Kaspersky Anti-Virus 5.0 for Windows Workstations MP5 (builds 5.0.676 - 5.0.712)

	Useful links
	How to exclude RAdmin files from the Anti-Virus scan? How to exclude RAdmin files from the Anti-Virus scan remotely?

Concerning to Kaspersky Anti-Virus 5.0 for Windows Workstations version 5.0.527 - 5.0.712

By default during your computer scan, Kaspersky Anti-Virus 5.0 for Windows Workstations scans all objects of your hard drive according to the settings recommended by Kaspersky Lab. The user can configure real-time protection level, actions to be performed with the detected objects and additional settings for each protection level to reduce the amount of scanned objects. Using Kaspersky Anti-Virus 5.0 for Windows Workstations, you can change the level of the antivirus protection for each specific component of the application: i.e

Levels of real-time file protection in Kaspersky Anti-Virus 5.0 for Windows Workstations

Levels of real-time mail protection in Kaspersky Anti-Virus 5.0 for Windows Workstations

Levels of real-time macros protection in Kaspersky Anti-Virus 5.0 for Windows Workstations

and select an action upon detection an infected object. The user may as well define additional parameters for all protection levels to reduce the volume of the scanned objects. In the application settings you can exclude from the list of scanned the following: 

• Discs, catalogues, files, file masks. Such exclusions are set for each on-demand scan task separately. More detailed about excluding objects from scan. Objects defined this way will be excluded from the Anti-Virus scan. 
• Objects in which potentially malicious software added to the extended set of anti-virus databases is detected which (more detailed about anti-virus database updates). Such exclusions are set for all Anti-Virus tasks centralized.

Once the exclusion list is created it should be added to the necessary on-demand scan or real-time protection task – open the task properties on the Settings tab > click the exclusions link and check Exclude allowed riskware box.

To set the exclusions’ list, do the following:

1. Go to Kaspersky Anti-Virus 5.0 for Windows Workstations > Settings > Threats and exclusions 

2. In the application window exclude from the scanning definite files, catalogues and malicious files. Correct the list of exclusions by the Add, Edit and Delete buttons. When the list is compiled, press OK. All mentioned exclusions will start function

Adding an exclusion, you can program a mask for excluded objects/folder name/ disc letter, name of the malicious program (select the name of the excluded malicious program from the list of threats known to Kaspersky Anti-Virus 5.0 for Windows Workstations), which by the set parameters will not be detected by Kaspersky Anti-Virus 5.0 for Windows Workstations

When defining the object and the threat name, the exclusion will “trigger” only of both exclusions are fulfilled.

Pay attention, the exclusions set using this method „trigger“ only fort he group of potential riskware. For unambiguously riskware even if you define the name of the threat in this window, the exclusion will not function. For security reasons.

Valid examples of exclusion masks are shown below:

Commas cannot be used when entering several exclusions in one line as this symbol is used in the names of OS files/ folders. Kaspersky Lab's experts recommend define one mask in one exclusion.

• Masks used without specifying the paths to objects:
• *.exe – all files with exe extension
• *.ex? – all files with ex? extension where instead of ? you can use any other symbol
• test – all files with the name test 
• Masks used with absolute paths to objects:
• C:\dir\*.* - all files in C:\dir\ catalogue
• C:\dir\*.exe - all files with exe extension in C:\dir\ catalogue
• C:\dir\*.ex? - all files with ex? extension in C:\dir\ catalogue where instead of ? you can use any other symbol
• C:\dir\test - only C:\dir\test file
• C:\dir\ - all files in C:\dir\ catalogue and sub catalogues 
• Masks used with relative paths to object:
• dir\*.* - all files in all dir\ catalogues
• dir\test – all test files in dir\ catalogues
• dir\*.exe – all files with exe extension in all dir catalogues
• dir\*.ex? – all files with ex? extension in all dir catalogues where instead of ? you can use any other symbol
• dir\ - all files in all dir\ catalogues and sub catalogues 
• Example of authorized threat masks:
• not-a-virus:AdWare.* - do not detect programs displaying advertisement by scanning (e.g. Gator)
• not-a-virus:Riskware.* - do not detect potentially dangerous programs by scanning
• not-a-virus:Client-IRC.* - do not detect IRC-clients which is being used by malicious programs (e.g. MIrc)
• not-a-virus:Dialer.* - do not detect potentially dangerous programs of a dialer
• not-a-virus:RemoteAdmin.* - do not detect remote control utilities (e.g. RAdmin)
• not-a-virus:Server-Proxy.* - do not detect proxy-servers which is being used by malicious programs