Kaspersky Anti-Virus provides comprehensive protection against various types of information security threats. Various functions and protection components are available as part of Kaspersky Anti-Virus to deliver comprehensive protection.
Computer Protection
Each type of threat is handled by a dedicated protection component. You can enable and disable protection components, and configure their settings.
In addition to the real-time protection provided by the security components, we recommend that you regularly scan your computer for viruses and other malware. This is necessary in order to prevent any possible spreading of malicious programs that have not been discovered by protection components, for example, because a low security level was set or for other reasons.
To keep Kaspersky Anti-Virus up to date, you need to update the databases and application modules used by the application.
Some specific tasks that should be run occasionally (such as removal of traces of a user's activities in the operating system) are performed by using advanced tools and wizards.
What follows is a description of the logic of how the protection components interact when Kaspersky Anti-Virus has been set to the mode that is recommended by Kaspersky Lab specialists (in other words, with the default application settings).
File Anti-Virus
File Anti-Virus prevents infection of the computer's file system. The component starts upon startup of the operating system, continuously remains in the computer's RAM, and scans all files that are opened, saved, or launched on your computer and all connected drives. Kaspersky Anti-Virus intercepts each attempt to access a file and scans the file for known viruses and other malware. Further access to the file is allowed only if the file is not infected or is successfully disinfected by the application. If a file cannot be disinfected for any reason, it is deleted. A copy of the file is moved to Quarantine when that happens. If an infected file is placed in the same location where the deleted file with the same name used to be, Quarantine saves only a copy of the last file. A copy of the previous file with the same name is not saved.
Mail Anti-Virus
Mail Anti-Virus scans incoming and outgoing email messages on your computer. An email message is available to the recipient only if it does not contain dangerous objects.
Web Anti-Virus
Web Anti-Virus intercepts and blocks the execution of scripts on websites if they pose a threat. Web Anti-Virus also monitors all web traffic and blocks access to dangerous websites.
IM Anti-Virus
IM Anti-Virus ensures the safe use of IM clients. The component protects information that comes to your computer via IM protocols. IM Anti-Virus ensures safe operation of various applications for instant messaging.
System Watcher
The System Watcher component rolls back the changes made to the operating system by malicious or other activity of applications.
The component protects against malware, including:
Exploits
Screen lockers
Encryptors
Ransomware that encrypts data or blocks access to files or the system and extorts ransom for restoring the files or access to them.
Disabling this component is not recommended.
Network Attack Blocker
Network Attack Blocker loads at operating system startup and tracks incoming network traffic for activities characteristic of network attacks. When an attempt to attack your computer is detected, Kaspersky Anti-Virus blocks all network activity from the attacking computer that is aimed at your computer.
Anti-Phishing
Anti-Phishing allows checking URLs to find out if they are included in the list of phishing URLs. This component is built into Web Anti-Virus and IM Anti-Virus.
On-Screen Keyboard
On-Screen Keyboard prevents interception of data entered on the hardware keyboard and protects personal data against interception attempts that use screen shots.
My Kaspersky
If a computer has Kaspersky Anti-Virus installed, you can manage protection of this computer remotely from My Kaspersky portal.
Secure connection
Kaspersky Anti-Virus protects your data on connection to unsecured Wi-Fi networks.
Kaspersky Anti-Virus provides the following new features:
It is now possible to scan scripts using Antimalware Scan Interface (AMSI). AMSI is a standard Microsoft interface that allows scanning scripts and other objects using Kaspersky Anti-Virus. The component can only detect a threat and notify about it, but it does not handle threats. The component is available in Microsoft Windows 10 or later.
Scanning of encrypted connections has been improved. You can now choose actions for sites that returned scan errors and add such sites to exclusions.
It is now possible to disable decryption of Extended Validation (EV) certificates.
The Tools window has been improved. Application features are now categorized to help you find specific features faster.
The Recommended settings window has been improved. The Delete possibly infected objects check box and the Detect other software that can be used by criminals to damage your computer or personal data check box have been added.
The display of notifications has been improved. Notifications that are not critical for application performance are not displayed while the user is in full-screen mode.
Internet access (for the application installation and activation, for the use of Kaspersky Security Network, and for updating databases and application modules)
Microsoft Internet Explorer 8.0 or later
To access My Kaspersky portal, we recommend using Microsoft Internet Explorer 9.0 or later.
Microsoft Windows Installer 3.0 or later
Microsoft .NET Framework 4 or later
Requirements for Microsoft Windows 7 Starter (Service Pack 0 or later), Microsoft Windows 7 Home Basic (Service Pack 0 or later), Microsoft Windows 7 Home Premium (Service Pack 0 or later), Microsoft Windows 7 Professional (Service Pack 0 or later), Microsoft Windows 7 Ultimate (Service Pack 0 or later), Microsoft Windows 8 (Service Pack 0 or later), Microsoft Windows 8 Pro (Service Pack 0 or later), Microsoft Windows 8 Enterprise (Service Pack 0 or later), Microsoft Windows 8.1 (Service Pack 0 and Windows 8.1 Update), Microsoft Windows 8.1 Pro (Service Pack 0 and Windows 8.1 Update), Microsoft Windows 8.1 Enterprise (Service Pack 0 and Windows 8.1 Update), Microsoft Windows 10 Home (TH1, TH2, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2), Microsoft Windows 10 Enterprise (TH1, TH2, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2), Microsoft Windows 10 Pro (TH1, TH2, RS1, RS2, RS3, RS4, RS5, 19H1, 19H2):
Kaspersky Anti-Virus will be installed to your computer in interactive mode using the Setup Wizard.
The Wizard consists of a series of pages (steps), which you can navigate through by clicking the Back and Next buttons. To close the Wizard after it finishes, click the Done button. To stop the Wizard's activity at any step of installation, close the Wizard window.
The number and sequence of steps in the Setup Wizard depend on the region where you install the application. If you install the application in the European Union, the Setup Wizard offers you to accept additional agreements about processing your personal data.
If the application will be used to protect more than one computer (with the maximum number of computers defined by the terms of the End User License Agreement), the installation procedure will be identical on all computers.
To install Kaspersky Anti-Virus on your computer,
On the installation CD, run the file with the .exe extension.
The application is then installed with the help of a standard Setup Wizard.
In some regions, the installation CD does not include the application installation package. The installation CD contains only the autorun file. When this file is executed, the application download window opens.
To install Kaspersky Anti-Virus using the autorun file:
Click the Download and Install button in the application download window.
By clicking the Download and Install button, you send information about the version of your operating system to Kaspersky Lab.
If the download failed, click the Download and install manually from website link that will take you to a website where you can download the application manually.
The application is then installed with the help of a standard Setup Wizard.
To install Kaspersky Anti-Virus, you can also download an installation package from the Internet. In this case, the Setup Wizard displays several additional installation steps for some localization languages.
Along with the application, plug-ins for browsers are installed to ensure safe Internet browsing.
Kaspersky Anti-Virus is installed together with the Kaspersky Secure Connection application intended for establishing a secure connection via Virtual Private Network (VPN). You can remove Kaspersky Secure Connection separately from Kaspersky Anti-Virus. If the use of VPN is prohibited in your country, Kaspersky Secure Connection is not installed.
Before installation, the Setup Wizard checks the update servers of Kaspersky Lab for a newer version of Kaspersky Anti-Virus.
If the Setup Wizard does not detect any newer version of the application on Kaspersky Lab update servers, it starts installing the current version.
If the Setup Wizard detects a newer version of Kaspersky Anti-Virus on Kaspersky Lab update servers, it prompts you to download and install it on your computer. It is recommended that you install the new version of the application, because newer versions include more enhancements that allow you to ensure more reliable protection of your computer. If you refuse to install the new version, the Wizard starts installing the current version of the application. If you agree to install the new version of the application, the Setup Wizard copies the files from the installation package to your computer and starts installing the new version.
During this step, the Setup Wizard offers to install the application.
To proceed with installation, click the Continue button.
Depending on the installation type and the localization language, during this step the Setup Wizard may prompt you to view the License Agreement concluded between you and Kaspersky Lab, as well as ask whether you want to participate in Kaspersky Security Network.
This step of the Setup Wizard is displayed for some localization languages when installing Kaspersky Anti-Virus from an installation package downloaded from the Internet.
During this step, the Setup Wizard asks you to review the End User License Agreement concluded between you and Kaspersky Lab.
Read the End User License Agreement thoroughly and, if you agree with all of its terms, click the Accept button. Installation of the application to your computer then continues.
If the terms of the End User License Agreement are not accepted, the application will not be installed.
If you install the application in the European Union, you must also accept the terms of the Privacy Policy to continue installation.
During this step, the Setup Wizard invites you to participate in Kaspersky Security Network. Participation in the program involves sending information about threats detected on your computer, running applications, and downloaded signed applications, as well as information about your operating system, to AO Kaspersky Lab. No personal data received from you is collected, processed, or stored.
Review the Kaspersky Security Network Statement. If you accept all of its terms, in the Wizard window, click the Accept button.
If you do not want to participate in Kaspersky Security Network, click the Decline button.
After you accept or decline participation in Kaspersky Security Network, application installation continues.
If you install the application in the European Union, the Kaspersky Security Network Statement includes information about personal data processing.
Some versions of Kaspersky Anti-Virus are distributed by subscription, and a password received from the service provider must be entered before installation.
After you enter the password, application installation starts.
Installation of the application can take some time. Wait for it to finish.
Upon installation completion, the Setup Wizard automatically proceeds to the next step.
Checks during application installation
Kaspersky Anti-Virus performs several checks during installation. These checks may detect the following problems:
Non-compliance of the operating system with the software requirements. During installation the Wizard checks the following conditions:
Whether the operating system and Service Pack meet the software requirements
All the required applications are available
The amount of free disk space is enough for installation
The user installing the application has administrator privileges
If any of the above-listed requirements is not met, a corresponding notification is displayed.
Presence of incompatible applications on the computer. If any incompatible applications are detected, they are displayed in a list on the screen, and you will be prompted to remove them. You are advised to manually remove any applications that Kaspersky Anti-Virus cannot remove automatically. When removing incompatible applications, you will need to restart your operating system, after which installation of Kaspersky Anti-Virus continues automatically.
Presence of malicious programs on the computer. If any malicious programs that interfere with installation of anti-virus software are detected on the computer, the Setup Wizard prompts you to download Kaspersky Virus Removal Tool, a special tool designed to neutralize infections.
If you agree to install the utility, the Setup Wizard downloads it from the Kaspersky servers, after which installation of the utility starts automatically. If the Wizard cannot download the utility, you are prompted to download it on your own by clicking the link provided.
Installing Kaspersky Password Manager
Before completing the installation, Kaspersky Anti-Virus also prompts you to install Kaspersky Password Manager to protect your passwords. The installation of Kaspersky Password Manager may continue after finishing the installation of Kaspersky Anti-Virus, there is no separate notification about completing the installation of Kaspersky Password Manager.
At this step, you can view and configure the Kaspersky Anti-Virus settings that Kaspersky Lab experts advise you to enable before beginning to use the application.
To configure recommended settings:
Select which settings you want to enable or disable:
Leave the Delete malicious tools, adware, auto-dialers and suspicious packagers check box selected if you want the application to delete these objects.
If you frequently install new applications, leave the Detect other software that can be used by criminals to damage your computer or personal data check box selected. This will help you detect applications that can be used to damage your computer or data.
To learn about the new and main capabilities of the application, leave the Take a tour through the application features check box selected.
If you do not want to enable Kaspersky Lab's recommended settings, clear the relevant boxes.
The Activation Wizard is started at the first launch of Kaspersky Anti-Virus.
Activation is the process of making operational a fully functional version of the application for a specified period of time.
The following options for Kaspersky Anti-Virus activation are offered:
Activate application. Select this option and enter an activation code if you have purchased a license for the application.
If you specify an activation code for Kaspersky Internet Security or Kaspersky Total Security in the entry field, the procedure for switching to Kaspersky Internet Security or Kaspersky Total Security starts after activation is completed.
Activate trial version of the application. Select this activation option if you want to install the trial version of the application before making a decision on whether to purchase a license. You will be able to use the application and all of its features during a short evaluation period. When the trial license expires, the trial version of the application cannot be activated for a second time.
An Internet connection is required for activation of the application.
During application activation, you may have to register on My Kaspersky portal.
This step is not available in all versions of Kaspersky Anti-Virus.
Registered users are able to send requests to Technical Support and the Virus Lab through My Kaspersky portal, manage activation codes conveniently, and receive the latest information about new applications and special offers from Kaspersky Lab.
If you agree to register, specify your registration data in the corresponding fields and click the Sign in button to send the data to Kaspersky Lab.
In some cases user registration is required to start using the application.
In order for Kaspersky Anti-Virus to fully support browsers, the Kaspersky Protection extension has to be installed and enabled in browsers. Kaspersky Anti-Virus uses the Kaspersky Protection extension to inject a script into traffic. The application uses this script to interact with the web page. The application protects data transmitted by the script using a digital signature. Kaspersky Anti-Virus can embed the script without using the Kaspersky Protection extension.
Kaspersky Anti-Virus signs data transmitted by the script using the installed anti-virus databases and requests to Kaspersky Security Network. The application sends requests to Kaspersky Security Network regardless of whether or not you accepted the terms of the Kaspersky Security Network Statement.
For the Windows 8 operating system
The Kaspersky Protection extension is installed in browsers during installation of Kaspersky Anti-Virus if your computer is running the Windows 8 or older operating system.
After installing Kaspersky Anti-Virus, you have to enable the Kaspersky Protection extension:
To enable the extension in Mozilla Firefox, you have to allow installation of the extension in the browser window.
In Google Chrome, you have to allow the Kaspersky Protection extension to be enabled. If you declined to enable the extension, you will later need to manually install and enable the Kaspersky Protection extension by installing it from the Chrome web store.
For the Windows 10 operating system
If your computer is running the Windows 10 operating system, you have to install the Kaspersky Protection extension in the Microsoft Internet Explorer browser manually. You can proceed to installing the extension using the informational message in Notification Center.
The application is updated automatically. If you have a current license for an earlier version of Kaspersky Anti-Virus, you do not need to activate the application: the Setup Wizard will automatically retrieve information about the license for the previous version of Kaspersky Anti-Virus and apply it during installation of the new version of Kaspersky Anti-Virus.
While downloading the update, the application compares the previous and new versions of the End User License Agreement, Kaspersky Security Network Statement, and Statement regarding data processing for marketing purposes. If the agreements and/or statements differ, the application offers you to read and accept them again.
Certain limitations apply to the upgrade from the previous version.
Installing a new version of Kaspersky Anti-Virus over a previous version of Kaspersky Internet Security
If you install a new version of Kaspersky Anti-Virus on a computer on which a previous version of Kaspersky Internet Security has been already installed with a current license, the Activation Wizard prompts you to select one of the following options:
Continue using Kaspersky Internet Security under the current license. In this case, the Migration Wizard will be started. When the Migration Wizard finishes, the new version of Kaspersky Internet Security will be installed to your computer. You can use Kaspersky Internet Security until the license for the previous version of Kaspersky Internet Security expires.
Proceed with installation of the new version of Kaspersky Anti-Virus. In this case, the application is installed and activated according to the standard scenario.
Installing Kaspersky Anti-Virus over Kaspersky Security Cloud
If you install Kaspersky Anti-Virus over Kaspersky Security Cloud, you cannot use Kaspersky Anti-Virus under the license for Kaspersky Security Cloud. You can use Kaspersky Security Cloud under this license on another device.
Kaspersky Security Cloud application settings are not saved and cannot be applied to Kaspersky Anti-Virus.
Switching from Kaspersky Anti-Virus to other Kaspersky Lab applications
Switching to Kaspersky Internet Security
Kaspersky Anti-Virus allows you to switch to Kaspersky Internet Security without any additional downloads or installation of software.
Kaspersky Internet Security is an application designed to ensure comprehensive protection of your computer.
Compared to Kaspersky Anti-Virus, Kaspersky Internet Security provides a range of additional advanced options as part of the following components and features:
Application Control
Trusted Applications mode
Parental Control
Firewall
Safe Money
Blocking access to dangerous websites
Application Manager
Network Monitor
Webcam Access
Private Browsing
Anti-Spam
Anti-Banner
Secure Keyboard Input
You can temporarily switch to the trial version of Kaspersky Internet Security to try out the application's features, or purchase a license and start using Kaspersky Internet Security.
Switching to Kaspersky Total Security
In certain regions, Kaspersky Anti-Virus allows switching to Kaspersky Total Security.
Kaspersky Total Security offers the same features as Kaspersky Internet Security and a range of additional features:
Backup and Restore.
Data Encryption
Protection of passwords.
Switching to Kaspersky Total Security is performed in the same manner as switching to Kaspersky Internet Security.
When used in certain regions or by subscription, temporary switching to the trial version of Kaspersky Internet Security and Kaspersky Total Security is not available.
Switching to Kaspersky Security Cloud
When the license for Kaspersky Anti-Virus expires, the application will offer you to purchase a subscription for Kaspersky Security Cloud.
Kaspersky Security Cloud is a computer security service that goes beyond ordinary protection from viruses and other computer threats. The application provides personalized recommendations and adaptive protection scenarios built around you and your family.
Kaspersky Security Cloud provides additional features, such as:
Weak settings control in the operating system
Device control in your Wi-Fi network
Security news
Kaspersky Security Cloud subscription allows you to freely use Kaspersky Safe Kids to protect your children and Kaspersky Password Manager to protect your passwords.
Switching to Kaspersky Security Cloud is not available in all regions.
You can temporarily switch to the trial version of Kaspersky Internet Security in order to evaluate its features. After that, you can choose to purchase a license for further use of the application.
To temporarily switch to the trial version of Kaspersky Internet Security:
Open the main application window.
In the More Tools drop-down list, select Upgrade.
In the window that opens, click the Trial version button.
The Migration Wizard starts.
Follow the wizard's instructions.
When used in certain regions or by subscription, temporary switching to the trial version of Kaspersky Internet Security is not available. In these cases, the Upgrade option is not available in the More Tools list.
When switching to Kaspersky Internet Security in the European Union, the application offers you to read and accept the End User License Agreement, Kaspersky Security Network Statement, and Statement regarding data processing for marketing purposes once again.
Requesting activation of the trial version of Kaspersky Internet Security
If the request for activation of the trial version of Kaspersky Internet Security is successful, the wizard automatically proceeds to the next step.
Starting the upgrade
At this step, the wizard displays a message, informing you that all prerequisites for migration to the trial version of Kaspersky Internet Security are met.
To proceed with the wizard, click the Continue button.
Removing incompatible applications
At this step, the wizard checks if any applications incompatible with Kaspersky Internet Security are installed on your computer. If no such applications are found, the wizard automatically proceeds to the next step. If such applications are found, the wizard lists them in the window and prompts you to uninstall them.
After incompatible applications are uninstalled, you may need to restart the operating system. After a restart, the wizard starts automatically, and the migration to the trial version of Kaspersky Internet Security continues.
Switching to the trial version of Kaspersky Internet Security
At this step, the wizard prepares Kaspersky Internet Security components for use, which may take some time. As soon as the process completes, the wizard automatically proceeds to the next step.
Restarting the application
At this step of the migration to the trial version of Kaspersky Internet Security, you must quit the application and start it again.
To do this, in the wizard window, click the Done button.
Completing activation
After the application starts again, the wizard runs automatically. After successful activation of the trial version of Kaspersky Internet Security, the wizard window displays information about the length of time during which you can use the trial version.
Operating system analysis
At this step, information about Microsoft Windows applications is collected. These applications are added to the list of trusted applications. No restrictions are placed on the actions that trusted applications perform in the operating system.
Once the analysis is complete, the Wizard will automatically proceed to the next step.
Completing the migration
To close the Wizard after it completes its task, click the Done button.
After the license for the trial version of Kaspersky Internet Security expires, you cannot temporarily switch from Kaspersky Anti-Virus to the trial version of Kaspersky Internet Security again.
Switching to permanent use of Kaspersky Internet Security
If you want to switch to permanent use of Kaspersky Internet Security, you must purchase a license for Kaspersky Internet Security and then activate the application.
To purchase a license for Kaspersky Internet Security:
Open the main application window.
In the More Tools drop-down list, select Upgrade.
Click the Purchase license link to go to the website of the Kaspersky Lab eStore or a partner company on which you can purchase a license for Kaspersky Internet Security.
When used in certain regions or by subscription, Kaspersky Anti-Virus does not allow switching to the trial version of Kaspersky Internet Security. In these cases, the Upgrade item is not available.
Switching to Kaspersky Free when Kaspersky Anti-Virus license has expired
When the Kaspersky Anti-Virus license expires, you can purchase a new license and continue using all the features of the application. The application may also prompt you to switch to Kaspersky Free to retain essential protection of your computer.
Switching to Kaspersky Free may be done automatically when Kaspersky Anti-Virus license expires. After switching, the application notifies you about this and prompts you to renew the license or continue using the free version of protection.
To renew the license or start using Kaspersky Free, do one fo the following:
To renew the license, click the Renew license button.
Clicking this button takes you to the store.
To start using Kaspersky Free, close the window containing the message about Kaspersky Free activation.
Switching to Kaspersky Free when uninstalling the trial version of Kaspersky Anti-Virus
When uninstalling the trial version of Kaspersky Anti-Virus, you can switch to Kaspersky Free to keep essential protection.
When you uninstall the trial version of Kaspersky Anti-Virus, the application offers you to purchase a license to keep using all the application functionality.
To renew the license or switch to Kaspersky Free, do one of the following:
To purchase a license, click the Renew license button.
Clicking this button takes you to the store.
To start switching to Kaspersky Free, click the No, thank you button.
Clicking this button starts the Kaspersky Free Migration Wizard.
Start migration to Kaspersky Free
At this step, the Migration Wizard offers you to switch to Kaspersky Free and keep essential protection for your computer.
To switch to Kaspersky Free, click the Migrate to Kaspersky Free button.
Confirm migration to Kaspersky Free
At this step, the Migration Wizard offers you to confirm or decline switching to Kaspersky Free.
Do one of the following:
To confirm switching, click the Migrate button.
The Migration Wizard proceeds to the next step.
To decline switching to Kaspersky Free and exit the Migration Wizard, click the Cancel button.
The Migration Wizard exits.
Search for incompatible software
At this step, the Migration Wizard checks if any applications incompatible with Kaspersky Free are installed on your computer. If no such applications are found, the wizard automatically proceeds to the next step. If you close the Migration Wizard window at this step, the search for incompatible software continues in the background.
If incompatible applications are found, the Migration Wizard lists them in the window and prompts you to uninstall them.
After uninstalling the incompatible applications, the Migration Wizard proceeds to the next step.
Finish migration to Kaspersky Free
At this step, the Migration Wizard tells you that switching to Kaspersky Free is finished.
To remove Kaspersky Anti-Virus, you must enter the password for accessing the application settings. If you cannot specify the password, for any reason, application removal will be prohibited.
This step is displayed only if a password has been set for application removal.
During this step you can specify which of the data used by the application you want to keep for further use during the next installation of the application (for example, when installing a newer version of the application).
You can save the following data:
License information is a set of data that rules out the need to activate the application during future installation, by allowing you to use it under the current license unless the license expires before you start the installation.
Quarantine files are files scanned by the application and moved to Quarantine.
After Kaspersky Anti-Virus is removed from the computer, quarantined files become unavailable. To perform operations with these files, Kaspersky Anti-Virus must be installed.
Operational settings of the application are the values of the application settings selected during configuration.
You can also export the protection settings at the command prompt, by using the following command: avp.com EXPORT <file_name>.
iChecker data are files that contain information about objects that have already been scanned using
iChecker is a technology that increases the speed of anti-virus scans by excluding objects that have remained unchanged since their last scan, provided that the scan parameters (the anti-virus database and settings) have not changed. The information for each file is stored in a special database. This technology is used in both real-time protection and on-demand scan modes.
For example, you have an archive file that was scanned by a Kaspersky Lab application and assigned not infected status. Next time, the application will skip this archive unless the archive has been altered or the scan settings have been changed. If you altered the archive content by adding a new object to it, modified the scan settings, or updated the anti-virus database, the archive is re-scanned.
Limitations of iChecker technology:
This technology does not work with large files, since it is faster to scan a file than to check whether the file has been modified since it was last scanned.
the technology supports a limited number of formats (EXE, DLL, LNK, TTF, INF, SYS, COM, CHM, ZIP, RAR).
Since removing the application threatens the security of your computer and personal data, you will be asked to confirm your intention to remove the application. To do this, click the Remove button.
During this step, the Wizard removes the application from your computer. Wait until removal is complete.
After you remove Kaspersky Anti-Virus, you can specify the reason why you decided to remove the application by leaving a comment on the Kaspersky Lab website. To do this, visit the Kaspersky Lab website, by clicking the Complete form button.
This functionality may be unavailable in some regions.
During removal of the application, you must restart your operating system. If you cancel an immediate restart, completion of the removal procedure is postponed until the operating system is restarted or the computer is turned off and then started up.
The End User License Agreement is a binding agreement between you and AO Kaspersky Lab, stipulating the terms on which you may use the application.
Read through the terms of the License Agreement carefully before you start using the application.
You accept the terms of the License Agreement by confirming that you agree with the License Agreement when installing the application. If you do not accept the terms of the License Agreement, you must abort application installation and must not use the application.
A license is a time-limited right to use the application, granted under the End User License Agreement. The license is related to the unique code that you have for activating your copy of Kaspersky Anti-Virus.
A license entitles you to the following kinds of services:
The right to use the application on one or several devices
The number of devices on which you may use the application is specified in the End User License Agreement.
Assistance from Kaspersky Lab Technical Support
Other services available from Kaspersky Lab or its partners during the term of the license
To operate the application, you must purchase a license for application use.
The license has a limited term. License expiration may be followed by a grace period during which you may use all application features without limitations.
If you have not renewed your license, the application may switch to limited functionality mode when the grace period expires. Some application features are unavailable in limited functionality mode. The duration of limited functionality mode depends on your region and licensing terms. When limited functionality mode expires, all application features become unavailable. You may find information about the grace period and limited functionality mode in the Licensing window, which opens by clicking the License link in the lower part of the main window.
We recommend renewing the license before it expires, in order to ensure maximum protection of your computer against all security threats.
Before purchasing a license, you can get a free trial version of Kaspersky Anti-Virus. The trial version of Kaspersky Anti-Virus remains functional during a short evaluation period. After the evaluation period expires, all the features of Kaspersky Anti-Virus are disabled. To continue using the application, you must purchase a license.
The table below shows which Kaspersky Anti-Virus features are available and which are unavailable when the application is in limited functionality mode. If the value in the Limited functionality mode column is "yes", this means that the relevant functionality is available in limited functionality mode. If the value in the Limited functionality mode column is "no", the relevant functionality is unavailable. Additional information is available in the Restrictions column.
Functions of Kaspersky Anti-Virus in limited functionality mode
Functionality
Restrictions
Limited functionality mode
File Anti-Virus
yes
Virus scan
Scan can be started only manually. Scheduled scan and scan settings are unavailable.
yes
Vulnerability scan
no
Update databases and application modules
Settings cannot be configured.
yes
Protection against adware and spyware
yes
Web Anti-Virus
Works without restrictions.
yes
Mail Anti-Virus
Works without restrictions.
yes
IM Anti-Virus
Works without restrictions.
yes
Heuristic analysis
Works without restrictions.
yes
Protection against rootkits
no
Automatic Exploit Prevention
yes
System Watcher
yes
Protection against phishing
yes
Checking of the reputation of files and links in Kaspersky Security Network
no
Additional protection and management tools
yes
URL Advisor
no
Secure Data Input
no
Rescue Disk
Downloading via the application interface is available.
yes
Password protection of application settings
yes
Performance
Application performance settings can be configured.
yes
Task Manager
Task Manager only displays the scan results without providing tools for controlling the scan or its settings.
yes
Gaming mode
Works without restrictions.
yes
Threats and Exclusions
Works without restrictions.
yes
Self-Defense
Works without restrictions.
yes
Quarantine
Works without restrictions.
yes
Notifications
Only the setting that controls delivery of Kaspersky Lab advertisements can be configured.
An activation code is a code that you receive when you purchase a license for Kaspersky Anti-Virus. This code is required for activation of the application.
The activation code is a unique sequence of twenty digits and Latin letters in the format xxxxx-xxxxx-xxxxx-xxxxx.
Depending on how you purchased the application, you can obtain the activation code in one of the following ways:
When you purchase a boxed version of Kaspersky Anti-Virus, an activation code is provided in the manual or on the retail box that contains the installation CD.
When you purchase Kaspersky Anti-Virus from an online store, an activation code is emailed to the address that you have specified when ordering.
The license term countdown starts from the date when you activate the application. If you have purchased a license for the use of Kaspersky Anti-Virus on several devices, the license term starts counting down from the moment you first apply the activation code.
If you have lost or accidentally deleted your activation code after activating the application, contact Kaspersky Lab Technical Support to recover your code.
If you have lost an activation code that was previously provided to you, you can find it on My Kaspersky portal. To do so, you need to sign in to your My Kaspersky account.
To restore activation codes:
Open the main application window.
Click the License link in the main application window to go to the Licensing window.
Click the Recover my activation codes link to go to the Connect to My Kaspersky window.
Enter the email address and the password that you used for registration on the portal.
Click the Sign In button.
This will take you to My Kaspersky portal to the Licenses section where your activation codes will be displayed.
A subscription to Kaspersky Anti-Virus establishes use of the application within the selected parameters (expiration date and number of protected devices). You can obtain a subscription for Kaspersky Anti-Virus from a service provider (for example, from your Internet provider). You can pause or resume your subscription, renew it automatically, or cancel it. You can manage your subscription via your personal account page on the service provider's website.
Vendors can provide two types of subscriptions for Kaspersky Anti-Virus: update subscriptions and update and protection subscriptions.
A subscription can be limited (for example, to one year) or unlimited (with no expiration date). To continue using Kaspersky Anti-Virus after a limited subscription expires, you must renew it. Unlimited subscriptions are renewed automatically as long as timely prepayment has been made to the service provider.
When a limited subscription expires, you are given a grace period to renew your subscription. Application functionality remains unchanged during this time.
If the subscription is not renewed before the grace period expires, Kaspersky Anti-Virus stops updating the application databases (in the case of update subscriptions), stops interacting with Kaspersky Security Network, and also stops protecting the computer and running scan tasks (in the case of update and protection subscriptions).
To use Kaspersky Anti-Virus by subscription, apply the activation code received from your service provider. In some cases, an activation code can be downloaded and applied automatically. When using the application by subscription, you cannot apply another activation code to renew your license. You can apply another activation code only when the subscription term expires.
If Kaspersky Anti-Virus is already in use under a current license when you register your subscription, after registration Kaspersky Anti-Virus will be used by subscription. The activation code that you have used to activate the application can be applied on another computer.
To cancel your subscription, contact the service provider from whom you have purchased Kaspersky Anti-Virus.
Depending on the subscription provider, the set of subscription management options may vary. In addition, you may not be provided with a grace period during which you can renew the subscription.
You can purchase a license or renew an existing license. On purchasing a license, you will receive an activation code that you have to apply to activate the application.
To purchase a license:
Open the main application window.
Open the Licensing window in one of the following ways:
By clicking the License is missing link in the lower part of the main window if the application is not activated.
By clicking the License: N days remaining link in the lower part of the main window if the application is activated.
In the window that opens, click the Purchase license button.
The web page of Kaspersky Lab eStore or a partner company opens on which you can purchase a license.
To make use of the features of the application and its additional services, you must activate it.
If you did not activate the application during installation, you can do so later. You will be reminded about the need to activate the application by Kaspersky Anti-Virus messages that appear in the taskbar notification area.
To activate Kaspersky Anti-Virus:
Open the main application window.
In the lower part of the main application window, click the Enter activation code link. The Activation window opens.
In the Activation window, enter the activation code in the entry field and click the Activate button.
An application activation request is made.
Enter the user's registration data.
Depending on the terms of use, the application can prompt you to log in to My Kaspersky portal. If you are not a registered user, complete the registration form to gain access to additional features.
Registered users can perform the following actions:
Contact Technical Support and the Virus Lab
Manage activation codes
Receive information about new applications and special offers from Kaspersky Lab
This step is not available in all versions of Kaspersky Anti-Virus.
Click the Done button in theActivation window to complete the registration procedure.
You can renew the license. To do this, you can specify a new activation code without waiting for the current license to expire. When the current license expires, Kaspersky Anti-Virus is activated automatically with the extra activation code.
To specify an extra activation code for automatic renewal of the license:
Open the main application window.
In the lower part of the main window, click the License: N days remaining link to open the Licensing window.
In the window that opens, in the New activation code section, click the Enter activation code button.
Enter the activation code in the corresponding fields and click the Add button.
Kaspersky Anti-Virus then sends the data to the Kaspersky Lab activation server for verification. After the license expires, the activation server rechecks the data during the first attempt to activate the application with the new activation code.
Click the Done button.
The new activation code will be displayed in the Licensing window.
The application is automatically activated with the new activation code when the license expires. You can also activate the application manually with a new activation code, by clicking the Activate now button. This button is available if the application has not been activated automatically. This button is unavailable before the license expires.
If the new activation code that you specify has already been applied on this computer or on another computer, the activation date for the purpose of renewing the license is the date on which the application was first activated with this activation code.
This section contains information on the specific data that you provide to Kaspersky Lab. The Saving data to the application operation report subsection contains data that are stored locally on your computer and are not sent to Kaspersky Lab.
Data provision under the End User License Agreement outside the territory of the European Union
This section contains information on the specific data that are provided to Kaspersky Lab if you have installed the application version which is not intended for use in the European Union.
You agree to automatically submit the information specified below to AO Kaspersky Lab via the installed software (hereinafter "the Software"), the rights to which belong to AO Kaspersky Lab (hereinafter "Kaspersky Lab" or "the Rightholder"), for the purposes of improving the quality of real-time protection and generating the most suitable informational and advertising offers, improving the performance of the software and the speed of identification and rectification of errors associated with the mechanism for installation, removal and update of the software, and accounting for the number of users:
Information on the checksums of files being processed (MD5 and SHA256), the number of file runs and the file format, the ID of the version of software configurations, information needed to determine the reputation of a URL (the URL whose reputation is requested, the ID of the connection protocol and the number of the port used), the full version and type of utilized software, the unique software installation ID, information about the types of threats detected, the ID of the detected threat in the threats database, the name of the threat according to the Rightholder's classification, the ID of the scan task that detected the threat, information on utilized digital certificates and the information necessary to verify their authenticity, checksums (SHA256) of the certificate with which the scanned object is signed, and the public certificate key, the ID of the type of authentication when connecting to the Wi-Fi network, the checksums (SHA256) received when using the unique computer ID, the unique ID of the software installation on the computer, the name of the wireless network and the MAC address of the access point, the list of available Wi-Fi networks at the moment when the data is submitted, the domain name and checksum (SHA256) of the path from the URL of the Internet access provision service, the values of the security settings and the WPS access points (Wi-Fi Protected Setup). Data on additional technical specifications of the applied detection technologies, indicator of whether the installed software is connected to My Kaspersky portal, the list of devices supporting the UPnP protocol (manufacturer, name, model (if the information is available), the date of last connection, the checksums (MD5 and SHA256) of the MAC address (BSSID) of the access point, the checksums (MD5 and SHA256) of the MAC address (BSSID) of the access point with the modifier, the array of WPS parameter structures from access points with enabled technology (the checksum of the device name, model number, model designation, and manufacturer), the values of DHCP settings (the structure of checksums (SHA256) with the modifier from IPv4 addresses and mask received over DHCP after connecting to the Wi-Fi network, the checksums of the Gateway Local IP, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask), the values of DHCP IPv6 settings (the structure of checksums (SHA256) with the modifier from IPv6 addresses and mask received over DHCP after connecting to the Wi-Fi network, the checksums of the Gateway Local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6, and the subnet mask), the list of available Wi-Fi networks, information about the 7 networks with the best signal, and the types of authentication and encryption.
Information on the checksums (MD5 and SHA256) of files being processed, their packers (if the files were packed), the source containers of files (if available), the size of the file containers, information needed to determine the reputation of a URL (the URL whose reputation is requested, the ID of the connection protocol, and the number of the port used), the full version, ID, and type of utilized software, digital ID of the build in the build customization system, the name of the scanned file or archive, if the file was packed, the full path to the file (or archive), not including the file name itself, the name of the threat according to the Rightholder's classification, additional technical specifications of the applied scan technologies, FNew service responses sent to the User (an array of checksums (MD5) of patterns computed for the file, the types of patterns, versions of databases and consolidator result), status of the scan tasks, indicator of whether the installed software is connected to the My Kaspersky portal, the ID issued by the password storage service when the User is successfully authenticated, and the list of unique IDs of advertisement messages.
Information about the computer (its ID and type), utilized software and its settings, the bit rate, type, revision, version, update package number of the operating system (hereinafter "OS") installed on the computer, information about incompatible software, if the User accepted the Kaspersky Security Network Statement, the unique ID of the User in the Rightholder's services, the type, version, localization ID of the installed software in accordance with international standards for language codes ISO 639-1 and ISO 639-2, the previous language localization, the alphabet code of the installed software's localization language in accordance with international standard ISO 15924, the country code in accordance with international standard ISO 3166-1 Alpha-2, the software customization code, the ID corresponding to the full name of the software, the software operating mode, IDs of applications that may be activated on the User's computer, a list of applications that are compatible with the current software, the integral software security status, the protection component status, information about the utilized license (the status, type of license (if the software is activated), the ID of the active license, validity period, number of days that have elapsed since the license took effect, the number of days until the license expires, the number of days that have elapsed since the license expired, an indicator of software activation using Activation Service 1.0, the key if the software was activated by an old-format key or by an activation code from Activation Service 1.0, ID of the sequence of utilized licenses, order number for which the current license was issued, the ID of the pricelist item for which the current license was issued, the type and version of the End User License Agreement, an indicator of whether the User agrees to the terms of the End User License Agreement, the time when acceptance of the End User License Agreement was canceled, the type and current status of the subscription, the cause of the current status or change in the subscription status, the subscription expiration date, the character-based ID of the element of the software's user interface in which the User decided to purchase the software, the indexed array of integers and strings used by the service provider to transmit additional information, the ID of the information scheme used by the service provider, the list of ignored problems, an indicator of changes made to information about license usage for familiarization purposes, and an array of software capabilities. There will also be information provided about the contents, checksum (SHA1) and type of certificate, the value of the Redirect Service parameter, the IDs of the User's computer (PCID, checksum from Machine ID, Windows SID, Windows crypto GUID), class (model) of the USB device, manufacturer, name (if the information is available), and the date of last connection.
Information about hardware installed on the computer: information on the manufacturer, model, and capacity of the hard drive (HDD), the checksum of the serial number of the hard drive (HDD) or of a random number if the serial number cannot be determined, the size of the physical and virtual memory, the RAM manufacturer and RAM amount, the manufacturer and model of the motherboard, the manufacturer and name of the BIOS application, the model and quantity of cores in the installed processor, the manufacturer and model of the video card and the size of the video RAM, the manufacturer and type of network adapter, its data transfer speed, the manufacturer and name of the monitor, the manufacturer and model of the computer, the manufacturer, model and type of computer housing, and the battery indicator. Information about the devices connected to the computer: the class/model of the device, the manufacturer of the device and name, unique ID, and the date on which the device was last connected to the computer. Information about devices that support the UPnP protocol, the name of the manufacturer, model and name of the device, the date of last connection. Information about the system load, the free and used memory, and the size of free disk space.
Information about all installed applications, the name and version of the installed application, the versions of the installed updates, the name of the publisher, the date of installation and the full path to the installation folder on the computer, and the configuration (settings) of applications and browsers.
The name of the computer on the network (local and domain name), regional OS settings (information on the time zone, the default keyboard layout, and interface language), UAC settings, OS network firewall settings and its activity indicator, OS parental control settings, and Windows Update settings.
Name and location of any file on the computer.
General information about the device, the network name, device type, the type of token, an indicator of the need to return a token by the notification service, the ID that is issued to software by the device identification service upon successful registration or authentication of a "user+device" link (session token), the ID of the device on My Kaspersky portal, the previous ID of the software on My Kaspersky portal, a one-time password for automatic connection of software, contents of the list of problems on My Kaspersky portal, information about a triggered entry (its ID, status, and type), and the time when the entry was added to the database, the type of area in which the event occurred, and the contents of the recommendations for the list of problems on My Kaspersky portal.
Aggregated information about User activity on the computer, the duration of the User's interaction with the computer, the period of information aggregation, the total number of events during this period, and aggregated information about processes started by the User in the system, the name of the process, the total number of times the process was run, the total duration of its operation, the checksum (CRC64) of the account name from which the process was started, the full path to the process file, information about the software to which the process is associated (name, description, manufacturer, and version), the total number of times the software window was displayed, and the total duration of its display, statistical parameters of the window name, the name localization language and the distribution of words in the name.
Information about visited websites, the website address, domain parts of web addresses that the User entered into the address bar of the browser or that the User opened from search systems.
Information about use of the software's graphical user interface, the time of User interaction with the interface, the IDs of the utilized control elements, and the type of user interaction with the interface.
Value of the update task TARGET filter, information about Device Guard mode being enabled, the name of the scanned file, its path and path template code, checksums (MD5 and SHA256) and size (in bytes) of the file and its packer (if the file has been packed), the date when the entry was added to the database, information about the triggered entry in the database if a threat was detected, the error code and category, the status of anti-virus databases and the software update procedure, the unique ID of the update task start, the status of the anti-virus database update task, the full version of the software that is being updated, IDs of third-party applications that were offered for installation, selected by the User for installation and installed together with the software, and the ID of the message that the software sends to My Kaspersky portal.
Information about the date of installation and activation of the software on the computer, the duration of the software installation task, the ID of the installation task, the type of software installation on the computer (first installation, upgrade, etc.), indicator of installation success or the installation error number, information about acquired activation codes, the activation code that is currently activated by the software, the previous activation code, the unique ID of the User (Kaspersky User ID), the type of User account, information about linking of the activation code to a User (the unique ID of the User on My Kaspersky portal, the activation code, type of license ownership, KPC Infra signature), update number, ticket received from the activation service, the ticket header, code of the partner for whom the customization was developed, the symbol code confirming that the software was developed for a specific partner; the sales channel, ID, full name or name and country of the partner from whom the license was purchased, the order number used by the partner, and an indicator of the User's participation in KSN.
ID of the software installation on the computer, full version of the installed software, ID of the software type, and the unique ID of the computer on which the software is installed.
To improve the quality of protection of the User performing payment transactions on the Internet, you agree to automatically provide the financial website with information about the name and version of the Software and the Software customization setting, the ID of the Software plug-in in the browser used to access the financial website, and the ID showing whether a safe browser or a regular browser was used.
The information transmitted does not contain any personal data or other confidential information of the User and is needed for the operation of the Rightholder's Software, unless expressly stated otherwise.
The information received is protected by the Rightholder in the manner prescribed by the law and is required for the operation of the Software made available to use under the license.
Kaspersky Lab may use the acquired statistical data based on the information received to monitor trends in computer security threats and publish reports on those threats.
Data provision under the End User License Agreement on the territory of the European Union
This section contains information on the specific data that are provided to Kaspersky Lab if you have installed the application version which is intended for use in the European Union. The information mentioned in this section does not contain any personal data of the User and is needed for the operation of the Rightholder's Software, unless expressly stated otherwise.
You agree to automatically, while using the software, provide Kaspersky Lab with the following data for improving the quality of real-time protection, improving the quality of operation of the software and the timely detection and rectification of errors associated with the mechanism for installation, removal and update of the software, accounting for the number of users:
Software installation / uninstallation status (success or failure), installation error code.
Software ID.
Build ID.
Software localization.
Rebranding code.
License term.
Platform type and OS manufacturer (Windows, iOS, Android), OS version, OS build number, OS update number, OS revision, extended information about the OS revision, OS type (server, workstation, domain controller), OS bit rate, additional information about the OS.
Device type (laptop, desktop, tablet).
Installation type (new installation or an update), time spent on software installation (in seconds), indicator of whether the installation was aborted by the user.
Type and version of the software.
Status of the license used by the software.
Information about updates of databases and application modules, and the status of the application module and database update task.
Operating mode of the software.
Information about the device protection status, and the usage status of protection components.
Version of the protocol used to manage software settings from My Kaspersky portal.
List of security problems, list of ignored security problems, and recommendations for the list of security problems.
Information about the triggered database entry.
Scan task status.
Time of last status change.
Certificate of the scanned file, public certificate key of the scanned file, and the thumbprint of the certificate of the scanned file.
Port used for the connection.
Contents and type of certificate of the website accessed by the User, IP address of the website accessed by the User, and domain of the website accessed by the User.
Name of the detected threat.
Protocol used for receiving statistical data.
To improve the quality of protection of the User performing payment transactions on the Internet, you agree to automatically provide the financial website with information about the name and version of the Software and the Software customization setting, the ID of the Software plug-in in the browser used to access the financial website, and the ID showing whether a safe browser or a regular browser was used.
The information received is protected by the Rightholder in the manner prescribed by the law and is required for the operation of the Software made available to use under the license.
Kaspersky Lab may use the acquired statistical data based on the information received to monitor trends in computer security threats and publish reports on those threats.
Report files can contain personal data obtained during operation of protection components, such as File Anti-Virus component, Mail Anti-Virus, and Web Anti-Virus.
Report files can contain the following personal data:
IP address of the user's device
Online browsing history
Versions of the browser and operating system
Names of cookies and other files and paths to them
Email address, sender, message subject
Report files are stored locally on your computer and are not transmitted to Kaspersky Lab. Path to report files: %allusersprofile%\Kaspersky Lab\AVP19.0.0\Report\Database.
Reports are stored in the following files:
reports.db
reports.db-wal
reports.db-shm (does not contain any personal data)
Report files are protected against unauthorized access if self-defense is enabled in Kaspersky Anti-Virus. If self-defense is disabled, report files are not protected.
The application also processes and stores the following personal data:
Data that is displayed in the application interface:
Email address used to connect to My Kaspersky portal
Website addresses that were added to the exclusions (displayed in the Network component and in the Reports window)
License data
This data is stored locally in a non-modified form and can be viewed under any user account on the computer.
Data on the system memory of Kaspersky Anti-Virus processes at the moment when a memory dump is created.
Data that is gathered when traces are enabled.
This data is stored locally in a modified form and can be viewed under any user account on the computer. This data is transmitted to Kaspersky Lab only with your consent when contacting Technical Support. To learn more about the data, click the Regulation on data provisioning link in the Support Tools window.
The application versions that are distributed in the European Union by Kaspersky Lab and our partners comply with the terms of the General Data Protection Regulation (GDPR).
To install the application, you must accept the End User License Agreement and the terms of the Privacy Policy.
In addition, the Setup Wizard offers you to accept the following agreements about processing your personal data:
Kaspersky Security Network Statement. This statement allows Kaspersky Lab experts to promptly receive information about threats detected on your computer, about applications being run and signed applications being downloaded, as well as operating system information to improve your protection.
Statement regarding data processing for marketing purposes. This statement allows us to create more valuable offers for you.
You can accept or decline the Kaspersky Security Network Statement and Statement regarding data processing for marketing purposes at any time from the Settings → Additional → Additional protection and management tools window.
If you suspect that the operating system of your computer has been corrupted or modified due to malware activity or a system failure, use the Microsoft Windows Troubleshooting Wizard, which clears the system of any traces of malicious objects. Kaspersky Lab recommends that you run the Wizard after the computer has been disinfected to make sure that all threats and damage caused by infections have been fixed.
The Wizard checks whether there are any changes to the system, which can include access to the network being blocked, file name extensions for known formats being changed, Control Panel being blocked, etc. There are different reasons for these different kinds of damage. These reasons may include malware activity, incorrect system configuration, system failures, or malfunctioning applications for system optimization.
After the review is complete, the Wizard analyzes the information to evaluate whether there is system damage that requires immediate attention. Based on the review, the Wizard generates a list of actions that are necessary to eliminate the damage. The Wizard groups these actions by category based on the severity of the problems detected.
Troubleshooting the operating system by using the Microsoft Windows Troubleshooting Wizard
To run the Microsoft Windows Troubleshooting Wizard:
Open the main application window.
In the More Tools drop-down list, select Microsoft Windows Troubleshooting.
The Microsoft Windows Troubleshooting Wizard window opens.
The Wizard consists of a series of pages (steps), which you can navigate through by clicking the Back and Next buttons. To close the Wizard after it finishes, click the Done button. To stop the Wizard at any stage, click the Cancel button.
Let us review the steps of the Wizard in more detail.
Start recovery of the operating system
Select one of the two options for Wizard operation:
Search for damage caused by malware activity. The Wizard will search for problems and possible damages.
Roll back changes. The Wizard will roll back the fixes applied to previously identified problems and damages.
Click the Next button.
Search for problems
If you selected the Search for damage caused by malware activity option, the Wizard searches for problems and possible damages that should be fixed. When the search is complete, the Wizard proceeds automatically to the next step.
Select actions to fix damage
All damage found at the previous step is grouped based on the type of danger that it poses. For each damage group, Kaspersky Lab recommends a set of actions to repair the damage.
There are three groups:
Strongly recommended actions eliminate problems that pose a serious security threat. You are advised to repair all damage in this group.
Recommended actions are aimed at repairing damage that may pose a threat. You are also advised to repair damage in this group.
Additional actions repair operating system damage that is not dangerous now, but may pose a threat to the computer's security in the future.
Expand the list of the selected group to view damage within the group.
To get the Wizard to fix a specific type of damage, select the check box to the left of the damage description. By default, the Wizard fixes damage belonging to the groups of recommended and strongly recommended actions. If you do not want to fix a specific type of damage, clear the check box next to it.
It is strongly recommended that you not clear the check boxes selected by default, as doing so will leave your computer vulnerable to threats.
After you define the set of actions for the Wizard to perform, click the Next button.
Fix damage
The Wizard performs the actions selected during the previous step. It may take a while to fix damage. After fixing damage, the Wizard automatically proceeds to the next step.
Rescue Disk is a copy of the Kaspersky Rescue Disk application stored on a removable drive (CD or USB device). You can use Kaspersky Rescue Disk for scanning and disinfecting infected computers that cannot be disinfected using other methods (for example, with anti-virus applications).
If you have purchased a boxed version of Kaspersky Anti-Virus, in addition to the Kaspersky Anti-Virus installation package the installation CD also includes Kaspersky Rescue Disk. You can use this installation CD as a Rescue Disk.
Notifications that appear in the taskbar notification area inform you of application events that require your attention. Depending on how critical the event is, you may receive the following types of notifications:
Critical notifications inform you of events that have critical importance for the computer's security, such as detection of a malicious object or dangerous activity in the operating system. Windows used for critical notifications and pop-up messages are red.
Important notifications inform you of events that are potentially important for the computer's security, such as detection of a probably infected object or suspicious activity in the operating system. Windows used for important notifications and pop-up messages are yellow.
Information notifications inform you of events that do not have critical importance for the computer's security. Windows used for information notifications and pop-up messages are green.
If a notification is displayed on the screen, you should select one of the options that are suggested in the notification. The optimal option is the one recommended as the default by Kaspersky Lab experts.
A notification can be closed automatically when the computer is restarted, when Kaspersky Anti-Virus is quit, or in Connected Standby mode in Windows 8. Notifications about the startup of applications are closed after 1 hour. When a notification is closed automatically, Kaspersky Anti-Virus performs the default recommended action.
Notifications are not displayed during the first hour of application operation if you have purchased a computer with Kaspersky Anti-Virus preinstalled (OEM distribution). The application processes detected objects in accordance with the recommended actions. The results of this processing are saved in a report.
Assessing computer protection status and resolving security issues
Problems with computer protection are symbolized by an indicator located in the upper part of the main application window. Green indicates that your computer is protected. Yellow indicates that there are protection problems and red indicates that your computer's security is at serious risk. You are advised to fix problems and security threats immediately.
You can open the Notification Center window by clicking the indicator in the main application window. This window provides detailed information about the protection status of the computer and suggests possible actions for rectifying problems and threats.
Problems with protection are grouped by categories. For each problem, a list is displayed of actions that you can take to solve the problem.
The Recommendations section lists actions that should be performed to optimize operation of the application and use it more effectively.
The Show N ignored notifications section displays notifications to which the Ignore action has been applied. Problems listed in this section do not affect the color of the protection indicator in the main application window.
The installation package of Kaspersky Anti-Virus includes databases and application modules. Using these databases:
Kaspersky Anti-Virus detects the majority of threats using Kaspersky Security Network, which requires an Internet connection.
Kaspersky Anti-Virus does not detect adware, auto dialers, and other legitimate software that can be used by intruders to damage your computer or personal data.
To get full protection, we recommend updating the databases and application modules as soon as the application has been installed.
Databases and program modules are updated in stages:
Kaspersky Anti-Virus starts updating databases and application modules according to the specified settings: automatically, on schedule, or on demand. The application contacts an update source that stores a database and application module update package.
Kaspersky Anti-Virus compares the existing databases with the databases available at the update source. If the databases are different, Kaspersky Anti-Virus downloads the missing parts of the databases.
The application then uses the updated databases and application modules to scan the computer for viruses and other threats.
You can use the following update sources:
Kaspersky Lab update servers
HTTP or FTP server
Network folder
Updates of databases and application modules are subject to the following restrictions and specifics:
Databases are considered out of date after one day and extremely out of date after seven days.
To download an update package from Kaspersky Lab servers, an Internet connection is required.
Updates of databases and application modules are unavailable in the following cases:
The license has expired, and the grace period or limited functionality mode is not available.
A metered mobile Internet connection is used. This limitation applies on computers running under Microsoft Windows 8 or more recent versions of this operating system if automatic updates or scheduled updates are enabled and a traffic limit has been set for a metered mobile connection. If you want the application to update databases and application modules in this case, clear the Limit traffic on metered connections check box under Settings → Additional → Network.
The application is used under subscription, and you have suspended your subscription on the website of the service provider.
The operating system and applications installed on your computer may have vulnerabilities that can be exploited by malware. Scanning your computer will help find these vulnerabilities and prevent infection of your computer.
To start a vulnerability scan:
Open the main application window.
In the More Tools drop-down list, select Vulnerability Scan.
In the Vulnerability Scan window, click the Start scan button.
Kaspersky Anti-Virus starts scanning your computer for vulnerabilities.
In Windows 10 RS3 or later, Kaspersky Anti-Virus does not scan files in OneDrive cloud storage. If the application detects such files during a scan, it shows a notification stating that the files in cloud storage were not scanned.
The following components do not scan files in OneDrive cloud storage:
Full Scan
Selective Scan
Quick Scan
Background Scan
The report on the operation of Kaspersky Anti-Virus contains a list of files in OneDrive cloud storage that were skipped during scan.
Files downloaded from OneDrive cloud storage to a local computer are scanned by real-time protection components. If a file scan was postponed and the file has been uploaded back to OneDrive cloud storage before the scan is started, this file may be skipped during a scan by File Anti-Virus and System Watcher.
How to restore an object deleted or disinfected by the application
Kaspersky Lab recommends that you avoid restoring deleted and disinfected objects since they may pose a threat to your computer.
To restore a deleted or disinfected object, you can use the backup copy of it that was created by the application during scanning of the object.
Kaspersky Anti-Virus does not disinfect Windows Store apps. If scanning results indicate that such an app is dangerous, it is deleted from your computer.
When a Windows Store app is deleted, Kaspersky Anti-Virus does not create a backup copy of it. To restore such objects, you must use the recovery tools included with the operating system (for detailed information, see the documentation for the operating system that is installed on your computer) or update apps via the Windows Store.
To restore a file that has been deleted or disinfected by the application:
Open the main application window.
In the More Tools drop-down list, select Quarantine.
In the Quarantine window that opens, select the required file from the list and click the Restore button.
Kaspersky Anti-Virus allows scanning email messages for dangerous objects by using Mail Anti-Virus. Mail Anti-Virus starts when the operating system is started and remains constantly in the RAM of the computer, scanning all email messages that are sent or received over the POP3, SMTP, IMAP, and NNTP protocols, as well as via encrypted connections (SSL) over the POP3, SMTP, and IMAP protocols.
By default, Mail Anti-Virus scans both incoming and outgoing messages. If necessary, you can enable scanning of incoming messages only.
To configure Mail Anti-Virus:
Open the main application window.
Click the button in the lower part of the window.
The Settings window opens.
In the left part of the window, in the Protection section, select the Mail Anti-Virus component.
The Mail Anti-Virus settings are displayed in the window.
Make sure that the switch in the upper part of the window that enables / disables Mail Anti-Virus, is enabled.
Select a security level:
Recommended. When this security level is set, Mail Anti-Virus scans incoming and outgoing messages and attached archives, and performs heuristic analysis with the Medium scan level of detail.
Low. If you select this security level, Mail Anti-Virus scans incoming messages only, without scanning attached archives.
High. When this security level is set, Mail Anti-Virus scans incoming and outgoing messages and attached archives, and performs heuristic analysis with the Deep scan level of detail.
In the Action on threat detection drop-down list, select the action that you want for Mail Anti-Virus to perform when an infected object is detected (for example, disinfect).
If no threats are detected in an email message, or if all infected objects have been successfully disinfected, the message becomes available for further access. If the component fails to disinfect an infected object, Mail Anti-Virus renames or deletes the object from the message and adds a notification to the message subject line, stating that the message has been processed by Kaspersky Anti-Virus. Before deleting an object, Kaspersky Anti-Virus creates a backup copy of it and places a copy in Quarantine.
When you upgrade to a more recent application version, the user-configured Mail Anti-Virus settings are not saved. The new application version will use the default Mail Anti-Virus settings.
If Kaspersky Anti-Virus detects the password for the archive in the message text during scanning, the password is used to scan the contents of that archive for malware. The password is not saved. The archive is unpacked before scanning. If the application crashes while unpacking the archive, you can manually delete the files that are unpacked at the following path: %systemroot%\temp. The files have the PR prefix.
A kind of Internet fraud in which email messages are sent with the purpose of stealing confidential data, most often financial data.
and interception of data entered on the keyboard.
Protection against phishing is provided by Anti-Phishing, which is implemented in the Web Anti-Virus and IM Anti-Virus components. Enable these components to ensure comprehensive protection against phishing.
Protection against interception of data entered on the keyboard is provided by On-Screen Keyboard.
The Privacy Cleaner Wizard clears the computer of all information about the user's activities.
When using the Internet, you frequently need to enter your personal data or your user name and password. This happens, for example, during account registration on websites, online shopping, and Internet banking.
There is a risk that personal data can be intercepted by hardware keyboard interceptors or keyloggers, which are programs that record keystrokes. The On-Screen Keyboard tool prevents the interception of data entered via the keyboard.
Many programs classified as spyware can take screenshots, which then are automatically transmitted to an intruder for further analysis to steal the user's personal data. On-Screen Keyboard protects entered personal data from attempts to intercept it by means of screenshots.
On-Screen Keyboard has the following features:
You can click the On-Screen Keyboard buttons with the mouse.
Unlike hardware keyboards, it is impossible to press several keys simultaneously on On-Screen Keyboard. This is why key combinations (such as ALT+F4) require that you click the first key (for example, ALT), then the second key (for example, F4), and then the first key again. The second click of the key acts in the same way as releasing the key on a hardware keyboard.
The On-Screen Keyboard language can be switched by using the same shortcut that is specified by the operating system settings for the hardware keyboard. To do so, right-click the other key (for example, if the LEFT ALT+SHIFT shortcut is configured in the operating system settings for switching the keyboard language, left-click the LEFT ALT key and then right-click the SHIFT key).
To ensure protection of data entered via On-Screen Keyboard, restart your computer after installing Kaspersky Anti-Virus.
The use of On-Screen Keyboard has the following limitations:
On-Screen Keyboard prevents interception of personal data only when used with the Microsoft Internet Explorer, Mozilla Firefox, or Google Chrome browsers. When used with other browsers, On-Screen Keyboard does not protect entered personal data against interception.
On-Screen Keyboard is not available in Microsoft Internet Explorer browser (versions 10 and 11) with the new Windows user interface style. In this case, we recommend opening On-Screen Keyboard from the interface of Kaspersky Anti-Virus.
On-Screen Keyboard cannot protect your personal data if the website requiring the entry of such data is hacked, because in this case the information is obtained directly by the intruders from the website.
On-Screen Keyboard does not prevent screenshots that are made by using the Print Screen key and other combinations of keys specified in the operating system settings.
When running On-Screen Keyboard, the AutoComplete feature of Microsoft Internet Explorer stops functioning, since the implementation of the automatic input scheme may allow criminals to intercept data.
The preceding list describes the main restrictions in functionality for protection of data input. A full list of restrictions is given in an article on the Kaspersky Lab Technical Support website. This article lists restrictions on Secure Keyboard Input in Kaspersky Internet Security, these restrictions apply also to On-Screen Keyboard in Kaspersky Anti-Virus.
Kaspersky Anti-Virus allows checking the safety of a website before you click a link to open it. Websites are checked using URL Advisor.
URL Advisor is not available in Microsoft Internet Explorer browser (versions 10 and 11) with the new Windows user interface style.
URL Advisor checks links on the web page opened in Microsoft Internet Explorer, Google Chrome or Mozilla Firefox. Kaspersky Anti-Virus displays one of the following icons next to the checked link:
– if the linked web page is safe according to Kaspersky Lab
– if there is no information about the safety status of the linked web page
– if a web page opened from a link could be used by criminals to harm your computer or data, according to Kaspersky Lab
– if the linked web page is dangerous according to Kaspersky Lab
To view a pop-up window with more details on the link, move the mouse pointer to the corresponding icon.
By default, Kaspersky Anti-Virus checks links in search results only. You can enable link checking on every website.
To enable link checking on websites:
Open the main application window.
Click the button in the lower part of the window.
The Settings window opens.
In the Protection section, select the Web Anti-Virus subsection.
The window displays the settings for Web Anti-Virus.
In the lower part of the window, click the Advanced Settings link. The advanced settings window of Web Anti-Virus opens.
In the URL Advisor section, select the Check URLs check box.
If you want Kaspersky Anti-Virus to scan the content of all websites, select On all websites except those specified.
If necessary, specify web pages that you trust in the Exclusions window. Open this window by clicking the Manage exclusions link. Kaspersky Anti-Virus will not scan the content of the specified web pages.
If you want Kaspersky Anti-Virus to check the content of specific web pages only:
Select On specified websites only.
Click the Configure checked websites link to open the Checked websites window.
Click the Add button.
Enter the address of the web page whose content you want to check.
Select the checking status for the web page (if the status is Active, Kaspersky Anti-Virus checks web page content).
Click the Add button.
The specified web page appears in the list in the Checked websites window. Kaspersky Anti-Virus checks URLs on this web page.
To configure the advanced settings for URL checking, in the Advanced settings of Web Anti-Virus window, in the URL Advisor section, click the Configure URL Advisor link to open the URL Advisor window.
If you want Kaspersky Anti-Virus to notify you about the safety of links on all web pages, in the Checked URLs section, select All URLs.
If you want Kaspersky Anti-Virus to display information about whether a link belongs to a specific category of website content (for example, Profanity, obscenity):
Select the Show information on the categories of website content check box.
Select the check boxes next to categories of website content about which information should be displayed in comments.
Kaspersky Anti-Virus checks links on the specified web pages and displays information about categories of the links in accordance with the current settings.
Encrypted connections are established over the SSL and TLS protocols. By default, Kaspersky Anti-Virus scans such connections upon request from URL Advisor.
To configure encrypted connections settings:
Open the main application window.
Click the button in the lower part of the window.
The Settings window opens.
Go to the Additional section.
Click the Network link to go to the Network settings window.
In the Encrypted connections scan click the websites link to open the Websites window.
This window shows the list of websites where encrypted connections cannot be decrypted. Encrypted connections cannot be scanned on these websites. This list is updated by Kaspersky Lab experts.
Select an action to perform when connecting to websites over an encrypted connection:
Do not scan encrypted connections. The application does not scan encrypted connections.
Scan encrypted connections upon request from protection components. The application only scans encrypted connections upon request from URL Advisor. This action is selected by default.
Always scan encrypted connections. The application always scans encrypted connections.
Select an action to perform if there are errors when scanning encrypted connections:
Ignore. If this action is selected, the application terminates the connection with the website on which the scan error occurred.
Ask. If there is an error when scanning encrypted connection with a website, the application shows a notification where you can select an action:
Ignore. The application terminates the connection with the website on which the scan error occurred.
Add website to exclusions. The application adds the website address to the list of exclusions. The application does not scan encrypted connections on websites from the list of exclusions. These websites are shown in the Websites with scan errors window.
This option is selected by default.
Add website to exclusions. The application adds the website to the list of exclusions. The application does not scan encrypted connections on websites from the list of exclusions. These websites are shown in the Websites with scan errors window.
Click the Websites with scan errors to open the Websites with scan errors window. The application does not scan encrypted connections on these websites. However, the application checks addresses of these websites against the database of malicious URLs. If a website is found in the database of malicious URLs, the application terminates the connection with the website.
Click the Manage exclusions to open the Exclusions window and perform the following actions:
Click the Add button to add the website to the list of exclusions for encrypted connections scan.
Enter the domain name of the website in the Domain name field.
Click the Add button.
The application will not scan encrypted connections with this website. Please note that adding a website to the list of exclusions may limit the functionality of scanning the website by URL Advisor.
Kaspersky Password Manager is designed to safely store and synchronize passwords across your devices. Kaspersky Password Manager has to be installed independently of Kaspersky Anti-Virus.
After installation, you can start Kaspersky Password Manager from the Start menu (in Microsoft Windows 7 or Microsoft Windows 10) or from the Start screen (in Microsoft Windows 8 or Microsoft Windows 8.1).
To download and install Kaspersky Password Manager to protect your passwords,
click the Learn more button in the Notification Center window in the Recommendations section next to the prompt to install Kaspersky Password Manager.
Kaspersky Anti-Virus downloads the Kaspersky Password Manager installation package and installs the application on your computer.
The Kaspersky Password Manager installation package you have downloaded remains in your computer regardless of whether or not it has been used to install Kaspersky Password Manager.
User actions on a computer are recorded in the operating system. The following information is saved:
Details of search queries entered by users and websites visited
Information about started applications, as well as opened and saved files
Microsoft Windows event log entries
Other information about user activity
Intruders and unauthorized persons may be able to gain access to confidential data contained in information on past user actions.
Kaspersky Anti-Virus includes the Privacy Cleaner Wizard, which cleans up traces of user activity in the operating system.
To run the Privacy Cleaner Wizard:
Open the main application window.
In the More Tools drop-down list, select Privacy Cleaner to run the Privacy Cleaner Wizard.
The Wizard consists of a series of pages (steps), which you can navigate through by clicking the Back and Next buttons. To close the Wizard after it finishes, click the Done button. To stop the Wizard at any stage, click the Cancel button.
Let us review the steps of the Wizard in more detail.
Starting the Wizard
Select one of the two options for Wizard operation:
Search for user activity traces. The Wizard will search for traces of your activities on the computer.
Roll back changes. The Wizard will roll back the changes that were previously made by the Privacy Cleaner Wizard. This option is available if activity traces have been removed by the Wizard before.
Click the Next button to start the Wizard.
Activity traces search
If you selected the Search for user activity traces option, the Wizard performs a search for activity traces on your computer. The search may take a while. When the search is complete, the Wizard proceeds automatically to the next step.
Selecting Privacy Cleaner actions
When the search is complete, the wizard informs you about the detected
Recommended actions are intended for elimination of activity traces that pose a potential threat.
Additional actions eliminate activity traces that are not dangerous.
If the check box in the line of an action is selected, Kaspersky Anti-Virus performs the action.
If this check box is cleared in the line of an action, Kaspersky Anti-Virus does not perform the action.
If you selected Roll back changes during the first step, the list contains previously performed actions that you can roll back.
and asks about the actions to take for elimination of these activity traces.
To view actions that have been included into a group, expand the list of the selected group.
To make the Wizard perform a certain action, to the left of an action, select the corresponding check box. By default, the Wizard performs all recommended and strongly recommended actions. If you do not want to perform a certain action, clear the check box next to it.
It is strongly recommended that you not clear the check boxes selected by default, as doing so will leave your computer vulnerable to threats.
After you define the set of actions for the Wizard to perform, click the Next button.
Privacy Cleaner
The Wizard performs the actions selected during the previous step. Elimination of activity traces may take some time. To clean up certain activity traces, it may be necessary to restart the computer; if so, the Wizard notifies you.
When the clean-up is complete, the Wizard proceeds automatically to the next step.
If a computer has Kaspersky Anti-Virus installed, you can manage protection of this computer remotely. Computer protection can be managed remotely via My Kaspersky portal. To manage computer protection remotely, register on My Kaspersky portal, sign in to your My Kaspersky account, and go to Devices section.
My Kaspersky portal lets you accomplish the following computer security tasks:
View the list of computer security problems and fix them remotely
Scan the computer for viruses and other threats
Update databases and application modules
Configure Kaspersky Anti-Virus components
If a computer scan is started from My Kaspersky portal, Kaspersky Anti-Virus processes objects that are detected automatically without your involvement. On detecting a virus or other threat, Kaspersky Anti-Virus attempts to perform disinfection without rebooting the computer. If disinfection without restarting the computer is impossible, the list of computer security problems on My Kaspersky portal shows a message to the effect that the computer needs restarting to perform disinfection.
If the list of detected objects on My Kaspersky portal includes more than 10 items, they are grouped. In this case, the detected objects can be processed via the portal only together without the ability to examine each object separately. To view separately objects in this case, you are advised to use the interface of the application installed on the computer.
A My Kaspersky account is required to sign in to My Kaspersky portal as well as to use the portal and certain Kaspersky Lab applications.
If you do not have a My Kaspersky account yet, you can create it on the portal or from the applications compatible with the portal. You can also use accounts used with other Kaspersky Lab resources to sign in to the portal.
While creating a My Kaspersky account, you have to specify a valid email address and set a password. The password must contain at least 8 characters, one numeral, one uppercase letter, and one lowercase Latin letter. Blank spaces are not allowed.
If the password is too weak or common, the account will not be created.
While creating an account, you can specify a secret question. This question provides additional security when recovering a forgotten password.
After the account is created, you will receive an email message containing a link for activation of your account.
Please activate your account using the email link.
How to proceed to remote management of computer protection
To proceed to remote management of computer protection, you need to connect your device to My Kaspersky portal. If you previously entered your credentials in another Kaspersky Lab application on this computer, Kaspersky Security Cloud will connect to My Kaspersky portal automatically. If the application fails to automatically connect your device to the portal, you need to connect manually.
To connect a device to My Kaspersky portal:
Open the main application window.
In the More Tools drop-down list, select My Kaspersky.
Click the Connect to My Kaspersky button.
In the Connect to My Kaspersky window,enter the credentials to connect the application to the portal and click the Sign in button.
If you do not have an account on My Kaspersky portal:
The application will connect your device to My Kaspersky portal
To proceed to remote management of computer protection:
Open the main application window.
In the More Tools drop-down list, select My Kaspersky.
In the My Kaspersky window, click the Go toMy Kaspersky button.
The My Kaspersky portal window opens in the default browser.
A connection to My Kaspersky portal may fail due to a portal malfunction. When this happens, Kaspersky Anti-Virus displays a notification about problems experienced by My Kaspersky portal that are being resolved by Kaspersky Lab staff. If you are unable to connect to My Kaspersky portal due to a portal malfunction, retry connecting later.
How to reserve operating system resources for computer games
When Kaspersky Anti-Virus runs in full-screen mode together with some other applications (particularly computer games), the following issues may occur:
Application or game performance decreases due to lack of system resources
Notification windows of Kaspersky Anti-Virus distract the user from the gaming process
To avoid changing the settings of Kaspersky Anti-Virus manually every time you switch to full-screen mode, you can use Gaming mode. If Gaming mode is being used and you are playing or working with applications in full-screen mode, Kaspersky Anti-Virus does not run scan and update tasks and does not display notifications.
To enable Gaming mode:
Open the main application window.
Click the button in the lower part of the window.
The Settings window opens.
In the left part of the window, select the Performance section.
The window displays the performance settings of Kaspersky Anti-Virus.
How to password-protect access to Kaspersky Anti-Virus management functions
A single computer may be shared by several users with various levels of experience and computer literacy. Unrestricted access of different users to Kaspersky Anti-Virus and its settings may compromise the level of computer security.
To restrict access to the application, you can set an administrator password and specify the actions for which this password must be entered:
Configuring the application settings
Quitting the application
Removing the application
To password-protect access to control over Kaspersky Anti-Virus:
Open the main application window.
Click the button in the lower part of the window.
The Settings window opens.
In the left part of the window, select the General section and click the Set up password protection link to open the Password protectionwindow.
In the window that opens, fill in the New password and Confirm password fields.
In the Password scope group of settings, specify the application actions to which you want to restrict access.
A forgotten password cannot be recovered. If you have forgotten your password, contact Technical Support to recover access to Kaspersky Anti-Virus settings.
Pausing protection means temporarily disabling all protection components for some time.
When protection is paused or Kaspersky Anti-Virus is not running, the activity of the applications running on your computer is monitored. Information about the results of monitoring of application activity is saved in the operating system. When Kaspersky Anti-Virus is started again or protection is resumed, the application uses this information to protect your computer from malicious actions that may have been performed when protection was paused or when Kaspersky Anti-Virus was not running. Information about the results of monitoring of application activity is stored indefinitely. This information is deleted if Kaspersky Anti-Virus is removed from your computer.
To pause the protection of your computer:
In the context menu of the application icon located in the taskbar notification area, select the Pause protection item.
The Pause protection window opens (see the following figure).
Pause protection window
In the Pause protection window, select the time interval after which protection will be resumed:
Pause for – protection is enabled after expiration of the time interval selected from the drop-down list.
Pause until application restart – protection is enabled after the application is started again or the operating system is restarted (if the application automatically starts on startup).
Pause – protection will be resumed when you decide to resume it.
Click the Pause protection button and confirm your choice in the window that opens.
Kaspersky Anti-Virus maintains operation reports for each of the protection components. Using a report, you can obtain statistical information about the application's operation (for example, how many malicious objects have been detected and neutralized during a specified time period, how many times application databases and modules have been updated during the same period, and much more).
To view the application operation report:
Open the main application window.
Click the Reports button.
The Reports window displays reports on application operation for the current day (in the left part of the window) and for a particular time period (in the right part of the window).
If you want to view a detailed report on application operation, in the upper part of the Reports window, click the Detailed reports link. The Detailed Reports window opens.
The Detailed Reports window displays data in the form of a table. For convenient viewing of reports, you can select various filtering options.
How to apply the application settings on another computer
After you have configured the application, you can apply its settings to a copy of Kaspersky Anti-Virus that is installed on another computer. As a result, the application will be configured identically on both computers.
The application settings are saved in a configuration file that you can move from one computer to another.
The settings of Kaspersky Anti-Virus are moved from one computer to another in three steps:
Save the application settings to configuration file.
Move the configuration file to the other computer (for example, by email or on a removable drive).
Import the settings from the configuration file to the application copy that is installed on the other computer.
Kaspersky Anti-Virus uses cloud protection to make protection of your computer more effective. Cloud protection is implemented using the Kaspersky Security Network infrastructure that uses data received from users all over the world.
Kaspersky Security Network (KSN) is the cloud-based knowledge base of Kaspersky Lab containing information about the reputation of applications and websites. The use of data from Kaspersky Security Network ensures faster responses by Kaspersky Anti-Virus to new threats, improves the performance of some protection components, and reduces the likelihood of false positives.
Users' participation in Kaspersky Security Network allows Kaspersky Lab to promptly receive information about types and sources of new threats, develop solutions for neutralizing them, and minimize the number of false positives. Participation in Kaspersky Security Network lets you access reputation statistics for applications and websites.
How to enable or disable participation in Kaspersky Security Network
Participation in Kaspersky Security Network is voluntary. You can enable or disable the use of Kaspersky Security Network (KSN) when installing Kaspersky Anti-Virus and / or at any moment after the application is installed.
To enable or disable participation in Kaspersky Security Network:
Open the main application window.
Click the button in the lower part of the window.
The Settings window opens.
In the Additional section, select Additional protection and management tools.
The Additional protection tools settings window opens with details of Kaspersky Security Network and Kaspersky Security Network participation settings.
Enable or disable participation in Kaspersky Security Network:
If you want to participate in Kaspersky Security Network, click the Enable button.
A window with the text of the Kaspersky Security Network Statement opens. If you accept the terms of the Statement, click the I agree button.
If you do not want to participate in Kaspersky Security Network, click the Disable button.
If you installed the application in the European Union, the Additional protection tools settings window shows the Kaspersky Security Network Statement section instead of information about Kaspersky Security Network.
To accept the Kaspersky Security Network Statement:
Click the Accept button in the Kaspersky Security Network Statement section.
Kaspersky Security Network Statement opens. This statement allows Kaspersky Lab experts to promptly receive information about threats detected on your computer, about applications being run and signed applications being downloaded, as well as operating system information to improve your protection.
If you accept the terms of the statement, click the Accept button.
To decline the Kaspersky Security Network Statement,
click the Decline button in the Kaspersky Security Network Statement section.
In the More Tools drop-down list, select My Kaspersky.
In the My Kaspersky window, click the Connect to My Kaspersky button.
The Connect to My Kaspersky window opens.
Click the Don't Have Account Yet button.
Enter your email address in the Email address field.
Enter and confirm a password in the Password and Confirm password fields. The password must contain at least eight characters.
Select the I agree to provide Kaspersky Lab with my email address to receive personalized marketing offers check box if you want to receive Kaspersky Lab notifications in your mailbox.
If you use the application in the European Union, this check box is named I confirm that I allow AO Kaspersky Lab to use my email address, first name, and last name to contact me by email about personalized special offers, reviews, surveys, order completion reminders, relevant news and events or I confirm that I allow AO Kaspersky Lab to use my email address to contact me by email about personalized special offers, reviews, surveys, order completion reminders, relevant news and events.
Enter your first name in the Your first name field.
Enter your last name in the Your last name field.
Click the Done button.
A message will be sent to your email address, containing a link that you must click to activate your My Kaspersky account.
Click the link to activate your account on My Kaspersky portal.
The field layout during creating an account is composed by Kaspersky Lab experts and may change.
You can use Kaspersky Anti-Virus at the command prompt.
Command prompt syntax:
avp.com <command> [settings]
To view help on the command prompt syntax, enter the following command:
avp.com [ /? | HELP ]
This command allows you to obtain a full list of commands that are available for managing Kaspersky Anti-Virus through the command prompt.
To obtain help on the syntax of a specific command, you can enter one of the following commands:
avp.com <command> /?
avp.com HELP <command>
At the command prompt, you can refer to the application either from the application installation folder or by specifying the full path to avp.com.
You can enable or disable application event logging (creating trace files) from the command prompt if you have previously set a password to protect access to Kaspersky Anti-Virus management in the application settings window.
If you have not set a password in the application settings window, you cannot create a password and enable event logging from the command prompt.
Certain commands can be executed only under the administrator account.
If you cannot find a solution to your issue in the application Help text or in any of the sources of information about the application, we recommend that you contact Kaspersky Lab Technical Support. Technical Support specialists will answer any of your questions about installing and using the application.
Before contacting Technical Support, please read the support rules.
You can contact Technical Support in one of the following ways:
By telephone. This method allows you to consult with specialists from our Russian-language or international Technical Support.
Send request from My Kaspersky portal. This method allows you to contact our specialists using the query form.
Technical support is available only to users who have purchased a license for use of the application. No technical support is provided to users of trial versions.
You can call Technical Support from most regions throughout the world. You can find information about how to obtain technical support in your region and contact information for Technical Support on the Kaspersky Lab Technical Support website.
Before contacting Technical Support, please read the support rules.
My Kaspersky is a one-stop online resource for managing the protection of your devices and activation codes for Kaspersky Lab applications and for requesting technical support.
To access My Kaspersky portal, you have to register. To do so, enter your email address and create a password.
You can receive technical support via My Kaspersky portal in the following ways:
Send email requests to Technical Support
Contact Technical Support without using email
Track the status of your requests in real time
You can also view a complete history of your technical support requests.
Email request to Technical Support
You have to specify the following information in your email request to Technical Support:
Message subject
Application name and version number
Operating system name and version number
Problem description
A specialist from Technical Support will send an answer to your question to My Kaspersky portal and to the email address that you have specified during registration.
After you notify Technical Support specialists of a problem, they may ask you to create a report that contains information about your operating system and send it to Technical Support. Technical Support specialists may also ask you to create a trace file. The trace file allows tracing the process of performing application commands step by step and determining the stage of application operation at which an error occurs.
To provide better support on issues related to functioning of the application, Technical Support specialists may ask you to temporarily change application settings for debugging purposes while diagnostics are ongoing. To do so, you may need to perform the following actions:
Collect extended diagnostic information
Configure individual components of the application by changing special settings that are not accessible through the standard user interface
Reconfigure storage and sending of collected diagnostic information
Set up interception of network traffic and saving of network traffic to a file
Technical Support specialists will give you all information necessary for performing these actions (step-by-step instructions, settings to be changed, scripts, additional command line features, debugging modules, special utilities, etc.) and will inform you of what data will be collected for debugging purposes. After the extended diagnostic information is collected, it is saved on the user's computer. The collected data is not sent automatically to Kaspersky Lab.
You are advised to perform the preceding actions only under the guidance of a Technical Support specialist after receiving instructions to do so. Changing application settings by yourself in ways not described in Help or not recommended by Technical Support specialists can cause slowdowns and crashes of the operating system, reduce the protection level of your computer, and damage the availability and integrity of the processed information.
In the window that opens, click the Support Tools link to open the Support Tools window.
In the window that opens, click the How to create an operating system state report link to open a Knowledge Base article on how to create an operating system state report.
Follow the instructions in the Knowledge Base article.
Once created, the trace files and the system state report should be sent to Kaspersky Lab Technical Support specialists.
You will need a request number to upload files to the Technical Support server. This number is available on My Kaspersky portal when you have an active request.
To upload the data files to the Technical Support server:
Open the main application window.
Click the button in the lower part of the window.
The Kaspersky Lab Technical Support window opens.
Click the Support Tools link to open the Support Tools window.
In the window that opens, click the Send report to Technical Support link to open the Send report window.
Select the check boxes next to the data that you want to send to Technical Support.
Enter the number assigned to your request by Technical Support.
Click the Send report button.
The selected data files are packed and sent to the Technical Support server.
If you were unable to send the files for any reason, the data files can be stored on your computer and later sent from My Kaspersky portal.
To save data files to disk:
Open the main application window.
Click the button in the lower part of the window.
The Kaspersky Lab Technical Support window opens.
In the window that opens, click the Support Tools link to open the Support Tools window.
In the window that opens, click the Send report to Technical Support link to open the Send report window.
Select the types of data to save to disk:
Operating system information. Select this check box to save information about the operating system of your computer to disk.
Data received for analysis. Select this check box to save application trace files to disk. Click the <number of files>, <data volume> link to open the Data received for analysis window. Select check boxes opposite the trace files that you want to save.
Click the Save report on your computer link to open the window for saving an archive with data files.
Specify the archive name and confirm saving.
The created archive can be sent to Technical Support from My Kaspersky portal.
About the contents and storage of service data files
Trace files and dump files are stored on the computer in non-encrypted form for a period of seven days after data logging is disabled. Trace files and dump files are deleted permanently after seven days.
Trace files are stored in the ProgramData\Kaspersky Lab folder.
The format of trace file names is as follows: KAV<version number_dateXX.XX_timeXX.XX_pidXXX.><trace file type>.log.
Trace files can contain confidential data. You can view the contents of a trace file by opening it in a text editor (such as Notepad).
Kaspersky Anti-Virus has a number of limitations that are not critical to operation of the application.
Limitations on upgrades from a previous version of the application
The application can be upgraded if the following versions of Kaspersky Anti-Virus are installed on your computer:
Kaspersky Anti-Virus 2013
Kaspersky Anti-Virus 2014
Kaspersky Anti-Virus 2015
Kaspersky Anti-Virus 2016
Kaspersky Anti-Virus 2017
Kaspersky Anti-Virus 2018
Upgrades from earlier versions of the application are not supported.
After an upgrade from a previous version of the application, Kaspersky Anti-Virus starts automatically even if automatic startup of the application is disabled in the settings that have been saved. When the operating system restarts afterwards, Kaspersky Anti-Virus does not start automatically if automatic startup of the application is disabled in the settings that have been saved.
When a previous version of Kaspersky Anti-Virus is upgraded, the following application settings are replaced with default settings:
Kaspersky Anti-Virus display settings
Scan schedule
Participation in Kaspersky Security Network
File Anti-Virus protection level
Mail Anti-Virus protection level
Update sources
List of trusted web addresses
URL Advisor settings
When updating Kaspersky Anti-Virus 2013, 2014, 2015 to a new version, the old license is not always applicable. This is due to licensing specifics in these application versions. Also, when updating Kaspersky Anti-Virus 2013, 2014, 2015 to a new version, the new version of Kaspersky Anti-Virus will use the default application settings.
Limitations on the operation of certain components and automatic processing of files
Infected files and malicious links are processed automatically according to rules created by Kaspersky Lab specialists. You cannot modify these rules manually. Rules can be updated following an update of databases and application modules.
If a device scan is started from My Kaspersky portal, files will be processed automatically based on the rules specified in the application. Files detected on a device can be processed automatically by request from My Kaspersky portal without your confirmation, even if interactive protection is enabled in the application.
Special considerations for file processing in interactive protection mode
If an infected file is part of an app from Windows Store, in interactive protection mode the application displays a notification prompting you to delete that file. The Disinfect action is not available.
Limitations on connection to Kaspersky Security Network
During its operation, the application may query Kaspersky Security Network for information. If data from Kaspersky Security Network could not be retrieved, the application makes decisions based on local anti-virus databases.
Limitations of System Watcher functionality
Protection against cryptors (malware that encrypts user files) has the following limitations:
The Temp system folder is used to support this functionality. If the system drive with the Temp folder has insufficient disk space to create temporary files, protection against cryptors is not provided. In this case, the application does not display a notification that files are not backed up (protection is not provided).
Temporary files are deleted automatically when you close Kaspersky Anti-Virus or disable the System Watcher component.
In case of an emergency termination of Kaspersky Anti-Virus, temporary files are not deleted automatically. To delete temporary files, clear the Temp folder manually. To do so, open the Run window (Run command under Windows XP) and in the Open field type %TEMP%. Click OK.
Protection against encryptors is provided only for files that are located on data drives that have been formatted with the NTFS file system.
The number of files that can be restored cannot exceed 50 per one encryption process.
The total volume of modifications to files cannot exceed 100 MB. Files with modifications that exceed this limit cannot be restored.
File modifications initiated via network interface are not monitored.
Files encrypted with EFS are not supported.
You must restart the computer to enable protection against encryptors after Kaspersky Anti-Virus is installed.
Encrypted connections scan limitations
Due to technical limitations of the implementation of scanning algorithms, scanning of encrypted connections does not support certain extensions of the TLS 1.0 protocol and later versions (particularly NPN and ALPN). Connections via these protocols may be limited. Browsers with SPDY protocol support use the HTTP over TLS protocol instead of SPDY even if the server to which the connection is established supports SPDY. This does not affect the level of connection security. If the server supports only the SPDY protocol and it is impossible to establish the connection via the HTTPS protocol, the application does not monitor the connection established.
Kaspersky Anti-Virus does not support processing of HTTPS/2 Proxy traffic. The application does not process traffic transmitted via extensions of the HTTP/2 protocol.
Kaspersky Anti-Virus prevents data exchange over the QUIC protocol. Browsers use a standard transport protocol (TLS or SSL) regardless of whether or not support for the QUIC protocol is enabled in the browser.
Kaspersky Anti-Virus monitors only those protected connection which it is able to decrypt. The application does not monitor connections added to the list of exclusions (Websites link in the Network settings window). The following components perform decryption and scanning of encrypted traffic by default:
Web Anti-Virus
URL Advisor
Kaspersky Anti-Virus decrypts encrypted traffic while the user is using the Google Chrome browser if the Kaspersky Protection extension is disabled in this browser.
Kaspersky Anti-Virus does not monitor traffic if the browser loads a web page or its elements from a local cache instead of from the Internet.
Limitations on encrypted connections scan exclusions
When scanning encrypted connections with websites that have been added to exclusions, URL Advisor may continue to scan encrypted connections. Web Anti-Virus does not scan websites that have been added to exclusions.
Specifics of infected file processing by application components
By default, Kaspersky Anti-Virus can delete infected files that cannot be disinfected. Removal by default can be performed during file processing by such components as Mail Anti-Virus, File Anti-Virus, during scan tasks, and also when System Watcher detects malicious activity of applications.
Warning about changes in IM Anti-Virus functionality
Beginning with the 2016 version of Kaspersky Anti-Virus, the IM Anti-Virus component does not scan messages transmitted via the IRC protocol.
IM Anti-Virus supports only the following ICQ versions: ICQ 8 – ICQ 8.3. Later versions are not supported.
IM Anti-Virus supports only Mail.Ru Agent versions below 10.
Specifics of the autorun process operation
The autorun process logs the results of its operation. Data is logged in text files named “kl-autorun-<date><time>.log”. To view data, open the Run window (Run command under Windows XP) and in the Open field type %TEMP% and click OK.
All trace files are saved at the path to setup files that were downloaded during operation of the autorun process. Data is stored for the duration of operation of the autorun process and deleted permanently when this process is terminated. Data is not sent anywhere.
Kaspersky Anti-Virus limitations under Microsoft Windows 10 RS4 with the Device Guard mode enabled:
Operation of the following functionality is partly limited:
Clipboard protection
Browser protection from keyboard and mouse input emulators (input spoofing)
Protection from remote management applications
Browser protection (management through API, protection from attacks that use dangerous messages to browser windows, protection from message queue management)
Heuristic Analysis (emulation of the startup of malicious applications)
If UMCI mode is enabled in Windows, Kaspersky Anti-Virus does not detect screen lockers.
About logging of events in the Windows event log that are related to the End User License Agreement and Kaspersky Security Network
Events involving accepting and declining the terms of the End User License Agreement, and also accepting and declining participation in Kaspersky Security Network, are recorded in the Windows event log.
Limitations on local address reputation checks in Kaspersky Security Network
Links to local resources are not scanned in Kaspersky Security Network.
Warning about applications that collect information
If an application that collects information and sends it to be processed is installed on your computer, Kaspersky Anti-Virus may classify this application as malware. To avoid this, you can exclude the application from scanning by configuring Kaspersky Anti-Virus as described in this document.
Warning about the creation of an application installation report
An installation report file is created when the application is installed to a computer. If application installation completed with an error, an installation report file is saved and you can send it to Kaspersky Lab Technical Support. You can view the contents of the installation report file by clicking the link in the application window. If the application is successfully installed, the installation report file is immediately deleted from your computer.
Limitations when the application is started for the first time after upgrading from Microsoft Windows 7 to Microsoft Windows 10
If you have upgraded Microsoft Windows 7 to Microsoft Windows 8 / 8.1 or Microsoft Windows 10 / RS1 / RS2 / RS3, Kaspersky Anti-Virus operates with the following limitations when started for the first time:
Only File Anti-Virus (real-time protection) is running. Other application components are not running.
Self-Defense of files and the system registry is running. Self-Defense of processes is not running.
The application interface is not available until you restart the computer. The application displays a notification stating that some application components are not running and that the computer must be restarted after completion of adaptation to the new operating system.
Only the Exit option is available in the context menu of the application icon in the notification area.
The application does not display notifications, and automatically chooses the recommended action.
Warning about error adapting application drivers when upgrading the operating system from Windows 7 to Windows 10
Upgrading Windows 7 to Windows 10 may result in an error adapting the drivers of Kaspersky Anti-Virus. Drivers are adapted in the background, which means that you do not receive notifications about its progress.
If there is an error adapting the drivers, you will not be able to use the following features of the application:
Threat detection while the operating system is loading
Protection of application processes by using the Protected Process Light (PPL) technology of Microsoft Corporation
You can use the following methods to fix the error:
Restart the computer and restart application adaptation from the notification in the Notification Center.
Uninstall the application and re-install it.
Limitations on scanning traffic sent over HTTPS in the Mozilla Firefox browser
In Mozilla Firefox 58.x and later versions, the application does not scan traffic transmitted over the HTTPS protocol if browser settings modification is protected by a master password. When a master password is detected in the browser, the application shows a notification containing a link to an article in the Knowledge Base. The article contains instructions on resolving this problem.
If HTTPS traffic is not monitored, the operation of the following components is limited:
Web Anti-Virus
Anti-Phishing
Secure Data Input
Limitations of the Kaspersky Protection extension in Google Chrome and Mozilla Firefox
The Kaspersky Protection extension does not operate in Google Chrome and Mozilla Firefox if there is Malwarebytes for Windows installed on your computer.
Other sources of information about the application
Kaspersky Anti-Virus page on the Kaspersky Lab website
On Kaspersky Anti-Virus page, you can view general information about the application and its functions and features.
Kaspersky Anti-Virus page contains a link to the eStore. There you can purchase or renew the application.
Kaspersky Anti-Virus page in the Knowledge Base
Knowledge Base is a section on the Technical Support website.
On Kaspersky Anti-Virus page in the Knowledge Base, you can read articles that provide useful information, recommendations, and answers to frequently asked questions on how to purchase, install, and use the application.
Articles in the Knowledge Base may provide answers to questions that relate both to Kaspersky Anti-Virus as well as to other Kaspersky Lab applications. Articles in the Knowledge Base may also contain news from Technical Support.
Discussing Kaspersky Lab applications in our community
If your question does not require an immediate answer, you can discuss it with Kaspersky Lab experts and other users in our community.
In the community, you can view existing topics, leave your comments, and create new discussion topics.
Switching the application to fully functional mode. Application activation is performed by the user during or after installation of the application. To activate the application, the user must have an activation code.
Activation code
A code that you receive when purchasing a license for Kaspersky Anti-Virus. This code is required for activation of the application.
The activation code is a unique sequence of twenty alphanumeric characters in the format xxxxx-xxxxx-xxxxx-xxxxx.
Anti-virus databases
Databases that contain information about computer security threats known to Kaspersky Lab as of when the anti-virus databases are released. Entries in anti-virus databases allow detecting malicious code in scanned objects. Anti-virus databases are created by Kaspersky Lab specialists and updated hourly.
Application modules
Files included in the Kaspersky Lab installation package that are responsible for performing the main tasks of the corresponding application. A particular application module corresponds to each type of task performed by the application (protection, scan, updates of databases and application modules).
Available update
A set of updates for Kaspersky Lab application modules, including critical updates accumulated over a certain period of time and changes to the application's architecture.
Blocking an object
Denying access to an object from third-party applications. A blocked object cannot be read, executed, modified, or deleted.
Compressed file
A compressed executable file that contains a decompression program and instructions for the operating system to execute it.
Database of malicious web addresses
A list of web addresses whose content may be considered to be dangerous. Created by Kaspersky Lab specialists, the list is regularly updated and is included in the Kaspersky Lab application package.
Database of phishing web addresses
List of web addresses which have been defined as phishing web addresses by Kaspersky Lab specialists. The databases are regularly updated and are part of the Kaspersky Lab application package.
Digital signature
An encrypted block of data embedded in a document or application. A digital signature is used to identify the author of the document or application. To create a digital signature, the document or application author must have a digital certificate proving the author's identity.
A digital signature lets you verify the data source and data integrity and protect yourself against counterfeits.
Disk boot sector
A boot sector is a special area on a computer's hard drive, floppy disk, or other data storage device. It contains information on the disk's file system and a boot loader program, which is responsible for starting the operating system.
There exist a number of viruses that infect boot sectors, which are thus called boot viruses. The Kaspersky Lab application allows scanning boot sectors for viruses and disinfecting them if an infection is found.
False positive
A situation when a Kaspersky Lab application considers a non-infected object to be infected because the object's code is similar to that of a virus.
File mask
Representation of a file name using wildcards. The standard wildcards used in file masks are * and ?, where * represents any number of any characters and ? stands for any single character.
Heuristic analyzer
A technology for detecting threats about which information has not yet been added to Kaspersky Lab databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).
iChecker Technology
A technology that allows increasing the speed of anti-virus scanning by excluding objects that have remained unchanged since their last scan, provided that the scan parameters (the databases and the settings) have not been altered. The information for each file is stored in a special database. This technology is used in both real-time protection and on-demand scan modes.
For example, you have an archive file that was scanned by a Kaspersky Lab application and assigned not infected status. Next time, the application will skip this archive unless the archive has been altered or the scan settings have been changed. If you have changed the archive content by adding a new object to it, modified the scan settings, or updated the application databases, the archive will be re-scanned.
Limitations of iChecker technology:
This technology does not work with large files, since it is faster to scan a file than to check whether the file has been modified since it was last scanned.
The technology supports a limited number of formats.
Incompatible application
An anti-virus application from a third-party developer or a Kaspersky Lab application that does not support management through Kaspersky Anti-Virus.
Infectable file
A file that, due to its structure or format, can be used by criminals as a "container" to store and spread malicious code. As a rule, they are executable files, for example, files with the extensions COM, EXE, DLL, etc. The risk of penetration of malicious code into such files is quite high.
Infected object
An object a portion of whose code completely matches part of the code of known malware. Kaspersky Lab does not recommend accessing such objects.
Kaspersky Lab update servers
Kaspersky Lab HTTP servers from which updates of databases and software modules are downloaded.
Kaspersky Security Network (KSN)
The cloud-based knowledge base of Kaspersky Lab containing information about the reputation of applications and websites. Use of data from Kaspersky Security Network ensures faster responses by Kaspersky Lab applications to threats, improves the performance of some protection components, and reduces the likelihood of false positives.
Keylogger
A program designed for hidden logging of information about keys pressed by the user. Keyloggers function as keystroke interceptors.
License term
A time period during which you have access to the application features and rights to use additional services.
Phishing
A kind of Internet fraud in which email messages are sent with the purpose of stealing confidential data, most often financial data.
Probable spam
A message that cannot be unambiguously considered spam, but has several spam attributes (for example, certain types of mailings and advertising messages).
Probably infected object
An object whose code contains portions of modified code from a known threat, or an object whose behavior is similar to that of a threat.
Protection components
Integral parts of Kaspersky Anti-Virus intended for protection against specific types of threats (for example, Anti-Phishing). Each of the components is relatively independent of the other ones and can be disabled or configured individually.
Protocol
A clearly defined and standardized set of rules governing the interaction between a client and a server. Well-known protocols and the services associated with them include HTTP, FTP, and NNTP.
Quarantine
A dedicated storage in which the application places backup copies of files that have been modified or deleted during disinfection. Copies of files are stored in a special format that is not dangerous for the computer.
Rootkit
A program or a set of programs for hiding traces of an intruder or malware in the operating system.
On Windows-based operating systems, a rootkit usually refers to a program that penetrates the operating system and intercepts system functions (Windows APIs). Interception and modification of low-level API functions are the main methods that allow these programs to make their presence in the operating system quite stealthy. A rootkit can usually also mask the presence of any processes, folders, and files that are stored on a disk drive, in addition to registry keys, if they are described in the configuration of the rootkit. Many rootkits install their own drivers and services on the operating system (these also are "invisible").
Script
A small computer program or an independent part of a program (function) which, as a rule, has been developed to execute a specific task. It is most often used with programs that are embedded in hypertext. Scripts are run, for example, when you open some websites.
If real-time protection is enabled, the application tracks the execution of scripts, intercepts them, and scans them for viruses. Depending on the results of scanning, you may block or allow the execution of a script.
Security level
The security level is defined as a predefined collection of settings for an application component.
Spam
Unsolicited mass email mailings, most often including advertisements.
Startup objects
The set of programs needed to start and correctly operate the operating system and software installed on your computer. These objects are executed every time the operating system is started. There are viruses capable of infecting autorun objects specifically, which may lead, for example, to blocking of operating system startup.
Task
The functions of the Kaspersky Lab application are implemented in the form of tasks, such as: Full Scan task or Update task.
Task settings
Application settings that are specific for each task type.
Threat level
An index showing the probability that an application poses a threat to the operating system. The threat level is calculated using heuristic analysis based on two types of criteria:
Static (such as information about the executable file of an application: size, creation date, etc.)
Dynamic, which are used while simulating the application's operation in a virtual environment (analysis of the application's system calls)
Threat level allows detecting behavior typical of malware. The lower the threat level is, the more actions the application is allowed to perform in the operating system.
Traces
Running the application in debugging mode; after each command is executed, the application is stopped, and the result of this step is displayed.
Traffic scanning
Real-time scanning that uses information from the current (latest) version of the databases for objects transferred over all protocols (for example, HTTP, FTP, and other protocols).
Trust group
A group to which Kaspersky Anti-Virus assigns an application or a process depending on the following criteria: presence of a digital signature, reputation on Kaspersky Security Network, trust level of the application source, and the potential danger of actions performed by the application or process. Based on the trust group to which an application belongs, Kaspersky Anti-Virus can restrict the actions that the application may perform in the operating system.
In Kaspersky Anti-Virus, applications belong to one of the following trust groups: Trusted, Low Restricted, High Restricted, or Untrusted.
Trusted process
A software process whose file operations are not restricted by the Kaspersky Lab application in real-time protection mode. When suspicious activity is detected in a trusted process, Kaspersky Anti-Virus removes the process from the list of trusted processes and blocks its actions.
Unknown virus
A new virus about which there is no information in the databases. Generally, unknown viruses are detected by the application in objects by using the heuristic analyzer. These objects are classified as probably infected.
Update
The procedure of replacing / adding new files (databases or application modules) retrieved from the Kaspersky Lab update servers.
Update package
A file package designed for updating databases and application modules. The Kaspersky Lab application copies update packages from Kaspersky Lab update servers and automatically installs and applies them.
Virus
A program that infects other programs, by adding its code to them in order to gain control when infected files are run. This simple definition allows identifying the main action performed by any virus: infection.
Virus outbreak
A series of deliberate attempts to infect a device with a virus.
Vulnerability
A flaw in an operating system or an application that may be exploited by malware makers to penetrate the operating system or application and corrupt its integrity. Presence of a large number of vulnerabilities in an operating system makes it unreliable, because viruses that penetrate the operating system may cause disruptions in the operating system itself and in installed applications.
Kaspersky Lab is a world-renowned vendor of systems protecting computers against various threats, including viruses and other malware, unsolicited email (spam), network and hacking attacks.
In 2008, Kaspersky Lab was rated among the world’s top four vendors of information security software solutions for end users (IDC Worldwide Endpoint Security Revenue by Vendor). Kaspersky Lab is the preferred vendor of computer protection systems for home users in Russia ("IDC Endpoint Tracker 2014").
Kaspersky Lab was founded in Russia in 1997. It has since grown into an international group of companies with 38 offices in 33 countries. The company employs more than 3,000 skilled professionals.
Products. Kaspersky Lab’s products provide protection for all systems, from home computers to large corporate networks.
The personal product range includes security applications for desktop, laptop, and tablet computers, smartphones and other mobile devices.
The company offers protection and control solutions and technologies for workstations and mobile devices, virtual machines, file and web servers, mail gateways, and firewalls. The company's portfolio also features specialized products providing protection against DDoS attacks, protection for industrial control systems, and prevention of financial fraud. Used in conjunction with Kaspersky Lab’s centralized management system, these solutions ensure effective automated protection for companies and organizations of any size against computer threats. Kaspersky Lab's products are certified by major test laboratories, compatible with software from diverse vendors, and optimized to run on many hardware platforms.
Kaspersky Lab’s virus analysts work around the clock. Every day they uncover hundreds of thousands of new computer threats, create tools to detect and disinfect them, and include signatures of those threats in the databases used by Kaspersky Lab applications.
Technologies. Many technologies that are now part and parcel of modern anti-virus tools were originally developed by Kaspersky Lab. It is no coincidence that many other developers use the Kaspersky Anti-Virus kernel in their products, including: Alcatel-Lucent, Alt-N, Asus, BAE Systems, Blue Coat, Check Point, Cisco Meraki, Clearswift, D-Link, Facebook, General Dynamics, H3C, Juniper Networks, Lenovo, Microsoft, NETGEAR, Openwave Messaging, Parallels, Qualcomm, Samsung, Stormshield, Toshiba, Trustwave, Vertu, ZyXEL. Many of the company’s innovative technologies are patented.
Achievements. Over the years, Kaspersky Lab has won hundreds of awards for its services in combating computer threats. Following tests and research conducted by the reputed Austrian test laboratory AV-Comparatives in 2014, Kaspersky Lab ranked among the top two vendors by the number of Advanced+ certificates earned and was eventually awarded the Top Rated certificate. But Kaspersky Lab's main achievement is the loyalty of its users worldwide. The company’s products and technologies protect more than 400 million users, and its corporate clients number more than 270,000.
Registered trademarks and service marks are the property of their respective owners.
Dropbox is a trademark of Dropbox, Inc.
Google, Google Chrome, Google Talk, Chrome, SPDY, and YouTube are Trademarks of Google, Inc.
ICQ is a trademark and/or service mark of ICQ LLC.
Intel, Celeron, and Atom are Trademarks of Intel Corporation in the U.S. and/or other countries.
JABBER is a registered Trademark and its use is licensed through the XMPP Standards Foundation.
Mail.Ru is a Trademark of Mail.ru LLC.
Microsoft, Bing, Windows, Windows Vista, Internet Explorer, Excel, and Outlook are registered Trademarks of Microsoft Corporation in the United States and other countries.
Mozilla and Firefox are Trademarks of the Mozilla Foundation.
VMware is a trademark of VMware, Inc., or trademark of VMware, Inc. registered in the USA or in other jurisdictions.
In the drop-down list, you can filter events by the following types of activity:
All events. The list displays information about all actions performed by the application.
Registry. The list displays information about actions performed by the application in the registry (for example, creation or deletion of keys and values or modification of rights).
Files. The list displays information about actions performed by the application in the file system (for example, creation or deletion of files).
Applications. The list displays information about actions performed by the application in the operating system (for example, initiation or termination of processes).
Contains a report on application activity that System Watcher has detected in the operating system. System Watcher keeps track of the file, registry, and operating system events associated with an application.
The list provides a description and details for each of the actions performed by the application (for example, path to a file or information about modification of the value of a registry key).
The Application appearance log window contains the results of analysis performed by System Watcher of malicious activity of the application. The following application data is available:
Application name
Location of the application on the computer
Time at which application installation was completed
Name of the process that installed the application to the computer
This window contains a report on application activity that System Watcher has detected in the operating system. System Watcher keeps track of the file, registry, and system events associated with an application.
Notifications that appear in the taskbar notification area inform you of application events that require your attention.
If a notification is displayed on the screen, you should select one of the options that are suggested in the notification. The optimal option is the one recommended as the default by Kaspersky Lab experts.
The column shows the weighting coefficient assigned to an explicit word. If a message contains several explicit words whose combined weighting coefficient exceeds 100, this message is flagged as spam.
Enabling Application Manager. If the toggle switch is flipped on, Kaspersky Anti-Virus controls the installation and removal of additional applications, as well as the display of installation steps containing ads.
If the check box is selected, during installation of applications on your computer Kaspersky Anti-Virus blocks installation of additional programs.
If the check box was cleared after you started installing a certain application, the Installation Assistant continues to run for the duration of the current installation. Check boxes opposite applications offered for additional installation are cleared, and the additional applications themselves are not installed. This functionality will be disabled during the next installation. Additional applications will be installed together with the main application.
The Installation Assistant functionality is limited in Microsoft Windows XP (x64). The Installation Assistant functionality may not be available for some installers.
If the check box is selected, during installation of applications on your computer Kaspersky Anti-Virus blocks the display of ads or offers to install additional programs.
If the check box is selected, Kaspersky Anti-Virus will regularly analyze installed applications and browser extensions to find reasons for their removal.
Clicking this link opens a window in which you can select the categories of installed applications and browser extensions that Kaspersky Anti-Virus will analyze to find possible reasons to remove them.
Clicking this link opens a window in which you can specify on which days and at what time Kaspersky Anti-Virus will perform an analysis of installed applications and browser extensions.
Clicking this link opens the Exclusions window. The window shows applications that you added to the list of exclusions by clicking the Ignore button in the list of applications detected by the PC Cleaner component.
If the computer is shut down or protection is paused when the application is monitoring active network connections, notification about termination of those connections is displayed. This is necessary for properly quitting the application. Termination occurs automatically after 10 seconds or after you click the Yes button. Most terminated connections are recovered after a short time.
If the connection is terminated when you are downloading a file without a download manager, data transmission is interrupted. To download the file, you must start the download process again.
You can cancel termination of connections. To do this, in the notification dialog box, click the No button. The application continues to run.
In this field, you can specify the name of a category of resources; access to this category of resources will be analyzed and controlled by Application Control.
Clicking this button opens the Select key from registry window in which you can select a registry key, to which access must be managed by Application Control.
In this field, you can manually specify the path to a file or folder.
When entering the path manually, you can use a mask. The \* mask allows you to specify that you want to control access to all files or subfolders in the selected folder. The \*<extension> mask allows you to specify that you want to control access to all files with the specified extension in the selected folder.
If this option is selected, Kaspersky Anti-Virus assigns unknown applications to one of the trust groups based on the rules configured by Kaspersky Lab.
Fields for entering an application activation code. An activation code consists of four groups of characters (for example, ABA9C-CDEFG-ABCBC-ABC2D). Type the first group of characters the first entry field, the second group to the second field, and so on.
Clicking the Where can I find an activation code? link opens the Technical Support website in a browser window, which displays more information about the activation code.
If you specify an activation code for Kaspersky Internet Security in the entry field, the procedure for switching to Kaspersky Internet Security starts after activation is completed. If you specify an activation code for Kaspersky Total Security in the entry field, the procedure for switching to Kaspersky Total Security starts after activation is completed.
Clicking this link activates the trial version of the application. You will be able to use the trial version of the application with all features during a short evaluation period. When the license expires, the trial version of the application cannot be reactivated.
This option is available if the trial version of the application has not been used yet.
This window opens if the activation code entered is intended for another application. The application name appears in the Corresponding application line. You can start using this application now or after your license for Kaspersky Anti-Virus expires.
If the check box is selected, Kaspersky Anti-Virus blocks the display of ads during installation of any software on the computer. Installation of additional software being advertised is also blocked.
Configuring a secure connection for website categories
By default, Kaspersky Secure Connection does not establish a secure connection when you open websites in a browser. You can configure activation of a secure connection for different website categories if Kaspersky Internet Security, Kaspersky Total Security or Kaspersky Security Cloud is installed and activated on your computer. For example, you can specify that a secure connection must be enabled when you visit websites of payment systems or social networks.
To configure a secure connection for website categories:
Open the main application window.
In the main application window, click the button .
Select the Settings item in the drop-down menu.
The Settings window opens.
Click the Configure rules for websites button.
The Rules for connection to websites window opens.
Select website category:
Banking websites. This category includes websites of banks.
Payment systems. This category includes websites of payment systems.
Internet shops with online payment. This category includes websites of online retailers with built-in payment systems.
Social networks. This category includes websites of social networks.
Select an action triggered by visiting this website category:
Enable secure connection. The application will activate a secure connection when visiting websites of this category.
Ask. When visiting any website in this category, the application will ask you whether a secure connection should be established for this website. In the browser window, choose the appropriate action and select the Remember my choice for this website check box. The application will perform the chosen action every time you visit this website. If the check box is not selected, the application remembers your choice for one hour.
Ignore. The application will not establish a secure connection when visiting websites of this category.
If the Enable secure connection option has been selected, in the Choose virtual server drop-down list, specify the country through which you wish to establish a secure connection for this website category.
Select the Notify when enabled check box if you want to receive notifications about a secure connection being enabled when you visit this category of websites.
By default, Kaspersky Secure Connection does not prompt you to enable a secure connection if the HTTPS protocol is used to connect to a website.
How to configure a secure connection for a selected website
To configure a secure connection for a selected website:
Open the main application window.
In the main application window, click the button .
Select the Settings item in the drop-down menu.
The Settings window opens.
Click the Configure rules for websites button.
The Rules for connection to websites window opens.
In the Exclusions for websites section, click the Settings button.
The Exclusions for websites window opens.
Click the Add button to add a website to the list of exclusions from the settings that are specified for website categories.
The Add website window opens.
Enter the website address in the Web address (URL) field.
In the Action to take when the website is accessed section, specify which action the application must take when you visit this website:
Enable secure connection. Kaspersky Anti-Virus enables a secure connection when you visit the specified website. For example, you can configure the application to enable a secure connection when you visit the website of your bank. This setting is applied even if the Ignore option is selected inthe When browsing unsecured websites of banks section in the Rules for connection to websites window.
In the Choose virtual server drop-down list, select the country through which you want to establish a secure connection when visiting this website. If the country selected for a secure connection for the website differs from the country selected for the website category to which the website belongs, connection to the website will be established through the country that is specified for this website and not for the website category.
Select the Notify when enabled check box if you want to receive notifications about a secure connection being enabled when you visit this website.
Ignore. Kaspersky Anti-Virus does not enable a secure connection when you visit the specified website.
Click the Add button.
Kaspersky Secure Connection does not enable a secure connection if the HTTPS protocol is used to connect to a website.
This window is displayed if the entered activation code cannot be specified as a new code. This may occur if the activation code for a subscription has been entered. In this case, you can use the entered activation code for immediate activation of Kaspersky Anti-Virus.
A previously used activation code can be used again on another computer until the license expires.
If this check box is selected, clicking the Continue button applies the entered activation code to activate Kaspersky Anti-Virus. A previously used activation code can be used again on another computer.
The Continue button is not available if the check box is cleared.
If the check box is selected, you will receive Kaspersky Lab news and special offers at the specified email address. This check box is available if you use the application in the European Union.
In some regions, this check box is named I confirm that I allow AO Kaspersky Lab to use my email address to contact me by email about personalized special offers, reviews, surveys, order completion reminders, relevant news and events.
Clicking this button causes My Kaspersky portal account to be registered. An email with My Kaspersky portal account activation link arrives at the email address you specified.
The field layout during creating an account is composed by Kaspersky Lab experts and may change.
Clicking this button causes My Kaspersky portal account to be registered. An email with My Kaspersky portal account activation link arrives at the email address you specified.
Additional features of a secure connection are available when Kaspersky Internet Security, Kaspersky Total Security or Kaspersky Security Cloud is installed and running on your computer.
Additional features of a secure connection include:
Settings for enabling a secure connection when visiting the following website categories:
Banking websites
Payment systems
Online stores and electronic commerce websites
Social networks
Settings for automatically changing the country. If you specified different countries for websites of different categories in the secure connection settings, you can specify whether or not to change the country when moving between websites of different categories.
Secure connection settings for individual websites, for example, for websites that you visit often.
Use this list to specify a trust group to which unknown applications started before the startup of Kaspersky Anti-Virus should be assigned. Network activity of such applications is restricted according to the rules of the selected trust group. By default, network activity of applications started before the startup of Kaspersky Anti-Virus is restricted according to rules configured by Kaspersky Lab.
When this option is selected, the Activation Wizard closes. The application will run under the detected current license. If a license for Kaspersky Internet Security or Kaspersky Total Security is found, the Migration Wizard opens.
If you select this option, the Activation Wizard continues running and activates Kaspersky Anti-Virus. You will need to enter a new activation code that is valid for Kaspersky Anti-Virus.
If you click this link, the Activation Wizard reattempts to activate the application. If problems with the Internet connection are temporary, the re-attempt may be successful.
To run the Migration Wizard, click the Next button. The Migration Wizard installs the application that corresponds to the activation code entered (Kaspersky Internet Security or Kaspersky Total Security).
If your license for Kaspersky Anti-Virus has not yet expired, you can apply the activation code for Kaspersky Anti-Virus on another computer.
To cancel migration to Kaspersky Internet Security or Kaspersky Total Security, click the Cancel link.
Make sure that the activation code that you are specifying as a new code is not actually intended for subscription-based use of the application. Payment for subscription-based use of the application is collected when the subscription is obtained. If you have obtained a subscription for Kaspersky Anti-Virus, do not use the application under the current license. Instead, activate the application with a subscription activation code.
Until the license expires, you can use an already used activation code to activate the application on another computer.
This window displays a list of applications that are allowed or not allowed to change the operating system settings. An empty list means that you have not yet allowed or blocked any applications from modifying operating system settings.
The list of applications contains the following data:
Application. This column shows the application name.
File name. This column shows the name of the executable file of an application.
Path. This column shows the path to the executable file of an application on the hard drive of your computer.
Vendor. This column shows the digital signature of the application publisher.
Changes. This column displays whether an application is blocked or allowed to modify operating system settings, browser settings, and network settings.
Clicking this button opens a window displaying the text of the License Agreement.
Depending on the presence of a license, subscription, and on the properties of your version of the application, the window may display various buttons for initiating actions related to your license or subscription. Default buttons are described below.
Clicking this button starts the Activation Wizard.
This button is displayed if the application is not activated, if a new activation code can be entered, or if the subscription under which you are using the application has expired or expires soon.
Clicking this button launches an update of the application databases.
This button is available if problems with the current license can be solved by updating the databases (for example, the release date of the databases does not match the license expiration date).
In this window, you can view offers from the online store and purchase licenses for Kaspersky Lab applications. If you have purchased a license earlier, you can renew it.
For some applications you can choose a license term and number of hosts on which you want to install the application, as well as enable automatic renewal of the subscription.
To access the online store through the interface of Kaspersky Anti-Virus, the application must securely connect to a Kaspersky Lab server over HTTPS.
The Kaspersky Lab Technical Support section contains information required for contacting Kaspersky Lab Technical Support: version number of Kaspersky Anti-Virus, release date and time of the application databases, operating system version, and key.
Clicking this link opens the website from which you can download the application version that is intended for use in your region. This link is not available in all versions of the application.
Clicking this link opens the page of interactive support in a browser window. This page provides answers to questions that users most frequently ask of Kaspersky Lab Technical Support specialists.
Clicking this link opens the Kaspersky Lab Community in a browser window, where you can view posted threads, leave your comments, create new threads, and search for information.
Clicking this link opens the Support Tools window. In this window, you can collect technical information about the application's operation and create a system state report.
In the drop-down list, you can select the events about which Kaspersky Anti-Virus logs information in the operating system state and application operation report.
Available values:
Errors. Kaspersky Anti-Virus saves information about errors that occur during application operation and includes it in the report.
Important. Kaspersky Anti-Virus saves information about events that are important for the computer's security, such as detection of a probably infected object or suspicious activity in the operating system, and includes it in the report.
Recommended. Kaspersky Anti-Virus saves information about important events, as well as events that are of minor importance for computer security, and includes it in the report.
All. Kaspersky Anti-Virus generates a detailed report on all events, which can be used for application diagnostics.
Clicking the link opens the Send report window. This window lets yousend a report on the operating system state and application operation to a Kaspersky Lab FTP server.
Clicking this link deletes all trace files and reports. If clicking this link did not delete all trace files, reboot the computer and click the Delete all service data and reports link again.
Content of the working memory of a process or the entire RAM of the system at a specified moment of time.
Content of the working memory of a process or the entire RAM of the system at a specified moment of time.
files. The history of execution of commands by the application and information on the state of the application is saved in these files.
If the check box in the file line is selected, the file will be uploaded to the Technical Support server. Before being uploaded, the data files are prepared and archived.
If the check box in the file line is cleared, the file will not be uploaded to the Technical Support server.
Amount of data that will be sent to the Technical Support server if the specified file is included in the report. Kaspersky Anti-Virus includes a file in the report if the check box in the line of the file is selected.
By selecting a check box, you can add trace files and dumps to the report that is sent to the Technical Support server. The history of execution of commands by the application and information on the state of the application is saved in these files.
Clicking the <number of files>, <data volume> link next to the check box opens the Data received for analysis window. The window shows the list of files and the total amount of data that is to be transferred to the Technical Support server.
Clicking this button opens the Licensing window with detailed information about the license.
The Protection section displays notifications about the protection status of your computer, disabled protection components, detected objects, and any problems with database and application software module updates.
When this button is clicked, Kaspersky Anti-Virus begins processing the detected object.
This button is available if an object has been detected.
Clicking the button opens a menu from which you can select an additional action:
Add to exclusions creates an exclusion according to which the object should not be recognized as malicious.
Ignore moves the notification to the Ignored notifications section.
Go to file opens the folder that originally contained the file.
View report opens the Detailed reports window, which provides detailed information about detected objects and the application's actions performed on those objects.
Learn more opens a web page with a description of the detected object.
When this button is clicked, Kaspersky Anti-Virus runs an update of the databases and application software modules.
Clicking the button opens a menu from which you can select additional actions:
Configure update opens the Update settings section of the application settings window. In this section, you can configure the mode for downloading and installing update packages, as well as select the update source.
View report opens the report on updates of databases and application software modules.
When this button is clicked, Kaspersky Anti-Virus stops updating databases and application software modules. This action is available if an update of databases and application software modules is running.
When this button is clicked, the application quits and starts again. This may be required, for example, to complete an update of databases and application modules.
When this button is clicked, automatic updating of databases and application software modules becomes available.
Clicking the button opens a menu from which you can select the Configure update action. Selecting this action opens the Update settings section of the application settings window. In this section, you can configure the mode for downloading and installing update packages, as well as select the update source.
When you click this button, Kaspersky Anti-Virus installs the Kaspersky Protection extension in the Internet Explorer browser.
This button is displayed if the Kaspersky Protection extension is not installed in the Internet Explorer browser under the Windows 10 operating system.
The News section displays notifications about news from Kaspersky Lab.
Clicking this button opens a window with a list of news from Kaspersky Lab.
The Ignored notifications section displays notifications to which the Ignore action has been applied. Notifications listed in this section do not affect the color of the protection indicator in the main application window.
When this button is clicked, Kaspersky Anti-Virus begins processing the detected object.
This button is available if an object has been detected.
Clicking the button opens a menu from which you can select an additional action:
Add to exclusions creates an exclusion according to which the object should not be recognized as malicious.
Ignore moves the notification to the Ignored notifications section.
Go to file opens the folder that originally contained the file.
View report opens the Detailed reports window, which provides detailed information about detected objects and the application's actions performed on those objects.
Learn more opens a web page with a description of the detected object.
Clicking this button opens a window where you can view the Kaspersky Security Network Statement and agree or refuse to participate in Kaspersky Security Network.
This button is available if you have refused to participate in Kaspersky Security Network.
In some cases, Kaspersky Lab may temporarily restrict requests to Kaspersky Security Network concerning the reputation of files. When temporary restrictions are imposed on requests for information from Kaspersky Security Network, the corresponding notification is displayed in the left part of the window.
The list of components and tasks is located in the left part of the window. In this list, you can select an application component or a task for which you want to view an activity report in the list of events.
The left part of the window contains a list of events. The list contains information about events that have occurred while the application components were running and / or during a task.
In the right part of the Detailed reports window, detailed information is shown about the event selected in the list. If no events are selected, no information is displayed in the right part of the window.
In the Windows 10 RS3 operating system or later versions, when running a full scan or selective scan Kaspersky Anti-Virus does not scan files that are stored in cloud storage repositories such as OneDrive. These files are scanned by File Anti-Virus when they are opened or modified.
Clicking this button opens the Select file or folder to scan window. In this window, you can select the objects that you want Kaspersky Anti-Virus to scan.
The list of objects contains disks, files, and folders to be scanned by Kaspersky Anti-Virus when the Selective Scan task is running.
If the list of objects is empty, a rectangular area is displayed to which you can drag and drop objects for scanning. You can select objects in the Select file or folder to scan window. The window opens when you click the Add button.
By clicking the button shown next to each object in the list, you can remove the selected object from the scan list.
Clicking this link opens the Detailed reports window, which provides detailed information about the completed scan. The link is displayed if the scan was completed or stopped.
Clicking this link opens Vulnerable applications window, which contains a list of vulnerable applications that have been detected during the scan. The link is available if a vulnerability scan is running.
Clicking this link opens the Vulnerabilities of the operating system window, which contains a list of vulnerabilities that have been detected in the operating system during the scan. The link is available if a vulnerability scan is running.
By default, the application scans the following objects: system memory, objects loaded on operating system startup, backup storage, hard drives and removable drives.
Clicking this link opens the Detailed reports window, which provides detailed information about the completed scan. The link is displayed if the scan was completed or stopped.
Clicking this link opens the Detailed reports window, which provides detailed information about the completed scan. The link is displayed if the scan was completed or stopped.
Clicking this link opens the Detailed reports window, which provides detailed information about the completed scan. The link is displayed if the scan was completed or stopped.
The above-listed interface elements can be displayed if at least one external device is connected to the computer.
Contains a list of vulnerabilities in the operating system. Kaspersky Anti-Virus groups all detected vulnerabilities based on the threat they pose for the operating system. For each group of vulnerabilities, Kaspersky Anti-Virus offers a set of actions to neutralize them. There are three groups of vulnerabilities with associated actions for neutralizing them:
Strongly recommended actions help to neutralize vulnerabilities that pose a serious security threat.
Recommended actions neutralize vulnerabilities that may turn out to be dangerous.
Additional actions neutralize vulnerabilities that do not currently pose a threat but may threaten the security of your computer in the future.
The following buttons are available for each listed vulnerability:
Fix
When this button is clicked, Kaspersky Anti-Virus fixes the selected vulnerability.
Details
When this button is clicked, the Technical Support website opens, with a description of the threat associated with the selected vulnerability.
Roll back the fix
When this button is clicked, Kaspersky Anti-Virus undoes the previously performed fix of a vulnerability.
This button is available for vulnerabilities that have been previously fixed and only if, in the View list, the Show fixed vulnerabilities check box is selected.
In this drop-down list, you can select the Show fixed vulnerabilities check box, which enables / disables display of fixed vulnerabilities in the list of vulnerabilities.
Due to the behavior of some update services, vulnerabilities of some applications may be detected multiple times.
The following buttons are available for each vulnerability:
Details
Clicking this button takes you to the Technical Support website, which provides a description of the threat. On the website, you can download required updates for your version of the application and install them.
Add to exclusions
When you click this button, Kaspersky Anti-Virus moves the application to the trusted zone.
Mode of resuming the operation of protection components in which protection is enabled after the application is quit and started again or the operating system is restarted (if automatic startup of the application is enabled).
This section shows a list of scan tasks that have been already completed or are currently running:
Full Scan
Quick Scan
Selective Scan
External Device Scan
Vulnerability Scan
Rootkit Scan
Idle Scan
Advanced Disinfection
The upper part of the window displays information about the current tasks: task name, progress indicator, time left until task completion, number of scanned files, and number of detected threats.
When this button is clicked, Kaspersky Anti-Virus pauses the task. After that, information about the paused task is displayed in the lower part of the window, in the list of completed tasks.
The lower part of the window displays a list of completed tasks. Tasks are listed in order of completion: the tasks completed most recently are displayed at the top. Each list item contains a task name, completion progress if the task has been paused, information about the amount of time elapsed since task completion, as well as the number of scanned files and detected and neutralized threats.
Clicking this link opens the Detailed reports window, which provides detailed information about the completed scan. The link is displayed if the scan was completed or stopped.
Clicking this link opens the Notification Center window, in which you can select the action to take on threats that have been detected but not neutralized.
Clicking this link opens the Quarantine window, which contains a list of backup copies of files that have been deleted or modified during the disinfection process.
Clicking this link opens Vulnerable applications window, which contains a list of vulnerable applications that have been detected during the scan. The link is available if a vulnerability scan is running.
Clicking this link opens the Vulnerabilities of the operating system window, which contains a list of vulnerabilities that have been detected in the operating system during the scan. The link is available if a vulnerability scan is running.
Clicking this link opens the Detailed reports window, in which you can view information about completed updates of databases and application software modules.
Clicking this link opens the Detailed reports window, in which you can view information about completed updates of databases and application software modules.
The link is displayed during an update of application databases and modules.
Enabling of a mechanism of Kaspersky Anti-Virus that protects the application against modification or deletion of its files from the hard drive, memory processes, and system registry entries.
The button is displayed if the Enable Self-Defense check box is cleared in the Self-Defense subsection of the Additional section of the application settings window.
Clicking the button in the right part of the window shows text boxes in which you can provide the address of a bank or payment system website and its description. When the user attempts to access the specified website or payment system, Kaspersky Anti-Virus performs the action selected in the When this website is visited section.
Clicking this link shows On-Screen Keyboard. On-Screen Keyboard protects data entered on the keyboard from interception. You can use On-Screen Keyboard to enter personal data, for example, when logging into websites or making money transfers through the Internet.
To make On-Screen Keyboard available, restart your computer after installing Kaspersky Anti-Virus.
Contains a list of the websites of banks and payment systems for which you have defined special settings in Safe Money. Click an item in the list to specify the action that Kaspersky Anti-Virus should perform. The icon in the left part of the list and the text in the middle of the list describe the action to be performed:
Run Protected Browser.
Prompt for action.
Do not run Protected Browser, but open the website in the standard browser instead.
The button is displayed on the right of each list item. If you click this button, the entry fields will appear in the right part of the window. In the entry fields, you can change the settings for using Safe Money when you visit a website of a bank or payment system.
If the list is blank, Kaspersky Anti-Virus uses the database of bank and payment system websites that has been recommended by Kaspersky Lab specialists. In this case, the Add website to Safe Money button is displayed instead of the list.
Clicking this link shows / hides a part of the list of the websites of banks and payment systems for which the Do not run Protected Browser action has been selected.
The web address of the website of a bank or a payment system. You can specify a web address or an address mask.
In the When this website is visited section, you can select the action that Kaspersky Anti-Virus performs when the specified website is accessed by the user.
If Kaspersky Anti-Virus detects an attempt to access the specified website, it opens the website in Protected Browser. The standard browser used for accessing the website displays a message informing you that Protected Browser is being started.
If Kaspersky Anti-Virus detects an attempt to access the specified website, it prompts you to launch Protected Browser or to open the website with the standard browser.
Clicking this link shows an entry field in which you can enter a description of the website (for example, the name of the bank). The description is displayed in the list of the websites of banks and payment systems in the left part of the window.
An entry field in which you can change the description of a website (for example, the name of a bank). The description is displayed in the list of the websites of banks and payment systems in the left part of the window.
Clicking a user image opens a window that contains statistics on the use of the Internet and applications by that user. From this window, you can view the Parental Control report and configure Parental Control settings.
Clicking this link opens a window that displays statistics on Internet and application use by the selected user. From this window, you can view the Parental Control report and configure Parental Control settings.
Displayed when you access Parental Control settings, if no password has been set to limit access to Kaspersky Anti-Virus administration options. Includes the following interface elements:
Password In this field, type in a password.
Confirm. In this field, retype the password.
Continue. Clicking this button opens the Parental Control window, from which you can view user profiles and configure Parental Control settings.
Skip. Clicking this link opens the Parental Control window; access to management of Parental Control is not restricted.
Displayed when you attempt to access Parental Control settings if access is protected by a password. Includes the following interface elements:
Password input field.
Log in. Clicking this button opens the Parental Control window.
Save password for current session. If this check box is selected, Kaspersky Anti-Virus remembers the password and no longer prompts for it during the current session.
Clicking this link allows to configure Parental Control settings to be applied to the current account.
In the Computer section, you can view the computer usage time of the selected user, view the report on computer usage, and configure Parental Control settings. Computer usage statistics are shown for the period specified in the report on computer usage time. By default, statistics for the current twenty-four hours are displayed.
Clicking this link opens the window. In this window, you can specify the time period during which the selected user can use the computer.
In the Applications section, you can view details on applications that the selected user has used recently. Statistics on use of applications are shown for the time interval specified in the application usage report. By default, statistics for the current twenty-four hours are displayed.
Clicking this link opens the Application Usage Report window. This window displays details on applications that have been started by the selected user and their usage time.
Clicking this link opens the window. In this window, you can specify the applications that the selected user can use.
The Internet section contains statistics on website visits and a report on the time that the user spent on those websites. You can also view the total number of blocked attempts to visit blocked websites.
The statistics on visited web resources are shown for the period specified in the report on Internet usage time. By default, statistics for the current twenty-four hours are displayed.
Clicking this link opens the window. In this window, you can receive information on which personal data the selected user attempted to transmit while communicating on social networks, and which key words he/she used.
Clicking this link opens the window. In this window, you can specify the personal data and key words whose use in the selected user's communication you want to monitor.
Clicking this button applies the profile with the default settings to the selected user's account. This profile only collects statistics on the actions of the selected user. Restrictions on application and Internet use are not set.
Clicking this button applies the profile intended for children from 4 to 12 years old to the selected user's account. This profile provides the following rules for the use of the Internet and applications:
Internet use is allowed.
Browsing is allowed only for websites that are listed in the categories "Internet communication" and "Computer games".
Downloading of files of all types is blocked
Monitoring of computer use is enabled; computer use restrictions are not set.
Monitoring of application use is enabled; no restrictions are imposed on computer use.
Monitoring of game use is enabled; restrictions are set according to the rating system.
Clicking this button applies the profile intended for children 12+ years old to the selected user's account. This profile provides the following rules for the use of the Internet and applications:
Internet use is allowed.
Browsing is allowed only for websites that are listed in the categories "Internet communication", "Shopping, banks, payment systems", and "Computer games".
Monitoring of computer use is enabled; computer use restrictions are not set.
Monitoring of application use is enabled; no restrictions are imposed on computer use.
Monitoring of game use is enabled; restrictions are set according to the rating system.
Clicking this button applies the profile with the default settings to the selected user's account. This profile provides the following rules for the use of the Internet and applications:
Internet use is allowed.
Browsing is allowed only for websites that are listed in the categories "Internet communication", "Shopping, banks, payment systems", and "Computer games".
Safe Search is enabled.
Monitoring of computer use is enabled; computer use restrictions are not set.
Monitoring of application use is enabled; no restrictions are imposed on computer use.
Monitoring of game startup is enabled; no startup restrictions are set.
Monitoring of encrypted SSL connections in browsers is enabled.
Clicking this link opens the window for choosing a file that contains Parental Control settings. After you choose the file, these settings are applied to the account of the selected user.
Clicking this button opens the Parental Control settings window, with the Internet section displayed. In this section, you can impose restrictions on Internet usage time, access to websites and file downloads for the selected user.
It contains a list of website categories. For each website category, the number of visits that have been blocked or allowed by Parental Control is shown:
The number of attempts to access websites blocked by Parental Control is displayed in red.
The number of attempts to access websites allowed by Parental Control is displayed in gray.
Clicking this button opens the Parental Control settings window, with the Computer section displayed. In this section, you can set time limits on computer use.
This switch allows enabling / disabling monitoring of the user's actions by Parental Control.
Depending on whether Parental Control is monitoring the user's actions, the button may have the following appearance:
– Parental Control monitors the user's actions.
– Parental Control does not monitor the user's actions.
Monitoring of a user's actions is performed in accordance with the Parental Control settings defined for that user.
In the Application Usage Report window, you can view information about startup of applications during a specified time interval for a selected account.
Clicking this button opens the Parental Control settings window, with the Applications section displayed. In this section, you can impose restrictions on startup and use of applications.
Contains a list of applications that have been most frequently started by the user within the specified period. The list also describes the duration of use of each application.
Contains a list of applications that have been blocked from starting by Parental Control. Applications are shown in chronological order, with those started most recently shown on top.
Clicking the More<N> link allows you to view other applications that have been blocked from starting.
Contains a list of all applications that the user has started during the specified period. The list also describes the duration of use of each application.
Applications are grouped by categories (for example, "Games" or "IM clients").
Clicking the button allows viewing the list of applications in a category.
Clicking the button minimizes the list of applications in the category to one line.
Clicking this button opens the Parental Control settings window, with the Content Control section displayed. In this section, you can impose restrictions on sending of keywords and personal data.
This column shows the website through which the user attempted to send or receive a message with key words or personal data that is blocked from transfer.
Clicking this button switches between window views.
This button can be displayed as:
The Weekdays and Weekends sections are displayed.
This option is selected by default.
The Exact usage time section is displayed.
In the Weekdays section, you can limit the time allowed for computer use on weekdays. This section is available if the window view mode switching button is set to .
This check box enables / disables blocking of the computer during the specified sleeping hours. The limit is applied on weekdays.
If the check box is selected, Parental Control blocks access by the user to the computer during the time that is specified in the fields next to the check box.
The check box enables / disables the daily limit on total computer use time on weekdays. The total computer usage time per weekday is selected from the drop-down list next to the check box.
If the check box is selected, Parental Control blocks access by the user to the computer after expiration of the time selected from the drop-down list next to the check box.
If the check box is cleared, computer use time is not limited on weekdays.
This check box is cleared by default.
In the Weekends section, you can limit the time for computer use on weekends. This section is available if the window view mode switching button is set to .
This check box enables / disables blocking of the computer during the specified sleeping hours. The limit is applied during weekends.
If the check box is selected, Parental Control blocks access by the user to the computer during the time specified in the fields next to the check box.
The check box enables / disables the daily limit on total computer use time during weekends. The computer use time per weekend day is selected from the drop-down list next to the check box.
If the check box is selected, Parental Control blocks access by the user to the computer after expiration of the time selected from the drop-down list next to the check box.
If the check box is cleared, computer use time during weekend days is not limited.
This check box is cleared by default.
The Exact usage time section displays a table of computer usage time. By using this table, you can set up an hour-by-hour schedule for use of the computer throughout the week. This section is available if the window view mode switching button is set to .
You can use this table to specify days of the week and hours when the user is allowed to use the computer. The table rows correspond to days of week and the table columns correspond to one-hour intervals on the timeline. Depending on the regional settings of the operating system, the timeline may be displayed in 24-hour or in 12-hour format. The colors of table cells indicate the restrictions that are in effect: red means that computer use is blocked and green means that computer use is allowed. Clicking a table cell changes its color. When you roll the mouse pointer over a cell, the time interval corresponding to that cell is displayed under the table.
In the Time breaks section, you can set up periodic blocking of computer access during the day.
The check box enables / disables periodic blocking of the computer at the specified interval to ensure that the user takes a break.
If this check box is selected, Parental Control blocks access to the computer at the interval selected from the <HH:MM> drop-down list. Access is blocked for the length of time selected from the <N minutes> drop-down list.
This check box enables / disables a time limit for Internet use on weekdays.
If this check box is selected, Parental Control limits the total Internet use time for the selected user. The time limit on Internet use is selected (in hours) from the drop-down list next to the check box.
If the check box is cleared, Parental Control does not limit Internet use on weekdays.
This check box enables / disables a time limit for Internet use on weekends.
If this check box is selected, Parental Control limits the total Internet use time for the selected user. The time limit on Internet use is selected (in hours) from the drop-down list next to the check box.
If the check box is cleared, Parental Control does not limit Internet use on weekends.
In the Control Web Browsing section, you can restrict access to websites depending on their content.
If you select this option, Parental Control blocks access to websites from the categories specified. The categories of websites to be blocked can be specified by clicking the Select categories of websites link.
Clicking this button opens the Parental Control settings window, with the Internet section displayed. In this section, you can impose restrictions on Internet usage time, access to websites and file downloads for the selected user.
In this window, you can create a list of exclusions from the Parental Control rules that have been configured. Access settings that affect websites added to the exclusion list are applied both when blocking websites by categories (the Block access to websites from selected categories button) and when blocking all websites (the Block access to all websites button).
For example, you can allow access to websites from the Internet communication media category but add the www.example.com website to the list of exclusions to block access to that particular website. In this case, Parental Control allows access to all social networks except the example.com social network. You can also block all websites and add a webmail website access to which will be allowed to the list of exclusions. In this case, Parental Control allows the user to access the webmail website only.
The list contains web addresses to which access is allowed or blocked regardless of the Parental Control settings.
From the context menu of the we address in the list, you can change the web address or remove it from the list, and also allow or block access to the website.
Clicking this button opens the Edit window where you can edit the web address mask or web address of the website selected in the list of exclusions and the website access settings.
The button is available if a web address mask is selected in the exclusion list.
Clicking this button opens the window for adding a website address mask, in which you can add a website address or a website address mask to the list of exclusions.
Allow. If you select this option, Parental Control allows user access to the website even if it belongs to a blocked category or blocking of all websites is enabled.
Block. If you select this option, Parental Control blocks user access to the website even if it belongs to an allowed category.
You can specify the scope to which to apply the website access settings.
You can choose one of the following options:
Website mask. If you select this option, Parental Control allows or blocks access by the user to all web pages of the specified website.
For example, if the Web address mask field contains the address example.com, Parental Control allows or blocks access to all the web pages of example.com website, including news.example.com, market.example.com, and mail.example.com.
Specified web address. If you select this option, Parental Control allows or blocks user access only to the specified page of the website indicated in the Web address mask field.
For example, if you specify the URL mail.example.com/login in the Web address mask field, Parental Control allows or blocks access only to the specified login page that is used to sign in to the webmail account. This rule will not apply to other pages of the website.
Allows applying to the exclusion of one of existing templates with the specified set of settings.
You can choose one of the following options:
Entire website – when this option is selected, Parental Control allows or blocks access to the domain specified in the Web address mask field. For example, if the Web address mask field contains the address example.com, Parental Control will allow or block access to all the web pages of the domain example.com, including news.example.com, market.example.com, and mail.example.com.
Specified web page – when this option is selected, Parental Control allows or blocks access to the specific page indicated in the Web address mask field and to all web addresses that contain this page. For example, if the Web address mask field contains the address example.com/hl, Parental Control will allow or block access to this page as well as to web addresses that contain it, such as example.com/hl/example1.html.
Specified web address – when this option is selected, Parental Control allows or blocks access to the specific web address indicated in the Web address mask field. For example, if you specify the URL mail.example.com/login in the Web address mask field, Parental Control allows or blocks access only to the specified login page that is used to sign in to the webmail account. This rule will not apply to other pages of the website.
This check box enables / disables blocking of personal data transfer via social networks and websites.
If this check box is selected, Parental Control blocks transfer of personal data. To specify types of personal data for which you want to restrict transfer, open the List of personal data window. This window opens when you click the Edit list of personal data link.
If the list of personal data to be controlled is empty, Parental Control does not monitor transfer.
If this check box is cleared, Parental Control allows transfer of personal data and does not save any transfer details in a report.
Clicking this link opens the List of personal data window. In this window, you can generate a list of personal data to be monitored by Parental Control.
In the Keyword Control section, you can configure monitoring of usage of specific words and word combinations in the user's correspondence over social networks and on websites.
This check box enables / disables control of use of key words and word combinations in the user's messaging.
If this check box is selected, Parental Control saves information about use of key words in messaging to a report. You can create a list of key words and word combinations in the List of key words window. This window opens when you click the Edit list of key words link.
If the list of key words is empty, Parental Control does not monitor use of key words.
If this check box is cleared, Parental Control does not monitor use of key words.
Clicking this link opens the Keyword Control window. In this window, you can create a list of key words and word combinations to be controlled in the user's messaging.
This check box enables / disables blocking of games with ratings that are higher than the specified one. You can specify the maximum allowed rating for games in the drop-down list next to the check box.
Ratings of games in the list correspond to the PEGI or ESRB rating system, depending on your location.
If the check box is selected, Parental Control blocks games with ratings that are higher than the rating selected from the drop-down list. By default, the rating that corresponds to the user's age is selected.
If the check box is cleared, Parental Control allows starting games that belong to the allowed categories.
This check box enables / disables content-based restrictions on games.
If the check box is selected, Parental Control allows starting a game if its content does not belong to any of the blocked categories. By clicking the Select categories of games link, you can specify the categories of game content that you want to block or allow.
If the check box is cleared, Parental Control allows starting the game (if the game corresponds to the age restrictions that have been set).
Clicking this link opens the Block games by categories window. In this window, you can enable or disable blocking of games included in a specific category.
In the drop-down list, you can select the type of game ratings and content categorization (PEGI or ESRB) that will be used when configuring permissions for application startup in Parental Control:
Detect automatically. If you select this option, Kaspersky Anti-Virus selects a game rating system depending on your location: the Pan European Game Information (PEGI) content rating system or the ESRB system (for the USA and Canada).
PEGI. During configuration of permissions for starting games, the Pan European Game Information (PEGI) content rating system is applied.
ESRB. The ESRB system is used for rating and categorization purposes when configuring permissions to start games.
This check box enables / disables a time limit for use of the application on weekdays.
If this check box is selected, Parental Control limits the total use time of the application for the selected user. The time limit for application use is specified (in hours) in the drop-down list next to the check box.
If this check box is cleared, Parental Control does not limit use of the application on weekdays.
In the Weekends section, you can limit the time for use of the application on weekends.
This check box enables / disables a time limit for use of the application on weekends.
If this check box is selected, Parental Control limits the total use time of the application for the selected user. The time limit for application use is specified (in hours) in the drop-down list next to the check box.
If this check box is cleared, Parental Control does not limit application use on weekends.
In the Time breaks section, you can set up periodic blocking of access to the application during the day.
This check box enables / disables periodic blocking of the application at the specified interval to ensure that the user takes a break.
If this check box is selected, Parental Control blocks the application at the interval specified in the <HH:MM> drop-down list. Access is blocked for the length of time selected from the <N minutes> drop-down list.
The Exact usage time section displays a table of application usage time. By using this table, you can set up an hour-by-hour schedule for use of the application throughout the week.
You can use this table to specify the days of the week and the hours when the user is allowed to use the application. The table rows correspond to days of week and the table columns correspond to one-hour intervals on the timeline. Depending on the regional settings of the operating system, the timeline may be displayed in 24-hour or in 12-hour format. The colors of table cells indicate the restrictions that are in effect: red means that application use is blocked and gray means that application use is allowed. Clicking a table cell changes its color. When you roll the mouse pointer over a cell, the time interval corresponding to that cell is displayed under the table.
In this window, you can enable or disable blocking of games depending on their content. Classification of game content (the set of check boxes) corresponds to the PEGI or ESRB ratings. The type of game classification is selected automatically depending on your location. If necessary, you can select the type of game classification manually in the settings of the Parental Control component.
If the check box next to a category is selected, Parental Control blocks games included in the category.
If the check box next to a category is cleared, Parental Control allows starting games in the category.
Starting a game is allowed if all categories corresponding to the content of the game are allowed.
Clicking this button enables Trusted Applications mode. Before starting Trusted Applications mode, Kaspersky Anti-Virus analyzes the applications that are installed on your computer. During the analysis, Kaspersky Anti-Virus determines whether Trusted Applications mode is appropriate for use on your computer.
This button is available if Trusted Applications mode is disabled. The button is not displayed during an analysis of installed applications.
Clicking this link opens the History of access to modules window. In this window, you can view information about modules of applications that have been blocked or unblocked.
The link is displayed if Trusted Applications mode is enabled.
Clicking this link opens the Manage applications window. In this window, you can specify the trust groups of applications, allow or block the launch of applications, and proceed to configuration of permissions for a selected application.
Clicking this link starts an analysis of the operating system and installed applications and opens the Analysis of installed applications window. This window displays information about the current results of analysis of the operating system and installed applications, as well as the amount of time left until the analysis completes.
This link is displayed if Trusted Applications mode is disabled.
Clicking this link opens the Manage applications window. In this window, you can specify the trust groups of applications, allow or block the launch of applications, and proceed to configuration of permissions for a selected application.
The Current activity section displays information about the number of currently running applications and processes. Information about the CPU workload, RAM volume, free disk space, and network activity is provided in graphic format.
Clicking this link opens the Application Activity window, with the Running tab displayed. In this window, you can view information about consumption of resources by each currently running application or proceed to configuration of permissions for a selected application.
To use Trusted Applications mode, you must enable the following components: Application Control, File Anti-Virus, and System Watcher. Clicking the Continue button enables these protection components automatically.
When this button is clicked, Kaspersky Anti-Virus begins analysis of the applications installed on your computer. Based on the results of analysis, Kaspersky Anti-Virus determines whether Trusted Applications mode is appropriate for use on your computer.
This section displays the progress of analysis of system files and applications installed on your computer. Kaspersky Anti-Virus performs analysis to determine whether Trusted Applications mode is appropriate for use on your computer. During the analysis, Kaspersky Anti-Virus displays the number of trusted files and the number of files that require your decision.
The progress of various steps of analysis is displayed as a percentage.
You can skip some of the stages of analysis by clicking the Skip button. You can also stop analysis by clicking the Stop button.
Clicking this button stops the process of analyzing installed applications. In the window that opens, you can enable Trusted Applications mode or resume the interrupted analysis of installed applications.
This button is unavailable while Kaspersky Anti-Virus is analyzing system files.
Clicking this button stops analysis of installed applications. The Trusted Applications mode window opens. Enabling Trusted Applications mode is canceled.
Clicking this link opens the Analysis of installed applications and executable files is complete window. In this window, you can view the results of the analysis of applications and enable Trusted Applications mode.
Unknown system files have been detected during the analysis of applications installed on the computer. If these files are known to you and you want to work with them in Trusted Applications mode, allow startup of these files. To do this, click the Allow and continue button.
Clicking the link opens the Unknown system files window. In this window, you can view the list of unknown system files detected by Kaspersky Anti-Virus.
When this link is clicked, Kaspersky Anti-Virus allows running unknown system files. The application proceeds to the next step in enabling Trusted Applications mode.
This column shows the name of an unknown system file.
When the button is clicked, additional information about the system file is displayed: product name, version, vendor details, and reason why Kaspersky Anti-Virus does not classify the application to which this file belongs as trusted (for example, the application is not digitally signed).
During the analysis of applications installed on the computer, applications were detected for which insufficient information is available. If these applications are known to you and you want to work with them in Trusted Applications mode, allow startup of these files. After that, enable the Trusted Applications mode.
Clicking this link takes you to a list of applications that will be blocked after Trusted Applications mode is enabled. In this window, you can also allow startup of applications that you trust.
During the analysis of applications installed on the computer, applications were detected for which insufficient information is available. When Trusted Applications mode is in use, these applications will be blocked. You can allow running applications that you trust and enable Trusted Applications mode.
This list contains applications and modules that will be blocked by default when Trusted Applications mode is in use. You can allow running applications and modules that you trust, by using switches in the right part of the list.
When the button is clicked, additional information about the application is displayed: name, version, vendor details, and reason why Trusted Applications mode blocks the application (for example, the application is not digitally signed).
This column shows the path to the executable file of the application.
Right-click an application in the list to open a context menu. From the context menu, you can open the folder containing the executable file of the application, as well as allow or block startup of the application.
This list contains applications and modules that will be blocked by default when Trusted Applications mode is in use. You can allow running applications and modules that you trust, by using switches in the right part of the list.
Depending on the selected display method, the column shows the name of an application or a module, or the name of an application, vendor, or folder.
If the List display method is selected and you click the button, additional information about the application is displayed: application name, version, vendor details, and reason why Kaspersky Anti-Virus blocks the application (for example, the application is not digitally signed).
If the Applications / Vendors / Folders grouping method is selected and you click the button, child applications and modules are displayed.
Analysis of applications installed on your computer has been completed. When Trusted Applications mode is enabled, startup is allowed for all trusted applications. We recommend that you enable Trusted Applications mode.
This list contains applications installed on your computer. For each application in the list, you can view information on the status, digital signature, trust group, popularity among KSN users, and time of their most recent launch.
Double-clicking the row of an application or process opens the Application rules window. In this window, you can configure rules for controlling the actions of the application.
Right-clicking the row of the application opens a context menu. From the context menu, you can perform the following actions:
Open the Application rules window, in which you can configure permissions for application activity.
Move the application to another trust group.
Apply default Application Privilege Control settings to an application.
Open the folder that contains the executable file of the application.
This column shows the trust group to which the application belongs. The trust group defines the rules for using the application on the computer: prohibit or permit launch, the application's access to files and to the system registry, and restrictions on the application's network activity.
This column shows the level of application popularity among participants of Kaspersky Security Network (KSN). The level of popularity reflects the number of KSN participants who use the application.
The list contains applications and processes that are currently running on your computer.
Right-click to open the context menu of a column header. The context menu lets you configure the way columns with additional information about applications and processes are displayed:
Name of the executable file of the application or process
Application vendor details
Process ID
Path to the executable file of the application
Name of the user who started the application or process
Time of creation and startup of the application or process
Application autorun settings
The Restore default column set item lets you restore the default appearance of the table.
Right-clicking the row of an application or process opens a context menu. From the context menu, you can perform the following actions:
Open the Application rules window, in which you can configure rules for restricting application activity.
Display the order in which processes were started in the Run sequence window.
Move the application to another trust group.
Apply default Application Privilege Control settings to an application.
Open the folder that contains the executable file of the application.
In the drop-down list, you can enable the display of system processes and processes initiated by Kaspersky Anti-Virus:
Show system processes. If you select this item, the overall list of applications and processes displays processes that are required for proper functioning of the operating system.
Show Kaspersky Anti-Virus processes. If you select this item, the overall list of applications and processes displays processes that have been initiated by Kaspersky Anti-Virus.
In the drop-down list, you can select a display mode for applications and processes:
View as list. If you select this option, applications and processes are displayed as a list.
View as tree. If you select this option, applications and processes are displayed hierarchically, based on the order in which the processes were called.
This column shows the trust group to which the application belongs. Depending on the trust group to which the application belongs, the column contains the following icons:
A red icon means that the application is in the Untrusted group.
A pink icon means that the application is in the High Restricted group.
A yellow icon means that the application is in the Low Restricted group.
A green icon means that the application is in the Trusted group.
This column shows the level of application popularity among participants of Kaspersky Security Network (KSN). The level of popularity reflects the number of KSN participants who use the application.
This list contains applications that are started when the operating system starts up.
Right-click to open the context menu of a column header. The context menu lets you configure the way columns are displayed in the table. The Restore default column set item lets you restore the default appearance of the table.
Right-clicking the row of an application or process opens a context menu. From the context menu, you can perform the following actions:
Open the Application rules window, in which you can configure rules for restricting application activity.
Move the application to another trust group.
Apply default Application Privilege Control settings to an application.
Open the folder that contains the executable file of the application.
This column shows the trust group to which the application belongs. Depending on the trust group to which the application belongs, the column contains the following icons:
A red icon means that the application is in the Untrusted group.
A pink icon means that the application is in the High Restricted group.
A yellow icon means that the application is in the Low Restricted group.
A green icon means that the application is in the Trusted group.
This column shows the level of application popularity among participants of Kaspersky Security Network (KSN). The level of popularity reflects the number of KSN participants who use the application.
The list contains information about applications that have been started by the selected application (child applications). By default, child applications are sorted by the time at which they were started, beginning with the earliest.
This column shows the trust group to which the application belongs:
Trusted. The application runs without any restrictions, but it is monitored by File Anti-Virus.
Low Restricted. The application is prohibited from accessing the user's personal data and settings, as well as from editing any public data. Any attempts to change system data or perform privileged operations require the user's permission. The network activity of such applications is restricted.
High Restricted. The application is prohibited from accessing the user's personal data and settings, as well as from accessing any public or system data. Any privileged operations require the user's permission. The network activity of such applications is blocked.
Untrusted. All activities of such applications are blocked completely.
In the drop-down list, you can select a display mode for applications and processes:
Expand all. Selecting this item shows all applications installed on the computer in the list.
Collapse all. Selecting this item shows trust groups in the list.
In the drop-down list, you can select a display mode for applications and processes:
View as list. If you select this option, applications and processes are displayed as a list.
View as tree. If you select this option, applications and processes are displayed hierarchically, based on the order in which the processes were called.
This drop-down list also lets you disable the display of system applications, Kaspersky Lab applications, and non-network applications:
Hide system applications. If you select this item, the overall list of applications and processes does not display applications that are required for proper functioning of the operating system. System applications are hidden by default.
Hide Kaspersky Anti-Virus. If you select this item, the overall list of applications and processes does not display Kaspersky Lab applications. Kaspersky Lab applications are hidden by default.
Show network applications only. If you select this item, the overall list of applications and processes displays only network applications. Network applications are applications intended for organizing collaboration of a group of users on different computers.
This list contains applications installed on your computer. For each application in the list, you can view information on the status, digital signature, trust group, popularity among KSN users, and time of their most recent launch.
Double-clicking the row of an application or process opens the Application rules window. In this window, you can configure rules for controlling the actions of the application.
Right-clicking the row of the application opens a context menu. From the context menu, you can perform the following actions:
Open the Application rules window, in which you can configure permissions for application activity.
Move the application to another trust group.
Apply default Application Privilege Control settings to an application.
Open the folder that contains the executable file of the application.
This column shows the trust group to which the application belongs. The trust group defines the rules for using the application on the computer: prohibit or permit launch, the application's access to files and to the system registry, and restrictions on the application's network activity.
This column shows the level of application popularity among participants of Kaspersky Security Network (KSN). The level of popularity reflects the number of KSN participants who use the application.
This column lets you select the action to be performed by the application when the application attempts to access the network.
The table below lists the operations performed by Kaspersky Anti-Virus when an application or group of applications attempts to access the network.
Description of Kaspersky Anti-Virus actions
Action
Description
Inherit
The application or group inherits the response from the parent group.
Allow
Kaspersky Anti-Virus allows applications included in the selected group to access the network.
Block
Kaspersky Anti-Virus does not allow applications included in the selected group to access the network.
Prompt for action
Kaspersky Anti-Virus asks the user whether to grant an application or group access to the network.
Log events
Besides the specified response, Kaspersky Anti-Virus logs information about the application's attempts to access the network and records the information in a report.
In this column, you can use the switch to allow or block startup of the selected application. By default, startup of an application is allowed or blocked depending on the restrictions for the group to which the application belongs.
In this drop-down list, you can select the following entry filtering options:
Show allowed manually. The list shows modules whose startup was allowed manually.
Hide allowed manually. The list does not show modules whose startup was allowed manually.
Reset all changes made manually. Startup settings are reset for all modules whose startup you have allowed, and the application decides whether or not to allow these modules to start based on information received from Kaspersky Security Network.
When an application is running, Kaspersky Anti-Virus can block startup of modules that have not been classified as trusted. The list contains information about application modules that have been blocked or unblocked. Information on blocking / unblocking of module running is arranged chronologically.
You can manually unblock blocked application modules and, if necessary, re-block them by using the switches in the right part of the list.
Right-clicking the line with the name of an application module opens a context menu that contains the following items:
Allow startup. If you select this option, the application module is allowed to perform all actions.
Block startup. If you select this option, the application module is blocked from performing any actions.
Notifications. Two options are available for configuring notifications:
Show notifications about blocking. If this option is selected, Kaspersky Anti-Virus shows notifications when the selected module is blocked.
Do not show notifications about blocking. If this option is selected, Kaspersky Anti-Virus does not show notifications when the selected module is blocked.
Open folder. If this option is selected, the folder that contains the application module file is opened.
If several records are selected, the context menu contains the following items:
Allow selected. If this option is selected, blocking is disabled for all selected application modules.
Block selected. If this option is selected, blocking is enabled for all selected application modules.
Show notifications about blocking. If this option is selected, Kaspersky Anti-Virus shows notifications when the selected modules are blocked.
Do not show notifications about blocking. If this option is selected, Kaspersky Anti-Virus does not show notifications when the selected modules are blocked.
List of countries where the most users of the application live.
Next to the name of each country, Kaspersky Anti-Virus displays the percentage of the application's users on Kaspersky Security Network who are from that country.
Contains the application's rules for access to the resources that are grouped in the Files and system registry category.
In the Resource column, files are grouped in the Operating system and Personal data categories.
The Read, Write, Delete, and Create columns display the response of Kaspersky Anti-Virus to the application's actions on monitored resources. You can use the context menu of the cell to change the response of Kaspersky Anti-Virus.
The following table describes actions that Kaspersky Anti-Virus takes on monitored resources.
Description of Kaspersky Anti-Virus actions
Action
Description
Inherit
The application or group inherits the response from the parent group.
Allow
Kaspersky Anti-Virus allows applications included in the selected group to take an action on a resource.
Block
Kaspersky Anti-Virus blocks applications included in the selected group from taking actions on a resource.
Prompt for action
Kaspersky Anti-Virus asks the user whether to grant an application or group access to the resource.
Log events
Besides the specified response, Kaspersky Anti-Virus logs information about the application's attempts to access the resource and records the information in a report.
Contains the rules for access to system resources by an application or group of applications.
The Action column shows the response of Kaspersky Anti-Virus to the application's actions on monitored resources. You can use the context menu of the cell to change the response of Kaspersky Anti-Virus to the application's actions.
The following table describes responses of Kaspersky Anti-Virus to the application's actions.
Description of Kaspersky Anti-Virus actions
Response
Description
Inherit
The application or group inherits the response from the parent group.
Allow
Kaspersky Anti-Virus allows applications with the selected status to take an action on the resource.
Block
Kaspersky Anti-Virus prohibits applications with the selected status from taking an action on the resource.
Prompt for action
Kaspersky Anti-Virus asks the user whether to grant an application or group access to the resource.
Log events
Besides the specified response, Kaspersky Anti-Virus logs information about the application's attempts to access the resource and records the information in a report.
A Network service is a collection of settings that describe the network activity for which you are creating a rule.
When creating rule conditions you can specify the network service and the network address. You can use an IP address as the network address or specify the network status. In the latter case, the addresses will be copied from all networks that are currently connected and have the specified status.
This column displays the response of Kaspersky Anti-Virus to the application's network activity. You can use the context menu of the cell in this column to change the response of Kaspersky Anti-Virus. The following table describes actions that Kaspersky Anti-Virus performs when network activity of the application is detected.
Description of Kaspersky Anti-Virus actions
Item
Value
Inherit
The application or group inherits the response from the parent group.
Allow
Kaspersky Anti-Virus allows applications in the selected group to take an action on the resource.
Block
Kaspersky Anti-Virus blocks applications in the selected group from taking actions on the resource.
Prompt for action
Kaspersky Anti-Virus asks the user whether to grant an application or group access to the resource.
Log events
Besides the specified response, Kaspersky Anti-Virus logs information about the application's attempts to access the resource and records the information in a report.
This drop-down list lets you choose the network activity direction to be monitored. The list contains the following directions of network activity:
Inbound. Kaspersky Anti-Virus applies the rule to network connections opened by a remote computer.
Outbound. Kaspersky Anti-Virus applies the rule to the network connection that was opened by your computer.
Inbound/Outbound. Kaspersky Anti-Virus applies the rule both to inbound and outbound data packets or streams, regardless of which computer (your computer or a remote computer) initiated the network connection.
In this list, you can select a protocol for which the rule is to be created.
When you select the ICMP and ICMPv6 protocols, the ICMP settings and Code drop-down lists become available, in which you can specify a message type and message code, respectively.
When you select the TCP and UDP protocols, the Remote ports and Local ports fields become available.
Allows you to set the range of addresses to which the rule is applied by Kaspersky Anti-Virus. Available values:
Any address. Kaspersky Anti-Virus applies the rule to any IP address.
Subnet addresses. Kaspersky Anti-Virus applies the rule to IP addresses from all networks that are currently connected and have the specified status. For this setting, below you can select the network status to which Kaspersky Anti-Virus should apply the rule (trusted networks, local networks, or public networks).
Addresses from the list. Kaspersky Anti-Virus applies the rule to IP addresses within the specified range. The Remote addresses and Local addresses fields are available for this setting (the Local addresses list is unavailable when a network rule is created).
In this field, you can specify addresses to be restricted by Kaspersky Anti-Virus. You can specify, edit, and delete addresses or address masks from the list.
Kaspersky Anti-Virus attempts to convert a DNS address into an IP address. If such conversion is impossible, a corresponding notification is displayed.
The list is available if Addresses from the list is selected in the Address drop-down list.
This check box enables / disables logging of information about connection attempts and application responses to such attempts in a report of Kaspersky Anti-Virus.
This column displays the trust group in which Kaspersky Anti-Virus has placed the application. Kaspersky Anti-Virus regulates the activity of applications by using trust group rules.
If the check box is selected, application activity is monitored according to your defined rules or according to the rules of the trust group to which the application belongs.
If this check box is cleared, the application inherits rules from the parent application by which it was started.
If the check box is selected, the application is allowed to manage Kaspersky Anti-Virus using its graphical user interface. You may need to allow the application to manage the interface of Kaspersky Anti-Virus when using a remote desktop connection application or an application supporting the operation of a data input device. Examples of such devices include touch pads and graphic tablets.
Contains information about all open ports for each process.
The following information is displayed for each port:
Port number
Name of the process (application, service, server) that uses the port
Process ID
Local IP address of the process
Protocol for connection via the port
Double-clicking a line in the list opens the Application rules window, with the Network rules tab displayed. In this window, you can configure network rules for the application that uses the selected port.
Right-clicking a list item opens a context menu from which you can configure network rules.
The menu contains the following items:
Application network rules. Selecting this menu item opens the Application rules window on the Network rules tab. In this window, you can configure a network rule for the application that uses the port selected from the list.
All network rules. Selecting this menu item opens the Packet rules window. In this window, you can configure packet rules for the application that uses the port selected from the list.
This list contains all active network connections currently established on your computer.
The following information for each connection is displayed:
Name of the process (application, service, server) that initiated the connection
Direction of connection (incoming / outgoing)
Connection protocol
Connection information (remote port and IP address)
Amount of data transferred / received (in kilobytes)
Right-clicking a list item opens a context menu from which you can configure network rules.
The menu contains the following items:
Application network rules. Selecting this menu item opens the Application rules window on the Network rules tab. In this window, you can configure a network rule for an application selected from the list.
All network rules. Selecting this menu item opens the Packet rules window. In this window, you can configure packet rules for the application selected from the list.
Clicking the link causes Firewall to block network activity of all processes.
The lower part of the window displays a network traffic chart that shows volumes of inbound and outbound traffic for a process selected in the list. The chart reflects traffic volume in real time. Traffic volume is displayed in kilobytes.
Contains information about all inbound and outbound connections established between your computer and other computers.
The amount of incoming and outgoing traffic is displayed for each application (computer, service, server, process).
Double-clicking an application in the list opens the Application rules window, with the Network rules tab displayed. In this window, you can configure network rules for the selected application.
Right-clicking a list item opens a context menu from which you can configure network rules.
The menu contains the following items:
Application network rules. Selecting this item opens the Application rules window on the Network rules tab, in which you can configure a network rule for the selected application.
All network rules. Selecting this item opens the Packet rules window, in which you can configure packet rules for the selected application.
The lower part of the window displays a chart that shows the distribution of traffic of the selected application over time for the specified time interval.
Contains a list of files moved to Quarantine. Quarantine is designed for storing backup copies of files that have been deleted or modified during the disinfection process.
This column displays the name of a quarantined file.
Right-clicking opens a context menu, from which you can perform the actions available for quarantined files: restore, remove, or open in original folder.
When this button is clicked, Kaspersky Anti-Virus returns the file selected in the list to the folder in which it had been stored before it was moved to Quarantine.
Clicking this button causes Kaspersky Anti-Virus to delete all backup copies of files that have been moved to Quarantine.
Kaspersky Anti-Virus does not disinfect Windows Store apps. If scanning results indicate that such an app is dangerous, it is deleted from your computer. When a Windows Store app is deleted, Kaspersky Anti-Virus does not create a backup copy of it. To restore such objects, you must use the recovery tools included with the operating system (for detailed information, see the documentation for the operating system that is installed on your computer) or update apps via the Windows Store.
The section shows information about the status of the Webcam Protection component.
If webcam access is blocked for some applications, the section displays the Webcam access is blocked for <N> applications link. Clicking this link opens the Applications whose webcam access is blocked window.
The section shows information about the status of the Private Browsing component. The component protects against collection of information about your activities on websites.
Clicking the Enable button enables the component. The button is displayed when the Private Browsing component is disabled.
You can configure component operation by selecting one of the options.
Only gather statistics. When this option is selected, the Private Browsing component operates in detection mode, letting you view reports on detected data collection attempts.
Block data collection. When this option is selected, the Private Browsing component operates in blocking mode, detecting and blocking attempts to collect data. Information about these attempts is written in a report.
Clicking the Disable button disables the component. The button is displayed when the Private Browsing component is enabled.
This window shows the progress of searching for activity traces on your computer or analysis of the previous changes that were made by the Privacy Cleaner Wizard.
This process may take some time. You can interrupt the process by clicking Cancel.
This window displays the progress of clearing traces of your activities in the operating system. Eliminating problems may take some time. To remove some traces of activity, you may need to restart the computer.
If you have selected Roll back changes during the first step, the Privacy Cleaner Wizard rolls back the actions selected during the previous step.
This window shows the progress of searching for operating system damage or the analysis of changes that were previously made by the Microsoft Windows Troubleshooting Wizard.
This process may take some time. You can interrupt the process by clicking Cancel.
The list contains damage found in the operating system. The damage found is grouped by Kaspersky Anti-Virus based on the type of danger that the damage poses:
Damage that is strongly recommended to fix. Critical system damage that seriously threatens the computer's security.
Damage that is recommended to fix. System damage that currently threatens the computer's security.
Damage that can be fixed. System damage that does not pose any current threat but may affect the computer's security in the future.
If the check box in the line with damage description is selected, Kaspersky Anti-Virus attempts to fix damage.
If the check box in the line with damage description is cleared, Kaspersky Anti-Virus does not attempt to fix damage.
If you have selected Roll back changes during the first step, the list contains previously fixed damage. You may roll back actions that were made to fix this damage.
This window displays the progress of fixing operating system corruption detected during analysis. It may take a while to fix damage.
If you selected Roll back changes at the first step, the Microsoft Windows Troubleshooting Wizard rolls back the actions selected at the previous step.
This window shows the progress of analyzing the settings of Microsoft Internet Explorer or search for previous changes that were made by the Browser Configuration Wizard.
This process may take some time. You can interrupt the process by clicking Cancel.
Lists the problems detected by Kaspersky Anti-Virus during the previous step. Kaspersky Anti-Virus groups the detected problems depending on the danger that they pose:
Problems that are strongly recommended to fix. Browser vulnerabilities that pose a serious threat for system security.
Problems that are recommended to fix. Browser vulnerabilities that may be dangerous for the computer.
Problems that can be fixed. Vulnerabilities that do not currently pose a threat but may threaten the computer's security in the future.
If the check box in the line of a problem is selected, Kaspersky Anti-Virus attempts to eliminate the problem.
If this check box is cleared in the line of a problem, Kaspersky Anti-Virus does not eliminate the problem.
If you have selected Roll back changes at the first step of the Browser Configuration Wizard, the list contains previously fixed problems. You may roll back changes that were made to eliminate these problems.
This window displays the progress of eliminating problems encountered while analyzing the browser settings. It may take a while to fix the problems.
If you have selected Roll back changes during the first step, the Browser Configuration Wizard rolls back the actions selected during the previous step.
The list contains applications that are incompatible with the application being installed. Remove incompatible applications for proper operation of the application being installed.
When this button is clicked, the listed incompatible applications are left on your computer and the Wizard continues running.
Simultaneous use of incompatible applications and the application being installed may result in improper operation of the application you are installing and significantly impair protection of your computer.
The list contains applications that are incompatible with the application being installed. Remove incompatible applications for proper operation of the application being installed.
Clicking this button opens a window that contains a list of applications installed on the computer. In this window, you can select applications that are incompatible with the application being installed in order to remove them from your computer.
When this button is clicked, the listed incompatible applications are left on your computer and the Wizard continues running.
Simultaneous use of incompatible applications and the application being installed may result in improper operation of the application you are installing and significantly impair protection of your computer.
This check box enables / disables a restart of the computer. The computer must be restarted for the Migration Wizard to continue.
If this check box is selected, clicking the Done button restarts the computer, after which the Migration Wizard continues.
If this check box is cleared, the computer is not restarted. The Migration Wizard automatically resumes after you restart or shut down and turn on the computer.
This button enables / disables all protection components of Kaspersky Anti-Virus. Disabling protection components does not affect the performance of current scan tasks and update tasks of Kaspersky Anti-Virus.
In the Interactive protection section, you can configure the way in which Kaspersky Anti-Virus interacts with the user.
Kaspersky Anti-Virus uses two modes to interact with the user:
Interactive protection mode. Kaspersky Anti-Virus notifies the user of all dangerous and suspicious events in the operating system. In this mode, the user independently decides whether to allow or block actions.
Automatic protection mode. If any dangerous events occur, Kaspersky Anti-Virus automatically performs the action recommended by Kaspersky Lab experts.
Selecting the check box enables automatic protection mode; clearing the check box enables interactive protection mode.
This check box enables / disables the Kaspersky Anti-Virus feature that deletes malicious tools, adware, auto-dialers and suspicious packagers in automatic protection mode.
The function is available if the Perform recommended actions automatically check box is selected.
In the Autorun section, you can enable / disable automatic launch of Kaspersky Anti-Virus at operating system startup.
Clicking this link opens the Password protection window. In this window, you can configure password protection for access to Kaspersky Anti-Virus administration options.
In this drop-down list, you can select one of the preset security levels. The security level that you select is applied to all protection components for which this value can be configured.
You can choose one of the following security levels:
Maximum security level. This level is recommended for dangerous computing environments.
Optimal security level. This level is recommended for the majority of users.
Minimum security level. This level provides maximum operating system performance.
This list contains the addresses of malicious or unknown web servers to which you are redirected when the application attempts to connect to Kaspersky Lab servers.
You are advised to delete suspicious entries from the hosts file.
This list includes protection components designed to protect against various types of digital threats.
Each type of threat is handled by a dedicated protection component. Components can be enabled or disabled independently of one another, and their settings can be configured.
If the check box is selected, webcam access is blocked for all applications installed on your computer.
If the check box is cleared, Kaspersky Anti-Virus monitors application access to the webcam depending on the trust group of each application:
Trusted – webcam access is allowed.
Low Restricted – when an attempt is made to access the webcam, Kaspersky Anti-Virus displays a window prompting you to allow this application to access the webcam.
High Restricted and Untrusted – webcam access is blocked.
If this check box is selected, Kaspersky Anti-Virus displays a notification when an application for which access is allowed is using the webcam. In the notification window, you can edit the settings of application access to the webcam or choose not to receive any further notifications.
If this check box is cleared, the notification is not displayed.
This check box is available if the Block access to webcam for all applications check box is cleared.
With this button, you can enable / disable IM Anti-Virus.
If the button is green, IM Anti-Virus runs when the operating system is started. It is loaded in the RAM of the computer and scans incoming and outgoing messages that are sent and received via IM clients (ICQ, Jabber, and Mail.Ru Agent). IM Anti-Virus does not scan messages transmitted over Yahoo! Messenger, or messages transmitted through Mail.Ru Agent in offline mode.
You can find information about IM Anti-Virus limitations in the Limitations and warnings section.
If the button is green, Anti-Banner blocks display of banners shown on the websites that you visit and in the interface of some applications. By default, Anti-Banner blocks website banners from the list of known banners. This list is included in the Kaspersky Anti-Virus databases.
Clicking this link opens the List of filters window in which you can use special filters to specify in more detail which exact banners need to be blocked.
If the check box is selected, Anti-Banner does not block banners on Kaspersky Lab websites or its partners' websites that host Kaspersky Lab advertisements. A list of these websites is available via the Kaspersky Lab websites link.
Clicking the button opens the menu with the following items:
Import and add to existing. Selecting this item opens a window that lets you import a list of blocked addresses from a CSV file. The current addresses are not deleted.
Import and replace existing. Selecting this item opens a window that lets you import a list of blocked addresses from a CSV file. The current addresses are deleted.
Export. Selecting this item opens a window that lets you export a list of blocked addresses to a CSV file.
Clicking the button opens the menu with the following items:
Import and add to existing. Selecting this item lets you import a list of allowed addresses from a CSV file. The current addresses are not deleted.
Import and replace existing. Selecting this item lets you import a list of allowed addresses from a CSV file. The current addresses are deleted.
Export. Selecting this item lets you export a list of addresses to a CSV file. You can export the entire list of addresses or individual addresses selected from the list.
IP address, web address (URL), or web address mask.
When entering a web address mask, you can use the * and ? wildcards, where * represents any series of characters and ? stands for any single character.
Clicking the button opens the menu with the following items:
Import and add to existing. Selecting this item lets you import a list of allowed addresses from a CSV file. The current addresses are not deleted.
Import and replace existing. Selecting this item lets you import a list of allowed addresses from a CSV file. The current addresses are deleted.
Export. Selecting this item lets you export a list of addresses to a CSV file. You can export the entire list of addresses or individual addresses selected from the list.
Contains the addresses of websites on which you have allowed banners to be displayed. Anti-Banner does not block banners on a website if its address is on the list.
You can add an address or address mask to the list.
If the Active value is set in the address line in the Status column, Anti-Banner allows the display of banners on this website.
If the Inactive value is set in the address line in the Status column, Anti-Banner blocks banners on this website.
This window displays a list of Kaspersky Lab websites and its partners' websites that host Kaspersky Lab advertisements.
The list is compiled and updated by Kaspersky Lab experts. In the application, the list is updated automatically during an update of databases and application modules.
In the Security level section, you can select one of the predefined collections of settings (security levels) for Anti-Spam. The decision of which security level you should select depends on operating conditions and the current situation.
The following security levels are available:
High. At this security level, Anti-Spam applies maximum scrutiny in spam filtering.
You are advised to select the high security level when working in a dangerous environment (for example, when using a free mail service).
Setting a high security level may lead to more frequent cases of non-spam messages being categorized as spam.
Recommended. This security level ensures an optimum balance between performance and security. This level is suitable for most situations.
Low. At this security level, Anti-Spam applies the minimum level of spam filtering.
The Low security level is recommended to set when working in a safe environment (for example, when using encrypted corporate email).
Setting a low security level may lead to fewer cases of non-spam messages being categorized as spam or probable spam.
Clicking the link causes Kaspersky Anti-Virus to apply the Recommended security level. The link is displayed if you have modified the settings in the Advanced settings of Anti-Spam window in the Classify a message as spam section.
A numerical value reflecting the probability that a message containing a blocked phrase is spam. The higher the weighting coefficient, the higher the probability that the message containing the blocked phrase is spam.
Anti-Spam labels a message as spam if the sum of the weighting coefficients of blocked phrases in it exceeds the specified value.
Clicking this button opens a menu with a choice of the following actions:
Import and add to existing. Selecting this option lets you import a list of blocked senders from a CSV file. The current list of senders is not deleted.
Import and replace existing. Selecting this option lets you import a list of blocked senders from a CSV file. The current list of senders is deleted.
Export. Selecting this option lets you export a list of blocked senders to a CSV file.
Contains key phrases that indicate that the message containing them is spam.
You can add a phrase or a phrase mask to the list.
If the Active value is set in the phrase line in the Status column, Anti-Spam uses this phrase when filtering messages.
If the Inactive value is set in the phrase line in the Status column, Anti-Spam excludes the phrase from the list and does not use it when filtering messages.
In the Status section, you can specify whether you want Anti-Spam to block messages that are sent from this address when it scans messages according to the list of allowed / blocked senders.
Active. Anti-Spam blocks messages that are sent from this address.
Inactive. Anti-Spam does not block messages that are sent from this address.
This check box enables / disables the option of filtering mail by using a list of blocked senders; Anti-Spam classifies messages from these senders as spam.
This button is located on the right of the If it is from a blocked sender check box. When this button is clicked, the Blocked senders window opens, in which you can create a list of blocked senders.
When creating the list, you can specify both addresses and address masks of blocked senders.
The button is available if the check box If it is from a blocked sender is selected.
This check box enables / disables filtering of messages based on a list of blocked phrases whose presence in a message indicates that the message is spam.
Clicking this link opens the Explicit language window. In this window, you can create a list of obscene words. The presence of such words in a message indicates that the message is spam.
This link is available if the If it contains obscene words check box is selected.
In the Do not classify a message as spam section, you can define the signs that Anti-Spam uses to recognize non-spam mail.
This check box enables / disables checking whether a sender address is included in the list of allowed senders.
If this check box is selected, Anti-Spam classifies messages from allowed senders as non-spam.
If this check box is cleared, Anti-Spam does not classify messages from allowed senders as non-spam. Messages sent by senders in the list of allowed senders are not filtered.
This check box enables / disables checking a message against the list of allowed phrases.
If this check box is selected, Anti-Spam classifies messages containing phrases from this list as non-spam.
If this check box is cleared, Anti-Spam does not use the list of allowed phrases to filter messages and does not classify messages containing expressions from the list as non-spam mail.
When this link is clicked, the Allowed phrases window opens, in which you can create a list of allowed phrases.
When creating the list, you can specify both individual phrases and masks of allowed phrases.
This link is available if the If it contains allowed phrases check box is selected.
In the Actions with messages section, you can specify the tags to add to the subject lines of messages that are assigned the Spam or Probable spam status by Anti-Spam.
A numerical value reflecting the probability that a message containing an allowed phrase is not spam. The higher the weighting coefficient, the higher the probability that the message containing the allowed phrase is not spam.
Anti-Spam does not label a message as spam if the sum of the weighting coefficients of allowed phrases in it exceeds the specified value.
Clicking this button opens a menu with a choice of the following actions:
Import and add to existing. Selecting this option lets you import a list of allowed senders from a CSV file. The current list of senders is not deleted.
Import and replace existing. Selecting this option lets you import a list of allowed senders from a CSV file. The current list of senders is deleted.
Export. Selecting this option lets you export a list of allowed senders to a CSV file.
Contains a list of addresses of senders whose messages are classified by Anti-Spam as non-spam.
You can add an address or address mask to the list.
If the Active value is set in the address line in the Status column, Anti-Spam classifies any message from that sender as non-spam.
If the Inactive value is set in the address line of the Status column, Anti-Spam does not classify all messages from that sender as non-spam and scans them using standard scanning methods.
If the button is green, Kaspersky Anti-Virus monitors all attempts to access banking or payment system websites and performs the action set by default or configured by the user. By default, when running in Safe Money mode, Kaspersky Anti-Virus prompts the user for confirmation of startup of Protected Browser.
If the button is red, Kaspersky Anti-Virus allows visiting bank or payment system websites through a standard browser.
Clicking this link opens a page with component details in a browser window.
In the On first access to websites of banks and payment systems section, you can select an action that Kaspersky Anti-Virus performs when you access bank or payment system websites for the first time.
If Kaspersky Anti-Virus detects an attempt to access the specified website, it opens the website in Protected Browser. The standard browser used for accessing the website displays a message informing you that Protected Browser is being started.
If Kaspersky Anti-Virus detects an attempt to access the specified website, it prompts you to launch Protected Browser or to open the website with the standard browser.
From the drop-down list, you can select the browser with which Kaspersky Anti-Virus will open the banking or payment system websites that are selected in the Safe Money window.
Safe Money functionality is available only for the following browsers: Microsoft Internet Explorer, Mozilla Firefox, and Google Chrome.
By default, Safe Money uses the browser that is the default browser in the operating system.
This check box enables / disables display of notifications during access to the website of a bank or payment system that inform of the danger caused by a vulnerability in the operating system.
If this check box is selected and automatic updates of the operating system are enabled, Kaspersky Anti-Virus prompts you to download the required update from the website of the operating system vendor. If automatic updating of the operating system is disabled, Kaspersky Anti-Virus recommends that you enable it.
An application supporting the parallel operation of several operating systems on one computer.
) is used for the operation of Protected Browser. The application uses hypervisor technology for additional protection against complex malware that could intercept your personal data by using the clipboard or phishing. This check box is displayed when the application is installed on a 64-bit version of Windows 8, Windows 8.1 and Windows 10.
For more details about hardware virtualization and how it works, click the Read more link.
If the check box is selected and you use the Microsoft Edge browser to open websites of banks and payment systems, the Microsoft Edge browser switches to Protected Browser mode.
You can disable Protected Browser mode by using the button located in the upper right corner of the Microsoft Edge window.
This check box is selected by default.
The check box is displayed in Microsoft Windows 10.
Clicking this link creates a desktop shortcut for starting Safe Money. This shortcut allows opening a window that contains a list of websites of banks or payment systems for which Protected Browser is used for access.
A small computer program or an independent part of a program (function) that, in most cases, has been developed to execute a small specific task. It is most often used with programs that are embedded in hypertext. Scripts are run, for example, when you open a particular website.
If real-time protection is enabled, the application tracks the execution of scripts, intercepts them, and scans them for viruses. Depending on the results of scanning, you may block or allow the execution of a script.
When this security level is selected, Web Anti-Virus applies maximum scrutiny to scripts and objects that arrive via the HTTP and FTP protocols. Web Anti-Virus performs thorough scanning of all objects, using the complete set of application databases, and scans all embedded archives whose size does not exceed 1 MB. Web Anti-Virus performs a deep
A technology for detecting threats about which information has not yet been added to Kaspersky Lab databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).
A technology for detecting threats about which information has not yet been added to Kaspersky Lab databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).
A technology for detecting threats about which information has not yet been added to Kaspersky Lab databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).
A technology for detecting threats about which information has not yet been added to Kaspersky Lab databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).
A technology for detecting threats about which information has not yet been added to Kaspersky Lab databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).
A technology for detecting threats about which information has not yet been added to Kaspersky Lab databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).
A technology for detecting threats about which information has not yet been added to Kaspersky Lab databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).
A technology for detecting threats about which information has not yet been added to Kaspersky Lab databases. The heuristic analyzer detects objects whose behavior in the operating system may pose a security threat. Objects detected by the heuristic analyzer are considered to be probably infected. For example, an object may be considered probably infected if it contains sequences of commands that are typical of malicious objects (open file, write to file).
This security level ensures optimal protection and speed when scanning web traffic and scripts. Web Anti-Virus scans embedded archives whose size does not exceed 1 MB, and performs medium-level heuristic analysis.
This security level ensures the maximum speed when scanning web traffic and scripts. Web Anti-Virus does not scan archives and performs light heuristic analysis.
Clicking the link causes Kaspersky Anti-Virus to apply the Recommended security level. The link is displayed if you have modified the URL Advisor settings in the Advanced settings of Web Anti-Virus window in the Additional section.
In the drop-down list, you can select the action that Web Anti-Virus performs when an infected or probably infected object is detected:
Select action automatically. Web Anti-Virus selects an action automatically based on the current settings. If a web resource is listed as an exclusion, or it contains no infected or probably infected objects, Web Anti-Virus allows access to it. If a scan performed by Web Anti-Virus detects an infected or probably infected object in the web resource, access to the web resource is blocked.
This value is selected by default if automatic protection mode is enabled. If interactive protection mode is enabled, the setting is not available.
Block. Web Anti-Virus blocks access to the web resource where the infected or probably infected object has been detected and shows a window notifying that the object has been blocked.
Allow. Web Anti-Virus allows access to the web resource.
Clicking this link opens the Advanced settings of Web Anti-Virus window. This window lets you configure the settings of plug-in installation and activation in browsers, the settings of URL Advisor, and the settings of URL checks against the databases of phishing and malicious URLs.
Clicking this button opens a menu with a choice of the following actions:
Import and add to existing. Selecting this option lets you import a list of trusted web addresses from a CSV file. The current addresses are not deleted.
Import and replace existing. Selecting this option lets you import a list of trusted web addresses from a CSV file. The current addresses are deleted.
Export. Selecting this option lets you export a list of trusted web addresses to a CSV file.
This list includes addresses of websites whose content you trust. Web Anti-Virus does not check whether links on the web pages from this list are included in the lists of malicious and phishing web addresses. You can add both a web address and address mask to the list.
If the Active value is set in the address line in the Status column, Web Anti-Virus does not scan links on web pages with the specified address.
If the Inactive value is set in the address line in the Status column, Web Anti-Virus scans links on web pages with the specified address.
In this mode, Web Anti-Virus checks all URLs on a web page and informs you of the danger level of a web resource before you access it. Web Anti-Virus does not scan the content of websites that have been added to the list of trusted web addresses.
Clicking the Manage exclusions link opens a window in which you can create a list of trusted URLs that Web Anti-Virus will not scan.
Clicking this link opens the Manage exclusions window. In this window, you can create a list of trusted URLs whose content you trust. Web Anti-Virus does not scan URLs on these websites to determine whether they are included in the lists of malicious and phishing addresses.
This link is available if the On all websites except those specified option is selected.
When this link scanning mode is enabled, Web Anti-Virus scans the content only of web addresses that have been added to the list of addresses to be scanned. Based on scanning results, Web Anti-Virus informs you of the danger level of web resources at the specified URLs before you access them.
Click the Configure checked websites link to open the Checked websites window. In this window, you can create a list of web addresses that you want for Web Anti-Virus to scan.
Clicking this button opens the URL Advisor window. In this window, you can select a mode for checking the URLs and categories of websites that you want to scan.
This check box enables / disables checking whether links are included in the list of malicious URLs. The list is created by Kaspersky Lab's specialists and is part of the application distribution kit.
This check box enables / disables checking whether links are included in the list of phishing URLs.
Kaspersky Anti-Virus databases include all websites currently known to be used for phishing attacks. Kaspersky Lab supplements this list with addresses obtained from the Anti-Phishing Working Group, which is an international organization. The list is updated when you update Kaspersky Anti-Virus databases.
If this check box is selected, Kaspersky Anti-Virus checks the target web address against a database of malicious web addresses that contain adware. When you attempt to visit web addresses of this category, the application shows a notification stating that the web address could be used to show ads.
If the check box is selected, Kaspersky Anti-Virus checks the target URL against the database of URLs containing legitimate applications that can be used by criminals to damage your computer or personal data. When you attempt to visit web addresses of this category, the application shows a notification stating that the web address may be used by criminals to damage your computer or your data.
Resource web address / web address mask (for example, the web address www.virus.com).
When creating the mask, you can use the * character, which can replace any sequence of characters. For example, the *abc* mask represents any web address that contains the sequence abc. For example, the web address www.virus.com/download_virus/page_0-9abcdef.html matches this mask. If it is necessary to use the * character as an escape character, you can use the combination **. When this combination is processed, the * character will be interpreted as an asterisk (*) instead of representing any number of characters.
You can use the check boxes to select categories of websites about which you want for Web Anti-Virus to provide information in the form of a comment on links.
If this check box is selected, Web Anti-Virus displays information about the link category in a comment.
If this check box is cleared, Web Anti-Virus does not display information about the website category in a comment on the link.
Clicking this button opens a menu with a choice of the following actions:
Import and add to existing. Selecting this option lets you import a list of trusted web addresses from a CSV file. The current addresses are not deleted.
Import and replace existing. Selecting this option lets you import a list of trusted web addresses from a CSV file. The current addresses are deleted.
Export. Selecting this option lets you export a list of trusted web addresses to a CSV file.
This list contains addresses of websites whose content you do not trust. Web Anti-Virus scans the content of web pages with these web addresses for dangerous objects.
You can add a web address or an address mask to the list.
If the Active value is set in the address line in the Status column, Web Anti-Virus scans the web page content for dangerous objects.
If the Inactive value is set in the address line in the Status column, Web Anti-Virus does not scan the content of the web page.
This check box enables / disables display of the quick launch icon of the On-Screen Keyboard in entry fields on websites opened in Protected Browser when Safe Money is active.
This check box enables / disables display of the quick launch icon for On-Screen Keyboard in entry fields on websites designed for Internet communication, such as social network websites, online dating websites, and mail services.
Clicking this link opens the Exclusions for On-Screen Keyboard window. In this window, you can configure display of On-Screen Keyboard for the specified websites.
This column shows whether or not the application is configured to display the On-Screen Keyboard icon on web pages matching the specified web address mask.
Clicking this button opens the window for configuring exclusions for On-Screen Keyboard. In this window, you can change the website address and configure settings for display of the quick launch icon for On-Screen Keyboard on the specified website.
Clicking this button opens the window for adding exclusion rules for On-Screen Keyboard. In this window, you can add a website or a web page on which the quick launch icon for On-Screen Keyboard is to be shown or hidden in entry fields.
In this window you can select Wi-Fi network vulnerability categories. If the check box is selected for a vulnerability, the application will alert you when you try to connect to a Wi-Fi network that has this vulnerability.
On a network without password protection, all data is transmitted openly without encryption, which makes it easily accessible to criminals. Select the check box to instruct the application to notify you that you are connecting to a Wi-Fi network without a password.
If the network uses weak encryption, criminals can easily hack this network and intercept your data. Select the check box to instruct the application to notify you that you are connecting to a Wi-Fi network with weak encryption.
If the network has a common name, criminals can easily pick a password for this network using hacking software. Select the check box to instruct the application to notify you that you are connecting to a Wi-Fi network with a common name.
WPS is a protocol for simplified configuration of the Wi-Fi network, which may contain a vulnerability and be exposed to hacking attempts. Select the check box to instruct the application to notify you that you are connecting to a Wi-Fi network with WPS enabled.
Even when a public network is password-protected, this does not guarantee its security. If a criminal connects to a public network alongside you, he can intercept your data using special software. Select the check box to instruct the application to notify you that you are connecting to a public Wi-Fi network.
The quick launch icon for On-Screen Keyboard is shown in entry fields only on the web page that is specified in the Web address mask field.
In the On-Screen Keyboard icon section, you can specify whether or not the application should display the On-Screen Keyboard icon on pages matching the specified web address mask.
This check box enables / disables Secure Keyboard Input when various Internet communication media are used, such as social network websites, online dating websites, and mail services.
Clicking this link opens the Exclusions for Secure Keyboard Input window. In this window, you can specify settings for Secure Keyboard Input on the specified websites.
Clicking this button opens the window for configuring exclusions for Secure Keyboard Input. In this window, you can change the website address and reconfigure Secure Keyboard Input on the selected website.
Clicking this button opens the window of the exclusion from Secure Keyboard Input. In this window, you can add a website or a web page for which you want to configure Secure Keyboard Input.
Secure Keyboard Input is enabled only for the web page specified in the Web address mask field.
In the Secure Keyboard Input section, you can specify whether Kaspersky Anti-Virus protects data input from the computer keyboard for the selected site or web page.
This check box enables / disables Network Attack Blocker.
If the button is green, Network Attack Blocker runs when the operating system is started and scans incoming traffic for activity that is typical of network attacks. When an attempt to attack your computer is detected, Kaspersky Anti-Virus blocks all network activity from the attacking computer aimed at your computer.
If the button is red, Network Attack Blocker is disabled.
With this check box, you can block / unblock the attacking computer for the period indicated in the text box next to the check box. The length of time is specified in minutes.
If this check box is selected, Application Control classifies digitally signed applications as trusted. Application Control moves these applications to the Trusted group and does not scan their activity.
If this check box is cleared, Application Control does not classify digitally signed applications as trusted, and scans their activities.
If this check box is selected, Application Control sends a request to the Kaspersky Security Network database in order to define the application group.
If this check box is cleared, Application Control does not search for information in the Kaspersky Security Network database in order to determine the application's trust group.
Clicking this link opens the Trust group for unknown applications window. In this window, you can select a trust group to which unknown applications will be assigned.
Clicking this link opens the Trust group for applications started before startup of Kaspersky Anti-Virus window. In this window, you can change the trust group for applications started before startup of Kaspersky Anti-Virus. Network activity of applications started before the startup of Kaspersky Anti-Virus is controlled according to rules of the selected trust group.
By default, applications started before the startup of Kaspersky Anti-Virus are assigned to one of the trust groups based on the rules created by Kaspersky Lab.
Clicking this link opens the Manage resources window. In this window, you can create a list of personal data and a list of settings and resources of the operating system. Access to these items is controlled by Application Control.
If the toggle switch is turned on, when you are online the Private Browsing component detects data collection attempts by tracking services. Tracking services use the received information to analyze your activity and can use analysis results to show you relevant advertisements.
When this option is selected, the Private Browsing component operates in detection mode, letting you view reports on detected data collection attempts.
When this option is selected, the Private Browsing component operates in blocking mode, detecting and blocking attempts to collect data. Information about these attempts is written in a report.
Clicking this link opens a window in which you can specify the categories of tracking services for which you want to block or allow data collection. From this window you can proceed to creating a list of websites on which you want to allow tracking.
If the check box is selected and blocking mode is enabled, when you visit a website the browser sends the "Do Not Track" HTTP header to the website, which means that tracking of your activity is not allowed.
If the check box is selected, Kaspersky Anti-Virus allows data collection on websites that may be rendered inoperable as a result of data collection being blocked.
If the check box is selected, the Private Browsing component blocks tracking of your online activity by means of web beacons. Web beacons are objects that are embedded into web pages and invisible to users.
Clicking the View list link opens a window with the list of web beacons.
If the check box is selected, the Private Browsing component blocks data collection when you visit social networks except for data collection performed by these social networks. Blocking of data collection does not prevent you from using the "Like", "+1" and similar functions.
Check boxes with the names of social networks let you specify the social networks on whose websites the application should block data collection.
This window shows a list of websites of Kaspersky Lab and its partners.
The list is compiled and updated by Kaspersky Lab experts. In the application, the list is updated automatically during an update of databases and application modules.
This window shows a list of websites that may be rendered inoperable as a result of data collection being blocked, according to information available to Kaspersky Lab.
The list is compiled and updated by Kaspersky Lab experts. In the application, the list is updated automatically during an update of databases and application modules.
This window shows a list of web analytics services that use activity tracking to analyze your online activity.
The list is compiled and updated by Kaspersky Lab experts. In the application, the list is updated automatically during an update of databases and application modules.
This window shows a list of ad agencies that track your online activity for advertising purposes.
The list is compiled and updated by Kaspersky Lab experts. In the application, the list is updated automatically during an update of databases and application modules.
The list is compiled and updated by Kaspersky Lab experts. In the application, the list is updated automatically during an update of databases and application modules.
This list includes the addresses of websites on which tracking of your online activity is allowed. On these websites, the Private Browsing component detects data collection attempts but does not block them even if the component is configured to block data collection by these categories of tracking services.
You can add a web address or an address mask to the list.
Use this field to specify the IP address or web address (URL) of the website on which you want to allow tracking of your online activity.
When entering an IP address or a web address, you can use the * and ? wildcards, where * represents any series of characters and ? stands for any single character.
This list contains the operating system settings and resources within the selected category. A resource can be a file, folder, registry key, network service, or IP address. Application Control monitors the access that other applications have to the resources in the list.
By default, the Operating system list includes the following objects:
Contains the user's personal data, sorted by resources and categories. A resource can be a file or a folder. Application Control analyzes the actions that other applications perform on the listed resources.
By default, the personal data list includes the following objects:
User files (My Documents folder, cookie files, information about the user's activities)
Files, folders, and registry keys that contain the settings and important data for the most frequently used applications: browsers, file managers, email clients, IM clients, and electronic wallets
Clicking this link removes the selected category of resources, file or folder with resources or a system registry key from the list. Application Control stops controlling access by other applications to this resource.
This drop-down list lets you select one of the options:
settings of category. If this option is selected, the settings of the selected category are assigned default values.
settings of subgroups and resources. If this option is selected, the settings of subgroups and resources belonging to the category are assigned default values.
This list displays trust groups and applications belonging to these trust groups. The Read, Write, Create, and Delete columns specify the access rights that an application or group of applications has for the selected resource.
The table below lists the operations performed by Kaspersky Anti-Virus when an application or group of applications attempts to access the resource.
Description of Kaspersky Anti-Virus actions
Action
Description
Inherit
The application or group of applications inherits the response from the parent group.
Allow
Kaspersky Anti-Virus allows applications included in the selected group to access the resource.
Block
Kaspersky Anti-Virus does not allow applications included in the selected group to access the resource.
Prompt for action
Kaspersky Anti-Virus asks the user whether to grant an application or group of applications access to the resource.
Log events
Besides the specified response, Kaspersky Anti-Virus logs information about the application's attempts to access the resource and records the information in a report.
With this button, you can enable / disable Mail Anti-Virus.
If the button is green, Mail Anti-Virus runs when the operating system is started. It is loaded in the RAM of the computer and scans email messages transmitted via the POP3, SMTP, IMAP, MAPI, and NNTP protocols, as well as email messages sent over secure connections (SSL) via the POP3, SMTP, and IMAP protocols.
If the button is red, Mail Anti-Virus is disabled.
By default, the button is green.
In the Security level section, you can select one of the predefined collections of settings (security levels) for Mail Anti-Virus. The decision of which security level you should select depends on operating conditions and the current situation.
When this security level is selected, Mail Anti-Virus applies maximum scrutiny to email messages. Mail Anti-Virus scans incoming and outgoing messages and attached archives, and performs heuristic analysis with the Deep scan level of detail.
The High security level is applied when working in a dangerous computing environment. An example of such an environment is a connection to a free email service from a home network that is not guarded by centralized email protection.
This security level ensures the optimum balance between operating system performance and security. When the Recommended security level is set, Mail Anti-Virus scans incoming and outgoing messages and attached archives, and performs heuristic analysis with the Medium scan level of detail.
When this security level is selected, Mail Anti-Virus scans incoming messages only and performs heuristic analysis with the Light scan level of detail. Attached archives are not scanned. If the Low security level is set, Mail Anti-Virus scans email messages at maximum speed and uses up fewer operating system resources.
The Low security level is used when working in a reliably protected environment. An example of such an environment might be a corporate network with centralized email security.
Clicking the link causes Kaspersky Anti-Virus to apply the Recommended security level. The link is displayed if you have modified the email scan settings in the Advanced settings of Mail Anti-Virus window, except for the settings in the Connectivity section.
In the drop-down list, you can select the action that Mail Anti-Virus performs when an infected or probably infected object is detected.
Prompt on detection. Mail Anti-Virus informs you of detection of an infected or probably infected object, prompting you for further actions to take on this object.
This value is available in the list and is selected by default if interactive protection mode is enabled.
Select action automatically. When infected or probably infected objects are detected, Mail Anti-Virus automatically performs the action that is recommended by Kaspersky Lab specialists. For infected objects, this action is Disinfect. This value is selected by default.
Before attempting to disinfect or delete an infected object, Mail Anti-Virus creates a backup copy in case there is a later need to restore the object or possibility of disinfecting it.
This value is available in the list and is selected by default if automatic protection mode is enabled.
Disinfect. Mail Anti-Virus attempts to disinfect all infected objects that are detected. If the disinfection attempt fails, Mail Anti-Virus allows the message through, adding a warning to its subject line about an infected object in the message. Relevant information is saved in a report.
Disinfect, if not possible – delete. Mail Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, Mail Anti-Virus deletes these objects.
Clicking this link opens the Advanced settings of Mail Anti-Virus window. In this window you can modify the protection scope of Mail Anti-Virus, set the intensity of message analysis by Heuristic Analyzer, configure the scan settings for different types of files and the settings of Mail Anti-Virus integration into the operating system.
With this button, you can enable / disable System Watcher.
If the button is green, System Watcher collects and saves data on all events that occur in the operating system (such as modification of a file, modification of registry keys, startup of drivers, or attempts to shut down the computer). This data is used to track malicious and other activity of software (including ransomware) and to restore the operating system's condition as it had been before software appeared (to roll back the actions of the software). In some cases, activity of applications cannot be rolled back, for example when an application was detected by the Application Control component.
System Watcher collects data from various sources, including other components of Kaspersky Anti-Virus. System Watcher analyzes application activity and provides other Kaspersky Anti-Virus components with the collected information about events.
In the Automatic Exploit Prevention section, you can configure the actions that the application performs when executable files are run by vulnerable applications.
With this check box, you can enable / disable Exploit Prevention.
If this check box is selected, Kaspersky Anti-Virus tracks executable files run by vulnerable applications. If Kaspersky Anti-Virus detects an attempt to run an executable file from a vulnerable application that has not been initiated by the user, the application performs the action that is selected in the On threat detection drop-down list.
In this drop-down list, you can select the action that System Watcher performs when an executable file is run from a monitored vulnerable application.
This list allows choosing from the following actions:
Select action automatically. System Watcher automatically performs the action selected in the application settings and adds information on the selected action to the report.
In automatic protection mode, this option is selected by default. In interactive protection mode, the option is unavailable.
Prompt for action. System Watcher prompts the user for action.
In interactive protection mode, this option is selected by default. In automatic protection mode, the option is unavailable.
Allow action. System Watcher allows the executable file to be run.
Block action. System Watcher blocks the executable file.
In this drop-down list, you can select the action that System Watcher performs when malicious or other activity is detected based on the results of analysis of application activity.
This list allows choosing from the following actions:
Prompt for action. System Watcher prompts the user for action.
In interactive protection mode, this option is selected by default. In automatic protection mode, the option is unavailable.
Select action automatically. System Watcher automatically selects the action that Kaspersky Lab specialists recommend taking on the application.
In automatic protection mode, this option is selected by default. In interactive protection mode, the option is unavailable.
Delete the application. System Watcher deletes the application.
Terminate the application. System Watcher terminates all processes of the application.
Ignore. System Watcher takes no actions on the application.
In this drop-down list, you can select the action that System Watcher performs when it is possible to roll back malicious or other activity of the application.
This list allows choosing from the following actions:
Prompt for action. If System Watcher, File Anti-Virus, or the results of a scan task confirm that it is necessary to perform a rollback, System Watcher prompts the user for action.
In interactive protection mode, this option is selected by default. In automatic protection mode, the option is unavailable.
Select action automatically. If System Watcher analyzes the activity of an application and considers it to be malicious, it rolls back the application's activity and notifies the user of this event.
System Watcher adds information about the event and processing results to a report.
In automatic protection mode, this option is selected by default. In interactive protection mode, the option is unavailable.
Roll back. System Watcher rolls back malicious or other activity of the application.
Do not roll back. System Watcher saves information about malicious or other activity but does not roll back application's actions.
In the Protection against screen lockers section, you can configure the actions that Kaspersky Anti-Virus performs if screen locker activity is detected. Screen lockers are malicious programs that limit the user's operations on a computer, by locking the screen and the keyboard, or by blocking access to the taskbar and shortcuts. Screen lockers may attempt to extort ransom for recovery of access to the operating system. By using protection against screen lockers, you can close any screen locker by pressing a specified combination of keys.
This check box enables / disables protection against screen lockers.
If this check box is selected, when activity of a screen locker is detected, you can halt it by pressing the combination of keys that is specified in the drop-down list under the check box.
In the drop-down list, you can select a key or a combination of keys, which, when pressed, triggers screen locker protection for detecting and deleting a screen locker.
In the Protection scope section you can select the type of email messages to be scanned by Mail Anti-Virus. The default settings in this section depend on the selected level of security.
In the Heuristic Analysis section, you can enable the use of heuristic analysis when scanning messages, as well as specify a level of heuristic analysis. The default settings in this section depend on the selected level of security.
The slider allows you to adjust the level of heuristic analysis. The heuristic analysis level sets the balance between the thoroughness of searches for threats, the load on the operating system's resources, and the time required for scanning.
The following heuristic analysis levels are available:
Light scan. Heuristic analyzer performs fewer operations found inside executable files. The probability of threat detection in this mode is somewhat lower. Scanning is faster and less resource-intensive.
Medium scan. Heuristic analyzer performs the number of actions found within executable files recommended by the experts of Kaspersky Lab.
Deep scan. Heuristic analyzer performs more operations found inside executable files. The probability of threat detection in this mode is higher. Scanning consumes more system resources and takes longer.
The slider is available if the Use Heuristic Analysis check box is selected.
In the Scan of compound files section, you can configure scan of
One or several file(s) packaged into a single file through compression. A dedicated application, called an archiver, is required for packing and unpacking data.
One or several file(s) packaged into a single file through compression. A dedicated application, called an archiver, is required for packing and unpacking data.
One or several file(s) packaged into a single file through compression. A dedicated application, called an archiver, is required for packing and unpacking data.
One or several file(s) packaged into a single file through compression. A dedicated application, called an archiver, is required for packing and unpacking data.
One or several file(s) packaged into a single file through compression. A dedicated application, called an archiver, is required for packing and unpacking data.
. The default settings in this section depend on the selected level of security.
This check box enables / disables the option restricting the maximum size of archives which Mail Anti-Virus will scan. This feature can accelerate mail scanning.
The maximum size is specified in megabytes. By default, the value is set to 8 MB.
If this check box is selected, Mail Anti-Virus excludes archives from scanning if their size exceeds the value that you have specified.
If the check box is cleared, Mail Anti-Virus scans archives of any size.
In the Connectivity section, you can select protocols to be scanned and enable integration of Mail Anti-Virus plug-ins into Microsoft Outlook mail client.
If this check box is selected, Mail Anti-Virus scans the stream of email messages coming in via POP3 / SMTP / NNTP / IMAP protocols before they are downloaded to the computer.
If the check box is cleared, Mail Anti-Virus scans email messages only after they arrive on the receiving computer.
The check box enables / disables integration of Mail Anti-Virus plug-in with Microsoft Office Outlook. This feature can be used to access the settings of Mail Anti-Virus quickly within Microsoft Office Outlook and configure scanning messages for the presence of dangerous objects.
Clicking this link opens the Categories window in which you can specify the types of vulnerabilities of Wi-Fi networks. The application will alert you when you try to connect to a Wi-Fi network that has a specified vulnerability.
If this check box is selected, Kaspersky Anti-Virus blocks all transmission of passwords in non-encrypted format and shows you a notification of that event when you use a Wi-Fi network.
If this check box is cleared, transmission of passwords in non-encrypted formats is not blocked when you use a Wi-Fi network.
Clicking this link lets you restore the default values of settings for display of notifications about transfers of passwords in non-encrypted form. Notifications that you have blocked from being displayed will be shown again.
If the check box is selected, Firewall allows connections to your computer on random ports if switching to active FTP mode was detected on the host connection.
If the check box is cleared, Firewall blocks connections to your computer on random ports if switching to active FTP mode was detected on the host connection.
Clicking this link opens the Networks window. In this window, you can configure control of the network connections that Firewall has detected on the computer.
Clicking this link opens the Application network rules window. In this window, you can configure network rules for applications installed on the computer.
In this window, you can configure packet rules. A packet rule consists of a set of conditions and actions performed on packets and data streams by Firewall when specific conditions are met. Packet rules have higher priority than application rules.
Clicking this button removes the selected address from the list.
In the section for adding new IP addresses, you can specify the settings of a new IP address to add to the subnet. This section is available if you click the Add button.
Address or mask of addresses included in the network. You can specify an IP address or a DNS name (for example, IP 91.103.64.6, DNS name kaspersky.com).
Clicking this link opens a window where you can choose the way to display applications in the list:
Selecting the Expand all item shows all applications installed on the computer in the list.
Selecting the Collapse all item shows trust groups in the list. To view applications within a group, this group must be expanded by clicking the icon.
Selecting the Show network applications only item shows only network applications in the list. Network applications are applications intended for organizing collaboration of a group of users on different computers.
If Hide system applications is selected, the list does not display applications that are part of the operating system.
If Hide Kaspersky Anti-Virus is selected, the list does not show Kaspersky Anti-Virus.
Contains packet rules. A packet rule consists of a set of conditions and actions performed on packets and data streams by Firewall when specific conditions are met. Packet rules have higher priority than application rules.
By default, the application uses packet rules to restrict inbound network activity over specific TCP and UDP ports and filter ICMP messages.
This column displays the name of a network service. A Network service is a collection of settings that describe the network activity for which you are creating a rule.
This column contains information on traffic direction.
The column may have the following values:
Inbound (packet). Kaspersky Anti-Virus applies the rule to data packets received by your computer. It is not applied in the application rules.
Inbound. Kaspersky Anti-Virus applies the rule to network connections opened by a remote computer.
Inbound/Outbound. Kaspersky Anti-Virus applies the rule both to inbound and outbound data packets or streams, regardless of which computer (your computer or a remote computer) initiated the network connection.
Outbound (packet). Kaspersky Anti-Virus applies the rule to data packets sent by your computer. It is not applied in the application rules.
Outbound. Kaspersky Anti-Virus applies the rule to the network connection that was opened by your computer.
This column shows the Firewall action upon detection of network activity for which the packet rule was created. You can use the context menu of the cell in this column to change the action:
Allow. Kaspersky Anti-Virus allows the network connection.
Block. Kaspersky Anti-Virus blocks the network connection.
By application rules. Kaspersky Anti-Virus does not process the data stream according to the packet rule, but instead applies an application rule. This option is available during packet rule creation only.
Clicking this button causes Kaspersky Anti-Virus to remove the selected rule from the list.
Firewall sets the execution priority for each packet rule. The priority of a packet rule is determined by its position in the list. The first packet rule in the list has the highest priority. Firewall processes packet rules in the order in which they appear in the list, from top to bottom. Firewall finds the topmost packet rule that is suitable for the network connection and executes it by either allowing or blocking network activity. Firewall ignores all subsequent packet rules.
This drop-down list lets you select the action performed by Kaspersky Anti-Virus on detecting network activity for which the packet rule is created. The list contains the following values:
Allow. Kaspersky Anti-Virus allows the network connection.
Block. Kaspersky Anti-Virus blocks the network connection.
By application rules. Kaspersky Anti-Virus does not process the data stream according to the packet rule, but instead applies an application rule.
This drop-down list lets you choose the network activity direction to be monitored. The list contains the following directions of network activity:
Inbound. Kaspersky Anti-Virus applies the rule to network connections opened by a remote computer.
Outbound. Kaspersky Anti-Virus applies the rule to the network connection that was opened by your computer.
Inbound/Outbound. Kaspersky Anti-Virus applies the rule both to inbound and outbound data packets or streams, regardless of which computer (your computer or a remote computer) initiated the network connection.
Inbound (packet). Kaspersky Anti-Virus applies the rule to data packets received by your computer. It is not applied in the application rules.
Outbound (packet). Kaspersky Anti-Virus applies the rule to data packets sent by your computer. It is not applied in the application rules.
In the list, you can select a protocol type that you want Kaspersky Anti-Virus to monitor. The following protocols are available: TCP, UDP, ICMP, ICMPv6, IGMP, and GRE.
Allows you to set the range of addresses to which the rule is applied by Kaspersky Anti-Virus. Available values:
Any address. Kaspersky Anti-Virus applies the rule to any IP address.
Subnet addresses. Kaspersky Anti-Virus applies the rule to IP addresses from all networks that are currently connected and have the specified status. For this setting, below you can select the network status to which Kaspersky Anti-Virus should apply the rule (trusted networks, local networks, or public networks).
Addresses from the list. Kaspersky Anti-Virus applies the rule to IP addresses within the specified range. The Remote addresses and Local addresses fields are available for this setting (the Local addresses list is unavailable when a network rule is created).
With this button, you can enable or disable File Anti-Virus.
If the button is green, File Anti-Virus runs when the operating system starts. It is loaded in the RAM of the computer and scans files when they are opened, saved, and run. By default, File Anti-Virus is configured with the settings recommended by Kaspersky Lab specialists.
If the button is red, File Anti-Virus is disabled.
In the Security Level section, you can select one of three preconfigured security levels that File Anti-Virus uses when protecting files and memory.
At this security level, File Anti-Virus applies the strictest control to all files that are opened, saved, and run. File Anti-Virus scans all file types on all hard drives, network drives, and removable storage media of the computer. It also scans archives, installer packages, and embedded OLE objects.
This security level ensures the optimum balance between operating system performance and security. This level is suitable for most situations. The File Anti-Virus component scans only specified file formats on all hard drives, network drives, and removable storage media of the computer, and performs light heuristic analysis. OLE objects are scanned. Installation packages and archives are not scanned.
At this security level, File Anti-Virus scans only files with the specified extensions on all hard, removable, and network drives of the computer, and performs light heuristic analysis. Compound files are not scanned.
The Low security level allows for maximum scanning speed.
Clicking the link causes Kaspersky Anti-Virus to apply the Recommended security level. The link is displayed if you have modified settings in the Advanced settings of File Anti-Virus window.
In the drop-down list, you can select the action that File Anti-Virus performs when an infected or probably infected object is detected.
Prompt on detection. File Anti-Virus informs you of detection of an infected or probably infected object and prompts you for the action to take on it.
In interactive protection mode, this option is selected by default. In automatic protection mode, the option is unavailable.
Select action automatically. Upon detection of an infected or probably infected object, File Anti-Virus automatically performs the action recommended by Kaspersky Lab experts on the object. For infected objects, this action is Disinfect. This value is selected by default.
Before attempting to disinfect or delete an infected object, File Anti-Virus creates its backup copy for subsequent restoration or disinfection.
In automatic protection mode, this option is selected by default. In interactive protection mode, the option is unavailable.
Disinfect. File Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, File Anti-Virus blocks access to these objects.
Disinfect, if not possible – delete. File Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, File Anti-Virus deletes the objects.
Block. File Anti-Virus blocks access to the object. Relevant information is saved in a report.
Delete. File Anti-Virus deletes an infected or probably infected object. Relevant information is saved in a report.
Clicking this link opens the Advanced settings of File Anti-Virus window. In this window you can modify the protection scope of File Anti-Virus, set the intensity of file analysis by Heuristic Analyzer, configure the scan settings for different types of files, and select scan modes and technologies.
The window displays a list of applications that are installed on your computer.
To add an application you need to the exclusions:
Select the application from the list. If the application you need is not displayed in the list, click the Browse button and add the application manually.
Click the Next button.
The Exclusions for application window opens, where you can configure exclusion rules for the selected application.
In the File types section, you can select types of files that File Anti-Virus should scan. The default settings in this section depend on the selected level of security.
File Anti-Virus will scan all files without exclusions (all formats and extensions).
File Anti-Virus considers files without extensions to be executables; they are always scanned, regardless of which type of files you have selected for scanning.
If you select this option, File Anti-Virus scans only files which a virus could infiltrate. Before searching for viruses in a file, its internal header is analyzed to determine the file format (TXT, DOC, EXE, etc.). During the scan, file extensions are also taken into consideration.
File Anti-Virus treats files without extensions as executables. File Anti-Virus always scans them, regardless of the file types you have selected for scanning.
In this case File Anti-Virus scans only potentially infectable files. The file format is determined based on the extension of a file.
File Anti-Virus considers files without extensions to be executables; they are always scanned, regardless of which type of files you have selected for scanning.
Clicking this link opens the File Anti-Virus protection scope window.
The Scan methods section is designed for selecting methods that File Anti-Virus should use to scan the computer. The default settings in this section depend on the selected level of security.
Signature analysis uses the Kaspersky Anti-Virus database, which contains descriptions of known threats and methods for eradicating them. Protection using signature analysis provides a minimal acceptable security level.
As recommended by Kaspersky Lab experts, the application always has this analysis method enabled.
Changes the level of heuristic analysis. The heuristic analysis level sets the balance between the thoroughness of searches for threats, the load on the operating system's resources, and the time required for scanning.
The following heuristic analysis levels are available:
Light scan. Heuristic analyzer performs fewer operations found inside executable files. The probability of threat detection in this mode is somewhat lower. Scanning is faster and less resource-intensive.
Medium scan. Heuristic analyzer performs the number of instructions found within executable files recommended by the experts of Kaspersky Lab.
Deep scan. Heuristic analyzer performs more operations found in executable files. The probability of threat detection in this mode is higher. Scanning consumes more system resources and takes longer.
The Scan optimization section is designed for selecting methods that allow reducing the scan time. The default setting value in this section depends on the selected level of security.
This check box enables / disables the scanning only of new files and those files that have changed since the last time they were scanned. File Anti-Virus scans both plain and compound files.
The Scan of compound files section contains the list of compound files which File Anti-Virus checks for viruses. The default setting value in this section depends on the selected level of security.
An object attached to another file or embedded into another file through the use of the Object Linking and Embedding (OLE) technology. An example of an OLE object is a Microsoft Office Excel spreadsheet embedded into a Microsoft Office Word document.
An object attached to another file or embedded into another file through the use of the Object Linking and Embedding (OLE) technology. An example of an OLE object is a Microsoft Office Excel spreadsheet embedded into a Microsoft Office Word document.
An object attached to another file or embedded into another file through the use of the Object Linking and Embedding (OLE) technology. An example of an OLE object is a Microsoft Office Excel spreadsheet embedded into a Microsoft Office Word document.
An object attached to another file or embedded into another file through the use of the Object Linking and Embedding (OLE) technology. An example of an OLE object is a Microsoft Office Excel spreadsheet embedded into a Microsoft Office Word document.
embedded in files (such as Microsoft Office Excel spreadsheets or macros embedded in Microsoft Office Word files, email attachments) by Kaspersky Anti-Virus.
In this mode, File Anti-Virus scans an object based on the analysis of actions taken on the object (default mode).
For example, when working with a Microsoft Office document, Kaspersky Anti-Virus scans the file the first time it is opened and the last time it is closed. Intermediate operations that overwrite the file do not cause it to be scanned.
This technology is a development of the iChecker technology for computers using the NTFS file system.
There are limitations to iSwift Technology: it is bound to a specific file's location in the file system and works only with objects in the NTFS file system.
This check box enables / disables the use of iSwift technology.
This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from the scan using a special algorithm that takes into account the release date of Kaspersky Anti-Virus databases, the date when the file was scanned last, and any changes made to the scan settings.
There are limitations to iChecker Technology: it does not work with large files and applies only to files with a structure that the application recognizes (for example, EXE, DLL, LNK, TTF, INF, SYS, COM, CHM, ZIP, and RAR).
This check box enables / disables the use of iChecker technology.
In the Script scanner section, you can enable scanning of scripts and other objects using the Antimalware Scan Interface (AMSI) technology.
Clicking this link opens the Exclusions window. In this window, you can generate a list of scripts and other objects that Kaspersky Anti-Virus will not scan using the Antimalware Scan Interface technology.
By default, File Anti-Virus scans files executed on any hard drives, network drives, or removable media. Objects included in the list by default cannot be edited or deleted.
If this check box is selected, File Anti-Virus scans the object.
If this check box is cleared, File Anti-Virus temporarily excludes the object from scanning.
Clicking this button opens the Select file or folder to scan window. In this window you can select a folder or file to be included in the protection scope of File Anti-Virus.
Clicking this button deletes the selected object from the list.
The button is displayed on the right of each one of the objects that have been added manually. Scan objects included in the list by default cannot be removed.
This check box enables / disables the option that causes File Anti-Virus to reduce delay time when opening large-sized compound files.
If this check box is selected, File Anti-Virus does not unpack files larger than the specified limit. Files of a size which exceeds or equals the specified value are available for use while they undergo scanning. Files of a size which is less than the specified value are available for use only after File Anti-Virus unpacks them and scans their content.
If the check box is cleared, File Anti-Virus unpacks all compound files.
Regardless of whether the compound file itself undergoes scanning, File Anti-Virus scans files extracted from it.
Clicking this button opens a menu with a choice of the following actions:
Import and add to existing. Selecting this option lets you import a list of trusted web addresses from a CSV file. The current addresses are not deleted.
Import and replace existing. Selecting this option lets you import a list of trusted web addresses from a CSV file. The current addresses are deleted.
Export. Selecting this option lets you export a list of trusted web addresses to a CSV file.
This list includes web addresses of websites whose content you trust. Web Anti-Virus does not scan the content of URLs from this list. You can add either a trusted web address or an address mask to the list.
If the Active value is set in the address line in the Status column, Web Anti-Virus does not scan the content of web pages with this web address.
If the Inactive value is set in the address line in the Status column, Web Anti-Virus scans the content of web pages with this web address.
In the Security level section, you can use the slider to select one of the three available sets of preconfigured scan settings (security levels) created by Kaspersky Lab specialists.
You are advised to use this security level if there is a high chance of computer infection.
As opposed to the default scan settings, the scan settings of this security level cause Kaspersky Anti-Virus to scan all types of files. When scanning compound files, Kaspersky Anti-Virus also scans mail-format files.
This security level is the best option for handling applications with significant RAM requirements, because a smaller range of files is scanned when this level is selected
As opposed to the default scan settings, the scan settings of this security level cause Kaspersky Anti-Virus to scan only new and changed files. If more than 180 seconds are required to scan files, Kaspersky Anti-Virus excludes those files from scanning.
In the drop-down list, you can select the action that Kaspersky Anti-Virus performs on detecting an infected or probably infected object.
The following actions are available:
Select action automatically. When infected or probably infected objects are detected, Kaspersky Anti-Virus automatically performs the action that is recommended by Kaspersky Lab specialists. For infected objects the action is Disinfect, if not possible – delete. The actions that the application performs on probably infected objects depend on the values of the main protection settings.
Before attempting to disinfect or delete an infected object, Kaspersky Anti-Virus creates a backup copy in case there is a later need to restore the object or possibility of disinfecting it.
This option is available and enabled by default if automatic protection mode is selected. You can enable automatic protection mode in the application settings window, in the General section, by selecting the Perform recommended actions automatically check box.
Prompt when scan is complete. If Kaspersky Anti-Virus detects an infected or probably infected object during a scan, it notifies you of this event when the scan is complete and prompts you for an action to take on the detected objects.
This option is available and enabled by default if interactive protection mode is selected. You can enable interactive protection mode in the application settings window, in the General section, by clearing the Perform recommended actions automatically check box.
Prompt on detection. If Kaspersky Anti-Virus detects an infected or probably infected object during a scan, it immediately notifies you of this event and prompts you for an action to take on the detected object.
This option is available if interactive protection mode is selected.
Disinfect. Kaspersky Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, Kaspersky Anti-Virus blocks access to those objects.
Disinfect, if not possible – delete. Kaspersky Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, Kaspersky Anti-Virus deletes the objects.
Notify. When an infected or probably infected object is detected, a pop-up notification is displayed, showing details about the detected object.
Delete. If infected or probably infected objects are detected, Kaspersky Anti-Virus deletes them. Before deleting an infected or probably infected object, Kaspersky Anti-Virus creates a backup copy in case there is a later need to restore the object or possibility of disinfecting it.
In the drop-down list, you can select the action that Kaspersky Anti-Virus performs when an external device is connected to the computer.
The following actions are available:
Prompt for action. After you connect an external device, Kaspersky Anti-Virus prompts you for further action: Quick Scan, Full Scan, or Do not scan.
Do not scan. When you connect an external device, Kaspersky Anti-Virus does not scan it and does not prompt you for any actions to take on the connected device.
Quick Scan. When you connect an external device, Kaspersky Anti-Virus scans files in the root folder of the device. This option is selected by default.
Full Scan. When you connect an external device, Kaspersky Anti-Virus runs a full scan of all files on the external device in accordance with the settings of the Full Scan task.
Full Scan of devices with volume less than 64 GB. When you connect an external device with more than 64 GB of storage space, Kaspersky Anti-Virus does not scan it and does not prompt you for any actions to take on the connected device. If the external device has less than 64 GB of storage capacity, Kaspersky Anti-Virus runs a full scan of all files on the external device in accordance with the settings of the Full Scan task.
In this drop-down list, you can select one of the following actions:
Full Scan settings – open the Full Scan settings window. In this window, you can set the Full Scan security level, select the action on threat detection during Full Scan, modify the Full Scan scope, and configure additional Full Scan settings.
Quick Scan settings – open the Quick Scan settings window. In this window, you can set the Quick Scan security level, select the action on threat detection during Quick Scan, modify the Quick Scan scope, and configure additional Quick Scan settings.
Selective Scan settings – open the Selective Scan settings window. In this window, you can set the Selective Scan security level, select the action on threat detection during Selective Scan, and configure additional Selective Scan settings.
Vulnerability Scan scope – open the Scan window. In this window, you can specify the objects to be scanned by Kaspersky Anti-Virus during the vulnerability scan task.
Run scan with user rights – open the User Account Settings window. In this window, you can enter the name and password of the user under whose account the scan task will be performed.
In the Security level section, you can use the slider to select one of the three available sets of preconfigured Full Scan settings (security levels) created by Kaspersky Lab specialists. This security level is applied during a Full Scan task regardless of the security level selected for scanning in general (in the Scan section of the Settings window).
You are advised to use this security level if there is a high chance of computer infection.
As opposed to the default scan settings, the Full Scan settings of this security level cause Kaspersky Anti-Virus to scan all types of files. When scanning compound files, Kaspersky Anti-Virus also scans mail-format files.
This security level is the best option for handling applications with significant RAM requirements, because a smaller range of files is scanned when this level is selected.
As opposed to the default scan settings, the Full Scan settings of this security level cause Kaspersky Anti-Virus to scan only new and changed files. If more than 180 seconds are required to scan a file, Kaspersky Anti-Virus excludes this file from scanning.
In the drop-down list, you can select the action that Kaspersky Anti-Virus performs on detecting an infected or probably infected object.
The following actions are available:
Select action automatically. When infected or probably infected objects are detected, Kaspersky Anti-Virus automatically performs the action that is recommended by Kaspersky Lab specialists. For infected objects the action is Disinfect, if not possible – delete. The actions that the application performs on probably infected objects depend on the values of the main protection settings.
Before attempting to disinfect or delete an infected object, Kaspersky Anti-Virus creates a backup copy in case there is a later need to restore the object or possibility of disinfecting it.
This option is available and enabled by default if automatic protection mode is selected. You can enable automatic protection mode in the application settings window, in the General section, by selecting the Perform recommended actions automatically check box.
Prompt when scan is complete. If Kaspersky Anti-Virus detects an infected or probably infected object during a scan, it notifies you of this event when the scan is complete and prompts you for an action to take on the detected objects.
This option is available and enabled by default if interactive protection mode is selected. You can enable interactive protection mode in the application settings window, in the General section, by clearing the Perform recommended actions automatically check box.
Prompt on detection. If Kaspersky Anti-Virus detects an infected or probably infected object during a scan, it immediately notifies you of this event and prompts you for an action to take on the detected object.
This option is available if interactive protection mode is selected.
Disinfect. Kaspersky Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, Kaspersky Anti-Virus blocks access to those objects.
Disinfect, if not possible – delete. Kaspersky Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, Kaspersky Anti-Virus deletes the objects.
Notify. When an infected or probably infected object is detected, a pop-up notification is displayed, showing details about the detected object.
Delete. If infected or probably infected objects are detected, Kaspersky Anti-Virus deletes them. Before deleting an infected or probably infected object, Kaspersky Anti-Virus creates a backup copy in case there is a later need to restore the object or possibility of disinfecting it.
Clicking this link opens the Additional settings of Full Scan window. In this window, you can specify Full Scan settings for various file types and Full Scan optimization settings, and select Full Scan methods and technologies.
In the File types section, you can select types of objects that Kaspersky Anti-Virus should scan. The default settings in this section depend on the selected level of security.
If you select this option, Kaspersky Anti-Virus scans only files that can be infected by a virus. Prior to scanning an object for viruses, its internal header is analyzed in order to determine the file format. During the scan, file extensions are also taken into consideration.
This check box enables / disables the scanning only of new files and those files that have changed since the last time they were scanned. This scan mode applies both to simple and compound files.
This check box enables / disables the time limit for scanning an object. When the specified time interval elapses, file scanning is discontinued, and Kaspersky Anti-Virus skips the file.
Selecting this check box causes the scan to stop after 30 seconds by default.
The Scan of compound files section contains a list of type of compound files that Kaspersky Anti-Virus scans for viruses and other threats. The values of the default settings in this section depend on the security level set and the scan type selected (full scan, selective scan, or quick scan).
This check box enables / disables scanning of OLE-objects embedded in files (such as Microsoft Office Excel spreadsheets or macros embedded in Microsoft Office Word files, email attachments) by Kaspersky Anti-Virus.
If this check box is selected, Kaspersky Anti-Virus excludes from scanning compound files larger than the specified limit (except larger files extracted from archives).
If this check box is cleared, Kaspersky Anti-Virus scans compound files of all sizes.
In the Scan methods section, you can select methods that Kaspersky Anti-Virus should use when scanning the computer. The default settings in this section depend on the selected level of security.
When performing signature analysis, Kaspersky Anti-Virus uses databases that contain descriptions of known threats and ways of neutralizing them. Protection using signature analysis provides a minimal acceptable security level.
As recommended by Kaspersky Lab experts, the application always has this analysis method enabled.
The slider allows you to adjust the level of heuristic analysis. The heuristic analysis level sets the balance between the thoroughness of searches for threats, the load on the operating system's resources, and the time required for scanning.
The following heuristic analysis levels are available:
Light scan. Heuristic analyzer performs fewer operations found inside executable files. The probability of threat detection in this mode is somewhat lower. Scanning is faster and less resource-intensive.
Medium scan. Heuristic analyzer performs the number of actions found within executable files recommended by the experts of Kaspersky Lab.
Deep scan. Heuristic analyzer performs more operations found inside executable files. The probability of threat detection in this mode is higher. Scanning consumes more system resources and takes longer.
The slider is available if the Heuristic Analysis check box is selected.
In the Scan technologies section you can select a file scan technology.
This technology is a development of the iChecker technology for computers using the NTFS file system.
There are limitations to iSwift Technology: it is bound to a specific file's location in the file system and works only with objects in the NTFS file system.
This check box enables / disables the use of iSwift technology.
This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from the scan using a special algorithm that takes into account the release date of Kaspersky Anti-Virus databases, the date when the file was scanned last, and any changes made to the scan settings.
There are limitations to iChecker Technology: it does not work with large files and applies only to files with a structure that the application recognizes (for example, EXE, DLL, LNK, TTF, INF, SYS, COM, CHM, ZIP, and RAR).
This check box enables / disables the use of iChecker technology.
In the Security level section, you can use the slider to select one of the three available sets of preconfigured Quick Scan settings (security levels) created by Kaspersky Lab specialists. This security level is applied during a Quick Scan task regardless of the security level selected for scanning in general (in the Scan section of the Settings window).
You are advised to use this security level if there is a high chance of computer infection.
As opposed to the default scan settings, the Quick Scan settings of this security level cause Kaspersky Anti-Virus to scan all types of files. When scanning compound files, Kaspersky Anti-Virus also scans mail-format files.
This security level is the best option for handling applications with significant RAM requirements, because a smaller range of files is scanned when this level is selected.
As opposed to the default scan settings, the Quick Scan settings of this security level cause Kaspersky Anti-Virus to scan only new and changed files. If more than 180 seconds are required to scan a file, Kaspersky Anti-Virus excludes this file from scanning.
In the drop-down list, you can select the action that Kaspersky Anti-Virus performs on detecting an infected or probably infected object.
The following actions are available:
Select action automatically. When infected or probably infected objects are detected, Kaspersky Anti-Virus automatically performs the action that is recommended by Kaspersky Lab specialists. For infected objects the action is Disinfect, if not possible – delete. The actions that the application performs on probably infected objects depend on the values of the main protection settings.
Before attempting to disinfect or delete an infected object, Kaspersky Anti-Virus creates a backup copy in case there is a later need to restore the object or possibility of disinfecting it.
This option is available and enabled by default if automatic protection mode is selected. You can enable automatic protection mode in the application settings window, in the General section, by selecting the Perform recommended actions automatically check box.
Prompt when scan is complete. If Kaspersky Anti-Virus detects an infected or probably infected object during a scan, it notifies you of this event when the scan is complete and prompts you for an action to take on the detected objects.
This option is available and enabled by default if interactive protection mode is selected. You can enable interactive protection mode in the application settings window, in the General section, by clearing the Perform recommended actions automatically check box.
Prompt on detection. If Kaspersky Anti-Virus detects an infected or probably infected object during a scan, it immediately notifies you of this event and prompts you for an action to take on the detected object.
This option is available if interactive protection mode is selected.
Disinfect. Kaspersky Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, Kaspersky Anti-Virus blocks access to those objects.
Disinfect, if not possible – delete. Kaspersky Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, Kaspersky Anti-Virus deletes the objects.
Notify. When an infected or probably infected object is detected, a pop-up notification is displayed, showing details about the detected object.
Delete. If infected or probably infected objects are detected, Kaspersky Anti-Virus deletes them. Before deleting an infected or probably infected object, Kaspersky Anti-Virus creates a backup copy in case there is a later need to restore the object or possibility of disinfecting it.
Clicking this link opens the Additional settings of Quick Scan window. In this window, you can specify Quick Scan settings for various file types and Quick Scan optimization settings, and select Quick Scan methods and technologies.
In the File types section, you can select types of objects that Kaspersky Anti-Virus should scan. The default settings in this section depend on the selected level of security.
If you select this option, Kaspersky Anti-Virus scans only files that can be infected by a virus. Prior to scanning an object for viruses, its internal header is analyzed in order to determine the file format. During the scan, file extensions are also taken into consideration.
This check box enables / disables the scanning only of new files and those files that have changed since the last time they were scanned. This scan mode applies both to simple and compound files.
This check box enables / disables the time limit for scanning an object. When the specified time interval elapses, file scanning is discontinued, and Kaspersky Anti-Virus skips the file.
Selecting this check box causes the scan to stop after 30 seconds by default.
The Scan of compound files section contains a list of type of compound files that Kaspersky Anti-Virus scans for viruses and other threats. The values of the default settings in this section depend on the security level set and the scan type selected (full scan, selective scan, or quick scan).
This check box enables / disables scanning of OLE-objects embedded in files (such as Microsoft Office Excel spreadsheets or macros embedded in Microsoft Office Word files, email attachments) by Kaspersky Anti-Virus.
If this check box is selected, Kaspersky Anti-Virus excludes from scanning compound files larger than the specified limit (except larger files extracted from archives).
If this check box is cleared, Kaspersky Anti-Virus scans compound files of all sizes.
In the Scan methods section, you can select methods that Kaspersky Anti-Virus should use when scanning the computer. The default settings in this section depend on the selected level of security.
When performing signature analysis, Kaspersky Anti-Virus uses databases that contain descriptions of known threats and ways of neutralizing them. Protection using signature analysis provides a minimal acceptable security level.
As recommended by Kaspersky Lab experts, the application always has this analysis method enabled.
The slider allows you to adjust the level of heuristic analysis. The heuristic analysis level sets the balance between the thoroughness of searches for threats, the load on the operating system's resources, and the time required for scanning.
The following heuristic analysis levels are available:
Light scan. Heuristic analyzer performs fewer operations found inside executable files. The probability of threat detection in this mode is somewhat lower. Scanning is faster and less resource-intensive.
Medium scan. Heuristic analyzer performs the number of actions found within executable files recommended by the experts of Kaspersky Lab.
Deep scan. Heuristic analyzer performs more operations found inside executable files. The probability of threat detection in this mode is higher. Scanning consumes more system resources and takes longer.
The slider is available if the Heuristic Analysis check box is selected.
In the Scan technologies section you can select a file scan technology.
This technology is a development of the iChecker technology for computers using the NTFS file system.
There are limitations to iSwift Technology: it is bound to a specific file's location in the file system and works only with objects in the NTFS file system.
This check box enables / disables the use of iSwift technology.
This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from the scan using a special algorithm that takes into account the release date of Kaspersky Anti-Virus databases, the date when the file was scanned last, and any changes made to the scan settings.
There are limitations to iChecker Technology: it does not work with large files and applies only to files with a structure that the application recognizes (for example, EXE, DLL, LNK, TTF, INF, SYS, COM, CHM, ZIP, and RAR).
This check box enables / disables the use of iChecker technology.
In the Security level section, you can use the slider to select one of the three available sets of preconfigured Selective Scan settings (security levels) created by Kaspersky Lab specialists. This security level is applied during a Selective Scan task regardless of the security level selected for scanning in general (in the Scan section of the Settings window).
You are advised to use this security level if there is a high chance of computer infection.
As opposed to the default scan settings, the Selective Scan settings of this security level cause Kaspersky Anti-Virus to scan all types of files. When performing a Selective Scan of compound files, Kaspersky Anti-Virus also scans mail-format files.
This security level is the best option for handling applications with significant RAM requirements, because a smaller range of files is scanned when this level is selected.
As opposed to the default scan settings, the Selective Scan settings of this security level cause Kaspersky Anti-Virus to scan only new and changed files. If more than 180 seconds are required to scan a file, Kaspersky Anti-Virus excludes this file from the selective scan.
In the drop-down list, you can select the action that Kaspersky Anti-Virus performs on detecting an infected or probably infected object.
The following actions are available:
Select action automatically. When infected or probably infected objects are detected, Kaspersky Anti-Virus automatically performs the action that is recommended by Kaspersky Lab specialists. For infected objects the action is Disinfect, if not possible – delete. The actions that the application performs on probably infected objects depend on the values of the main protection settings.
Before attempting to disinfect or delete an infected object, Kaspersky Anti-Virus creates a backup copy in case there is a later need to restore the object or possibility of disinfecting it.
This option is available and enabled by default if automatic protection mode is selected. You can enable automatic protection mode in the application settings window, in the General section, by selecting the Perform recommended actions automatically check box.
Prompt when scan is complete. If Kaspersky Anti-Virus detects an infected or probably infected object during a scan, it notifies you of this event when the scan is complete and prompts you for an action to take on the detected objects.
This option is available and enabled by default if interactive protection mode is selected. You can enable interactive protection mode in the application settings window, in the General section, by clearing the Perform recommended actions automatically check box.
Prompt on detection. If Kaspersky Anti-Virus detects an infected or probably infected object during a scan, it immediately notifies you of this event and prompts you for an action to take on the detected object.
This option is available if interactive protection mode is selected.
Disinfect. Kaspersky Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, Kaspersky Anti-Virus blocks access to those objects.
Disinfect, if not possible – delete. Kaspersky Anti-Virus attempts to disinfect all infected objects that are detected. If disinfection fails, Kaspersky Anti-Virus deletes the objects.
Notify. When an infected or probably infected object is detected, a pop-up notification is displayed, showing details about the detected object.
Delete. If infected or probably infected objects are detected, Kaspersky Anti-Virus deletes them. Before deleting an infected or probably infected object, Kaspersky Anti-Virus creates a backup copy in case there is a later need to restore the object or possibility of disinfecting it.
Clicking this link opens the Additional settings of Selective Scan window. In this window, you can specify Selective Scan settings for various file types and Selective Scan optimization settings, and select Selective Scan methods and technologies.
In the File types section, you can select types of objects that Kaspersky Anti-Virus should scan. The default settings in this section depend on the selected level of security.
If you select this option, Kaspersky Anti-Virus scans only files that can be infected by a virus. Prior to scanning an object for viruses, its internal header is analyzed in order to determine the file format. During the scan, file extensions are also taken into consideration.
This check box enables / disables the scanning only of new files and those files that have changed since the last time they were scanned. This scan mode applies both to simple and compound files.
This check box enables / disables the time limit for scanning an object. When the specified time interval elapses, file scanning is discontinued, and Kaspersky Anti-Virus skips the file.
Selecting this check box causes the scan to stop after 30 seconds by default.
The Scan of compound files section contains a list of type of compound files that Kaspersky Anti-Virus scans for viruses and other threats. The values of the default settings in this section depend on the security level set and the scan type selected (full scan, selective scan, or quick scan).
This check box enables / disables scanning of OLE-objects embedded in files (such as Microsoft Office Excel spreadsheets or macros embedded in Microsoft Office Word files, email attachments) by Kaspersky Anti-Virus.
If this check box is selected, Kaspersky Anti-Virus excludes from scanning compound files larger than the specified limit (except larger files extracted from archives).
If this check box is cleared, Kaspersky Anti-Virus scans compound files of all sizes.
In the Scan methods section, you can select methods that Kaspersky Anti-Virus should use when scanning the computer. The default settings in this section depend on the selected level of security.
When performing signature analysis, Kaspersky Anti-Virus uses databases that contain descriptions of known threats and ways of neutralizing them. Protection using signature analysis provides a minimal acceptable security level.
As recommended by Kaspersky Lab experts, the application always has this analysis method enabled.
The slider allows you to adjust the level of heuristic analysis. The heuristic analysis level sets the balance between the thoroughness of searches for threats, the load on the operating system's resources, and the time required for scanning.
The following heuristic analysis levels are available:
Light scan. Heuristic analyzer performs fewer operations found inside executable files. The probability of threat detection in this mode is somewhat lower. Scanning is faster and less resource-intensive.
Medium scan. Heuristic analyzer performs the number of actions found within executable files recommended by the experts of Kaspersky Lab.
Deep scan. Heuristic analyzer performs more operations found inside executable files. The probability of threat detection in this mode is higher. Scanning consumes more system resources and takes longer.
The slider is available if the Heuristic Analysis check box is selected.
In the Scan technologies section you can select a file scan technology.
This technology is a development of the iChecker technology for computers using the NTFS file system.
There are limitations to iSwift Technology: it is bound to a specific file's location in the file system and works only with objects in the NTFS file system.
This check box enables / disables the use of iSwift technology.
This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from the scan using a special algorithm that takes into account the release date of Kaspersky Anti-Virus databases, the date when the file was scanned last, and any changes made to the scan settings.
There are limitations to iChecker Technology: it does not work with large files and applies only to files with a structure that the application recognizes (for example, EXE, DLL, LNK, TTF, INF, SYS, COM, CHM, ZIP, and RAR).
This check box enables / disables the use of iChecker technology.
Select an account whose rights will be used by Kaspersky Anti-Virus to run scan tasks. The feature is available for running both manual scans and scheduled scans in Kaspersky Anti-Virus.
The following options are available:
Current user. Scan tasks will be run with the rights of the current account.
Other user. The specified user account will be used to run scan tasks. If you select this option, type the account name and the password in the User account and Password fields, respectively.
If the check box is selected, the application runs skipped tasks. For example, if the computer was turned off, the application runs the skipped tasks after the computer is turned on.
If this check box is cleared, Kaspersky Anti-Virus does not run skipped tasks. Instead, it runs the next task in accordance with the specified schedule.
This check box is displayed when the daily or weekly value is selected in the list.
This check box enables / disables the function of Kaspersky Anti-Virus for postponing task launch until you are done using the computer. This means that scan tasks will not use system resources while you work.
If this check box is selected, Kaspersky Anti-Virus runs a scheduled scan after the screensaver is activated or the computer is locked.
The check box is not displayed if the manually option in the Run scan list is selected.
Contains a list of disks, folders, and other objects that Kaspersky Anti-Virus scans when running the selected task: Full Scan, Quick Scan, or Vulnerability Scan.
If the check box in the object line is selected, Kaspersky Anti-Virus scans the object when running the task.
If the check box in the object line is cleared, Kaspersky Anti-Virus excludes this object from the scan.
Clicking this button opens a window for selecting a file or a folder that you want to add to the list of objects to scan. Each object selected for scanning is added to the end of the list.
Clicking this button deletes the selected object from the list.
The button is displayed on the right of each one of the objects that have been added manually. Scan objects included in the list by default cannot be removed.
The field contains the path to a file or folder to be added to the list of objects included in the scan or protection scope. You can select a file or a folder from the tree above the entry field, or specify one manually.
In the Update section, you can modify settings for downloading and installing Kaspersky Anti-Virus databases and application software modules.
In the Threats and Exclusions section, you can create a list of the objects that Kaspersky Anti-Virus will ignore.
In the Self-Defense section, you can enable or disable protection of Kaspersky Anti-Virus files as well as memory processes and system registry records.
In the Network section, you can enable or disable network port control and scanning of encrypted connections, as well as configure proxy server settings.
In the Notifications section, you can enable or disable notifications about application events. In this section, you can configure display of the information that is most relevant to you when you visit the websites of Kaspersky Lab and its partners.
In the Reports and Quarantine section, you can define storage settings for files moved to Quarantine and settings for information on detected threats that is recorded in reports.
The Additional protection and management tools lets you manage the connection to Kaspersky Security Network and My Kaspersky portal.
In the Appearance section, you can configure notification settings and the appearance of the application icon.
Clicking this link opens the Run mode for database updates window. In this window, you can create a schedule according to which Kaspersky Anti-Virus will run update tasks.
This check box enables / disables display of the quick launch icon for On-Screen Keyboard in entry fields on websites.
By default, this check box is cleared until you restart the computer for the first time after installation of the application. After you restart the computer, this check box is selected.
Clicking this link opens the Categories window. In this window, you can specify websites on which the quick launch icon for On-Screen Keyboard is displayed in entry fields. In this window, you can create lists of websites on which the quick launch icon for On-Screen Keyboard is displayed or not displayed regardless of the selected website categories.
In the Secure Keyboard Input section, you can enable secure keyboard data input, as well as specify which data to protect and on which websites.
This check box enables / disables Secure Keyboard Input.
By default, this check box is cleared until you restart the computer for the first time after installation of the application. After you restart the computer, this check box is selected by default.
Clicking this link opens the Categories window. In this window, you can specify on which websites to protect data that is entered from the computer keyboard. You can also create lists of websites for which to enable or disable Secure Keyboard Input regardless of the selected website categories.
The list contains the addresses of resources from which Kaspersky Anti-Virus downloads database and application module updates. In the Source column, an FTP or HTTP site or a path to a network or local folder can be specified.
During the update process, Kaspersky Anti-Virus checks this list, selects the first server address, and tries to download the updates package from it. If Kaspersky Anti-Virus fails to download the update package from the selected address, it proceeds to the next address in the list and attempts to download the update package.
If the Active value is set in the update source line in the Status column, Kaspersky Anti-Virus uses this update source.
If the Inactive value is set in the update source line in the Status column, Kaspersky Anti-Virus does not use this update source.
By default, the list contains only Kaspersky Lab update servers. This update source cannot be edited or removed.
When using an update source other than Kaspersky Lab update servers, make sure that the database and application module updates are compatible with your version of Kaspersky Anti-Virus.
The path to the folder from which the Kaspersky Anti-Virus obtains database and application module updates. In this field, you can specify the address of the folder (local or network folder) or FTP server.
In the drop-down list, you can select how often the update task runs and configure the task schedule:
Automatically (recommended). Kaspersky Anti-Virus checks the update source for new updates with the set frequency. The frequency of checks can be increased during virus outbreaks and decreased when there are none. After detecting an update package, Kaspersky Anti-Virus downloads it and installs it on the computer. We recommend that you select this option, as it is important to protect your computer.
Daily. The task runs every day. The time of the task start is specified in the Time field below.
Weekly. The task starts on the day of the week selected in the Day of the week list below. The time of the task start is specified in the Time field below.
After application startup. The task starts in 15 minutes after each startup of Kaspersky Anti-Virus.
Manually. You run the update task yourself at the time of your choosing.
If the check box is selected, the application runs skipped tasks. For example, if the computer was turned off, the application runs the skipped tasks after the computer is turned on.
If this check box is cleared, Kaspersky Anti-Virus does not run skipped tasks. Instead, it runs the next task in accordance with the specified schedule.
This check box is displayed when the daily or weekly value is selected in the list.
Update tasks for Kaspersky Anti-Virus are run with the rights of the user account that you select. This feature is available for running an update task for Kaspersky Anti-Virus both manually and according to a schedule.
The following options are available:
Current user. The rights of the current account (the operating system account under which you are logged in) will apply to update tasks.
Other user. Update tasks will run under the specified user account. If you select this option, specify an account name and the password in the User account and Password fields, respectively.
This check box enables / disables detection by Kaspersky Anti-Virus of software that criminals may use to damage your computer or the data stored on it.
In the Exclusions section, you can create a list of the objects that Kaspersky Anti-Virus will ignore.
Clicking this link opens a window with the list of trusted applications. If an application is included in the list of trusted ones, Kaspersky Anti-Virus does not monitor objects (such as files) used by that application.
In the Advanced Disinfection section, you can enable or disable use of Advanced Disinfection technology.
If this check box is selected, when Kaspersky Anti-Virus detects malicious activity in the operating system, it prompts you to perform special advanced disinfection to eliminate the threat. Upon completion of the procedure, the computer is restarted. Advanced Disinfection technology uses considerable computer resources, which may affect the performance of the operating system.
If this check box is cleared, the disinfection technology is not applied to active infections.
The name of the object to be excluded from scanning. The name of object is provided according to the Virus Encyclopedia classification.
In the Protection components section you can specify protection components (for example, File Anti-Virus or Web Anti-Virus) to that will apply the exclusion.
By default, all protection components apply a new exclusion.
Contains trusted applications; the objects (for example, files) used by these applications are not restricted.
If the application line shows the Active value in the Status column, Kaspersky Anti-Virus excludes objects that are used by this application from scanning. Kaspersky Anti-Virus still scans the executable file and trusted application process for viruses and other threats.
If the Inactive value is set in the Status column in the row of an application, Kaspersky Anti-Virus scans the executable file of the trusted application, the application process, and the objects used by the application. The application remains in the list of trusted applications.
This column shows whether Kaspersky Anti-Virus scans objects used by the application (for example, files).
If the Active value is set in the Status column, Kaspersky Anti-Virus excludes objects that are used by the application from scanning. However, Kaspersky Anti-Virus still scans the executable file and the process of the trusted application.
If the Inactive value is set in the Status column, Kaspersky Anti-Virus scans the executable file of the trusted application, the application process, and the objects used by the application. The application remains in the list of trusted applications.
If the check box is selected, application activity is monitored according to your defined rules or according to the rules of the trust group to which the application belongs.
If this check box is cleared, the application inherits rules from the parent application by which it was started.
If the check box is selected, the application is allowed to manage Kaspersky Anti-Virus using its graphical user interface. You may need to allow the application to manage the interface of Kaspersky Anti-Virus when using a remote desktop connection application or an application supporting the operation of a data input device. Examples of such devices include touch pads and graphic tablets.
This check box enables / disables a mechanism of Kaspersky Anti-Virus that protects the application against modification or deletion of its files from the hard drive, memory processes, and system registry entries.
If this check box is selected, the ability to perform external control of the system service is also disabled. When external control of the system service is disabled, Kaspersky Anti-Virus blocks all attempts to perform remote management of application services. If an attempt to manage the application remotely is detected, a notification appears above the Kaspersky Anti-Virus icon in the Microsoft Windows taskbar notification area (if notifications are not disabled).
In the Cost-Aware Networking section, you can specify whether or not the application must limit traffic based on calculations of Internet connection costs. This section is displayed when using Microsoft Windows 8 or a later operating system.
If this check box is selected, the application limits its own network traffic when the Internet connection is limited. Kaspersky Anti-Virus identifies a high-speed mobile Internet connection as a limited connection and identifies a Wi-Fi connection as an unlimited connection.
This check box is displayed when using Microsoft Windows 8 or a later operating system.
In the Traffic processing section, you can specify whether or not the application should inject a web page interaction script into traffic.
If the check box is selected, Kaspersky Anti-Virus injects a web page interaction script into web traffic. This script ensures the operation of such components as URL Advisor and Secure Data Input.
In the Monitored ports section, you can select the port monitoring mode that Mail Anti-Virus and Web Anti-Virus use to scan data streams.
Clicking this link opens the Network ports window. In this window, you can create a list of ports to be monitored or a list of applications for which Kaspersky Anti-Virus monitors all ports.
In the Encrypted connections scanning section, you can enable / disable scanning for encrypted connections that use the SSL protocol.
Kaspersky Anti-Virus uses the installed Kaspersky certificate to verify the security of SSL connections if this is required by the protection components Web Anti-Virus and URL Advisor.
If these components are disabled, Kaspersky Anti-Virus does not verify the security of SSL connections.
After Kaspersky Anti-Virus verifies an SSL connection, the certificates of websites may not display the name of the organization under which the website is registered.
If you do not want the application to verify the SSL connection with a website, you can exclude the website from verification.
If this option is selected, Kaspersky Anti-Virus always uses the installed Kaspersky certificate to ensure that connections are secure.
Use of the Secure Sockets Layer (SSL) protocol for connections allows safely exchanging data on the Internet. The SSL protocol makes it possible to identify the parties exchanging data using electronic certificates, encrypt data during transfer, and ensure the integrity of data during transfer.
If Kaspersky Anti-Virus detects an invalid certificate when connecting to a server (for example, when the certificate has been replaced by someone with malicious intentions), Kaspersky Anti-Virus displays a notification prompting you to accept or reject the certificate, or else to view information about the certificate. If Kaspersky Anti-Virus is operating in automatic protection mode, Kaspersky Anti-Virus automatically terminates any connection that uses an invalid certificate, without displaying any notification.
In the drop-down list, you can select the action that the application will perform if a secure connections scan error occurs on a website.
Ignore. The application terminates the connection with the website on which the scan error occurred.
Ask. The application shows you a notification with a prompt to add a website address to the list of websites on which scan errors occurred. The website address will be checked against the database of malicious objects.
Add website to exclusions. The application adds the website address to the list of websites on which scan errors occurred. The website address will be checked against the database of malicious objects.
You can click this link to go to the Websites with scan errors window. In this window, you can view the websites that could not be scanned due to errors when connecting to them. The addresses of the websites were checked against the database of malicious objects.
Clicking this link opens the Exclusions window. In this window, you can generate a list of websites that will not be scanned by the protection components Web Anti-Virus and URL Advisor.
If the check box is selected, Kaspersky Anti-Virus scans encrypted traffic in Mozilla applications. Access to some websites via the HTTPS protocol may be blocked.
You can use this check box to block / allow connections with a remote server via the SSL 2.0 protocol.
If the check box is selected, Kaspersky Anti-Virus blocks encrypted connections established via the SSL 2.0 protocol and displays a notification that the connection has been blocked.
If this check box is cleared, Kaspersky Anti-Virus allows you to establish secure connections via the SSL 2.0 protocol and does not monitor them.
It is not recommended to use the SSL 2.0 protocol, because it has limitations that affect secure data transmission.
This check box enables / disables decryption of encrypted SSL connections with an EV (Extended Validation) certificate.
EV certificates confirm the authenticity of websites and improve the security of the connection. Browsers use a lock icon in their address bar to indicate that a website has an EV certificate. Browsers may also fully or partially color the address bar in green.
If the check box is selected, Kaspersky Anti-Virus does not decrypt encrypted SSL connections with EV certificates.
If the check box is cleared, Kaspersky Anti-Virus decrypts encrypted SSL connections with an EV certificate. After decryption, the browser does not indicate that the website has an EV certificate.
If you are opening a website with an EV certificate for the first time, the encrypted connection will be decrypted regardless of whether or not the check box is selected.
This button enables / disables use of a proxy server for Internet connections. An Internet connection is required for the operation of some protection components in Kaspersky Anti-Virus, as well as for updating databases and application modules.
Kaspersky Anti-Virus detects the proxy server settings automatically using WPAD (Web Proxy Auto-Discovery Protocol).
If this protocol cannot determine the address, Kaspersky Anti-Virus uses the proxy server settings specified in Microsoft Internet Explorer. Kaspersky Anti-Virus does not take into account the settings of proxy servers specified for other browsers that are installed on the user's computer.
Authentication is verification of the user's sign-in information.
This check box enables / disables the use of authentication on the proxy server.
If this check box is selected, Kaspersky Anti-Virus will first attempt to perform NTLM authentication, and then BASIC authentication.
If this check box is cleared, or if the proxy server settings are not defined, Kaspersky Anti-Virus will attempt to perform NTLM authentication using the account under which the task (for example, an update task) has been run.
If the proxy server requires authentication and no user name and password were entered, or if the specified data was not accepted by the proxy server, a window opens, prompting you for the user name and password. If authentication is successful, Kaspersky Anti-Virus uses the specified user name and password in the future. Otherwise, Kaspersky Anti-Virus will prompt you for the authentication settings again.
If this check box is selected, Kaspersky Anti-Virus does not use a proxy server when updating databases and application software modules from a local or network folder.
If this check box is cleared, Kaspersky Anti-Virus uses the proxy server when updating databases and application software modules from a local or network folder.
Contains information about ports on which connections are monitored by Kaspersky Anti-Virus.
If the Active value is set in the port line in the Status column, Kaspersky Anti-Virus monitors the traffic passing through this port.
If the Inactive value is set in the port line in theStatus column, Kaspersky Anti-Virus excludes this port from scans, but does not remove it from the list of ports.
A list of ports that are normally used for transferring email and web traffic is included in the Kaspersky Anti-Virus distribution kit. By default, Kaspersky Anti-Virus monitors traffic passing through all ports from this list.
This button opens the Network port window. In this window, you can change the number of a network port selected from the list, as well as its description.
If this check box is selected, Kaspersky Anti-Virus monitors all network ports of applications that are vulnerable to network attacks. Kaspersky Lab specialists have created a list of vulnerable applications.
If this check box is cleared, Kaspersky Anti-Virus does not monitor ports used by applications that are vulnerable to network attacks.
Clicking this button opens a menu with a choice of the following actions:
Import and add to existing. Selecting this action lets you download a list of addresses of websites that you want to exclude from scanning. The list of addresses must be saved to a CSV file. The current addresses are not deleted.
Import and replace existing. Selecting this action lets you download a list of addresses of websites that you want to exclude from scanning. The list of addresses must be saved to a CSV file. The current addresses are deleted.
Export. Selecting this action lets you save the list of addresses of websites that you have excluded from scanning. The application saves a list of addresses in a CSV file.
In this field, you must specify the domain name of the website to exclude from scanning. You can change the domain name indicated in the field.
The indicated domain name is displayed in the list of exclusions. Application components scan the domain name depending on the status that you have selected.
This window displays the progress of automatic installation of the certificate. Task completion may take some time.
Kaspersky Anti-Virus searches for web browsers installed on the user's computer and then automatically installs certificates to the Microsoft Windows certificate storage.
While installing the certificate, a Microsoft Windows security notification may appear on the screen, prompting you to confirm installation of the certificate.
This check box enables / disables notification about events.
If this check box is cleared, Kaspersky Anti-Virus does not notify you of events that occur during its operation, but logs information about them in a report.
Notifications can be implemented using the following methods:
Pop-up messages above the Kaspersky Anti-Virus icon in the taskbar notification area
Clicking this link lets you restore the default values for notification display settings. If you have previously blocked display of notifications, display of these notifications will resume.
The link is not available if there are no hidden notifications.
This check box enables / disables notifications about unread news in the taskbar notification area.
If the check box is cleared, Kaspersky Anti-Virus continues to receive informational messages and advertisements from Kaspersky Lab but does not display notifications about them.
This check box enables / disables the option that allows showing or hiding information about software and special offers on the websites of Kaspersky Lab and partner companies.
If this check box is selected, these websites show you special offers to buy software that are picked specially for you based on the licenses for Kaspersky Lab applications that you have already purchased.
If this check box is cleared, these websites display standard offers for application purchase.
If this check box is selected, Kaspersky Anti-Virus determines whether you are a user of social networks, and displays information about Kaspersky Lab's activities in social network news feeds.
If this check box is cleared, Kaspersky Anti-Virus displays a standard set of Kaspersky Lab news.
If this check box is selected, the application continues to download and display new promotional messages and offers even after the license expires.
If this check box is cleared, new promotional messages and offers are not downloaded. The application shows messages that had been received before license expiration.
This check box enables / disables the option for limiting the period for reports storage. Reports can be stored for one day, one week, one or six months, or one year.
If the check box is selected, reports are stored during the period selected in the drop-down list located next to the check box. When this time period ends, Kaspersky Anti-Virus deletes the report.
If this check box is cleared, the storage duration for reports is unlimited.
This check box enables / disables the option to limit the maximum size of report files. The maximum file size is specified in megabytes.
If this check box is selected, the maximum report size is 1024 MB by default. When the maximum file size is exceeded, the oldest records are removed from the file as new ones are added.
If this check box is cleared, the report file size is not limited.
This check box enables / disables the option to add information about all Kaspersky Anti-Virus events to the report.
Kaspersky Anti-Virus records detailed information about unsuccessful application updates in reports, regardless of whether or not the check box is selected. The application stops recording detailed information after the first successful update and resumes recording information when an update fails.
The check box enables / disables the option for limiting the storage period for objects in Quarantine. Reports can be stored for one day, one week, one or six months, or one year.
If the check box is selected, objects are stored during the period selected in the drop-down list located next to the check box.
If this check box is cleared, the storage term for objects is unlimited.
This check box enables / disables the option for limiting the maximum size of Quarantine. The size of Quarantine is specified in megabytes.
If the check box is selected, the default maximum storage size is 100 MB. When the maximum size is exceeded, the oldest objects are removed from storage, while new ones are added.
If this check box is cleared, storage size is unlimited.
In the Kaspersky Security Network section, you can accept or cancel participation in Kaspersky Security Network.
Kaspersky Security Network is a cloud-based knowledge base of Kaspersky Lab containing information about the reputation of applications and websites. Use of data from Kaspersky Security Network ensures faster responses by Kaspersky Lab applications to new threats, improves the performance of some protection components, and reduces the likelihood of false positives.
If you installed the application in the European Union, this window displays the Kaspersky Security Network Statement section instead of the Kaspersky Security Network section. Please read this statement carefully. The statement contains information on the personal data that you provide to Kaspersky Lab.
Clicking this button opens a window where you can view the Kaspersky Security Network Statement and agree or refuse to participate in Kaspersky Security Network.
This button is available if you have refused to participate in Kaspersky Security Network.
By clicking this button, you terminate your participation in Kaspersky Security Network. You can resume your participation in Kaspersky Security Network at any time.
In the Computer is connected to My Kaspersky portal section, you can review information about the portal, go to the portal, or disconnect the computer from the portal. This section is displayed if the computer is connected to the portal.
If you installed the application in the European Union, this window also displays the Statement regarding data processing for marketing purposes section. This statement allows us to create more valuable offers for you. Please read this statement carefully. The statement contains information on the personal data that you provide to Kaspersky Lab.
This check box enables / disables animation of the Kaspersky Anti-Virus icon.
If this check box is selected, the icon in the taskbar notification area changes depending on the operation that Kaspersky Anti-Virus is currently performing.
For example, if Kaspersky Anti-Virus is downloading updates, the icon displays a revolving miniature globe.
If this check box is cleared, the animation is disabled. In this case, the Kaspersky Anti-Virus icon displays only the protection status of your computer: if protection is enabled, the icon is colored; if it is paused or disabled, the icon is gray.
To change the appearance of the application icon (return to the K-letter icon), type IDDQD in the About window. To apply changes, you need to restart Kaspersky Anti-Virus and all open browsers.
In the Smooth transition between windows section, you can configure smooth transition settings. The smooth transition between windows is done by sliding the new window over the previous one, from right to left.
A scan for viruses and other threats as well as database and application module updates sometimes use up a lot of computer resources and take a long time.
This check box enables / disables power-saving mode on laptop computers, during which virus scan and update tasks are postponed. If necessary, you can update databases and application modules of Kaspersky Anti-Virus or run a scan for viruses and other threats manually.
If the check box is selected, Kaspersky Anti-Virus does not run scan or update tasks and does not display notifications when you play games or run applications in full-screen mode.
This check box controls the use of operating system resources by Kaspersky Anti-Virus.
If this check box is selected, only critical protection components of Kaspersky Anti-Virus are run at the startup of the operating system. Protection is completely enabled after the operating system loads.
If this check box is cleared, all protection components are run simultaneously when the operating system starts up.
If the check box is selected, whenever the operating system is shut down, Kaspersky Anti-Virus operates with a focus on scanning files that appear on the drive while the operating system is being restarted. If any of these files are malicious, the application neutralizes them after the operating system is restarted.
Preventing infection during restart does not work if the Block action on threat detection is selected in the File Anti-Virus settings.
When Kaspersky Anti-Virus runs scan tasks, this may result in increased workload on the CPU and disk subsystems, which affects the performance of other applications. If such a situation occurs, Kaspersky Anti-Virus can pause scan tasks and free up system resources for the user's applications.
This check box enables / disables the option for pausing scan tasks. This helps to relieve the load on the CPU and disk subsystems.
This check box enables / disables the option to run scan tasks (scanning of system memory, the system partition, or startup objects) and update tasks while the computer is locked or the screensaver is on.
If the computer is running on battery power, Kaspersky Anti-Virus does not perform tasks when the computer is idle.
If this check box is cleared, Kaspersky Anti-Virus does not run scan and update tasks while the computer is idle.
A program or a set of programs for hiding traces of an intruder or malware in the operating system. On Windows-based operating systems, a rootkit usually means a program that penetrates into the operating system and intercepts system functions (Windows APIs). Above all, interception and modification of low-level API functions allow such a program to make its presence in the operating system quite stealthy. A rootkit can usually also mask the presence of any processes, folders, and files that are stored on a disk drive, in addition to registry keys, if they are described in the configuration of the rootkit. Many rootkits install their own drivers and services on the system (these also are "invisible").
in background mode.
If this check box is cleared, Kaspersky Anti-Virus does not perform regular rootkit scans.
Clicking this link opens the Pause File Anti-Virus window. In this window, you can specify a time period during which you want to pause File Anti-Virus. You can also create a list of applications that, when run, will pause File Anti-Virus.
This list contains applications which, when started, cause File Anti-Virus to pause.
For example, you can add applications that require considerable system resources to the list. After such an application closes, File Anti-Virus is automatically re-enabled.
Clicking this link opens a window for selecting the executable file of an application. After you select an executable file, the application is added to the list of applications whose startup causes File Anti-Virus to pause.
A drop-down list in which you can select a category for your feedback. The feedback category may touch on the problem with a website opened in Protected Browser:
I do not use it. Select this item if you are not using Safe Money or decided to opt out of using Safe Money.
Website opens slowly. Select this item if the website takes longer to open than in a regular browser.
Protected Browser starts when not needed. Select this item if websites that do not require use of Safe Money are opening in Protected Browser.
Website authorization fails. Select this item if errors occur during authorization attempts on a website opened in Protected Browser.
Website displays incorrectly or does not open. Select this item if websites are not opened in Protected Browser or are displayed with errors or distortions.
Website certificate verification errors. Select this item if error messages appear during validation of website certificates.
Unable to take a screenshot when Protected Browser is running. Select this item if screenshots are not being created in Protected Browser.
Errors when inputting data from the keyboard or from the clipboard. Select this item if errors occur during input of data in Protected Browser.
A web page open in Protected Browser does not print. Select this item if you are unable to print an open page of a website.
A message appears, warning about important operating system updates not installed. Select this item if the "Critical system updates are not installed" message appears when running Protected Browser.
Another browser runs as Protected Browser. Select this item if Protected Browser is opened in a different browser than the one in which you start it.
Other. Select this item if the problem you are experiencing is not covered by the other items.
You are not required to specify the feedback category.
You can send feedback on the operation of the Safe Money component up to 10 times per day. If the application fails to send your feedback (for example, Internet connection is not available), this feedback is saved to your computer. Feedback is stored openly for 30 days.
If the check box is selected, Kaspersky Anti-Virus automatically searches for updates for installed applications and downloads and installs the available updates if this does not require your consent to new end user license agreements.
In this setting, you must select which updates for applications will be downloaded and installed by Kaspersky Anti-Virus:
Important updates that improve computer security – Kaspersky Anti-Virus installs only important updates that fix software vulnerabilities and improve the security of your computer.
All updates for known applications – Kaspersky Anti-Virus installs all updates for applications.
Clicking this link opens the Exclusions window with the list of exclusions. Skipped updates of installed applications are placed into the exclusions list. You can skip individual updates as well as all updates for a specific application installed on your computer.
Clicking this button opens a menu in which you can select the following options:
Do not update this application – Kaspersky Anti-Virus adds the application to the exclusions list and does not display notifications about the availability of updates for the selected application.
Skip this update – Kaspersky Anti-Virus adds the application update to the list of exclusions and does not display notifications about it.
Open the vendor website – the website of the application vendor opens in the operating system's default browser. You can view the update on the website and download it manually.
Skipped updates of installed applications are placed into the Exclusions list. You can skip individual updates as well as all updates for a specific application installed on your computer.
The Exclusions list consists of the following columns:
Application - this column displays the application name.
Skip – this column may contain the following values:
Version of update – this is displayed if you skipped an individual update for an installed application.
All updates – this is displayed if you decided not to update the application.
Clicking this button removes the selected applications from the list of exclusions. This button is available if the application is selected in the list.
Kaspersky Anti-Virus will notify you about the availability of updates for applications that have been removed from the list.
Clicking this button starts an analysis of installed applications for the purpose of searching for applications that possibly have non-standard installation or removal, are rarely used, or are categorized as advertising software.
This window displays a list of applications that possibly have non-standard installation or removal, are rarely used, or are categorized as advertising software.
When this button is clicked, the line containing information about the detected application is no longer displayed in the list. Kaspersky Anti-Virus adds this application to the list of exclusions.
This list contains the applications that you hid from the detected applications list that was generated as a result of the analysis of installed applications. The list displays the application name and the name of the application vendor.
Clicking this button removes the selected application from the list of exclusions. This button is available if the application is selected in the list.
Applications that were removed from the exclusions list are displayed in the detected applications list that was generated as a result of the analysis of installed applications.
This column shows whether or not the user is allowed to operate an application or a group of applications:
Allowed – the user can operate this application or a group of applications.
Blocked – the user is not allowed to operate this application or a group of applications.
Restricted – the user may operate this application or a group of applications during a limited period of time.
You can allow, block, or restrict the use of an application or a group of applications for the selected user by selecting the required item from the drop-down list.
Clicking this button deletes the selected application from the list. After the application is deleted from the list, Kaspersky Anti-Virus stops monitoring use of the application, and the user can operate this application without restrictions.
Clicking this button opens a dialog box in which you can select the executable file of an application to add it to the list. Parental Control adds the application to the corresponding category in the list.
A numerical value reflecting the probability that a message containing an explicit word is spam. The higher the weighting coefficient, the higher the probability that the message containing the explicit word is spam.
Anti-Spam labels a message as spam if the sum of the weighting coefficients of explicit words and blocked phrases within it exceeds the specified value.
button in the lower part of the window.
Kaspersky Protection button on the browser toolbar.
– if the linked web page is safe according to Kaspersky Lab
– if there is no information about the safety status of the linked web page
– if a web page opened from a link could be used by criminals to harm your computer or data, according to Kaspersky Lab
– if the linked web page is dangerous according to Kaspersky Lab
button in the lower part of the window.
.
button.
button opens a menu from which you can select an additional action:
button shown next to each object in the list, you can remove the selected object from the scan list.
Run Protected Browser.
Prompt for action.
Do not run Protected Browser, but open the website in the standard browser instead.
is displayed on the right of each list item. If you click this button, the entry fields will appear in the right part of the window. In the entry fields, you can change the settings for using Safe Money when you visit a website of a bank or payment system.
/ 
button allows viewing the list of applications in a category. 
button minimizes the list of applications in the category to one line.
/ 
button is clicked, additional information about the system file is displayed: product name, version, vendor details, and reason why Kaspersky Anti-Virus does not classify the application to which this file belongs as trusted (for example, the application is not digitally signed).
and Allow startup 
.
button minimizes lines with the names of application modules to one line.
button located in the upper right corner of the Microsoft Edge window.
