Threat types used in Trusted zone of Kaspersky Endpoint Security for Windows
Latest update: October 27, 2021
ID: 8256
This article concerns Kaspersky Endpoint Security 10 for Windows:
- Service Pack 2 Maintenance Release 4 (version 10.3.3.304)
- Service Pack 2 Maintenance Release 3 (version 10.3.3.275)
- Service Pack 2 Maintenance Release 2 (version 10.3.0.6294)
- Service Pack 2 Maintenance Release 1 (version 10.3.0.6294)
- Service Pack 2 (version 10.3.0.6294)
- Service Pack 1 Maintenance Release 4 (version 10.2.6.3733)
An exclusion rule is a combination of conditions in Trusted Zone that tells Kaspersky Endpoint Security for Windows to skip particular objects during a malware scan.
The following objects can be excluded from scanning:
- Files with a particular extension
- Files by mask
- Particular areas (for example, a folder or an application)
- Application processes
- Objects by classification of Kaspersky IT Encyclopedia
How to create exclusions based on the classification by Kaspersky IT Encyclopedia:
You can exclude a threat with a particular status according to the Encyclopedia classification by creating an exclusion rule. In the exclusion rule, specify one of the following criteria:
- By full threat name from the IT Encyclopedia, for example, not-a-virus:RiskWare.RemoteAdmin.RA.311 or Flooder.Win32.Fuxx
- By threat name mask:
- not-a-virus* mask excludes legitimate software that can be potentially used by criminals, and joke programs.
- Riskware.* mask excludes all the potentially dangerous software, as riskware.
- *RemoteAdmin.* mask excludes all kinds of remote administration software.
- not-a-virus* mask excludes legitimate software that can be potentially used by criminals, and joke programs.
