Jump to content
Sign in to follow this  
joolsr

trusted riskware -the risks?

Recommended Posts

Does adding items to the trusted riskware actually just stop them being flagged as riskware, or does it stop them being scanned in case the riskware itself was trojaned or infected by a 'real' virus ?

 

Can anyone help? Nowhere on the Kaspersky site or the forum posts quite make this clear

 

Julian

Share this post


Link to post

it should just stop to flag them as riskware (exclusion by verdict), so in case it would get infected with an real virus or replaced with an trojan/worm, kav should still be able to detect it.

Share this post


Link to post
it should just stop to flag them as riskware (exclusion by verdict), so in case it would get infected with an real virus or replaced with an trojan/worm, kav should still be able to detect it.

 

Many thanks for your reply - thats exactly what I needed to know. :)

Share this post


Link to post
Many thanks for your reply - thats exactly what I needed to know.  :)

 

but it is important to set the correct verdict here. for example if you set the verdict to "*" then it will skip ALL the detections. or if you set the verdict to "not-a-virus:*" then it will skip ALL the riskware detections since all of them start like not-a-virus... best thing IMO is to set an exact verdict (wich is also what kav does automaticly), for example "not-a-virus:Monitor.Win32.NetMon.a"

Share this post


Link to post
but it is important to set the correct verdict here. for example if you set the verdict to "*" then it will skip ALL the detections. or if you set the verdict to "not-a-virus:*" then it will skip ALL the riskware detections since all of them start like not-a-virus... best thing IMO is to set an exact verdict (wich is also what kav does automaticly), for example "not-a-virus:Monitor.Win32.NetMon.a"

 

Thanks

 

Unfortunately, Its still not working anyway . I ei'm still getting emials every day about riskware with 'not-a-virus:RiskWare.RemoteAdmin.WinVNC*' set.

 

I dont have a path set - does this HAVE to be set ?

 

Julian

Share this post


Link to post
I dont have a path set - does this HAVE to be set ?

 

yes, you should at least set an "generic" path like "*" however it is much more safe and recomended to set the exact path, because this is the general idea of riskware detection, because sometimes riskware is used by malware as hidden instalation.

Share this post


Link to post
Sign in to follow this  

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.