Kaspersky Embedded Systems Security for Linux
3.4.0
English

Contents

Removable Drives Scan

Kaspersky Embedded Systems Security can scan the following removable drives when they are connected to the protected device: CDs, DVDs, Blu-ray discs, flash drives (including USB modems), external hard drives, and floppy disks.

If the removable drives scan is enabled, Kaspersky Embedded Systems Security monitors the connection of removable drives to the protected device and, if a connected removable drive is detected, it scans the drive and its boot sectors for viruses and other malware.

By default, the application does not monitor for the connection of removable media or scan removable media.

In this Help section

Configuring Removable Drives Scan in the Web Console

Configuring Removable Drives Scan in the Administration Console

Configuring Removable Drives Scan in the command line
Page top
[Topic 264224]

Configuring Removable Drives Scan in the Web Console

In the Web Console, you can configure the settings for the removable drives scan in the policy properties (Application settings → Local Tasks → Removable Drives Scan).

Removable Drives Scan component settings

Setting

Description

Removable drives scan enabled / disabled

This option enables or disables the scan of removable drives when they are connected to the user device.

The toggle button is switched off by default.

Action when a removable drive connects

In the drop-down list, you can select an action to be performed by the application upon connection of removable drives to the user device:

  • Do not scan removable drives when connected (default value).
  • Quick scan – only scan files of certain types on removable drives (except CD/DVD drives and Blu-ray discs) and do not unpack compound objects. A quick scan is performed using the default settings for the Critical Areas Scan task.

    The following file formats are scanned on removable media: com, exe, sys, prg, bin, bat, cmd, dpl, dll, scr, cpl, ocx, tsp, drv, vxd, pif, lnk, reg, ini, cia, vbs, vbe, js, jse, htm, htt, hta, asp, chm, pht, wsh, wsf, the, hip, eml, nws, msg, pig, mbx, doc*, dot*, fpm, rtf, shs, dwg, msi, otm, pdf, swf, jpeg, emf, ico, ov?, xl*, xlsb, pp*, md*, sldx, sldm, thmx.

  • Detailed scan – scan all files on removable drives (except CD/DVD drives and Blu-ray discs). A detailed scan is performed using the default settings for the Malware Scan task.

Action when a CD / DVD drive connects

In the drop-down list, you can select an action to be performed by the application upon connection of CD/DVD drives and Blu-ray discs to the user device:

  • Do not scan CD/DVD drives and Blu-ray discs when connected (default value).
  • Quick scan: only scans files of certain types on CD/DVD drives and Blu-ray discs. A quick scan is performed using the default settings for the Critical Areas Scan task.

    The following file formats are scanned on removable media: com, exe, sys, prg, bin, bat, cmd, dpl, dll, scr, cpl, ocx, tsp, drv, vxd, pif, lnk, reg, ini, cia, vbs, vbe, js, jse, htm, htt, hta, asp, chm, pht, wsh, wsf, the, hip, eml, nws, msg, pig, mbx, doc*, dot*, fpm, rtf, shs, dwg, msi, otm, pdf, swf, jpeg, emf, ico, ov?, xl*, xlsb, pp*, md*, sldx, sldm, thmx.

  • Detailed scan – scan all files on CD/DVD drives and Blu-ray discs. A detailed scan is performed using the default settings for the Malware Scan task.

Block access to the removable drive while scanning

This check box enables or disables blocking of files on the connected drive during execution of the scan.

This check box is cleared by default.

Page top

[Topic 263931]

Configuring Removable Drives Scan in the Administration Console

In the Administration Console, you can configure the settings for the removable drives scan in the policy properties (Local Tasks → Removable Drives Scan).

Removable Drives Scan component settings

Setting

Description

Enable removable drives scan when connected to the device

This check box enables or disables the scan of removable drives when they are connected to the user device.

This check box is cleared by default.

Action when a removable drive connects

In the drop-down list, you can select an action to be performed by the application upon connection of removable drives to the user device:

  • Do not scan removable drives when connected (default value).
  • Quick scan – only scan files of certain types on removable drives (except CD/DVD drives and Blu-ray discs) and do not unpack compound objects. A quick scan is performed using the default settings for the Critical Areas Scan task.

    The following file formats are scanned on removable media: com, exe, sys, prg, bin, bat, cmd, dpl, dll, scr, cpl, ocx, tsp, drv, vxd, pif, lnk, reg, ini, cia, vbs, vbe, js, jse, htm, htt, hta, asp, chm, pht, wsh, wsf, the, hip, eml, nws, msg, pig, mbx, doc*, dot*, fpm, rtf, shs, dwg, msi, otm, pdf, swf, jpeg, emf, ico, ov?, xl*, xlsb, pp*, md*, sldx, sldm, thmx.

  • Detailed scan – scan all files on removable drives (except CD/DVD drives and Blu-ray discs). A detailed scan is performed using the default settings for the Malware Scan task.

Action when a CD / DVD drive connects

In the drop-down list, you can select an action to be performed by the application upon connection of CD/DVD drives and Blu-ray discs to the user device:

  • Do not scan CD/DVD drives and Blu-ray discs when connected (default value).
  • Quick scan: only scans files of certain types on CD/DVD drives and Blu-ray discs. A quick scan is performed using the default settings for the Critical Areas Scan task.

    The following file formats are scanned on removable media: com, exe, sys, prg, bin, bat, cmd, dpl, dll, scr, cpl, ocx, tsp, drv, vxd, pif, lnk, reg, ini, cia, vbs, vbe, js, jse, htm, htt, hta, asp, chm, pht, wsh, wsf, the, hip, eml, nws, msg, pig, mbx, doc*, dot*, fpm, rtf, shs, dwg, msi, otm, pdf, swf, jpeg, emf, ico, ov?, xl*, xlsb, pp*, md*, sldx, sldm, thmx.

  • Detailed scan – scan all files on CD/DVD drives and Blu-ray discs. A detailed scan is performed using the default settings for the Malware Scan task.

Block access to the removable drive while scanning

This check box enables or disables blocking of files on the connected drive during execution of the scan.

This check box is cleared by default.

Page top

[Topic 264006]

Configuring Removable Drives Scan in the command line

In the command line, you can manage the removable drives scan using the Removable Drives Scan predefined task (Removable_Drives_Scan).

Removable Drives Scan is stopped by default. You can start and stop this task manually. You can configure scan settings by editing the settings of this task.

If the task is running, the application monitors the connection of removable drives to the device and, when a removable drive is connected, it creates and starts a temporary boot sector scan task (task of the ODS type). This task cannot be stopped. After the task execution completes, the application automatically deletes the task.

If you enabled file scanning in the Removable Drives Scan task settings, the application also starts one or more temporary custom file scan tasks (tasks of the ODS type). If necessary, a user with administrator privileges can stop these tasks.

If you change the Removable Drives Scan task settings, the new values are not applied to temporary tasks that are already running. Stopping the Removable Drives Scan task does not stop temporary tasks that are already running.

Removable Drives Scan task settings

Setting

Description

Values

ScanRemovableDrives

Enables the scanning of removable media when it is connected to the device.

This setting does not apply to CD/DVD drives and Blu-ray discs (see the ScanOpticalDrives setting).

DetailedScan — Scan all files on removable media (except CD/DVD and Blu-ray discs).

A detailed scan is performed with the default settings for the Scan_File task (ID: 3).

QuickScan — Scan only files of specific types on removable media (except CD/DVD and Blu-ray discs).

The following file formats are scanned on removable media: com, exe, sys, prg, bin, bat, cmd, dpl, dll, scr, cpl, ocx, tsp, drv, vxd, pif, lnk, reg, ini, cia, vbs, vbe, js, jse, htm, htt, hta, asp, chm, pht, wsh, wsf, the, hip, eml, nws, msg, pig, mbx, doc*, dot*, fpm, rtf, shs, dwg, msi, otm, pdf, swf, jpeg, emf, ico, ov?, xl*, xlsb, pp*, md*, sldx, sldm, thmx.

A quick scan is performed with the default settings for the Critical_Areas_Scan task (ID: 4).

NoScan (default value) — Do not scan removable media when it is connected to the device.

ScanOpticalDrives

Enables the scanning of CD/DVD drives and Blu-ray discs when they are connected to the device.

DetailedScan — Scan all files on CD/DVD drives and Blu-ray discs.

A detailed scan is performed with the default settings for the Scan_File task (ID: 3).

QuickScan — Scan only files of specific types on CD/DVD drives and Blu-ray discs.

The following file formats are scanned on removable media: com, exe, sys, prg, bin, bat, cmd, dpl, dll, scr, cpl, ocx, tsp, drv, vxd, pif, lnk, reg, ini, cia, vbs, vbe, js, jse, htm, htt, hta, asp, chm, pht, wsh, wsf, the, hip, eml, nws, msg, pig, mbx, doc*, dot*, fpm, rtf, shs, dwg, msi, otm, pdf, swf, jpeg, emf, ico, ov?, xl*, xlsb, pp*, md*, sldx, sldm, thmx.

A quick scan is performed with the default settings for the Critical_Areas_Scan task (ID: 4).

NoScan (default value) — Do not scan CD/DVD drives and Blu-ray discs when they are connected.

BlockDuringScan

Enables the blocking of files on a connected disk during scanning. While scanning boot sectors, files are not blocked.

Yes — Block files during the scan.

No (default value) — Do not block files during the scan.

Page top

[Topic 265830]