Contents
Configuring virus scan task settings for Light Agent for Windows
You can perform the following actions to configure the virus scan task settings for Light Agent for Windows:
- Change the security level.
- Change the action that is performed by the application on detection of an infected file.
- Create the task scan scope.
- Configure scanning of compound files.
- Optimize file scanning.
- Configure Heuristic Analyzer.
- Configure the use of iSwift scanning technology.
This section describes how to configure the Virus scan task settings using the Administration Console. You can also configure the Virus scan task settings using the Web Console when modifying the task settings in the task properties window.
Changing the security level
To perform scan tasks the application uses various combinations of settings. These groups of settings are called security levels. You can select one of the preset security levels or configure security level settings on your own. There are three security levels: High, Recommended, and Low. The Recommended security level is considered the optimal setting, and is recommended by Kaspersky.
To change the security level:
- Open Kaspersky Security Center Administration Console.
- Do one of the following:
- To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
- To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
- In the list of tasks, select the required virus scan task for Light Agent for Windows and open the Settings: <Task name> window by double-clicking it.
- In the properties window of the task, select the Settings section in the list on the left.
- In the right part of the window, in the Security level section, do one of the following:
- If you want to install one of the pre-installed security levels (High, Recommended, or Low), use the slider to select one.
- If you want to configure a custom security level, click the Settings button and, in the window that opens, specify the settings with the name of a scan task.
After you configure a custom security level, the name of the security level in the Security level section changes to Custom.
- To change the security level to Recommended, click the Default button.
- Click the Apply button.
Changing the action to take on infected files
To change the action on infected files:
- Open Kaspersky Security Center Administration Console.
- Do one of the following:
- To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
- To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
- In the list of tasks, select the required virus scan task for Light Agent for Windows and open the Settings: <Task name> window by double-clicking it.
- In the properties window of the task, select the Settings section in the list on the left.
- In the right part of the window, in the Action on threat detection section, select the required option:
- Select action automatically.
- Perform action: Disinfect. Delete if disinfection fails.
- Perform action: Disinfect.
- Perform action: Delete.
- Perform action: Block.
The Select action automatically option is selected by default. The application performs the default action defined by Kaspersky experts: Disinfect. Delete if disinfection fails option is selected by default.
Regardless of the option selected, Kaspersky Security application applies the Delete action to the files that are part of the Windows Store application.
When files are deleted or disinfected, their copies are saved in Backup.
- Click the Apply button.
Creating the task scan scope
The scan scope refers to the locations of files which are scanned by the application while running a scan task. You can expand or restrict the scan scope by adding or removing objects for scanning, or by changing the type of files to be scanned.
To create the scan scope:
- Open Kaspersky Security Center Administration Console.
- Do one of the following:
- To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
- To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
- In the list of tasks, select the required virus scan task for Light Agent for Windows and open the Settings: <Task name> window by double-clicking it.
- In the properties window of the task, select the Settings section in the list on the left.
- In the right part of the window, in the Security level section, click the Settings button.
- In the Virus scan window that opens, on the Scope tab, in the File types section, specify the types of files that must be scanned by the application:
- If you want to scan all files, select All files.
- Select Files scanned by format if you want to scan files of the formats that, according to Kaspersky experts, are currently most susceptible to infection.
- Select Files scanned by extension if you want to scan files with extensions that, according to Kaspersky experts, are currently most susceptible to infection.
When selecting the type of files to scan, remember the following information:
- There are some file formats (such as .txt) for which the probability of intrusion of malicious code and its subsequent activation is quite low. At the same time, there are file formats that contain or may contain executable code (such as .exe, .dll, and .doc). The risk of intrusion and activation of malicious code in such files is quite high.
- An intruder can send a virus or other malware to your virtual machine in an executable file that has had its extension changed to .txt. If you select scanning of files by extension, such a file is skipped by the scan. If scanning of files by format is selected, then regardless of the extension, File Anti-Virus analyzes the file header. This analysis may reveal that the file is in .exe format. Such a file is thoroughly scanned for viruses and other malware.
- The list of scanned extensions and the list of scanned file formats are changed dynamically in order to match the current need to maintain your virtual machine security.
- Click OK in the Virus scan window.
- In the Scan scope section, click the Settings button.
- In the Scan scope window that opens, create the scan scope:
- To add a new object to the list of objects to be scanned:
- Click the Add button.
- In the Select object window that opens, in the Object field, select the object in the tree or specify the path to the object and click Add.
- Click OK.
The added object appears in the list of objects in the Scan scope window.
- To change the path to an object:
- Select the object in the list of objects and click Edit.
- In the Select object window that opens, in the Object field, specify another path to the object and click OK.
- To remove an object from the scan scope:
- Select the object in the list of objects and click Delete.
- In the removal confirmation window click Yes.
You cannot remove or edit objects that are included in the default scan scope.
- If you want to exclude an object from the scan scope, clear the check box next to the object in the Scan scope list. The object remains on the list of objects to be scanned, but it is not scanned when the scan task runs.
- To add a new object to the list of objects to be scanned:
- In the Scan scope window, click OK.
- Click the Apply button.
Scan compound files
A common technique of concealing viruses and other malware is to implant them in compound files, such as archives or databases. To detect viruses and other malware that are hidden in this way, the compound file has to be unpacked, which may slow down scanning. You can limit the set of compound files to be scanned, thus speeding up scanning.
To configure scanning of compound files:
- Open Kaspersky Security Center Administration Console.
- Do one of the following:
- To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
- To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
- In the list of tasks, select the required virus scan task for Light Agent for Windows and open the Settings: <Task name> window by double-clicking it.
- In the properties window of the task, select the Settings section in the list on the left.
- In the right part of the window, in the Security level section, click the Settings button.
- In Virus scan window that opens, on the Scope tab, in the Scan compound files section, specify the compound files you want to scan: archives, self-extracting archives, embedded OLE objects, mail files, or password-protected archives by selecting the corresponding check boxes.
- Click the Additional button.
- In the Compound files window that opens, in the Size limit section, do one of the following:
- If you want the application to unpack large compound files, clear the Do not unpack large compound files checkbox.
- If you do not want the application to unpack large compound files, select the Do not unpack large compound files check box and specify the required value in the Maximum file size field.
A file is considered large if its size exceeds the value in the Maximum file size field.
The application scans large files that are extracted from archives, regardless of whether the Do not unpack large compound files check box is set.
- In the Compound files window, click OK.
- Click OK in the Virus scan window.
- Click the Apply button.
Optimizing file scanning
You can optimize file scanning when running a virus scan task, thereby reducing the scan time and improving the speed of the application. This can be achieved by scanning only new files and those files that have been modified since the previous scan.
To optimize file scanning:
- Open Kaspersky Security Center Administration Console.
- Do one of the following:
- To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
- To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
- In the list of tasks, select the required virus scan task for Light Agent for Windows and open the Settings: <Task name> window by double-clicking it.
- In the properties window of the task, select the Settings section in the list on the left.
- In the right part of the window, in the Security level section, click the Settings button.
- In the Virus scan window that opens, on the Scope tab in the Scan optimization section, do the following:
- If you want the application to scan only new files and files that have been modified since their previous analysis when running a virus scan task, select the Scan only new and changed files check box.
- If you want the application to skip files after a specified amount of time when running a virus scan task, select the Skip files that are scanned for longer than check box and specify the scan duration (in seconds) for one file in the field to the right of the check box.
- Click OK in the Virus scan window.
- Click the Apply button.
Using of Heuristic Analyzer
When active, the application uses signature analysis. During signature analysis, Kaspersky Security matches the detected object with records in the application databases. Following the recommendations of Kaspersky experts, signature analysis is always enabled.
For increasing the effectiveness of scanning you can use heuristic analysis. During heuristic analysis, the application analyzes the activity of objects in the operating system. Heuristic analysis can detect new malicious objects for which there are currently no records in the application database.
To configure use of Heuristic Analyzer:
- Open Kaspersky Security Center Administration Console.
- Do one of the following:
- To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
- To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
- In the list of tasks, select the required virus scan task for Light Agent for Windows and open the Settings: <Task name> window by double-clicking it.
- In the properties window of the task, select the Settings section in the list on the left.
- In the right part of the window, in the Security level section, click the Settings button.
- In the Virus scan window that opens, on the Additional tab, in the Scan methods section, do one of the following:
- If you want the application to use heuristic analysis during the virus scan task, set the Heuristic Analysis check box and use the slider to set the heuristic analysis level: Light, Medium, or Deep.
- If you do not want the application to use heuristic analysis during the virus scan task, clear the Heuristic Analysis check box.
- Click OK in the Virus scan window.
- Click the Apply button.
Using of iSwift technology
You can enable the use of the iSwift technology, which optimizes the speed of file scanning by excluding files that have not been modified since the most recent scan.
To configure the use of iSwift technology:
- Open Kaspersky Security Center Administration Console.
- Do one of the following:
- To configure the settings of a task created for the virtual machines within the selected administration group, select the folder with the name of this administration group in the console tree and in the workspace select the Tasks tab.
- To configure the settings of a task created for one or more virtual machines (tasks for a set of devices), select the Tasks folder in the console tree.
- In the list of tasks, select the required virus scan task for Light Agent for Windows and open the Settings: <Task name> window by double-clicking it.
- In the properties window of the task, select the Settings section in the list on the left.
- In the right part of the window, in the Security level section, click the Settings button.
- In the Virus scan window that opens, on the Additional tab, in the Scan technology section, do one of the following:
- Select the iSwift technology check box if you want to use this technology when running a virus scan task.
- Clear the iSwift technology check box if you do not want to use this technology when running a virus scan task.
- Click OK in the Virus scan window.
- Click the Apply button.