Kaspersky Internet Security 2012

More documents

Recommendations

Info

U S E R G U I D E If suspicious events are detected in the system, Kaspersky Internet Security protection components can request additional information from System Watcher. In interactive protection mode of Kaspersky Internet Security (see section "Selecting a protection mode" on page 64), you can view data collected by the System Watcher component and presented as a report on dangerous activity history. This data can help you make a decision when selecting an action in the notification window. When the component detects a malicious program, the link to the System Watcher's report is displayed in the top part of the notification window (see page 197), along with a prompt for action. IN THIS SECTION: Enabling and disabling System Watcher ....................................................................................................................... 100 Using patterns of dangerous activity (BSS) ................................................................................................................... 100 Rolling back a malicious program's actions ................................................................................................................... 101 ENABLING AND DISABLING SYSTEM WATCHER By default, System Watcher is enabled, running in a mode recommended by Kaspersky Lab specialists. You can disable System Watcher if necessary. You are advised not to disable the component unless it is absolutely necessary, since this inevitably decreases the efficiency of Proactive Defense and other protection components that may request data collected by System Watcher in order to identify the potential threat detected. To disable System Watcher: 1. Open the application settings window. 2. In the left part of the window, in the Protection Center section, select the System Watcher component. 3. In the right part of the window, uncheck the Enable System Watcher box. USING PATTERNS OF DANGEROUS ACTIVITY (BSS) Patterns of dangerous activity (BSS – Behavior Stream Signatures) contain sequences of actions typical of applications classified as dangerous. If an application's activity matches a pattern of dangerous activity, Kaspersky Internet Security performs the prescribed action. To provide real-time effective protection, Kaspersky Internet Security adds patterns of dangerous activity, which are used by System Watcher, during the database updates. By default, when Kaspersky Internet Security is running in automatic mode, if an application's activity matches a pattern of dangerous activity, System Watcher moves this application to Quarantine. When running in interactive mode, System Watcher prompts for action. You can specify the action that the component should perform when an application's activity matches a pattern of dangerous activity. In addition to exact matches between applications' activities and patterns of dangerous activity, System Watcher also detects actions that partly match patterns of dangerous activity and are considered suspicious based on the heuristic analysis. If suspicious activity is detected, System Watcher prompts for action regardless of the operation mode. To select the action that the component should perform if an application's activity matches a pattern of dangerous activity: 1. Open the application settings window. 2. In the left part of the window, in the Protection Center section, select the System Watcher component. 100
A D V A N C E D A P P L I C A T I O N S E T T I N G S 3. In the right part of the window, in the Heuristic Analysis section, check the Use updatable patterns of dangerous activity (BSS) box. 4. Click Select action and then specify the desired action on the dropdown list. ROLLING BACK A MALICIOUS PROGRAM'S ACTIONS You can use the option of rolling back the actions performed by malware in the system. To enable a rollback, System Watcher logs the history of program activity. You can limit the volume of information that System Watcher stores for a rollback. By default, Kaspersky Internet Security rolls back relevant operations automatically when the protection components detect malicious activity. When running in interactive mode, System Watcher prompts for action. You can specify an action that should be taken if a rollback of actions performed by a malicious program is available. The procedure of rolling back malware operations affects a strictly defined set of data. It causes no negative consequences for the operating system or data integrity on your computer. To select an action that should be taken if a rollback of actions performed by a malicious program is available: 1. Open the application settings window. 2. In the left part of the window, in the Protection Center section, select the System Watcher component. 3. In the right part of the window, in the Rollback of malware actions section, choose Select action, and then select the required action from the dropdown list. To limit the volume of information that System Watcher stores for a rollback: 1. Open the application settings window. 2. In the left part of the window, in the Protection Center section, select the System Watcher component. 3. In the right part of the window, in the Rollback of malware actions section, check the Limit data to be stored for rollback box and specify the maximum data volume that System Watcher should store for a rollback. APPLICATION CONTROL Application Control prevents applications from performing actions that may be dangerous for the system and ensures control of access to operating system resources and your identity data. The component tracks actions performed in the system by applications installed on the computer and regulates them based on the Application Control rules. These rules regulate potentially dangerous activity, including applications' access to protected resources, such as files and folders, registry keys, and network addresses. Applications' network activity is controlled by the Firewall component (on page 109). At the first startup of an application on the computer, the Application Control component verifies its safety and includes it in one of the groups. The group defines the rules that Kaspersky Internet Security should apply for controlling the activity of this application. The Application Control rules are a set of access rights to computer resources and restrictions posed on various actions being performed by applications on the computer. You can configure the conditions for distribution of applications by groups (see page 102), move an application to another group (see page 103), or edit the rules of Kaspersky Internet Security (see page 104). 101
Page 1 and 2:
Kaspersky Internet Security 2012 Us
Page 3 and 4:
CONTENT ABOUT THIS GUIDE ..........
Page 5 and 6:
C O N T E N T ADVANCED APPLICATION
Page 7 and 8:
C O N T E N T Viewing reports of a
Page 9 and 10:
ABOUT THIS GUIDE Greetings from Kas
Page 11 and 12:
A B O U T T H I S G U I D E DOCUMEN
Page 13 and 14:
S O U R C E S O F I N F O R M A T I
Page 15 and 16:
K A S P E R S K Y I N T E R N E T S
Page 17 and 18:
INSTALLING AND REMOVING THE APPLICA
Page 19 and 20:
I N S T A L L I N G A N D R E M O V
Page 21 and 22:
I N S T A L L I NG A N D R E M O V
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
LICENSING THE APPLICATION This sect
Page 31 and 32:
APPLICATION INTERFACE This section
Page 33 and 34:
A P P L I C A T I O N I N T E R F A
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
MANAGING THE COMPUTER PROTECTION Th
Page 41 and 42:
M A N A G I N G T H E C O M P U T E
Page 43 and 44:
SOLVING TYPICAL TASKS This section
Page 45 and 46:
S O L V I N G T Y P I C A L T A S K
Page 47 and 48:
S O L V I N G T Y P I C A L T A S K
Page 49 and 50: S O L V I N G T Y P I C A L T A S K
Page 63 and 64: A D V A N C E D A P P L I C A T I O
Page 99: A D V A N C E D A P P L I C A T I O
Page 151 and 152:
A D V A N C E D A P P L I C A T I O
Page 153 and 154:
Page 155 and 156:
Page 157 and 158:
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
Page 165 and 166:
Page 167 and 168:
Page 169 and 170:
Page 171 and 172:
Page 173 and 174:
Page 175 and 176:
Page 177 and 178:
T E S T I N G T H E A P P L I C A T
Page 179 and 180:
CONTACTING THE TECHNICAL SUPPORT SE
Page 181 and 182:
C O N T A C T I N G T H E T E C H N
Page 183 and 184:
C O N T A C T I N G T H E T E C H N
Page 185 and 186:
A P P E N D I X STATISTICS HELP SCA
Page 187 and 188:
A P P E N D I X RTP FW HIPS pdm FM
Page 189 and 190:
A P P E N D I X - this parameter d
Page 191 and 192:
A P P E N D I X Update the Kaspersk
Page 193 and 194:
A P P E N D I X RETURN CODES OF THE
Page 195 and 196:
A P P E N D I X The notification pr
Page 197 and 198:
A PPEND I X UNRELIABLE CERTIFICATE
Page 199 and 200:
Page 201 and 202:
A P P E N D I X Update databases be
Page 203 and 204:
Page 205 and 206:
A P P E N D I X The status of a fil
Page 207 and 208:
A P P E N D I X To apply the select
Page 209 and 210:
A P P E N D I X You can select one
Page 211 and 212:
A P P E N D I X You can select one
Page 213 and 214:
G L O S S A R Y B L O C K I N G A N
Page 215 and 216:
G L O S S A R Y H E A D E R The inf
Page 217 and 218:
G L O S S A R Y L I S T O F W E B A
Page 219 and 220:
G L O S S A R Y R O O T K I T An ap
Page 221 and 222:
KASPERSKY LAB ZAO Kaspersky Lab sof
Page 223 and 224:
INDEX A Anti-Banner list of blocked
Page 225 and 226:
I N D E X notification types ......
show all

Kaspersky Internet Security 2012

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?