How do I configure HIPS /'Application Control?

[Studynx]

I have KTS. Premium, license activated. I can't find a HIPS option inside the settings. Also when I go to Application Control I don't see any way to configure it.

 

 

[Berny]

@Studynx

Please see the comments from @Schulte  in this Topic

[Studynx]

20 minutes ago, Berny said:

@Studynx

Please see the comments from @Schulte  in this Topic

But then how do I do what they did in this thread:

 

[Schulte]

Hello @Studynx,

the settings in your screenhot refer to the new product line 'Kaspersky Standard/Plus/Premium'.
They allow a bit more user control, e.g. the automatic mode is disabled by unchecking the 'Perform recommended actions automatically' option. This allows you to extend or restrict the rights of your installed programs.
The same options exist in KTS, just in a different place (unfortunately I don't have KTS installed right now).

But the settings shown in the screenshot have nothing to do with the HIPS per se. This is always active and follows rules set by Kaspersky.
The difference is this: by default KTS decides what to do with a detection, in the other case you have to make the decision yourself.

[Studynx]

45 minutes ago, Schulte said:

Hello @Studynx,

the settings in your screenhot refer to the new product line 'Kaspersky Standard/Plus/Premium'.
They allow a bit more user control, e.g. the automatic mode is disabled by unchecking the 'Perform recommended actions automatically' option. This allows you to extend or restrict the rights of your installed programs.
The same options exist in KTS, just in a different place (unfortunately I don't have KTS installed right now).

But the settings shown in the screenshot have nothing to do with the HIPS per se. This is always active and follows rules set by Kaspersky.
The difference is this: by default KTS decides what to do with a detection, in the other case you have to make the decision yourself.

Thank you!

 

Can you please explain to me the Low Restricted group in Application Control? The official documentation says:

 

Quote

Applications that do not have a digital signature from a trusted vendor and are not listed in the Kaspersky Lab database of trusted applications. For these applications, there are restrictions on certain operations and user permission is required.

What are these certain operations specifically? 

[Schulte]

Hi @Studynx,

to list all the differences of the groups is too long.
Restrictions exist e.g. for file accesses, registry accesses (read/change/create/delete), accesses to drives/network, start of other programs or subprograms...

You can compare it yourself:
open 'Manage applications' and call the settings for the groups with a mouse right click (caution: don't change anything!)

Spoiler

Spoiler

 

[Studynx]

19 minutes ago, Schulte said:

Hi @Studynx,

to list all the differences of the groups is too long.
Restrictions exist e.g. for file accesses, registry accesses (read/change/create/delete), accesses to drives/network, start of other programs or subprograms...

You can compare it yourself:
open 'Manage applications' and call the settings for the groups with a mouse right click (caution: don't change anything!)

  Hide contents

  Hide contents

 

What does it mean - just like in your screenshot above - if there's the orange icon (Ask user) but it's not colored instead it's hallowed out? The green hallowed out icon means 'inherited' afaik but what about the same with the orange icon?

[Schulte]

Hello @Studynx,

if the icon is displayed pale, it always means inheritance.

In my example, 'Operating system' has the 'Write' option set to 'Ask user'. The 'Startup settings', 'System files',.... inherit this setting. For inheritance it doesn't matter if 'Allow', 'Ask user' or 'Deny' is set, what is set for 'Operating system' applies by default to all options of this group.

However, you can change the rule for the subgroups (or their individual components) from 'Inherit' to 'Allow' or another option.
But this requires more than the basic knowledge, you can use it to make your system not only more secure but also unusable.

[Studynx]

56 minutes ago, Schulte said:

Hello @Studynx,

if the icon is displayed pale, it always means inheritance.

In my example, 'Operating system' has the 'Write' option set to 'Ask user'. The 'Startup settings', 'System files',.... inherit this setting. For inheritance it doesn't matter if 'Allow', 'Ask user' or 'Deny' is set, what is set for 'Operating system' applies by default to all options of this group.

However, you can change the rule for the subgroups (or their individual components) from 'Inherit' to 'Allow' or another option.
But this requires more than the basic knowledge, you can use it to make your system not only more secure but also unusable.

It's best to leave everything at the default settings right? The only modification I've done to my KTS is that I set up a password that's required for every modification, eg for uninstalling KTS or making any changes which im not gonna do btw.

This way malware cant get rid of KTS I think, or am I wrong?

[Schulte]

Hi @Studynx,

the default KTS settings are a good balance between security and performance. However, Kaspersky offers experienced users the possibility to make deep changes. If you know exactly what the consequences are, you can turn one or the other adjusting screw for personal needs.

Setting a password is never a wrong thing to do. This way, no other user who has access to your computer can change important AV settings.

However, Kaspersky products also offer excellent self-protection. If this is activated (default setting), malware cannot change settings, parts of the program or the entire installation.

[harlan4096]

11 hours ago, Studynx said:

But then how do I do what they did in this thread:

 

I guess that pic was taken from my post at MalwareTips Forum ?

 

You can check also this one ?

[Studynx]

1 hour ago, harlan4096 said:

I guess that pic was taken from my post at MalwareTips Forum ?

 

You can check also this one ?

Hello, didn't know you were a mod on here. Thanks for your work, will check out!