Kaspersky Lab WorkSpace Security EU ED, 250-499u, 1Y, RNW KL4851XATFR Manual Do Utilizador
Códigos do produto
KL4851XATFR
U
S E R
G
U I D E
78
c.
if you wish the rule to apply to all embedded keys for the selected system registry object, check the
Include subkeys box.
C
REATING A RULE FOR MONITORING REGISTRY OBJECTS
A system registry objects monitoring rule consists in determining the following:
the application to which the rule will be applied if it attempts to access the system registry;
the program's reaction to an application attempting to perform an operation with the system registry.
To create a rule for the selected system registry objects, please do the following:
1. Open the main application window.
2. In the left part of the window, select the Protection section.
3. In the Proactive Defense component context menu, select the Settings item.
4. In the window that will open, in the Registry Guard section, click the Settings button.
5. In the Settings: Registry Guard window that will open, click the Add button.
6. In the window that will open, on the Rules tab, click the New button. The general rule will be added as the first
on the rule list.
7. Select a rule on the list and specify the rule settings in the bottom part of the tab:
Specify the application.
By default, a rule is created for each application. If you want a rule to apply to a specific application, left-
click on Any, and it will change to Selected. Then use the specify application name link. A context menu
will open, where you can go to the standard file selection window from the Browse item, or go to the list of
applications currently running from the Applications item, and select the ones you need.
click on Any, and it will change to Selected. Then use the specify application name link. A context menu
will open, where you can go to the standard file selection window from the Browse item, or go to the list of
applications currently running from the Applications item, and select the ones you need.
Specify the Proactive Defense's reaction to the selected application attempting to read, edit, or delete
system registry objects.
system registry objects.
You can use any of the following actions as a reaction: allow, prompt for action, and block. Left-click on
the link with the action until it reaches the value you need.
the link with the action until it reaches the value you need.
Specify if it is necessary to generate a report of the performed operation. To do so, click the log / do not
log link.
log link.
You can create several rules and rank their priority using the Move up and Move down buttons. The higher
position in the list the rule has, the higher priority it has.
position in the list the rule has, the higher priority it has.
P
ROACTIVE
D
EFENSE STATISTICS
All operations performed by Proactive Defense are recorded in a special report where you can obtain detailed information
on the component's operation grouped on the following tabs:
on the component's operation grouped on the following tabs:
Detected
– all objects classified as dangerous are collected on this tab.
Events
– events related to monitoring application activity are listed on this tab.
Registry
– this tab contains all operations involving the system registry.
Settings
– on this tab you can find the settings regulating the functioning of Proactive Defense.