Advanced Disinfection technology

Advanced disinfection technology is aimed at purging the Windows operating system of malicious programs that have already started their processes in RAM and that prevent Kaspersky Security from removing them by using other methods. Advanced Disinfection technology neutralizes the threat by performing an advanced disinfection procedure.

While Advanced Disinfection is in progress, you are advised to refrain from starting new processes or editing the Windows operating system registry.

After the Advanced Disinfection procedure is completed, the application restarts the protected virtual machine. After reboot, the application deletes malware files and starts a "lite" full scan of the protected virtual machine.

Advanced Disinfection technology can be used on protected virtual machines running Windows operating systems for workstations.

The advanced disinfection technology uses considerable Windows operating system resources, which may slow down other applications.

You can enable or disable the use of Advanced Disinfection technology in Light Agent for Windows policy properties and in the Light Agent for Windows local interface.

An unplanned reboot of a server operating system can lead to problems involving temporary denial of access to operating system data or loss of unsaved data. For this reason, Advanced Disinfection technology is not used on protected virtual machines running Windows server operating systems.

If Light Agent is running on a temporary virtual machine, Advanced Disinfection technology is not used as well. When an active infection is detected on the temporary virtual machine, scan the virtual machine template from which it has been created for viruses and other malware and create the temporary virtual machine anew.

Configuring Advanced Disinfection via Kaspersky Security Center

In a Light Agent for Windows policy, Advanced Disinfection technology is disabled by default. If necessary, you can configure the Advanced Disinfection procedure to run immediately after an infection is detected, followed by a restart of the protected virtual machine without asking the user for confirmation.

To configure Advanced Disinfection to run without user confirmation:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, select the Enable Advanced Disinfection technology check box.
7. Click OK in the Properties: <Policy name> window.
8. In the workspace, select the Tasks tab.
9. In the list of tasks, select the virus scan task for Light Agent for Windows and open the Settings: <Task name> window by double-clicking.
10. In the window of Light Agent for Windows virus scan task properties, select the Settings section in the list on the left.
11. In the right part of the window, in the Action on threat detection settings group, select the Run Advanced Disinfection immediately check box.
12. Click Apply in the Settings: <Task name> window.

Configuring the use of Advanced Disinfection technology in the local interface

In the Light Agent for Windows local interface, Advanced Disinfection technology is enabled by default. If necessary, you can disable Advanced Disinfection technology.

To configure the use of Advanced Disinfection technology on a protected virtual machine:

1. Open the application settings window.
2. In the left part of the window, select the Anti-Virus protection section.
3. In the right part of the window, configure the use of Advanced Disinfection technology using the Enable Advanced Disinfection technology check box.

   The Enable Advanced Disinfection technology check box is selected by default.

   If the check box is unavailable, you cannot enable or disable Advanced Disinfection technology as it is prohibited by the policy applied to all protected virtual machines within the administration group.

4. To save changes, click the Save button.