The method to be used to scan objects on your computer is selected by the settings assigned for this task.
- Change security level.
The security level is a preset collection of scan settings. Kaspersky Lab specialists distinguish three security levels:
- High – most complete scan of the entire computer or individual disks, folders, or files.
- Recommended – the same objects are scanned as at the High level, except email format files.
- Low – a level requiring less RAM resources, since the set of files to be scanned is reduced.
You should select the level based on your own preferences.
- Specify the file types to be scanned for viruses.
By default Kaspersky Rescue Disk scans only potentially infectable files. You can widen or restrict the protection scope by changing the type of files to be scanned. For example, you wish to scan only .exe files run from removable drives. However, you should make sure that you do not expose your computer to the threat of infection when narrowing down the protection scope.
- Restrict scan duration.
You can set a restriction on the duration of the scan for each file. The scan of such a file will be stopped after the specified time.
- Specify settings for scanning compound files.
A common method of concealing viruses is to embed them into compound files, such as archives, databases etc. To detect viruses that are hidden this way a compound file has to be unpacked, which can significantly lower the scan speed.
You can specify the type of compound files to be scanned. You can also specify a maximum size for a compound file to be scanned. Compound files larger than the specified value will not be scanned.
- Select the scan method, to determine its thoroughness.
You can edit the scan settings to determine its thoroughness. By default, the mode of using the application’s database records to search for threats is always enabled.
The databases are created by Kaspersky Lab experts. They contain a detailed description of all currently existing threats to computer security as well as methods used for detection and disinfection. Kaspersky Lab constantly updates the databases as new threats appear. In order to achieve higher quality threat detection we recommend that you update databases from Kaspersky Lab’s update servers on a regular basis.
The scan mode in which Kaspersky Rescue Disk compares the object found with the database records is called signature analysis and is always used. You can also use heuristic analysis. This method consists of the analysis of the actions an object performs within the system. If these actions are typical of malicious objects, the object is likely to be classed as malicious or suspicious.
You can also select the detail level for heuristic analysis: light, medium, or deep. To do this, move the slider bar to the selected position.
- Specify an action to be performed on detected objects.
If a threat is detected, Kaspersky Rescue Disk assigns it one of the following statuses:
- status of a malicious program (such as a virus or a Trojan);
- potentially infected status when the scan cannot determine if the object is infected. This is caused when the application detects a sequence of code in the file from an unknown virus, or modified code from a known virus.
Kaspersky Rescue Disk will notify you if it detects infected or potentially infected objects during a virus scan. You should react to an emerging threat by selecting an action to be performed on the object. Kaspersky Rescue Disk selects the Prompt when the scan is complete option as the action on a detected object which is the default setting. You can change the action.
- Restore the recommended settings.
Kaspersky Lab considers these settings to be optimal and has combined them in the Recommended security level.