Kaspersky Antivirus¶
To ensure the agent operates correctly, add its system components to the antivirus exclusions and disable secure connection checking.
Kaspersky Endpoint Security 12¶
Exclusions¶
Click on the gear icon in the lower left corner to go to General Settings. Open the Exclusions and types of detected objects section.
In Exclusions and types of detected objects, open Manage Exclusions:
Click Add → New exclusion and add the following exclusions:
Architecture
File Path
х64
C:\Windows\agent.msi
C:\Windows\auxiliaryservice.exe
C:\Windows\Winexesvc.exe
C:\Windows\installer\*
C:\Windows\Temp\scrim2
C:\Windows\Temp\agent.msi
C:\Windows\SysWOW64\TimeControlSvc\*
C:\Windows\SysWOW64\TimeControlSvc\vmnetdrv32.exe
C:\Windows\SysWOW64\TimeControlSvc\vmnetdrv64.exe
C:\Windows\SysWOW64\TimeControlSvc\sysprotect64.exex86
C:\Windows\agent.msi
C:\Windows\auxiliaryservice.exe
C:\Windows\Winexesvc.exe
C:\Windows\installer\*
C:\Windows\Temp\scrim2
C:\Windows\Temp\agent.msi
C:\Windows\System32\TimeControlSvc\*
C:\Windows\System32\TimeControlSvc\vmnetdrv32.exe
C:\Windows\System32\TimeControlSvc\sysprotect.exe
Trusted Applications¶
Return to Exclusions and types of detected objects and in the Specify trusted applications section add:
C:WindowsSysWOW64TimeControlSvcvmnetdrv32.exe
C:WindowsSysWOW64TimeControlSvcvmnetdrv64.exe
- C:WindowsSysWOW64TimeControlSvcsysprotect64.exe
or
C:WindowsSystem32TimeControlSvcvmnetdrv32.exe
C:WindowsSystem32TimeControlSvcsysprotect.exe
In Exclusions for application, select:
Do not scan files before opening
Do not monitor application activity
Do not scan all traffic
Network Settings¶
Audio Recording Permission¶
Kaspersky Endpoint Security 11¶
Exclusions¶
Go to Settings → Exclusions → Settings.
Click + Add → Select File or Folder.
Add the general exclusions:
Architecture |
File Path |
х64 |
C:\Windows\agent.msi |
x86 |
C:\Windows\agent.msi |
Add additional file paths:
C:\Windows\SysWOW64\TimeControlSvc\ C:\Windows\system32\config\systemprofile\AppData\Roaming\TimeSVC3 C:\Windows\System32\TimeControlSvc\ C:\Windows\System32\TimeControlSvc\vmnetdrv32.exe C:\Windows\System32\TimeControlSvc\sysprotect.exe![]()
Trusted Applications¶
In the Trusted Applications tab, specify the applications:
C:\Windows\SysWOW64\TimeControlSvc\vmnetdrv64.exe
C:\Windows\SysWOW64\TimeControlSvc\vmnetdrv32.exe
C:\Windows\System32\TimeControlSvc\vmnetdrv32.exe
Set their permissions:
Do not check opened files
Do not monitor application activity
Do not check all traffic
![]()
SSL Settings¶
Go to Network Settings:
Make sure the following are not selected:
HTTPS
SMTP SSL
NMTP SLL
IMAP SSL
POP3 SSL
Monitor all ports for programs, recommended by Kaspersky Lab.
![]()
Restart the computer or the agent.
Kaspersky Small Office Security¶
Go to Settings → Advanced → Network and select the Do not scan encrypted connections option.

Note
The settings path may differ depending on the program version.
Kaspersky Security Center¶
In Kaspersky Security Center, select the policy assigned to the agent and configure the settings according to the Kaspersky Endpoint Security 11 section.

Kaspersky Security for Virtualization 5.1¶
For Linux-based operating systems with Kaspersky Security for Virtualization 5.1 installed, add exclusions to the agent configuration:

Add the general exclusions:
Architecture |
File Path |
х64 |
C:\Windows\agent.msi |
x86 |
C:\Windows\agent.msi |
Add additonal exclusions:
/var/opt/kaspersky/*
/usr/local/sbin/lightagent
/usr/lib/systemd/system/lightagent.service
/usr/bin/kaspersky/*
/sys/fs/cgroup/systemd/system.slice/lightagent.service
/run/kaspersky/*
/opt/kaspersky/*
/etc/systemd/system/multi-user.target.wants/lightagent.service
/etc/systemd/system/graphical.target.wants/lightagent.service
/etc/opt/kaspersky/*
Note
For correct email interception, it is recommended to enable avp.exe certificate substitution.

Last Updated: 18.07.25