Threats and Exclusions

Settings

Description

Types of detected objects

Kaspersky Internet Security detects various types of objects, such as viruses and worms, Trojans, and adware. For details, please refer to the Kaspersky Encyclopedia.

You can disable detection of the following types of objects:

  • Other software that can be used by criminals to damage your computer or personal data. This software includes remote administration applications that system administrators can use to access the interface of a remote computer for monitoring or management purposes.
  • Multi-packed files. Files that are packed multiple times, including by various packers. Multi-packing makes it more difficult to scan objects.

Manage exclusions

Clicking this link opens the Exclusions window containing a list of scan exclusions. A scan exclusion is a set of conditions that, when fulfilled, cause Kaspersky Internet Security to not scan a particular object for viruses and other threats.

You can add, edit, or delete exclusions from the list.

In the window for adding or editing an exclusion, you can define specific conditions that, when fulfilled, will prevent objects from being scanned (Kaspersky Internet Security will not scan them):

  • File or folder that should be excluded from scans (you can also exclude executable files of applications and processes). You can use masks in accordance with the following rules:
    • The * (asterisk) character, which takes the place of any set of characters, except the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\*\*.txt will include all paths to files with the TXT extension located in folders on the C: drive, but not in subfolders.
    • Two consecutive * characters take the place of any set of characters (including an empty set) in the file or folder name, including the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\**\*.txt will include all paths to files with the TXT extension located in the folder named Folder and its subfolders. The mask must include at least one nesting level. The mask C:\**\*.txt is not a valid mask.
    • The ? (question mark) character, which takes the place of any single character, except the \ and / characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask C:\Folder\???.txt will include paths to all files residing in the folder named Folder that have the TXT extension and a name consisting of three characters.
  • Type of objects that must be excluded from scans. Enter the name of the object type according to the classification of the Kaspersky Encyclopedia (for example, Email-Worm, Rootkit or RemoteAdmin). You can use masks with the ? character (replaces any single character) and the * character (replaces any number of characters). For example, if the Client* mask is specified, Kaspersky Internet Security excludes Client-IRC, Client-P2P and Client-SMTP objects from scans.
  • Object checksum. Comparing the checksum of an object with the checksum indicated in this setting enables the scan to exclude an object that has not been modified since the last scan.
  • Protection components for which the exclusion is applied.

Instead of deleting an exclusion from the list, you can change the status of an en exclusion to Inactive (in the window for adding or editing an exclusion). When inactive, the exclusion will not be applied.

Specify trusted applications

Clicking this link opens a window with the list of trusted applications. Kaspersky Internet Security does not monitor file activity and network activity of trusted applications (including malicious ones), and does not monitor these applications' queries to the system registry.

You can add, edit, or delete trusted applications from the list.

Even if an application is on the trusted list, Kaspersky Internet Security continues to scan the executable file and process of this application for viruses and other threats. If you do not want to scan the executable file and process of a trusted application, add the application to the list of exclusions.

When adding or editing a trusted application, in the Exclusions for application window you can specify rules that will be used by Kaspersky Internet Security to monitor the activity of the trusted application.

In the Exclusions for application window, the following rules are available:

  • Do not scan opened files.
  • Do not monitor application activity. Application Control does not monitor any application activity.
  • Do not inherit restrictions from the (application's) parent process If restrictions of a parent process or application are not inherited, application activity is monitored according to your defined rules or according to the rules of the trust group to which the application belongs.
  • Do not monitor the activity of child applications.
  • Do not block interaction with the Kaspersky Internet Security interface. The application is allowed to manage Kaspersky Internet Security by using the Kaspersky Internet Security graphical interface. You may need to allow the application to manage the interface of Kaspersky Internet Security when using a remote desktop connection application or an application supporting the operation of a data input device. Examples of such devices include touch pads and graphic tablets.
  • Do not scan all traffic (or encrypted traffic). Depending on the selected option (Do not scan all traffic or Do not scan encrypted traffic), Kaspersky Internet Security excludes all network traffic of the application or traffic transmitted over SSL from being scanned. The value of this setting does not affect Firewall operation: Firewall scans application traffic in accordance with Firewall settings. Exclusions affect Mail Anti-Virus, Web Anti-Virus, and Anti-Spam. You can specify the IP addresses or network ports to which the traffic control restriction must apply.

If you change the status of an application to Inactive in the Exclusions for application window, Kaspersky Internet Security does not treat the application as a trusted application. This way, you can temporarily exclude an application from the trusted list without actually deleting it from the list.

Use trusted system certificate store

If one of the trusted system certificate stores is selected, Kaspersky Internet Security excludes applications signed with a trusted digital signature from scans. Kaspersky Internet Security automatically assigns such applications to the Trusted group.

If Do not use is selected, Kaspersky Internet Security scans applications regardless of whether or not they have a digital signature. Kaspersky Internet Security places an application in a trust group depending on the level of danger that this application may pose to the computer.

Page top