Enable Application Control
This box enables / disables Application Control.
Application Control prevents applications from performing actions that may be dangerous for the system, and ensures control of access to operating system resources and your identity data.
The component tracks actions in the system performed by applications installed on the computer, and regulates them based on the rules of Application Control. These rules regulate potentially dangerous activity, including applications’ access to protected resources, such as files and folders, registry keys, and network addresses.
This box is checked by default.
Applications
Clicking the button opens the Applications window. In this window, you can edit the list of rules for applications.
Resources
Button which opens the Digital Identity Protection window. In this window, you can create a list of identity data and a list of settings and resources of the operating system that should be scanned by Application Control when any access attempts are detected.
The Applications restriction section allows you to adjust the settings which will be used by Application Control to define the application group.
Kaspersky Internet Security assigns a trust group status to all applications being run on your computer with regard for the level of threat that they pose to the system and for their rights of access to the system resources.
The following trust groups exist:
- Trusted. Applications, digitally signed by trusted vendors, or applications which are recorded in the base of trusted applications. These applications have no restrictions applied on actions performed in the system. The activity of these application is monitored by Proactive Defense and File Anti-Virus.
- Low Restricted. Applications that do not have a digital signature from a trusted vendor, and which are not listed in the base of trusted applications. However, these applications have received a low threat rating (based on the data received from the 카스퍼스키 시큐리티 네트워크 service). They are allowed to perform some operations, such as access other processes, system control, hidden network access. The user’s permission is required for most operations.
- High Restricted. Applications without a digital signature and which are not listed in the base of trusted applications. These applications have a high threat rating. The applications in this group require the user’s permission for most actions which affect the system: some actions are not allowed for such applications.
- Untrusted. Applications without a digital signature and which are not listed in the base of trusted applications. These applications have received a very high threat rating. Kaspersky Internet Security blocks any actions performed by such applications.
Load rules for applications from 카스퍼스키 시큐리티 네트워크 (KSN)
If this box is checked, Application Control sends a request to the 카스퍼스키 시큐리티 네트워크 database in order to define the application group.
If this box is unchecked, Application Control does not search for information in the 카스퍼스키 시큐리티 네트워크 database in order to define the application group.
This box is checked by default.
Update rules for previously unknown applications from KSN
If this box is checked, the control rules for previously unknown applications from KSN are updated automatically.
If this box is unchecked, automatic update of rules for previously unknown applications is disabled.
This box is checked by default.
Trust applications with digital signature
If this box is checked, Application Control considers applications with digital signatures as trusted. Application Control moves these applications to the Trusted group and does not scan their activity.
Kaspersky Internet Security assigns a trust group status to all applications being run on your computer with regard for the level of threat that they pose to the system and for their rights of access to the system resources.
The following trust groups exist:
- Trusted. Applications, digitally signed by trusted vendors, or applications which are recorded in the base of trusted applications. These applications have no restrictions applied on actions performed in the system. The activity of these application is monitored by Proactive Defense and File Anti-Virus.
- Low Restricted. Applications that do not have a digital signature from a trusted vendor, and which are not listed in the base of trusted applications. However, these applications have received a low threat rating (based on the data received from the 카스퍼스키 시큐리티 네트워크 service). They are allowed to perform some operations, such as access other processes, system control, hidden network access. The user’s permission is required for most operations.
- High Restricted. Applications without a digital signature and which are not listed in the base of trusted applications. These applications have a high threat rating. The applications in this group require the user’s permission for most actions which affect the system: some actions are not allowed for such applications.
- Untrusted. Applications without a digital signature and which are not listed in the base of trusted applications. These applications have received a very high threat rating. Kaspersky Internet Security blocks any actions performed by such applications.
If the box is unchecked, Application Control does not consider applications with digital signatures as trusted, scanning their activities.
This box is checked by default.
Use the heuristic analysis to define group
Application Control uses heuristic analysis to define the trust group for an unknown application. After the applications are scanned, Application Control includes them into a group.
Technology designed for detecting threats that cannot be identified using the Kaspersky Lab application databases. It allo
ws detecting objects suspected of being infected with an unknown virus or a new modification of known viruses.
The use of a heuristic analyzer detects up to 92% of threats. This mechanism is fairly effective and very rarely leads to false positives.
Files detected by the heuristic analyzer are considered suspicious.
Move to the following group automatically
Application Control automatically includes an unknown application into one of the three trust groups selected from the dropdown list. The list is available if the Move to the following group automatically setting is selected.
Maximum time to define the application group
Time period required for Application Control to scan applications being run, using heuristic analysis. Time period is set in seconds.
By default, Application Control analyzes an application for 30 seconds. If, when this time period expires, Application Control cannot clearly define threat rating of the application, the component moves it to the Low Restricted group. Application Control continues scanning the application in background mode, after which it is included into a trust group.
Kaspersky Internet Security assigns a trust group status to all applications being run on your computer with regard for the level of threat that they pose to the system and for their rights of access to the system resources.
The following trust groups exist:
- Trusted. Applications, digitally signed by trusted vendors, or applications which are recorded in the base of trusted applications. These applications have no restrictions applied on actions performed in the system. The activity of these application is monitored by Proactive Defense and File Anti-Virus.
- Low Restricted. Applications that do not have a digital signature from a trusted vendor, and which are not listed in the base of trusted applications. However, these applications have received a low threat rating (based on the data received from the 카스퍼스키 시큐리티 네트워크 service). They are allowed to perform some operations, such as access other processes, system control, hidden network access. The user’s permission is required for most operations.
- High Restricted. Applications without a digital signature and which are not listed in the base of trusted applications. These applications have a high threat rating. The applications in this group require the user’s permission for most actions which affect the system: some actions are not allowed for such applications.
- Untrusted. Applications without a digital signature and which are not listed in the base of trusted applications. These applications have received a very high threat rating. Kaspersky Internet Security blocks any actions performed by such applications.
The Additional section allows you to set time for scan of the application and manage deletion of application rules.
Rule is a set of reactions that Application Control uses in response to application operations with various categories of operating system resources and personal data.
Possible component reactions include the following:
- Inherit. Application Control monitors application activity using the rule specified for the status, which it has assigned to that application.
This is the default reaction. By default, Application Control inherits access rights from the status assigned to an application.
If you have modified a rule for a certain application, the rule settings will have higher priority than the settings defined for its corresponding status.
- Allow. Application Control allows an application to perform an action.
- Block. Application Control does not allow an application to perform an action.
- Prompt for action. Application Control informs the user that an application is attempting to perform an action, and prompts the user for further actions.
- Log events. Application Control logs application activity and its responses to it. Adding the information to a report can be used together with any other Application Control action.
Delete rules for applications remaining inactive for more than
This box enables / disables the option to automatically delete rules for the applications that have not been run for the specified time period. Time period is specified in days.
Rule is a set of reactions that Application Control uses in response to application operations with various categories of operating system resources and personal data.
Possible component reactions include the following:
- Inherit. Application Control monitors application activity using the rule specified for the status, which it has assigned to that application.
This is the default reaction. By default, Application Control inherits access rights from the status assigned to an application.
If you have modified a rule for a certain application, the rule settings will have higher priority than the settings defined for its corresponding status.
- Allow. Application Control allows an application to perform an action.
- Block. Application Control does not allow an application to perform an action.
- Prompt for action. Application Control informs the user that an application is attempting to perform an action, and prompts the user for further actions.
- Log events. Application Control logs application activity and its responses to it. Adding the information to a report can be used together with any other Application Control action.
By default, Application Control deletes rules for applications that have not been run for more than 60 days.
This box is checked by default.
맨 위로