Adding trusted processes using the Administration Plug-in

To add one or more processes to the list of trusted processes using the Administration Plug-in:

1. Open the Trusted Zone window.
2. Select the Trusted processes tab.
3. Select the Do not check file backup operations check box to skip scanning of file read operations.
   

   The check box enables or disables the scanning of file read operations if such operations are performed by backup tools installed on the protected device.

   If the check box is selected, Kaspersky Embedded Systems Security for Windows skips file read operations performed by backup tools installed on the protected device.

   If the check box is cleared, Kaspersky Embedded Systems Security for Windows scans file read operations performed by backup tools installed on the protected device.

   The check box is selected by default.

4. Select the Do not check file activity of the specified processes check box to skip file operation scanning for trusted processes.
   

   The check box enables or disables the scanning of file activity of trusted processes.

   If the check box is selected, Kaspersky Embedded Systems Security for Windows skips operations of trusted processes during scanning.

   If the check box is cleared, Kaspersky Embedded Systems Security for Windows scans file operations of trusted processes.

   By default, the check box is cleared.

5. To add prcesses to the list of trusted processes, do one of the following:
   • To import preconfigured trusted processes, click the Import button and, in the window that opens, select the configuration file in XML format stored on your device.

     Processes from the XML file will be added to the list of trusted processes.

   • To manually specify the processes, click the Add button and proceed to the next steps.
6. If you clicked the Add button, in the button's context menu, select one of the options:
   • Multiple processes.

     In the Adding trusted processes window that opens, configure the following:

     1. Use full process path on disk to consider it trusted.
        

        If this option is selected, Kaspersky Embedded Systems Security for Windows uses the full path to the file to determine whether the process is trusted.

     2. Use process file hash to consider it trusted.
        

        If the check box is selected, Kaspersky Embedded Systems Security for Windows uses the selected file's hash to determine the process's trust status.

        If the check box is cleared, the file hash is not used to determine the process's trust status.

        The check box is selected by default.

     3. Click the Browse button to add data based on executable processes.
     4. Select an executable file in the window that opens.

        You can only add one executable file at a time. Repeat steps c-d to add other executable files.

     5. Click the Processes button to add data based on running processes.
     6. Select processes in the window that opens. To select multiple processes, press and hold the CTRL button while selecting.
     7. In the Exclusion usage scope block, select the check boxes next to the names of the tasks to which you want to apply exclusions.
     8. Click the OK button.

        The account under which the Real-Time File Protection task is run must have administrator rights on the device with Kaspersky Embedded Systems Security for Windows installed in order to allow viewing of the list of active processes. You can sort processes in the list of active processes by file name, process identifier (PID), or path to the executable file of the process on the protected device. Note, that you can select running processes by clicking the Processes button only using the Application Console on a protected device or in the specified host settings via the Kaspersky Security Center.

   • One process based on file name and path.

     In the Adding a process window that opens, do the following:

     1. Enter a path to an executable file (including the file name).

        When specifying the objects, you can use names masks (via ? and * characters) and all types of environment variables. The resolving of environment variables (replacing variables with their values) is performed by Kaspersky Embedded Systems Security for Windows when starting a task, or when applying new settings to a running task (not applicable to On-Demand Scan tasks). Kaspersky Embedded Systems Security for Windows resolves environment variables under the account used to start the task. For more information on environment variables, refer to the Microsoft Knowledge Base.

     2. In the Exclusion usage scope block, select the check boxes next to the names of the tasks to which you want to apply exclusions.
     3. Click the OK button.
   • One process based on object properties.

     In the Trusted process adding window that opens, configure the following:

     1. Click the Browse button to select a process.
     2. Use full process path on disk to consider it trusted.
     3. Use process file hash to consider it trusted.
     4. In the Exclusion usage scope block, select the check boxes next to the names of the tasks to which you want to apply exclusions.
     5. Click the OK button.

     To add the selected process to the list of trusted processes, at least one trust criterion must be selected.

   If you made a process trusted for the Applications Launch Control task and created trusted distribution package from the executable file of this process in the task settings, the Trusted Zone settings have a higher priority. Kaspersky Embedded Systems Security for Windows considers the process to be trusted, but blocks execution of the executable file of this process.

7. In the Trusted Zone window, click the OK button.

The selected file or process will be added to the list of trusted processes in the Trusted Zone window.