How to exclude RAdmin / WinVNC from scan by Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition

 

Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition

 
 
 

How to exclude RAdmin / WinVNC from scan by Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition

Back to "Settings / How to"
2012 Jan 23 ID: 4579
 
 
 
 

Remote administration applications RAdmin and WinVNC are included into the extended set of antivirus databases and therefore Kaspersky Anti-Virus detects them as not-a-virus. If you do not want Kaspersky Anti-Virus detect RAdmin and WinVNC, exclude detection of this type of software in Real-time file protection, Script monitoring (as necessary), and on-demand-scan tasks.

If you have excluded threat mask not-a-virus:RemoteAdmin* from scan during Kaspersky Anti-Virus installation, tasks Real-time file protection, Script monitoring and all on-demand-scan tasks already use this exclusion (except the task Scan Quarantine objects, because there is no need to exclude remote administration software from them).

In a contrary case, you should manually add this threat into Trusted zone for the tasks Real-time file protection, Script monitoring and all on-demand-scan tasks:

  1. Right click console node Kaspersky Anti-Virus and select Configure trusted zone.
  2. Go to the tab Exclusion rules and click the button Add.
  3. Trusted zone window will open:

    • If you want Kaspersky Anti-Virus ignore RAdmin and/or WinVNC files regardless of physical location, uncheck the box Object.
      If you want Kaspersky Anti-Virus ignore only certain RAdmin and/or WinVNC files/folders, click the button Edit next to the field Object, specify desired disk areas, and click OK.
    • If you want to enter a threat mask, check the box Threats, click the button Edit next to the field Threats, specify a desired mask, and click Add. Enter additional masks as necessary and click OK.

      Mask excluding Radmin: not-a-virus:RemoteAdmin.Win32.RAdmin*
      Mask excluding WinVNC: not-a-virus:RemoteAdmin.Win32.WinVNC*.

      Never exclude the mask *Radmin* because it excludes really dangerous programs (Backdoor.Win32.RAdmin.a, e.g.).

    • Define rule application scope by checking/unchecking the boxes Real-time file protection, Script monitoring (for tasks with the same names), and On-demand-scan (for all on-demand-scan tasks).

      Click OK to create the rule.

By default, trusted zone is enabled in all Anti-Virus tasks. But the administrator can disable trusted zone for any task(s). It can be done in task properties, tab General.

 
 
 
 
Was this information helpful?
Yes No
Thank you
 

 
 

How can we improve this article?

Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.

OK