Web Anti-Virus settings

Security level

Kaspersky Internet Security uses various sets of settings to run Web Anti-Virus. The sets of settings that are stored in the application are called security levels:

• High. The web traffic security level that Web Anti-Virus uses to thoroughly scan web traffic that is received by the computer over the HTTP and FTP protocols. Web Anti-Virus performs a detailed scan of all web traffic objects using the full set of application databases, and it also performs the deepest heuristic analysis.

  A technique for detecting threats that cannot be identified using the current version of the Kaspersky application databases. It allows you to find files that may contain unknown malware or a new modification of a known malware program.

• Recommended. The web traffic security level that strikes the optimal balance between Kaspersky Internet Security performance and web traffic security. Web Anti-Virus performs a heuristic analysis at the Medium level. This web traffic security level is recommended by Kaspersky specialists.
• Low. The web traffic security level whose settings ensure the maximum web traffic scanning speed. Web Anti-Virus performs a heuristic analysis at the Light depth level.

Action on threat detection

• Ask user. Web Anti-Virus informs you of detection of an infected or probably infected object and prompts you for the action to take on it.

  This option is available if the Perform recommended actions automatically check box is cleared under Settings → General.

• Select action automatically Web Anti-Virus selects an action automatically based on the current settings. If a web resource is listed as an exclusion, or it contains no infected or probably infected objects, Web Anti-Virus allows access to it. If a scan performed by Web Anti-Virus detects an infected or probably infected object in the web resource, access to the web resource is blocked.

  This option is available if the Perform recommended actions automatically check box is selected under Settings → General.

• Block download. If you select this option, then if an infected object is discovered in web traffic, Web Anti-Virus blocks access to this object and displays a message in the browser.
• Notify. If this option is selected and an infected object is detected in web traffic, Kaspersky Internet Security allows this object to be downloaded to the computer but adds information about the infected object to the list of detected objects.

Check the URL against the database of malicious URLs

Scanning the links to determine whether they are included in the database of malicious links allows you to track websites that have been added to denylist. The database of malicious links is generated by Kaspersky specialists. It forms part of the software distribution kit, and it is updated together with the Kaspersky Internet Security database.

Check the URL against the database of URLs containing adware

An example could be software that redirects your search query in the Internet to an advertising website. This way, you get to an advertising website instead of the web resource that is most relevant to your search query.

Check the URL against the database of URLs containing legitimate applications that can be used by criminals to damage your computer or personal data

An example of this category could be a remote administration tool which is legally used for troubleshooting by system administrators. A criminal can install such a tool on your computer without your knowledge to gain access to your computer and use it for criminal purposes.

Use Heuristic Analysis

A technique for detecting threats that cannot be identified using the current version of the Kaspersky application databases. It allows you to find files that may contain unknown malware or a new modification of a known malware program.

When web traffic is scanned for viruses and other applications that present a threat, the heuristic analyzer performs instructions in the executable files. The number of instructions that are executed by the heuristic analyzer depends on the level that is specified for the heuristic analyzer. The heuristic analysis level sets the balance between the thoroughness of searches for new threats, the load on the operating system resources, and the time required for heuristic analysis.

Check the URL against the database of phishing URLs

The contents of the phishing link database include the web addresses of currently known websites that are used for phishing attacks. Kaspersky supplements this database of phishing links with addresses obtained from the international organization Anti-Phishing Working Group. The database of phishing links forms part of the software distribution kit, and it is updated together with the Kaspersky Internet Security database.

Anti-Phishing

Use Heuristic Analysis

A technique for detecting threats that cannot be identified using the current version of the Kaspersky application databases. This enables detection of phishing even if the URL is not in the database of phishing web addresses.

Check URLs

The URL Advisor component checks links on a web page opened in Chromium-based Microsoft Edge, Google Chrome, or Mozilla Firefox. Kaspersky Internet Security displays one of the following icons next to the checked link:

 – if the linked web page is safe according to Kaspersky

 – if there is no information about the safety status of the linked web page

 – if a web page opened from a link could be used by criminals to harm your computer or data, according to Kaspersky

 – if the linked web page is dangerous according to Kaspersky

To view a pop-up window with more details on the link, move the mouse pointer to the corresponding icon.

On all websites except those specified

Manage exclusions

When this option is selected, Kaspersky Internet Security scans links on all websites except those that are indicated in the Exclusions window.

The Exclusions window is opened by clicking the Manage exclusions link.

On specified websites only

Configure checked websites

When this option is selected, Kaspersky Internet Security scans links only on those websites that are indicated in the Checked websites window.

The Checked websites window is opened by clicking the Configure checked websites link.

Configure URL Advisor

• All URLs. Kaspersky Internet Security scans links on all types of web pages.
• Only URLs in search results. Kaspersky Internet Security scans links on web pages containing search results received from search engines.

Website categories

If the Show information on the categories of website content check box is selected, Kaspersky Internet Security adds to the link comments to indicate whether the website belongs to one of the indicated categories (for example, Violence or Adult content).

You can remove check boxes next to the categories that do not require warnings.

Do not scan web traffic from trusted web addresses

If the check box is selected, Web Anti-Virus does not scan the contents of web pages/websites whose addresses are included in the list of trusted web addresses. You can add both specific web pages/website addresses as well as web page/website address masks to the list of trusted web addresses. The list of trusted web addresses is available in the Trusted URLs window, which can be opened by clicking the link from the trusted URLs.