User guide
C O M P U T E R F I L E S Y S T E M P R O T E C T I ON
45
3. Click the Settings button for the component you have selected.
4. In the window that will open, on the General tab, in the File types section select required settings.
USING HEURISTIC ANALYSIS
Objects are scanned using databases which contain descriptions of all known malware and the corresponding
disinfection methods. Kaspersky Anti-Virus compares each scanned object with the database's records to determine
firmly if the object is malicious, and if so, into which class of malware it falls. This approach is called signature analysis
and is always used by default.
Since new malicious objects appear daily, there is always some malware which are not described in the databases, and
which can only be detected using heuristic analysis. This method presumes the analysis of the actions an object performs
within the system. If those actions are typical of malicious objects, the object is likely to be classed as malicious or
suspicious. This allows new threats to be detected even before they have been researched by virus analysts.
If a malicious object is detected, you will receive a notification prompting for action.
Additionally you can set the detail level for scans. It sets the balance between the thoroughness of searches for new
threats, the load on the operating system's resources and the time required for scanning. The higher the detail level, the
more resources the scan will require, and the longer it will take.
To use the heuristic analysis, and set the detail level for scans:
1. Open the main application window and click the Settings link in the top part of the window.
2. In the window that will open, in the Protection section select the File Anti-Virus component.
3. Click the Settings button for the component you have selected.
4. In the window that will open, on the Performance tab, in the Scan methods section check the Heuristic
analysis box and specify the detail level for the scan.
SCAN OPTIMIZATION
To shorten the duration of scans and increase the operating speed of Kaspersky Anti-Virus, you can opt to scan only new
files and files modified since the last analysis. This mode extends to simple and compound files.
To scan only new files and files which have altered since their last scan:
1. Open the main application window and in the top part click the Settings link.
2. In the window that will open, in the Protection section select the File Anti-Virus component.
3. Click the Settings button for the component you have selected.
4. In the window that will open, on the Performance tab, in the Scan optimization section check the Scan
only new and changed files box.
SCAN OF COMPOUND FILES
A common method of concealing viruses is to embed them into compound files: archives, databases, etc. To detect
viruses that are hidden this way a compound file should be unpacked, which can significantly lower the scan speed.
Installer packages and files containing OLE objects are executed when they are opened, which makes them more
dangerous than archives. By disabling archive scans and enabling scans for these file types, you can protect your
computer against execution of malicious code and, at the same time, increase the scan speed.