- Jun 24, 2016
- 2,487
I'm pretty sure you have heard about Kaspersky being recommended. Here, by friends, on the internet. But... why?
To start with, Kaspersky is a very complete and powerful suite, includes several modules that together can outsmart pretty much most malware if correctly configured. This thread is about a specific module: Application Control. What is it? How does it work? How to set it up?
EXPLAINING APPLICATION CONTROL
Applications installed on the computer can use the operating system resources as well as your personal data. Kaspersky features the Application Control component, which controls access of applications to the operating system files and your personal data.
When an application tries to access the operating system or personal data, Application Control allows or blocks access to the resource according to the rules or prompts to select an action.
If Application Control blocks the work of an important application, you can adjust the rights for it.
I CAN'T FIND THIS MODULE ON KASPERSKY
Application Control is only available in versions Internet Security and beyond. It is not present in Antivirus version.
HOW DOES IT DECIDE ABOUT FILES
Kaspersky divides all the applications installed on the computer are divided into the following groups:
Within this module, Kaspersky also protects:
HOW TO SET IT UP SAFELY
I EXECUTED A FILE AND I GOT ERRORS/DOESN'T LAUNCH
Whenever Application Control blocks an application, moves it to Untrusted Group, or a restriction group. This means that most probably it will have no permissions to execute or elevate, hence why it gives random errors at launch. In order to execute it you will need to head to Kaspersky--Application Control module, and manually move it to the Trusted Group.
To start with, Kaspersky is a very complete and powerful suite, includes several modules that together can outsmart pretty much most malware if correctly configured. This thread is about a specific module: Application Control. What is it? How does it work? How to set it up?
1. Why Kaspersky?
Kaspersky is definitely a market leader, with huge experience in the cybersecurity area and innovation, winning multiple awards and prizes for the great protection it can offer.
2. Why should I need to set it up?
Many people often moan about how weak antivirus is on default settings. And as a matter of fact this may be true with Kaspersky too. Many HUB testers have proved that on default Kaspersky can fail. But it would be a pity to leave such a monster the way it came.
3. What's the objective of this thread?
Learn what Application Control (AC) is, how it works, the engineering that designed it and how to use it.
4. Wow you're such a great person, why aren't you super admin co-owner godlike in this forum?
I once stole Jack's kitty and he never forgave me.
Kaspersky is definitely a market leader, with huge experience in the cybersecurity area and innovation, winning multiple awards and prizes for the great protection it can offer.
2. Why should I need to set it up?
Many people often moan about how weak antivirus is on default settings. And as a matter of fact this may be true with Kaspersky too. Many HUB testers have proved that on default Kaspersky can fail. But it would be a pity to leave such a monster the way it came.
3. What's the objective of this thread?
Learn what Application Control (AC) is, how it works, the engineering that designed it and how to use it.
4. Wow you're such a great person, why aren't you super admin co-owner godlike in this forum?
I once stole Jack's kitty and he never forgave me.
EXPLAINING APPLICATION CONTROL
Applications installed on the computer can use the operating system resources as well as your personal data. Kaspersky features the Application Control component, which controls access of applications to the operating system files and your personal data.
When an application tries to access the operating system or personal data, Application Control allows or blocks access to the resource according to the rules or prompts to select an action.
If Application Control blocks the work of an important application, you can adjust the rights for it.
I CAN'T FIND THIS MODULE ON KASPERSKY
Application Control is only available in versions Internet Security and beyond. It is not present in Antivirus version.
HOW DOES IT DECIDE ABOUT FILES
Kaspersky divides all the applications installed on the computer are divided into the following groups:
- Trusted. Applications that meet at least one of these criteria:
- This application has a trusted vendor's signature.
- This application is listed in the Kaspersky Lab trusted applications database .
- These applications have no restrictions on their activity in the system.
- Low Restricted. Applications that do not have a digital signature from a trusted vendor and are not listed in the Kaspersky Lab database of trusted applications.
These applications have certain restrictions on accessing other processes, controlling the system, and accessing the network without user's consent. These applications will request permission for most actions from the user. - High Restricted. Applications that may pose a moderate threat: tools, adware, or auto-dialers.
For most actions, these applications will require user's permission. Some actions are not allowed. - Untrusted. Malicious applications that pose a severe threat. This category includes applications that are blocked with File Anti-Virus.
Application Control blocks all actions of these applications.
Within this module, Kaspersky also protects:
- System files and folders
- Startup objects
- User files and folders, including the My Documents folder
- Cookie files
- Data on your activity on the computer and the web
- Registry files that contain settings and data from web browsers, file managers, mail clients, instant messengers, and payment system apps.
- In the main window of Kaspersky, click the gear button
- If you have problems opening the application window, see this guide.
- Got to the Protection section in the Settings window and select Application Control.
- In the Application Control settings view, click the Manage applications link.
- In the Manage applications window, move the application to a different group: right-click the application, in the menu click Restrictions and select the category.
- Configure custom restrictions: select the application, right-click it and select Details and rules from the menu.
- Go to Application rules →Rights, select a category and set an action for it by clicking the icon on the right: Inherit, Allow, Deny, or Prompt for action.
- Click Save.
1. Open Application Control module
2. Untick "trust digitally signed applications" and make sure it stays like the picture below.
3. Visualize our two main options: "Change trust group for unknown applications" and "change trust group for applications started before Kaspersky".
Select UNSTRUSTED for unknown applications, so all strange applications/not signed are not able to be executed at all.
Select LOW RESTRICTED for all aplications launched before Kaspersky
2. Untick "trust digitally signed applications" and make sure it stays like the picture below.
3. Visualize our two main options: "Change trust group for unknown applications" and "change trust group for applications started before Kaspersky".
Select UNSTRUSTED for unknown applications, so all strange applications/not signed are not able to be executed at all.
Select LOW RESTRICTED for all aplications launched before Kaspersky
Whenever Application Control blocks an application, moves it to Untrusted Group, or a restriction group. This means that most probably it will have no permissions to execute or elevate, hence why it gives random errors at launch. In order to execute it you will need to head to Kaspersky--Application Control module, and manually move it to the Trusted Group.
Last edited by a moderator: