Advice Request Kaspersky's Application Control: what is it, how it works

Please provide comments and solutions that are helpful to the author of this topic.
harlan4096 said:
Can You provide the detection? the problem is that in any compilation the hash will change... maybe can try to add an exclusion using a name mask 🤔
Click to expand...
Oops, I'll install Kaspersky again and get back to you with the necessary information, I had removed it from my computer and put Bitdefender on (one of the reasons was that, the inconvenience with files created in C++ or python).
It is worth mentioning that it is not a malicious file, they are simple programming files, basically they are programming exercises that I use at my university.
 
  • Like
Reactions: Venustus, Gandalf_The_Grey, harlan4096 and 1 other person
@harlan4096 Well, I did some tests here and as you can see it is a simple program that after compiled, generates an .exe file whose name takes the name of the "project" created in the case file.exe
01.png

02.png

03.png


04.png
How do I get it not to block my self-developed programs from running?
I understand that it blocks because it is an .exe file and that it is not listed in my trust group, however every code modification it generates a new hash, consequently Kaspersky understands it to be a new file and blocks it too.
 
Last edited by a moderator:
  • Like
Reactions: Venustus, Gandalf_The_Grey and harlan4096
Ah yes, then it's blocked not because it is detected as malware but because the hard tweaks in AC... the blocking it's because Your exe is not digitally signed, also it is an unknown app to KSN, so rules are applied :)
 
  • Like
  • Thanks
Reactions: Berny, Venustus, Kongo and 2 others
harlan4096 said:
Ah yes, then it's blocked not because it is detected as malware but because the hard tweaks in AC... the blocking it's because Your exe is not digitally signed, also it is an unknown app to KSN, so rules are applied :)
Click to expand...
Oh yes, I understand, thanks for solving this doubt of mine and I apologize for abusing your help, but is there anything I can do to not block the execution of these files of mine?
 
  • Like
Reactions: Venustus, harlan4096 and Gandalf_The_Grey
For the current version of Kaspersky, I don't think it's necessary to set "Trust group for application started before startup of Kaspersky Total Security (or anything that has Application Control)" from "Trust group selected automatically" which is set by default to manually set "High Restricted", especially to get a good balance of protection and usability.
Select trust group automatically
If this option is selected, the Application Control component adds applications started before startup of Kaspersky Total Security to a trust group based on the rules created by Kaspersky experts.
Click to expand...
 
@harlan4096 🙋🏻‍♂️ I did some tests here and solved the problem of Application Control for those who want to program. I simply put the Development project folder (in this case Python) in the exceptions in Kaspersky's Threats and Exclusions.

I have allowed only the protection with regard to Application Control to be released, the other protection components are active.

This way I am using Application Control in default deny mode and can program normally since the development “projects” are created in the folder in which I put the exception.

So, is there any risk in using Threat and Exclusion?

From my point of view I believe not for a few reasons:
1.Âş I do not create or develop any 'malware'
2.Âş I have released the exception only for Application Control as shown in the picture, so the other protections remain activated.


Foto1.png

Foto2.png
 
Last edited by a moderator:
  • Like
Reactions: Gandalf_The_Grey and harlan4096

You may also like...