanning. You can limit the set of compound files to be scanned, thus speeding up scanning.

To configure scanning of compound files:

1. Open Kaspersky Security Center Administration Console.
2. Do one of the following:
   • To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
   • To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
3. In the list of tasks, select the required virus scan task for Light Agent for Linux and open the Settings: <Task name> window by double-clicking it.
4. In the properties window of the task, select the Settings section in the list on the left.
5. In the right part of the window, in the Security level section, click the Settings button.
6. In the Virus scan window that opens, on the Scope tab, in the Scan compound files section, specify the types of compound files that you want to scan by selecting the corresponding check boxes: packed files, archives, self-extracting archives, mail databases or mail files.
7. Click the Additional button.
8. In the Compound files window that opens, in the Time limit section, do one of the following:
   • If you want the application to skip files when the specified time runs out, select the Skip files that are scanned for longer than and specify the value you need in the Maximum scan time field.
   • If you do not want the application to skip files when the specified time runs out, clear the Skip files that are scanned for longer than check box.
9. In the Size limit section, do one of the following:
   • If you want the application to unpack large compound files, clear the Do not unpack large compound files check box.
   • If you do not want the application to unpack large compound files, select the Do not unpack large compound files check box and specify the required value in the Maximum file size field.

     A file is considered large if its size exceeds the value in the Maximum file size field.

   Kaspersky Security application scans large files that are extracted from archives, regardless of whether the Do not unpack large compound files check box is set.

10. In the Compound files window, click OK.
11. Click OK in the Virus scan window.
12. Click the Apply button.

Using of Heuristic Analyzer

When active, the application uses signature analysis. During signature analysis, Kaspersky Security matches the detected object with records in the application databases. Following the recommendations of Kaspersky experts, signature analysis is always enabled.

For increasing the effectiveness of scanning you can use heuristic analysis. During heuristic analysis, the application analyzes the activity of objects in the operating system. Heuristic analysis can detect new malicious objects for which there are currently no records in the application database.

To configure use of Heuristic Analyzer:

1. Open Kaspersky Security Center Administration Console.
2. Do one of the following:
   • To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
   • To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
3. In the list of tasks, select the required virus scan task for Light Agent for Linux and open the Settings: <Task name> window by double-clicking it.
4. In the properties window of the task, select the Settings section in the list on the left.
5. In the right part of the window, in the Security level section, click the Settings button.
6. In the Virus scan window that opens, on the Additional tab, in the Scan methods section, do one of the following:
   • If you want the application to use heuristic analysis during the virus scan task, set the Heuristic Analysis check box and use the slider to set the heuristic analysis level: Light, Medium, or Deep.
   • If you do not want the application to use heuristic analysis during the virus scan task, clear the Heuristic Analysis check box.
7. Click OK in the Virus scan window.
8. Click the Apply button.

Using of iChecker technology

You can enable usage of iChecker technology that increases the scanning speed by excluding certain files from scanning according to a special algorithm that accounts for the release date of the application databases, the date when the file was scanned previously, and changes in the scan settings.

To configure use of iChecker technology:

1. Open Kaspersky Security Center Administration Console.
2. Do one of the following:
   • To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
   • To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
3. In the list of tasks, select the required virus scan task for Light Agent for Linux and open the Settings: <Task name> window by double-clicking it.
4. In the properties window of the task, select the Settings section in the list on the left.
5. In the right part of the window, in the Security level section, click the Settings button.
6. In the Virus scan window that opens, on the Additional tab, in the Scan technology section, do one of the following:
   • Select the iChecker technology check box if you want to use this technology when running a virus scan task.
   • Clear the iChecker technology check box if you do not want to use this technology when running a virus scan task.
7. Click OK in the Virus scan window.
8. Click the Apply button.