Threats and exclusions
Threats
Click on the Settings… button to specify which threat types should be detected by KIS in addition to viruses, worms ad Trojan programs. Some software like IRC clients, remote assistance tools, dialers, keyloggers etc., although they cannot be considered as malware, however pose a threat to your security. In the Threats list, many of such programs fall within the definition of “Other programs”. Check/uncheck one or more of the listed items according to your needs.
Exclusions
Click on the Trusted zone… button to add one or more objects to the exclusion list. The objects in the exclusion list will not be processed (or will be only partially processed) by KIS.
Trusted zone settings -> Exclusion rules tab
Click on the Add link to add a new item to the list. In the Properties area, check the Object box to select an object (file or folder) or the Threats type box to exclude a threat type from being processed by KIS.
Rule description:
Object: select object…: click on the select object… link to select the desired object and press the Browse… button to browse through your files. When working with folders, you may also want to check the Include subfolders box.
Threats type: enter threat name…: click on the enter threat name… link to specify a threat name. The names of threats should follow the definitions set out in the Virus Encyclopedia.
Protection components: any: if you want to specify to which component(s) the exclusion rule will apply, click on the any link and then on the select components… link. Check one or more boxes in the available list. Otherwise, if you want to apply the rule to all the components, then leave the any link as it is.
Trusted zone settings -> Trusted applications tab
Click on the Add link to add a new item to the list. From the drop-down menu, select the Browse… item if you want to browse through your files, or the Applications… item to choose the desired application from a list of running processes.
In the Exclusions area, check/uncheck one or more boxes according to your needs.
Exclusions:
Do not scan opened files: all the files opened by the trusted application will not be scanned.
Do not monitor application activity: the activity of the trusted application will not be checked for suspicious actions by the Proactive Defense component.
Do not scan network traffic: all the network traffic generated by the trusted application will not be scanned for viruses.
Rule description:
Do not scan all network traffic: click on the all link to limit the exclusion to the encrypted traffic.
any remote IP addresses: click on the any link and then on the specify link to restrict the exclusion to specific remote IP addresses.
any remote ports: click on the any link and then on the specify link to restrict the exclusion to specific remote ports.
