User guide

Kaspersky Anti-Virus includes a component that ensures the scan of messages transferred via IM (instant messaging)

clients for dangerous objects, named IM Anti-Virus. It loads at the startup of operating system and runs in your

computer's RAM, scanning all incoming and outgoing messages.

By default, protection of IM clients' traffic is carried out using the algorithm described below:

1. Each message received or sent by the user is intercepted by the component.

2. IM Anti-Virus scans the message for dangerous objects or URLs listed in databases of suspicious and/or

phishing web addresses. If a threat is detected, message text will be substituted with a warning message for the

3. If no security threats are detected in the message, it becomes operable for the user.

Files transferred via IM clients are scanned by the File Anti-Virus component (see section "Computer file system

protection" on page 41) when they are attempted to save.

If you are sure that the messages sent by you cannot contain any dangerous objects, you may disable the scan of

outgoing traffic.

2. In the window that will open, in the Protection section select the IM Anti-Virus component.

3. In the Protection scope section, select the Incoming messages only option for the component selected.

Scan methods consist in scanning the URLs in IM clients' messages to know if they are included in the list of suspicious

web addresses and / or in the list of phishing web addresses.

Check if URLs are listed in the base of suspicious web addresses. IM Anti-Virus will scan the links inside

the messages to identify if they are included in the black list.

Check if URLs are listed in the base of phishing web addresses. Kaspersky Anti-Virus databases include

obtained from the Anti-Phishing Working Group, which is an international organization. This list is updated when

you update the Kaspersky Anti-Virus's databases.