Configuring the general anti-virus protection settings

You can configure the following general protection settings for operation of various Kaspersky Security components:

• List of objects that you want Kaspersky Security to detect.
• List of exclusions from Kaspersky Security protection.
• Use of Advanced Disinfection technology for virtual machines with Windows server operating systems.

This section describes how to configure general protection settings using the Administration Console and the Light Agent for Windows local interface. You can also configure the general protection settings using the Web Console when creating or modifying Light Agent for Windows policy settings or Light Agent for Linux policy settings (Application settings → Anti-Virus protection → General Protection settings).

Selecting types of detectable objects

Kaspersky Security lets you fine-tune the protection of the virtual machine and select the types of objects that the application detects during operation. The application always scans the operating system for viruses, worms, and Trojans. You cannot disable scanning of these types of objects because such objects can cause significant harm to the protected virtual machine. For greater security of your virtual machine, you can expand the range of detectable object types by enabling monitoring of legal software that can be used by criminals to damage protected virtual machine or personal data.

To select the types of detectable objects in Kaspersky Security Center:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. In the list of policies, select Light Agent for Windows policy to configure Light Agent for Windows settings, or Light Agent for Linux policy to configure Light Agent for Linux settings, and open the Settings: <Policy name> window by double-clicking it.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, in the Objects to detect section, click the Settings button.

   The Objects to detect window opens.

7. Select check boxes opposite the types of objects that you want Kaspersky Security to detect.

   Note that any detected objects can be deleted by the application.

8. In the Objects to detect window, click OK.

   The Objects to detect window closes. In the Objects to detect section, the selected types of objects are listed under Detection of objects of the following types is enabled.

9. Click the Apply button.

To select the types of detectable objects in the local interface:

1. Open the application settings window.
2. In the left part of the window, select the Anti-Virus protection section.

   The anti-virus protection settings are shown in the right part of the window.

   If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

3. Complete steps 7–9 of the previous instructions.
4. To save changes, click the Save button.

Configuring the trusted zone

A trusted zone is a custom list of objects and applications that Kaspersky Security does not monitor when active.

You form a trusted zone based on the specifics of the objects that you need to manage and the applications that are installed in the guest operating system of the protected virtual machine. It may be necessary to include objects and applications in the trusted zone when Kaspersky Security blocks access to a certain object or application, if you are sure that the object or application is harmless.

Exclusions from protection and scanning

Exclusion is a combination of conditions that describe an object or application. If the object satisfies these conditions, Kaspersky Security does not scan this object for viruses or other malware.

Some legitimate applications can be used by criminals to compromise your virtual machine or personal data. Although they do not have any malicious functions, such applications can be used as an auxiliary component in malware. Examples of such applications include remote administration tools, IRC clients, FTP servers, various utilities for suspending or concealing processes, keyloggers, password crackers, and auto-dialers. Such applications are not categorized as viruses. For details on legitimate software that could be used by intruders to harm the device or personal data of a user, please visit the Kaspersky Virus Encyclopedia website.

Such applications may be blocked by Kaspersky Security. To prevent them from being blocked, you can configure scan and protection exclusions. To do so, add the name or name mask that is listed in the Kaspersky Virus Encyclopedia to the trusted zone. For example, you may frequently use the Remote Administrator program. This is a remote access application that gives you control over a remote device. To prevent this application from being blocked, create an exclusion with the name or name mask that is listed in the Kaspersky Virus Encyclopedia.

You can exclude objects of the following types from scanning:

• Files of certain formats
• Files and folders that are selected by a mask
• Files based on their hashes calculated by the SHA-256 algorithm
• Individual files and folders
• Applications
• Application processes
• Objects according to the classification of Kaspersky Virus Encyclopedia

By default, the /sys, /proc and /.snapshots file system objects are excluded from protection and scans by Light Agent for Linux. You can remove these exceptions or suspend using them.

Protection exclusions can be used by the following application components and tasks:

• File Anti-Virus.
• Mail Anti-Virus.
• Web Anti-Virus.
• AMSI Protection.
• System Watcher.
• Application Privilege Control.
• Scan tasks.

Moreover, you can create an exclusion category containing exclusions for Light Agent for Windows whereby Kaspersky Security will not scan files or folders in the category and/or objects with the specified name.

List of trusted applications

The list of trusted applications is a list of applications whose file and network activity (including suspicious activity) and access to the system registry are not monitored by Kaspersky Security. By default, Kaspersky Security scans objects that are opened, executed, or saved by any application process and controls the activity of all applications and network traffic that is generated by them. Applications that are added to the list of trusted applications are excluded from scanning.

For example, if you consider objects that are used by the standard Microsoft Windows Notepad application to be safe without scanning, meaning that you trust this application, you can add Microsoft Windows Notepad to the list of trusted applications. Scanning then skips objects that are used by this application.

In addition, certain actions that are classified by Kaspersky Security as dangerous may be safe within the context of the functionality of a number of applications. For example, the interception of text that is typed from the keyboard is a routine process for automatic keyboard layout switchers (such as Punto Switcher). To take account of the specifics of such applications and exclude their activity from monitoring, we recommend that you add such applications to the trusted applications list.

Excluding trusted applications from scanning lets you avoid compatibility conflicts between Kaspersky Security applications and other programs (for example, the problem of double-scanning of the network traffic of a third-party device by Kaspersky Security and by another anti-virus application), and also increases the virtual machine's performance, which is critical when using server applications.

At the same time, the executable file and process of the trusted application are still scanned for viruses and other malware. To fully exclude an application from scanning and protection, create the exclusion for this application.

If an application that collects information and sends it to be processed is installed on your virtual machine, Kaspersky Security may classify this application as malware. To avoid this, you can exclude the application from scanning by adding it to the list of exclusions.

Configuring a trusted zone of Light Agent for Windows

You can do the following to configure the Trusted Zone of Light Agent for Windows:

• Create an exclusion or exclusion category containing exclusions for Light Agent for Windows whereby Kaspersky Security will not scan files or folders in the category and/or objects with the specified name.
• Use the Edit button to change the exclusion settings.
• Pause the use of an exclusion or exclusion category.
• Delete an exclusion or exclusion category.
• Add an application to the list of trusted applications.
• Pause the exclusion of a trusted application or application category from Kaspersky Security scans.
• Delete a trusted application or category of trusted applications.

Creating an exclusion

You can create a new exclusion or exclusion category containing exclusions for Light Agent for Windows whereby Kaspersky Security will not scan the specified files or folders and/or objects with the specified name.

Kaspersky Security does not scan an excluded object when a hard drive or folder that contains this object is specified at the start of a scan task. However, if you start a custom scan task for an object, Kaspersky Security scans the object even if you have created an exclusion for this object.

To create an exclusion in Kaspersky Security Center:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, in the Exclusions and trusted zone section, click the Settings button.

   The Trusted zone window opens on the Exclusions tab. The tab displays a list of added exclusions grouped by category.

7. If you want to add a new exclusion that does not belong to any of the predefined exclusion categories:
   1. Click the Add button and select the Category option in the context menu.
   2. In the Category window that opens, in the Category name field, enter the name of the new exclusion category and click OK.
8. If you want to add a new exclusion to the added category or to one of the predefined exclusion categories, select the category to which you want to add the exclusion.
9. Click the Add button and select the Exclusion option in the context menu.
10. In the Exclusion window that opens, perform the following operations:
    • To exclude a file or folder from the protection and scan scope:
      1. In the Settings section, select the File or folder check box.
      2. Click the select file or folder link in the Exclusion description section to open the Name of file or folder window. Enter the path to a file or folder or a mask of the path to a file or folder, or select a file or folder in the folder tree.
      3. After selecting the object, click OK in the Name of file or folder window.

      The path to the added object appears in the Exclusion description section of the Exclusions window.

    • To exclude objects with certain names according to the Kaspersky Virus Encyclopedia classification of malicious programs and other threats from the protection and scan scope:
      1. In the Settings section, select the Object name check box.
      2. Click the enter object name link in the Exclusion description section to open the Object name window. Enter the object name or name mask according to the classification of the Kaspersky Virus Encyclopedia.
      3. Click OK in the Object name window.

      The name of the added object appears in the Exclusion description section of the Exclusions window.

    • To exclude a file from the protection and scan scope by its hash:
      1. In the Settings section, select the File hash check box.
      2. Click the enter file hash link in the Exclusion description section to open the File hash window. Enter the file hash calculated by the SHA-256 algorithm, or click the Browse button and select the file in the opened window.
      3. Click OK in the File hash window.

      The hash of the added file appears in the Exclusion description section of the Exclusions window.

11. Specify the Kaspersky Security components that should use the exclusion:
    1. Click the any link in the Exclusion description section to open the select components link.
    2. Click the select components link to open the Application components window.
    3. Select the needed components.
    4. In the Application components window, click OK.

    If the components are specified in the settings of the exclusion, the object is not scanned only by these components of Kaspersky Security.

    If the components are not specified in the settings of the exclusion, the object is not scanned by all components of Kaspersky Security.

12. Click OK in the Exclusion window.

    The added exclusion appears in the list of exclusions on the Exclusions tab of the Trusted zone window. The configured settings of this exclusion appear in the Exclusion description section.

13. In the Trusted zone window, click OK.
14. Click the Apply button.

To create an exclusion in the local interface:

1. On the protected virtual machine, open the application settings window.
2. In the left part of the window, select the Anti-Virus protection section.

   The anti-virus protection settings are shown in the right part of the window.

   If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

3. Complete steps 6–13 of the previous instructions.
4. To save changes, click the Save button.

Enabling and disabling the use of an exclusion or exclusion category

You can temporarily pause the use of an exclusion or exclusion category without removing it from the list of exclusions.

To enable or disable the use of an exclusion or exclusion category in Kaspersky Security Center: 

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, in the Exclusions and trusted zone section, click the Settings button.

   The Trusted zone window opens on the Exclusions tab.

7. Use the check boxes in the list of exclusions to specify which exclusions or exclusion categories you want to use. If the check box next to the name of an exception or exception category is cleared, the use of that exception or exception category is temporarily suspended.
8. In the Trusted zone window, click OK.
9. Click the Apply button.

To enable or disable the use of an exclusion or exclusion category in the local interface: 

1. On the protected virtual machine, open the application settings window.
2. In the left part of the window, select the Anti-Virus protection section.

   The anti-virus protection settings are shown in the right part of the window.

   If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

3. Complete steps 6–8 of the previous instructions.
4. To save changes, click the Save button.

Deleting an exclusion or exclusion category

You can delete an exclusion or exclusion category if you do not want Kaspersky Security to use the exclusion or exclusion category while protecting and scanning the virtual machine. You can also temporarily pause the use of an exclusion or exclusion category without removing it from the list of exclusions.

To delete an exclusion or exclusion category in Kaspersky Security Center:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, in the Exclusions and trusted zone section, click the Settings button.

   The Trusted zone window opens on the Exclusions tab.

7. In the list of exclusions, select the relevant exclusion or exclusion category and click the Delete button.

   The selected exclusion or exclusion category will disappear from the list of exclusions on the Exclusions tab of the Trusted Zone window.

8. In the Trusted zone window, click OK.
9. Click the Apply button.

To delete an exclusion or exclusion category in the local interface:

1. On the protected virtual machine, open the application settings window.
2. In the left part of the window, select the Anti-Virus protection section.

   The anti-virus protection settings are shown in the right part of the window.

   If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

3. Complete steps 6–8 of the previous instructions.
4. To save changes, click the Save button.

Adding an application to the list of trusted applications

You can create a list of trusted applications for which Kaspersky Security does not monitor file and network activity (including malicious activity) and access to the system registry.

To create a list of trusted applications in Kaspersky Security Center:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, in the Exclusions and trusted zone section, click the Settings button.

   The Trusted zone window opens.

7. Select the Trusted applications tab.

   The tab displays a list of added trusted applications grouped by category.

8. If you want to add a new application that does not belong to any of the predefined categories to the list of trusted applications:
   1. Click the Add button and select the Category option in the context menu.
   2. In the Category window that opens, in the Category name field, enter the name of the new category of trusted applications and click OK.
9. If you want to add a trusted application to the added category or to one of the predefined categories of trusted applications, in the list of trusted applications select the category to which you want to add the trusted application.
10. On the Trusted applications tab, click the Add button and select Trusted application –> Browse in the context menu.

    The standard Open file window in Microsoft Windows opens.

11. In the Open file window, select the executable file of the application that you want to add to the list of trusted applications, and click the Open button.

    The Exclusions for application window opens.

12. In the Exclusions for application window that opens, perform the following operations:
    1. In the Path field, enter the path to the executable file of the application that you want to add to the list of trusted applications.
    2. Use the check boxes to configure the Application Privilege Control settings.

       If you selected the Do not scan network traffic check box, you can use the links in the lower part of the window to configure the following settings for scanning traffic transmitted for this application:

       • Exclude all traffic or only encrypted traffic from scans.
       • Exclude from scans the traffic transmitted for this application from any IP address or only from specified IP addresses.
       • Exclude from scans the traffic transmitted for this application from any or only from specified ports.

       You can modify these settings by clicking the link.

       If no kinds of activity are selected in the Exclusions for application window, the trusted application is included in scanning. In this case the trusted application is not removed from the list of trusted applications, but its check box is cleared.

    3. In the Exclusions for application window, click OK.

    The added trusted application appears in the list of trusted applications.

13. In the Trusted zone window, click OK.
14. Click the Apply button.

To create a list of trusted applications in the local interface:

1. On the protected virtual machine, open the application settings window.
2. In the left part of the window, select the Anti-Virus protection section.

   The anti-virus protection settings are shown in the right part of the window.

   If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

3. In the right part of the window, in the Exclusions and trusted zone section, click the Settings button.

   The Trusted zone window opens.

4. Select the Trusted applications tab.

   The tab displays a list of added trusted applications grouped by category.

5. If you want to add a new application that does not belong to any of the predefined categories to the list of trusted applications:
   1. Click the Add button and select the Category option in the context menu.
   2. In the Category window that opens, in the Category name field, enter the name of the new category of trusted applications and click OK.
6. If you want to add a trusted application to the added category or to one of the predefined categories of trusted applications, select the category to which you want to add the trusted application.
7. On the Trusted applications tab, click the Add button and perform one of the following actions in the context menu:
   • To find the application in the list of applications that are installed on the virtual machine, select the Applications item in the menu. 

     The Select application window opens.

   • To specify the path to the executable file of the relevant application, select Browse.

     The Select file window opens.

8. Select the application that you want to add to the list of trusted applications.

   The Exclusions for application window opens.

9. Use the check boxes to configure the Application Privilege Control settings.

   If you selected the Do not scan network traffic check box, you can use the links in the lower part of the window to configure the following settings for scanning traffic transmitted for this application:

   • Exclude all traffic or only encrypted traffic from scans.
   • Exclude from scans the traffic transmitted for this application from any IP address or only from specified IP addresses.
   • Exclude from scans the traffic transmitted for this application from any or only from specified ports.

   You can modify these settings by clicking the link.

   If no kinds of activity are selected in the Exclusions for application window, the trusted application is included in scanning. In this case the trusted application is not removed from the list of trusted applications, but its check box is cleared.

10. In the Exclusions for application window, click OK.

    The added trusted application appears in the list of trusted applications.

11. In the Trusted zone window, click OK.
12. To save changes, click the Save button.

Including or excluding a trusted application or category of trusted applications from scans

You can temporarily pause the exclusion of a trusted application or category of trusted applications from Kaspersky Security scans without removing the trusted application or application category from the list of trusted applications.

To include a trusted application or application category in the scan scope or exclude a trusted application or application category from the scan scope in Kaspersky Security Center:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, in the Exclusions and trusted zone section, click the Settings button.

   The Trusted zone window opens.

7. Select the Trusted applications tab.
8. Use the check boxes in the list of trusted applications to specify the applications or application categories to be excluded from scan. If the check box is selected, Kaspersky Security excludes the application or application category from scan. If the check box is cleared, Kaspersky Security scans the application or application category.
9. In the Trusted zone window, click OK.
10. Click the Apply button.

To include a trusted application or application category in the scan scope or exclude a trusted application or application category from the scan scope in the local interface: 

1. On the protected virtual machine, open the application settings window.
2. In the left part of the window, select the Anti-Virus protection section.

   The anti-virus protection settings are shown in the right part of the window.

   If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

3. Complete steps 6–9 of the previous instructions.
4. To save changes, click the Save button.

Deleting a trusted application or category of trusted applications

You can delete a trusted application or category of trusted applications if you want Kaspersky Security to scan this trusted application or category of trusted applications while protecting and scanning the virtual machine. You can temporarily enable scanning of a trusted application or category of trusted applications without deleting it from the list of trusted applications.

To delete a trusted application or application category in Kaspersky Security Center:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, in the Exclusions and trusted zone section, click the Settings button.

   The Trusted zone window opens.

7. Select the Trusted applications tab.
8. In the list of trusted applications, select the relevant application or application category and click the Delete button.

   The selected application or application category disappears from the list of trusted applications on the Trusted applications tab of the Trusted Zone window.

9. In the Trusted zone window, click OK.
10. Click the Apply button.

To delete a trusted application or application category in the local interface:

1. On the protected virtual machine, open the application settings window.
2. In the left part of the window, select the Anti-Virus protection section.

   The anti-virus protection settings are shown in the right part of the window.

   If the settings in the local interface are not available, this means that the values of settings defined by the policy are used for all protected virtual machines of the administration group.

3. Complete steps 6–9 of the previous instructions.
4. To save changes, click the Save button.

Creating the Light Agent for Linux exclusions

You can perform the following actions to configure exclusions for Light Agent for Linux:

• Create an exclusion or exclusion category containing exclusions for Light Agent for Linux whereby Kaspersky Security will not scan files or folders in the category and/or objects with the specified name.
• Use the Edit button to change the exclusion settings.
• Pause the use of an exclusion or exclusion category.
• Delete an exclusion or exclusion category.

Creating an exclusion

You can create a new exclusion or exclusion category containing exclusions for Light Agent for Linux whereby Kaspersky Security will not scan the specified files or folders and/or objects with the specified name.

To create an exclusion:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select the Light Agent for Linux policy in the list of policies and open the Properties: <Policy name> window by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, in the Exclusions and trusted zone section, click the Settings button.

   The Trusted zone window opens on the Exclusions tab. The tab displays a list of added exclusions grouped by category.

7. If you want to add a new exclusion that is not in a predefined exclusion category:
   1. Click the Add button and select the Category option in the context menu.
   2. In the Category window that opens, in the Category name field, enter the name of the new exclusion category and click OK.
8. If you want to add a new exclusion to the added category or to one of the predefined exclusion categories, select the category to which you want to add the exclusion.
9. Click the Add button and select the Exclusion option in the context menu.

   The Exclusion window opens.

10. In the Exclusion window that opens, perform the following operations:
    • To exclude a file or folder from the protection and scan scope:
      1. In the Settings section, select the File or folder check box.
      2. Click the select file or folder link in the Exclusion description section to open the Name of file or folder window. In this window, you can enter the path to a file or folder or the mask of a path to a file or folder.
      3. After selecting the object, click OK in the Name of file or folder window.

      The path to the added object appears in the Exclusion description section of the Exclusions window.

    • To exclude objects with certain names according to the Kaspersky Virus Encyclopedia classification of malicious programs and other threats from the protection and scan scope:
      1. In the Settings section, select the Object name check box.
      2. Click the enter object name link in the Exclusion description section to open the Object name window. In this window, you can enter the object name or name mask according to the classification of the Kaspersky Virus Encyclopedia.
      3. Click OK in the Object name window.

      The name of the added object appears in the Exclusion description section of the Exclusions window.

11. Click OK in the Exclusion window.

    The added exclusion appears in the list of exclusions on the Exclusions tab of the Trusted zone window. The configured settings of this exclusion appear in the Exclusion description section.

12. In the Trusted zone window, click OK.
13. Click the Apply button.

Enabling and disabling the use of an exclusion or exclusion category

You can temporarily pause the use of an exclusion or exclusion category without removing it from the list of exclusions.

To enable or disable the use of an exclusions or exclusion categories:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select the Light Agent for Linux policy in the list of policies and open the Properties: <Policy name> window by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, in the Exclusions and trusted zone section, click the Settings button.

   The Trusted zone window opens on the Exclusions tab.

7. Use the check boxes in the list of exclusions to specify which exclusions or exclusion categories you want to use. If the check box next to the name of an exception or exception category is cleared, the use of that exception or exception category is temporarily suspended.
8. In the Trusted zone window, click OK.
9. Click the Apply button.

Deleting an exclusion or exclusion category

You can delete an exclusion or exclusion category if you do not want Kaspersky Security to use the exclusion or exclusion category while protecting and scanning the virtual machine. You can also temporarily pause the use of an exclusion or exclusion category without removing it from the list of exclusions.

To delete an exclusion or exclusion category:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select the Light Agent for Linux policy in the list of policies and open the Properties: <Policy name> window by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, in the Exclusions and trusted zone section, click the Settings button.

   The Trusted zone window opens on the Exclusions tab.

7. In the list of exclusions, select the relevant exclusion or exclusion category and click the Delete button.

   The selected exclusion or exclusion category will disappear from the list of exclusions on the Exclusions tab of the Trusted Zone window.

8. In the Trusted zone window, click OK.
9. Click the Apply button.

Advanced Disinfection technology

Advanced disinfection technology is aimed at purging the Windows operating system of malicious programs that have already started their processes in RAM and that prevent Kaspersky Security from removing them by using other methods. Advanced Disinfection technology neutralizes the threat by performing an advanced disinfection procedure.

While Advanced Disinfection is in progress, you are advised to refrain from starting new processes or editing the Windows operating system registry.

After the Advanced Disinfection procedure is completed, the application restarts the protected virtual machine. After reboot, the application deletes malware files and starts a "lite" full scan of the protected virtual machine.

Advanced Disinfection technology can be used on protected virtual machines running Windows operating systems for workstations.

The advanced disinfection technology uses considerable Windows operating system resources, which may slow down other applications.

You can enable or disable the use of Advanced Disinfection technology in Light Agent for Windows policy properties and in the Light Agent for Windows local interface.

An unplanned reboot of a server operating system can lead to problems involving temporary denial of access to operating system data or loss of unsaved data. For this reason, Advanced Disinfection technology is not used on protected virtual machines running Windows server operating systems.

If Light Agent is running on a temporary virtual machine, Advanced Disinfection technology is not used as well. When an active infection is detected on the temporary virtual machine, scan the virtual machine template from which it has been created for viruses and other malware and create the temporary virtual machine anew.

Configuring Advanced Disinfection via Kaspersky Security Center

In a Light Agent for Windows policy, Advanced Disinfection technology is disabled by default. If necessary, you can configure the Advanced Disinfection procedure to run immediately after an infection is detected, followed by a restart of the protected virtual machine without asking the user for confirmation.

To configure Advanced Disinfection to run without user confirmation:

1. Open Kaspersky Security Center Administration Console.
2. In the Managed devices folder of the console tree, open the folder with the name of the administration group to which the relevant protected virtual machines belong.
3. In the workspace, select the Policies tab.
4. Select a Light Agent for Windows policy in the list of policies and open the Properties: <Policy name> by double-clicking.
5. In the policy properties window, select the General Protection Settings section in the list on the left.
6. In the right part of the window, select the Enable Advanced Disinfection technology check box.
7. Click OK in the Properties: <Policy name> window.
8. In the workspace, select the Tasks tab.
9. In the list of tasks, select the virus scan task for Light Agent for Windows and open the Settings: <Task name> window by double-clicking.
10. In the window of Light Agent for Windows virus scan task properties, select the Settings section in the list on the left.
11. In the right part of the window, in the Action on threat detection settings group, select the Run Advanced Disinfection immediately check box.
12. Click Apply in the Settings: <Task name> window.

Configuring the use of Advanced Disinfection technology in the local interface

In the Light Agent for Windows local interface, Advanced Disinfection technology is enabled by default. If necessary, you can disable Advanced Disinfection technology.

To configure the use of Advanced Disinfection technology on a protected virtual machine:

1. Open the application settings window.
2. In the left part of the window, select the Anti-Virus protection section.
3. In the right part of the window, configure the use of Advanced Disinfection technology using the Enable Advanced Disinfection technology check box.

   The Enable Advanced Disinfection technology check box is selected by default.

   If the check box is unavailable, you cannot enable or disable Advanced Disinfection technology as it is prohibited by the policy applied to all protected virtual machines within the administration group.

4. To save changes, click the Save button.