Kaspersky Anti-Virus 6.0 for Windows Servers Enterprise Edition MP2 (builds 6.0.2. [551-555])

Remote control programs RAdmin and WinVNC are added to an extended set of anti-virus databases and correspondingly are detected by Kaspersky Anti-Virus as not-a-virus. For the Anti-Virus not to detect RAdmin and WinVNC, these programs should be excluded from scan in the Real-time file protection, Script Monitoring (if necessary) and on-demand scan tasks.

If during the Anti-Virus installation you configured exclusions of threats from scan by the mask not-a-virus:RemoteAdmin*, then this exclusion is considered by the Real-time file protection, Script Monitoring task and by all on-demand scan tasks (except the tasks Scan Quarantined Objects and Verify application modules integrity – remote management programs should not be added to these tasks).

If the exclusions have not been added during the installation, in this case you should manually exclude the necessary threat be adding it into the Trusted zone for the Real-time file protection, Script Monitoring and on-demand scan tasks. For it:

1. in the Anti-Virus console right-click Kaspersky Anti-Virus > select Configure trusted zone.

2. go to the Exclusion rules tab and click the Add button.

3. in the open Exclusion rule window: 

• If the files with the programs RAdmin and/or WinVNC, should be ignored by the Anti-Virus regardless of their location on the disk, in his case clear the box Object.

If Anti-Virus should skip riskware located only in the specified files/ folders on the disk, in this case click the Change button next to the Object field, define the necessary disk areas and click OK. 

• To enter the threat masks check the Threat box, click the Change button and in the open window enter the necessary mask, click Add.

Enter as many masks as needed and click OK. To exclude RAdmin programs enter the mask not-a-virus:RemoteAdmin.Win32.RAdmin*.

To exclude WinVNC program enter the mask not-a-virus:RemoteAdmin.Win32.WinVNC*.

Never enter the *RAdmin* mask, adding this mask will allow explicit dangerous programs (for example, Backdoor.Win32.RAdmin.a) penetrate on your computer. 

 

 

• Define the rule application scope by checking the necessary box – Real-time file protection and Script Monitoring (for the corresponding task) and On-demand scan (for all on-demand scan tasks)

Click OK to apply the created exclusion rule.

By default the Apply Trusted zone option is enabled in all Anti-Virus tasks. But the administrator can disable application of trusted zone in any task in the task properties on the General/ Protection mode tab.