- Kaspersky Endpoint Security overview
- Install and uninstall Kaspersky Endpoint Security
- Kaspersky Endpoint Security interface
- About notifications
- Kaspersky Endpoint Security licensing
- Perform common tasks
- Open and quit the application
- View the status of computer protection
- Disable and resume computer protection
- Perform scan tasks
- Use Protection Center
- Configure the automatic start of a scheduled virus scan task
- What to do if file access is blocked
- Update application databases
- Restore a file that has been deleted or disinfected by the application
- View the application operation report
- What to do if notification windows appear
- Advanced configuration of the application
- Participate in Kaspersky Security Network
- Manage the application from the command line
- Manage the application from the command line
- View Help
- Run virus scan
- Update the application
- Roll back the last update
- Start/stop a component or task
- View status and statistics of a component or task
- Export protection preferences
- Activate the application
- Return codes of the command line
- Quit the application
- Manage the application via Kaspersky Security Center
- Deploy Kaspersky Endpoint Security on a corporate network
- Prepare for remote installation of Kaspersky Endpoint Security
- Manage Network Agent from the command line
- Install and uninstall Kaspersky Endpoint Security
- Start and stop the application via Kaspersky Security Center
- Create and manage tasks
- Create and manage policies
- Create and manage policy profiles
- Generate a report on detected objects
- Contact Technical Support
- Sources of information about the application
- Appendices
- AO Kaspersky Lab
- Information about third-party code
- Trademark notices
File Anti-Virus
File Anti-Virus prevents infection of the computer's file system. The component starts during startup of the operating system, remains in the computer RAM, and scans for viruses and other malware all files that are opened, saved, or run on your computer and on all connected drives. If you disable File Anti-Virus, it will not start at operating system startup. You will have to re-enable File Anti-Virus manually.
Enable/disable File Anti-Virus
- Open the main application window.
- On the navigation panel in the upper pane of the main application window, click the
button.The application preferences window opens.
- On the Protection tab, in the File Anti-Virus section, select/deselect the Enable File Anti-Virus checkbox.
You can also enable File Anti-Virus in Protection Center. Disabling computer protection or disabling protection components puts your computer at much higher risk of infection. This is why Protection Center informs you when protection is disabled.
You can create a protection scope for File Anti-Virus.
Add/remove a file or folder from the protection scope
- Open the main application window.
- On the navigation panel in the upper pane of the main application window, click the
button.
The application preferences window opens.
- On the Protection tab, in the File Anti-Virus section, click the Protection Scope button.
A window with a list of objects that File Anti-Virus scans opens. By default, File Anti-Virus scans all objects that are located on internal, removable, and network drives connected to your computer.
- Add/remove the objects to/from the protection scope:
- To add a file or folder to the protection scope:
- Click
.A drop-down list where you can select objects to add to the protection scope opens.
- In the drop-down list, choose the Files and Folders item.
The window where you can select a file or folder opens.
- Select a file or folder that you want to add to the protection scope.
- Click the Open button.
- Click
- To remove a file or folder from the protection scope:
- Select an object in the list of protection scope objects.
- Drag the selected object from the window or click
.
- To add a file or folder to the protection scope:
- Click the Save button.
Add/remove an object of the default protection object list from the protection scope
- Open the main application window.
- On the navigation panel in the upper pane of the main application window, click the
button.
The application preferences window opens.
- On the Protection tab, in the File Anti-Virus section, click the Protection Scope button.
A window with a list of objects that File Anti-Virus scans opens. By default, File Anti-Virus scans all objects that are located on internal, removable, and network drives connected to your computer.
- Add/remove the objects on the list of default objects to/from the protection scope:
- To add an object on the list of default objects to the protection scope:
- Click
.
A drop-down list where you can select objects to add to the protection scope opens.
- In the drop-down list, select an object that you want to add to the protection scope (for example, All Internal Drives).
- Click
- To remove an object on the list of default objects from the protection scope:
- Select the object in the list of protection scope objects.
- Drag the selected object from the window or click
.
- To add an object on the list of default objects to the protection scope:
- Click the Save button.
Disable protection of an object in the protection scope
- Open the main application window.
- On the navigation panel in the upper pane of the main application window, click the
button.
The application preferences window opens.
- On the Protection tab, in the File Anti-Virus section, click the Protection Scope button.
A window with a list of objects that File Anti-Virus scans opens. By default, File Anti-Virus scans all objects that are located on internal, removable, and network drives connected to your computer.
- Deselect the checkbox next to an object in the list of protection scope objects.
- Click the Save button.
When you or an application attempt to access a file included in the protection scope, File Anti-Virus checks iSwift databases for information about the file, and uses this information to decide whether to scan the file.
Recognizing malicious objects is possible thanks to signature analysis, a way of searching for threats based on threat descriptions included in the anti-virus databases. In addition to signature analysis, File Anti-Virus uses heuristic analysis and other scanning technologies.
If a threat is detected in a file, Kaspersky Endpoint Security identifies the type of the detected malicious program (for example, virus or Trojan). After that the application displays a notification about the detected object and takes the action on the object based on your File Anti-Virus preferences.
Select the action that File Anti-Virus performs after detecting an infected file
- Open the main application window.
- On the navigation panel in the upper pane of the main application window, click the
button.
The application preferences window opens.
- On the Protection tab, in the File Anti-Virus section, select the action that File Anti-Virus performs after detecting an infected file.
Before attempting to disinfect or delete an infected file, Kaspersky Endpoint Security saves a backup copy for subsequent restoration or disinfection.
Information about File Anti-Virus operation and all detected objects is logged in a report.
Note: If File Anti-Virus stops running with an error, you can view the report and try to start the component again. If the problem is not solved, you can contact Technical Support at Kaspersky Lab.
View the File Anti-Virus report
- Open the main application window.
- In the upper pane of the main application window, click the
button.The Kaspersky Endpoint Security reports window opens.
- Open the File Anti-Virus tab.
Note: If File Anti-Virus stops running with an error, you can view the report and try to start the component again. If the problem is not solved, you can contact Technical Support at Kaspersky Lab.