Kaspersky Endpoint Security 8 for Windows (for file server)

 
 
 

Configuring Trusted Zone of Kaspersky Endpoint Security 8 for Windows - Microsoft recommendations

Back to "Settings / How to"
2014 May 05 ID: 7481
 
 
 
 

During installation of Kaspersky Endpoint Security 8 for Windows you can add areas recommended by Microsoft to the application's Trusted Zone.

To do it, at the Configure trusted zone step of the interactive installation select the check box Exclude areas that are recommended by Microsoft from virus scan scope.

You can also add exclusions by specifying the required value for the MSExclusions parameter in the Setup.ini file. If you set MSExclusions=1 in setup.ini, then during the silent installation the recommended areas will be added to the Trusted Zone. If you set MSExclusions=0, these areas will not be added.

Trusted Zone is a list of objects and applications excluded from scan scope of Kaspersky Endpoint Security 8 for Windows.

The list of recommended exclusions by Microsoft contains a set of exclusion rules for areas (folders) and files, which are not scanned by File Anti-Virus:

Domain controller:

  • %systemroot%\sysvol\sysvol\
  • %systemroot%\sysvol\staging areas\
  • %systemroot%\sysvol\staging\
  • %systemroot%\sysvol\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory\
  • %systemroot%\sysvol\*
  • %systemroot%\ntds\ntds.dit
  • %systemroot%\ntds\ntds.pat
  • %systemroot%\ntds\edb*.log
  • %systemroot%\ntds\res?.log
  • %systemroot%\ntds\Edbres0000?.jrs
  • %systemroot%\ntds\temp.edb
  • %systemroot%\ntds\edb.chk

Terminal Services:

  • %systemroot%\System32\LServer\*.edb
  • %systemroot%\System32\LServer\*.log
  • %systemroot%\System32\LServer\*.tmp
  • %systemroot%\System32\LServer\*.chk

Print server:

  • %systemroot%\System32\spool\PRINTERS\*.spl
  • %systemroot%\System32\spool\PRINTERS\*.shd

DHCP server:

  • %systemroot%\System32\dhcp\tmp.edb
  • %systemroot%\System32\dhcp\dhcp.edb
  • %systemroot%\System32\dhcp\dhcp.pat
  • %systemroot%\System32\dhcp\j*.log
  • %systemroot%\System32\dhcp\res1.log
  • %systemroot%\System32\dhcp\res2.log

Windows Update files:

  • %systemroot%\System32\CatRoot2\tmp.edb
  • %systemroot%\System32\CatRoot2\edb.chk
  • %systemroot%\System32\CatRoot2\res1.log
  • %systemroot%\System32\CatRoot2\res2.log
  • %systemroot%\SoftwareDistribution\Datastore\Logs\edb*.log
  • %systemroot%\SoftwareDistribution\Datastore\Logs\res*.log
  • %systemroot%\SoftwareDistribution\Datastore\Logs\edb.chk
  • %systemroot%\SoftwareDistribution\Datastore\Logs\tmp.edb
  • %systemroot%\SoftwareDistribution\Datastore\Logs\Edbres0000?.jrs
  • %systemroot%\SoftwareDistribution\Datastore\Datastore.edb

WINS server:

  • %systemroot%\System32\wins\wins.mdb
  • %systemroot%\System32\wins\winstmp.mdb
  • %systemroot%\System32\wins\j50.chk
  • %systemroot%\System32\wins\j50.log
  • %systemroot%\System32\wins\res1.log
  • %systemroot%\System32\wins\res2.log

DFS:

  • %systemroot%\ntfrs\jet\sys\edb.chk
  • %systemroot%\ntfrs\jet\ntfrs.jdb
  • %systemroot%\ntfrs\jet\log\*.log
  • %systemroot%\ntfrs\jet\log\edbres0000?.jrs

Live Communication Server:

  • %SYSTEMDRIVE%\LC Archiving Data\*.mdf
  • %SYSTEMDRIVE%\LC Archiving Log\*.ldf
  • %SYSTEMDRIVE%\LC Data\*.mdf
  • %SYSTEMDRIVE%\LC Log\*.ldf

SMTP server directory:

  • %SYSTEMDRIVE%\Inetpub\mailroot\

Swap file:

  • %SYSTEMDRIVE%\Pagefile.sys

System Restore file:

  • %SYSTEMDRIVE%\System Volume Information\catalog.wci

MSDTC log file:

  • %systemroot%\system32\MsDtc\msdtc.log

WSRM service file:

  • %systemroot%\system32\Windows System Resourse Manager\JetDB\Wsrm.edb

Cluster:

  • %systemroot%\Cluster\*
  • %quoromDrive%\MSCS\

Message Queuing (MSMQ) service directory:

  • %systemroot%\system32\MSMQ\

IIS server:

  • %systemroot%\system32\inetsrv\*
  • %systemroot%\IIS Temporary Compressed Files\*
  • %systemroot%\inetpub\temp\IIS Temporary Compressed Files\*
  • %systemroot%\inetpub\logs\logfiles\w3svc\*

WSUS server:

  • %SYSTEMDRIVE%\WSUS\MSSQL$WSUS\Data\*.mdf
  • %SYSTEMDRIVE%\WSUS\MSSQL$WSUS\Data\*.ldf

Microsoft Windows offline update files:

  • wsusscan.cab
  • wsusscan2.cab

System Center Configuration Manager:

  • %systemroot%\system32\CCM\Cache
  • %ProgramFiles%\Microsoft Configuration Manager\install.map
  • %ProgramFiles%\Microsoft Configuration Manager\Inboxes\
  • %ProgramFiles%\Microsoft Configuration Manager\Logs\*.log

SharePoint Server:

  • %ProgramFiles%\SharePoint Portal Server\*
  • %ProgramFiles%\Common Files\Microsoft Shared\Web Storage System\*

FrontPage:

  • %systemroot%\Temp\ForntPageTempDir\

Microsoft SQL Server:

  • %ProgramFiles%\Microsoft SQL Server\MSSQL\data\*.mdf
  • %ProgramFiles%\Microsoft SQL Server\MSSQL\data\*.ldf
  • %ProgramFiles%\Microsoft SQL Server\MSSQL\data\*.ndf
  • %ProgramFiles%\Microsoft SQL Server\MSSQL\FTDATA\
  • %ProgramFiles%\Microsoft SQL Server\MSSQL\BACKUP\*.bak
  • %ProgramFiles%\Microsoft SQL Server\MSSQL\BACKUP\*.trn
  • %ProgramFiles%\Microsoft SQL Server\MSSQL.?\*\Data\*.mdf
  • %ProgramFiles%\Microsoft SQL Server\MSSQL.?\*\Data\*.ldf
  • %ProgramFiles%\Microsoft SQL Server\MSSQL.?\*\Data\*.ndf
  • %ProgramFiles%\Microsoft SQL Server\MSSQL.?\*\Backup\*.bak
  • %ProgramFiles%\Microsoft SQL Server\MSSQL.?\*\Backup\*.trn
  • %ProgramFiles%\Microsoft SQL Server\MSSQL.?\OLAP\

MIIS:

  • %ProgramFiles%\Microsoft Identity Integration Server\data\MicrosoftIdentityINtegrationServer.mdf
  • %ProgramFiles%\Microsoft Identity Integration Server\data\MicrosoftIdentityINtegrationServer_log.ldf

 System Center Configuration Manager 2007:

  • %ProgramFiles%\SMS_CCM\Logs\*.log
  • %ProgramFiles%\SMS_CCM\ServiceData\*.msg
  • %ProgramFiles%\SMS_CCM\ServiceData\*.que
  • %ProgramFiles%\SMS_CCM\ServiceData\*.xml
  • %SystemRoot%\System32\CSC
  • %SystemRoot%\System32\VPCache

Microsoft Content Management Server:

  • %ProgramFiles%\Microsoft Content Management Server\Server\RdOnlyRes\*
  • %ProgramFiles%\Microsoft Content Management Server\Server\IIS_NR\System\SdUpload\*
  • %ProgramFiles%\Microsoft Content Management Server\Server\IIS_NR\System\ResUpload\

Microsoft Exchange Server:

  • %ProgramFiles%\Microsoft\Exchange Server\Mailbox\
  • %ProgramFiles%\Microsoft\Exchange Server\GroupMetrics\
  • %ProgramFiles%\Microsoft\Exchange Server\Logging\
  • %ProgramFiles%\Microsoft\Exchange Server\ExchangeOAB\
  • %ProgramFiles%\Microsoft\Exchange Server\Working\OleConvertor\
  • %ProgramFiles%\Microsoft\Exchange Server\TransportRoles\
  • %ProgramFiles%\Microsoft\Exchange Server\ClientAccess\
  • %ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\grammars\
  • %ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\Prompts\
  • %ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\voicemail\
  • %ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\badvoicemail\
  • %ProgramFiles%\Microsoft\Exchange Server\UnifiedMessaging\temp\
  • %ProgramFiles%\DAGFileShareWitnesses\
  • %ProgramFiles%\Exchsrvr\MDBDATA\*.edb
  • %ProgramFiles%\Exchsrvr\MDBDATA\*.stm
  • %ProgramFiles%\Exchsrvr\MDBDATA\*.chk
  • %ProgramFiles%\Exchsrvr\MDBDATA\*.log
  • %ProgramFiles%\Exchsrvr\MDBDATA\*.dat
  • %ProgramFiles%\Exchsrvr\MDBDATA\*.stf
  • %ProgramFiles%\Exchsrvr\Mtadata\*
  • %ProgramFiles%\Exchsrvr\%COMPUTERNAME%.log
  • %ProgramFiles%\Exchsrvr\Mailroot\
  • %ProgramFiles%\Exchsrvr\Srsdata\*

SoftGrid:

  • %ALLUSERPROFILE%\Documents\SoftGrid Client\

Microsoft Operations Manager 2005:

  • %ProgramFiles%\Microsoft Operations Manager 2005\MOMHost.exe config
  • %ProgramFiles%\Microsoft Operations Manager 2005\WebConsole\web.config
 
 
 
 
Did the provided info help you?
Yes No
 
 
 

Applies To:

  • Kaspersky Endpoint Security 8 for Windows (for file server)