User guide
C O M P U T E R S C A N
79
SCAN TECHNOLOGY
Additionally you can specify the technology which will be used during the scan. You can select one of the following
technologies:
iChecker. This technology can increase scan speed by excluding certain objects from the scan. An object is
excluded from the scan using a special algorithm that takes into account the release date of the application
database, the date the object was last scanned and any modifications to the scan settings.
For example, you have an archive file with the not infected status assigned to it by Kaspersky Anti-Virus after a
scan. The next time the application will skip this archive, unless it has been altered or the scan settings have
been changed. If the archive's structure has changed because a new object has been added to it, or if the scan
settings have changed, or if the application databases have been updated, the application will re-scan the
archive.
There are limitations to iChecker: it does not work with large files and applies only to the objects with a structure
that the application recognizes (for example, .exe, .dll, .lnk, .ttf, .inf, .sys, .com, .chm, .zip, .rar).
iSwift. This technology is a development of the iChecker technology for computers using an NTFS file system.
There are limitations to iSwift: it is bound to a specific file location in the file system and can apply only to objects
in NTFS.
To change the object scan technology:
1. Open the main application window and in the top part click the Settings link.
2. In the left part of the window, select the required task in the Scan My Computer (Full Scan, Quick Scan,
Object Scan) section.
3. In the Security level block, click the Settings button for the task selected.
4. In the window that will open, on the Additional tab, in the Scan technologies section, select the required
setting value.
CHANGING THE SCAN METHOD
You can edit the scan settings which determine its thoroughness. By default, the mode of using application's database
records to search for threats is always enabled. Moreover, you can apply various scan methods and scan technologies
(see page 78).
The scan mode, in which Kaspersky Anti-Virus compares the found object to the database records, is called signature
analysis, and it always applies to the scan. Additionally, you can always use the heuristic analysis. This method
presumes the analysis of the actions an object performs within the system. If its actions are typical of malicious objects,
the object is likely to be classed as malicious or suspicious.
Additionally you can select the detail level for heuristic analysis: light, medium, or deep. To do so, move the slider bar to
the selected position.
Apart from these scan methods, you can also use the rootkit scan. Rootkits are sets of tools that can hide malicious
programs in your operating system. These utilities are injected into the system, hiding their presence and the presence of
processes, folders and the registry keys of other malicious programs installed with the rootkit. If the scan is enabled, you
can specify detailed level (advanced analysis) to detect rootkits, which will scan carefully for these programs by analyzing
a large number of various objects.
To specify which scan method to use:
1. Open the main application window and click the Settings link in the top part of the window.
2. In the left part of the window, select the required task in the Scan My Computer (Full Scan, Quick Scan,
Object Scan) section.