Remove-Malware.com Forums

[ieattacos]

What do you guys think is a better setting for application control? Move unknown applications to high restricted or untrusted?

[gusthebus]

Yes I think they should be moved to Untrusted personally. I found in my tests that Kaspersky assigned a lot of malware to "low restricted" where it was allowed to cause a lot of damage. You may have to assign a few applications manually to "trusted" that aren't on Kaspersky's whitelist, however.

More manual work = Untrusted setting
Less manual work = Let App control decide

[ieattacos]

Well I mean should I chose high restricted or untrusted?

[gusthebus]

My mistake, I misread the question. I personally would go with Untrusted. If a legitimate process is set to high restricted, you will likely have to adjust it for the process to run properly anyway. With the untrusted mode, malware won't even get a chance to run.

[ieattacos]

Thanks. I would also like some others opinions when they log on.

[virtu]

Depends on your web-browsing behavior. Do you watch porn, warez,free wallpapers from unknown places, test malware on your host, etc. Then go with the most restrictive settings shown by gusthebus above and you will block unknown malware that could slip and infect your PC.

[ieattacos]

Well maybe everyonce in a while a wallpaper from unknown places. I do test malware in a virtual machine sometimes. Other then that not really anything you said.

[sss20]

High Restricted - The applications of this group require the user's permission for most actions which affect the system: some actions are not allowed for such applications.

Rules.Please note that all the applications have the right to start.But you can change this rule to "Promt for action"


Untrusted - Application Control blocks any actions performed by the applications in this group

Rules.Please note that all the actions are blocked by default



But if you really want to be in control you can do this steps :

1. Advance Settings > Notifications - > Minor Notifications > Check : Applications Placed in Restricted Group > Ok

2.Enable Interactive Mode
Interactive. Kaspersky Internet Security informs the user about all malicious and suspicious events. In this mode the user will manually select actions: allow or block activities.You will get someKIS alets (to answer) sometime when installing applications but is a pretty powerful barrier against unknown applications and threats because it allows us to control its execution strongly.
How to enable Interactive Mode - http://support.kaspersky.com/kis2011/tech?qid=208281922

3. Enable "Block dangerous web sites "
Block dangerous websites

If the box is checked, Web Anti-Virus blocks access to the websites which have been considered as suspicious or phishing ones by Kaspersky URL Advisor. If Web Anti-Virus cannot return a clear verdict on safety of the website to which a link directs, you will be offered to load this website in Safe Run. When activated in Safe Run, malicious objects do not impose any threat to your computer.

Web Anti-Virus allows to download websites in the safe environment for Microsoft Internet Explorer, Mozilla Firefox and Google Chrome.

If the box is unchecked, Web Anti-Virus does not block access to known suspicious websites automatically.

How to enable "Block dangerous web sites " - http://support.kaspersky.com/faq/?qid=208281828


4. Go to Advance Settings > Threats and Exclusions ->Threats -> Settings -> Enable Other.

5.Increase Maximum time to define the application group
Maximum time to define the application group

Time period required for Application Control to scan applications being run, using heuristic analysis. Time period is set in seconds.

By default, Application Control analyzes an application for 30 seconds. If, when this time period expires, Application Control cannot clearly define threat rating of the application, the component moves it to the Low Restricted group. Application Control continues scanning the application in background mode, after which it is included into a trust group.

Go to Settings > Application Control > Maximum time to define the application group > 60 Seconds.


All this settings should make an awesome program like KIS more awesome for an Advance user.
Or you can just put everything in Untrusted...or High Restricted and tweak the rules.

[sss20]

ieattacos for this measures to really work you should also do this step :

Settings -> Application Control -> Applications -> select Low Restricted group line, and rightclick mouse button -> Group rule
and make Kaspersky ask you when an application from Low Restricted wants to start.You just need to change the "Start" Rule to "Promt for action.
Here is how my rules for the Low Restricted Group looks.Thi settings will make your pc very secure but you will have some alets from the unknown programs...but Kaspersky has a really big whitelist so this shound't be a real problem if you aren't installing everyday less known apps and programs.



In my eyes setting every unkwon app to untrusted is a measure for the less experienced ....

[ieattacos]

I decided for it to put everything unknown in untrusted. The reason is because if one of my programs aren't running I will know why. One time when I had kaspersky set one of my applications to high restricted it made the application work weird and I had to reinstall that application. It seems easier if it would just block it from running then break the application. Since I can easily unblock it. Also I don't really want to many pop ups lol.

I am still thinking about it though.