Kaspersky Lab Internet Security 2011, Base, 3U, 1Y, ENG KL1837UCCFS User Manual
Product codes
KL1837UCCFS
U
S E R
G
U I D E
114
R
OLLING BACK A MALICIOUS PROGRAM
'
S ACTIONS
You can use the product feature for rolling back the actions performed by malware in the system. To enable a roll-back,
System Watcher should log the history of program activity.
System Watcher should log the history of program activity.
By default, Kaspersky Internet Security rolls back relevant operations automatically when the protection components
detect malicious activity. When running in interactive mode (see page
detect malicious activity. When running in interactive mode (see page
), System Watcher prompts the user for action.
You can specify the operation which should be performed whenever malicious activity is detected.
The procedure of rolling back malware operations affects a strictly defined set of data. It causes no negative
consequences for the operating system or data integrity on your computer.
consequences for the operating system or data integrity on your computer.
To configure rollback of malware operations, perform the following steps:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the System Watcher component.
3. In the right part of the window, in the Applications activity log section check the Save activity log box.
4. Click Select action and then specify the required action on the dropdown list.
A
PPLICATION
C
ONTROL
Application Control prevents applications from performing actions that may be dangerous for the system, and ensures
control of access to operating system resources and your identity data.
control of access to operating system resources and your identity data.
The component tracks actions in the system performed by applications installed on the computer, and regulates them
based on the rules of Application Control. These rules regulate potentially dangerous activity, including applications'
access to protected resources, such as files and folders, registry keys, and network addresses.
based on the rules of Application Control. These rules regulate potentially dangerous activity, including applications'
access to protected resources, such as files and folders, registry keys, and network addresses.
).
At the first startup of an application on the computer, the Application Control component verifies its safety and includes it
into one of the trust groups. The trust group defines the rules that Kaspersky Internet Security should apply to control the
activity of this application. Rules of Application Control is a set of rights of access to the computer resources and
restrictions posed on various actions being performed by applications on the computer.
into one of the trust groups. The trust group defines the rules that Kaspersky Internet Security should apply to control the
activity of this application. Rules of Application Control is a set of rights of access to the computer resources and
restrictions posed on various actions being performed by applications on the computer.
), move an application to
another group (see page
We recommend that you participate in Kaspersky Security Network in order to improve performance of Application
Control. Data obtained using Kaspersky Security Network allow you to distribute applications by groups with more
accuracy and apply optimum rules of Application Control.
Control. Data obtained using Kaspersky Security Network allow you to distribute applications by groups with more
accuracy and apply optimum rules of Application Control.
When the application is restarted, Application Control checks its integrity. If the application has not been changed, the
component applies the current rule to it. If the application has been modified, Application Control re-scans it as at the first
startup.
component applies the current rule to it. If the application has been modified, Application Control re-scans it as at the first
startup.