Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Kaspersky
Kaspersky's Application Control: what is it, how it works
Message
<blockquote data-quote="RoboMan" data-source="post: 837695" data-attributes="member: 53544"><p>I'm pretty sure you have heard about Kaspersky being recommended. Here, by friends, on the internet. But... why?</p><p></p><p>To start with, Kaspersky is a <strong>very complete and powerful suite</strong>, includes several modules that together can outsmart pretty much most malware if correctly configured. This thread is about a specific module: Application Control. What is it? How does it work? How to set it up?</p><p></p><p>[SPOILER="FAQ"]<strong>1. Why Kaspersky?</strong></p><p>Kaspersky is definitely a market leader, with huge experience in the cybersecurity area and innovation, winning multiple awards and prizes for the great protection it can offer.</p><p></p><p><strong>2. Why should I need to set it up?</strong></p><p>Many people often moan about how weak antivirus is on default settings. And as a matter of fact this may be true with Kaspersky too. Many HUB testers have proved that on default Kaspersky can fail. But it would be a pity to leave such a monster the way it came.</p><p></p><p><strong>3. What's the objective of this thread?</strong></p><p>Learn what Application Control (AC) is, how it works, the engineering that designed it and how to use it.</p><p></p><p><strong>4. Wow you're such a great person, why aren't you super admin co-owner godlike in this forum?</strong></p><p>I once stole Jack's kitty and he never forgave me. [/SPOILER]</p><p></p><p><strong><u>EXPLAINING APPLICATION CONTROL</u></strong></p><p></p><p>Applications installed on the computer can use the operating system resources as well as your personal data. Kaspersky features the <strong>Application Control</strong> component, which controls access of applications to the operating system files and your personal data.</p><p>When an application tries to access the operating system or personal data, <strong>Application Control</strong> allows or blocks access to the resource according to the rules or prompts to select an action.</p><p>If <strong>Application Control</strong> blocks the work of an important application, you can adjust the rights for it.</p><p></p><p><strong><u>I CAN'T FIND THIS MODULE ON KASPERSKY</u></strong></p><p></p><p>Application Control is only available in versions Internet Security and beyond. It is not present in Antivirus version.</p><p></p><p><strong><u>HOW DOES IT DECIDE ABOUT FILES</u></strong></p><p></p><p>Kaspersky divides all the applications installed on the computer are divided into the following groups:</p><ul> <li data-xf-list-type="ul"><strong><span style="color: rgb(65, 168, 95)">Trusted</span></strong>. Applications that meet at least one of these criteria:<ul> <li data-xf-list-type="ul">This application has a trusted vendor's signature.</li> <li data-xf-list-type="ul">This application is listed in the Kaspersky Lab trusted applications database .</li> <li data-xf-list-type="ul">These applications have no restrictions on their activity in the system.</li> </ul></li> <li data-xf-list-type="ul"><strong><span style="color: rgb(250, 197, 28)">Low Restricted</span></strong>. Applications that do not have a digital signature from a trusted vendor and are not listed in the Kaspersky Lab database of trusted applications.<br /> These applications have certain restrictions on accessing other processes, controlling the system, and accessing the network without user's consent. These applications will request permission for most actions from the user.</li> <li data-xf-list-type="ul"><strong><span style="color: rgb(243, 121, 52)">High Restricted</span></strong>. Applications that may pose a moderate threat: tools, adware, or auto-dialers.<br /> For most actions, these applications will require user's permission. Some actions are not allowed.</li> <li data-xf-list-type="ul"><strong><span style="color: rgb(209, 72, 65)">Untrusted</span></strong>. Malicious applications that pose a severe threat. This category includes applications that are blocked with File Anti-Virus.<br /> Application Control blocks all actions of these applications.</li> </ul><p><strong><u>PROTECTED RESOURCES</u></strong></p><p></p><p>Within this module, Kaspersky also protects:</p><ul> <li data-xf-list-type="ul">System files and folders</li> <li data-xf-list-type="ul">Startup objects</li> <li data-xf-list-type="ul">User files and folders, including the My Documents folder</li> <li data-xf-list-type="ul"><a href="https://support.kaspersky.com/2843" target="_blank">Cookie</a> files</li> <li data-xf-list-type="ul">Data on your activity on the computer and the web</li> <li data-xf-list-type="ul">Registry files that contain settings and data from web browsers, file managers, mail clients, instant messengers, and payment system apps.</li> </ul><p><strong><u>HOW TO CHANGE RESTRICTIONS FOR FILES</u></strong></p><p>[SPOILER="PICTURES"]</p><ol> <li data-xf-list-type="ol">In the main window of Kaspersky, click the gear button <img src="https://support.kaspersky.com/images/KIS2018_13626_0113-402292.png" alt="Image: the Settings button of Kaspersky" class="fr-fic fr-dii fr-draggable " style="" />.</li> </ol><p><img src="https://support.kaspersky.com/images/kis2018_13626_0113-402293.png" alt="Image: the main window of Kaspersky" class="fr-fic fr-dii fr-draggable " style="" /></p><ol> <li data-xf-list-type="ol">If you have problems opening the application window, see <a href="https://support.kaspersky.com/13620" target="_blank">this guide</a>.</li> </ol><p></p><ol> <li data-xf-list-type="ol">Got to the <strong>Protection</strong> section in the <strong>Settings</strong> window and select <strong>Application Control</strong>.</li> </ol><p><img src="https://support.kaspersky.com/images/kis2018_13626_0213-402294.png" alt="Image: the Settings window of Kaspersky" class="fr-fic fr-dii fr-draggable " style="" /></p><ol> <li data-xf-list-type="ol">In the <strong>Application Control</strong> settings view, click the <strong>Manage applications</strong> link.</li> </ol><p><img src="https://support.kaspersky.com/images/kis2018_13626_0313-402295.png" alt="Image: the Application Control window in Kaspersky" class="fr-fic fr-dii fr-draggable " style="" /></p><ol> <li data-xf-list-type="ol">In the <strong>Manage applications</strong> window, move the application to a different group: right-click the application, in the menu click <strong>Restrictions</strong> and select the category.</li> </ol><p><img src="https://support.kaspersky.com/images/kis2018_13626_0413-402296.png" alt="Image: selecting a group for an application in Kaspersky" class="fr-fic fr-dii fr-draggable " style="" /></p><ol> <li data-xf-list-type="ol">Configure custom restrictions: select the application, right-click it and select <strong>Details and rules</strong> from the menu.</li> </ol><p><img src="https://support.kaspersky.com/images/kis2018_13626_0513-402297.png" alt="Image: setting up restrictions for an application in Kaspersky" class="fr-fic fr-dii fr-draggable " style="" /></p><ol> <li data-xf-list-type="ol">Go to <strong>Application rules →Rights</strong>, select a category and set an action for it by clicking the icon on the right: <strong>Inherit</strong>, <strong>Allow</strong>, <strong>Deny</strong>, or <strong>Prompt for action</strong>.</li> <li data-xf-list-type="ol">Click <strong>Save</strong>.</li> </ol><p><img src="https://support.kaspersky.com/images/kis2018_13626_0613-402298.png" alt="Image: the Application rules window of Kaspersky" class="fr-fic fr-dii fr-draggable " style="" />[/SPOILER]</p><p><strong><u>HOW TO SET IT UP SAFELY</u></strong></p><p>[SPOILER="PICTURES"]1. Open Application Control module</p><p>[ATTACH=full]226462[/ATTACH]</p><p></p><p>2. Untick "trust digitally signed applications" and make sure it stays like the picture below.</p><p>[ATTACH=full]226465[/ATTACH]</p><p></p><p>3. Visualize our two main options: <strong>"Change trust group for unknown applications"</strong> and<strong> "change trust group for applications started before Kaspersky"</strong>.</p><p>Select <strong>UNSTRUSTED</strong> for unknown applications, so all strange applications/not signed are not able to be executed at all.</p><p>[ATTACH=full]226463[/ATTACH]</p><p>Select <strong>LOW RESTRICTED</strong> for all aplications launched before Kaspersky</p><p>[ATTACH=full]226466[/ATTACH][/SPOILER]</p><p><strong><u>I EXECUTED A FILE AND I GOT ERRORS/DOESN'T LAUNCH</u></strong></p><p></p><p>Whenever Application Control blocks an application, moves it to Untrusted Group, or a restriction group. This means that most probably it will have no permissions to execute or elevate, hence why it gives random errors at launch. In order to execute it you will need to head to Kaspersky--Application Control module, and manually move it to the Trusted Group.</p></blockquote><p></p>
[QUOTE="RoboMan, post: 837695, member: 53544"] I'm pretty sure you have heard about Kaspersky being recommended. Here, by friends, on the internet. But... why? To start with, Kaspersky is a [B]very complete and powerful suite[/B], includes several modules that together can outsmart pretty much most malware if correctly configured. This thread is about a specific module: Application Control. What is it? How does it work? How to set it up? [SPOILER="FAQ"][B]1. Why Kaspersky?[/B] Kaspersky is definitely a market leader, with huge experience in the cybersecurity area and innovation, winning multiple awards and prizes for the great protection it can offer. [B]2. Why should I need to set it up?[/B] Many people often moan about how weak antivirus is on default settings. And as a matter of fact this may be true with Kaspersky too. Many HUB testers have proved that on default Kaspersky can fail. But it would be a pity to leave such a monster the way it came. [B]3. What's the objective of this thread?[/B] Learn what Application Control (AC) is, how it works, the engineering that designed it and how to use it. [B]4. Wow you're such a great person, why aren't you super admin co-owner godlike in this forum?[/B] I once stole Jack's kitty and he never forgave me. [/SPOILER] [B][U]EXPLAINING APPLICATION CONTROL[/U][/B] Applications installed on the computer can use the operating system resources as well as your personal data. Kaspersky features the [B]Application Control[/B] component, which controls access of applications to the operating system files and your personal data. When an application tries to access the operating system or personal data, [B]Application Control[/B] allows or blocks access to the resource according to the rules or prompts to select an action. If [B]Application Control[/B] blocks the work of an important application, you can adjust the rights for it. [B][U]I CAN'T FIND THIS MODULE ON KASPERSKY[/U][/B] Application Control is only available in versions Internet Security and beyond. It is not present in Antivirus version. [B][U]HOW DOES IT DECIDE ABOUT FILES[/U][/B] Kaspersky divides all the applications installed on the computer are divided into the following groups: [LIST] [*][B][COLOR=rgb(65, 168, 95)]Trusted[/COLOR][/B]. Applications that meet at least one of these criteria: [LIST] [*]This application has a trusted vendor's signature. [*]This application is listed in the Kaspersky Lab trusted applications database . [*]These applications have no restrictions on their activity in the system. [/LIST] [*][B][COLOR=rgb(250, 197, 28)]Low Restricted[/COLOR][/B]. Applications that do not have a digital signature from a trusted vendor and are not listed in the Kaspersky Lab database of trusted applications. These applications have certain restrictions on accessing other processes, controlling the system, and accessing the network without user's consent. These applications will request permission for most actions from the user. [*][B][COLOR=rgb(243, 121, 52)]High Restricted[/COLOR][/B]. Applications that may pose a moderate threat: tools, adware, or auto-dialers. For most actions, these applications will require user's permission. Some actions are not allowed. [*][B][COLOR=rgb(209, 72, 65)]Untrusted[/COLOR][/B]. Malicious applications that pose a severe threat. This category includes applications that are blocked with File Anti-Virus. Application Control blocks all actions of these applications. [/LIST] [B][U]PROTECTED RESOURCES[/U][/B] Within this module, Kaspersky also protects: [LIST] [*]System files and folders [*]Startup objects [*]User files and folders, including the My Documents folder [*][URL='https://support.kaspersky.com/2843']Cookie[/URL] files [*]Data on your activity on the computer and the web [*]Registry files that contain settings and data from web browsers, file managers, mail clients, instant messengers, and payment system apps. [/LIST] [B][U]HOW TO CHANGE RESTRICTIONS FOR FILES[/U][/B] [SPOILER="PICTURES"] [LIST=1] [*]In the main window of Kaspersky, click the gear button [IMG alt="Image: the Settings button of Kaspersky"]https://support.kaspersky.com/images/KIS2018_13626_0113-402292.png[/IMG]. [/LIST] [IMG alt="Image: the main window of Kaspersky"]https://support.kaspersky.com/images/kis2018_13626_0113-402293.png[/IMG] [LIST=1] [*]If you have problems opening the application window, see [URL='https://support.kaspersky.com/13620']this guide[/URL]. [/LIST] [LIST=1] [*]Got to the [B]Protection[/B] section in the [B]Settings[/B] window and select [B]Application Control[/B]. [/LIST] [IMG alt="Image: the Settings window of Kaspersky"]https://support.kaspersky.com/images/kis2018_13626_0213-402294.png[/IMG] [LIST=1] [*]In the [B]Application Control[/B] settings view, click the [B]Manage applications[/B] link. [/LIST] [IMG alt="Image: the Application Control window in Kaspersky"]https://support.kaspersky.com/images/kis2018_13626_0313-402295.png[/IMG] [LIST=1] [*]In the [B]Manage applications[/B] window, move the application to a different group: right-click the application, in the menu click [B]Restrictions[/B] and select the category. [/LIST] [IMG alt="Image: selecting a group for an application in Kaspersky"]https://support.kaspersky.com/images/kis2018_13626_0413-402296.png[/IMG] [LIST=1] [*]Configure custom restrictions: select the application, right-click it and select [B]Details and rules[/B] from the menu. [/LIST] [IMG alt="Image: setting up restrictions for an application in Kaspersky"]https://support.kaspersky.com/images/kis2018_13626_0513-402297.png[/IMG] [LIST=1] [*]Go to [B]Application rules →Rights[/B], select a category and set an action for it by clicking the icon on the right: [B]Inherit[/B], [B]Allow[/B], [B]Deny[/B], or [B]Prompt for action[/B]. [*]Click [B]Save[/B]. [/LIST] [IMG alt="Image: the Application rules window of Kaspersky"]https://support.kaspersky.com/images/kis2018_13626_0613-402298.png[/IMG][/SPOILER] [B][U]HOW TO SET IT UP SAFELY[/U][/B] [SPOILER="PICTURES"]1. Open Application Control module [ATTACH type="full" width="728px" alt="1570106487478.png"]226462[/ATTACH] 2. Untick "trust digitally signed applications" and make sure it stays like the picture below. [ATTACH type="full" width="732px" alt="1570106697180.png"]226465[/ATTACH] 3. Visualize our two main options: [B]"Change trust group for unknown applications"[/B] and[B] "change trust group for applications started before Kaspersky"[/B]. Select [B]UNSTRUSTED[/B] for unknown applications, so all strange applications/not signed are not able to be executed at all. [ATTACH type="full" width="731px" alt="1570106583247.png"]226463[/ATTACH] Select [B]LOW RESTRICTED[/B] for all aplications launched before Kaspersky [ATTACH type="full" width="734px" alt="1570106803939.png"]226466[/ATTACH][/SPOILER] [B][U]I EXECUTED A FILE AND I GOT ERRORS/DOESN'T LAUNCH[/U][/B] Whenever Application Control blocks an application, moves it to Untrusted Group, or a restriction group. This means that most probably it will have no permissions to execute or elevate, hence why it gives random errors at launch. In order to execute it you will need to head to Kaspersky--Application Control module, and manually move it to the Trusted Group. [/QUOTE]
Insert quotes…
Verification
Post reply
Top