Implementing Protected Folders via Manage Resources + Anti-Exe / Default Deny

[harlan4096]

Implementing Protected Folders via Manage Resources (KIS/KTS/KSCloud) + Anti-Exe / Default Deny

1.- Go to Settings -> Protection -> Application Control -> Manage Resources

2.- Expand Personal Data folder and then select User Files folder

3.- Click on Add and then on Category and type a name, for example: PROTECTED FOLDERS

4.- Then select the new PROTECTED FOLDER category/folder just created, and click on Add again, but this time select File or Folder

5.- In Name give a name for the resource We want to protect, for example: Hard Disk C:

6.- In Patch We can type manually the path to the resources (full drive or folder) or use [Select] to directly select, for example: C:\* (or C:\**\* to protected the full drive → folders/subfolders and files inside)

As You can see if We add a * to the end of path folder, all the content inside will be included, also We can specify concrete file types to protect:

 

 

7.- Finally click over [Add]

8.- Then expand PROTECTED FOLDERS category and select the new resource Hard Disk ?

9.- On the right We’ll get the rights (in the different trusted groups) assigned by default to the new resource

10.- Click on Trusted to collapse all the groups, and then We are ready to change rights. The default rights assigned are:

 

 

We have to remember here that Prompt For Action rights are working only if Interactive Mode is enabled, otherwise They will be ignored and the actions allowed…

So now my suggested tweaks are:

   

 

 

After making the changes -> click on [Save] button below.

Now We have to complement these tweaks making some additional changes:

1. Having Protection in Defaults (Auto Mode?

 

 

2. Then go to Application Control and change the settings:

 

For Advanced and/or more Paranoid ( → Anti-Exe / Default Deny) users, We may even change:
 

• Protection to Interactive Mode -> unticking Performs recommended actions automatically
• Unticking Trust digitally signed applications
• Or even going beyond -> Change trust group for unknown applications to UnTrusted

WARNING:

With these tweaks You probably will get some blocks while installing new applications (unknown in KSN) and/or if there is no connection to KSN/access to InterNet.

If in Interactive Mode, You will get also some/many Kaspersky prompts warnings, I usually select (in the prompt warning) Additional Actions -> Trust this Application and ticking 1stly Remember my choice for this application, if You trust the application being installed, but We may always go to Application Control -> Manage Applications and move the blocked files to Trusted Group manually.

 

Update: this is my new suggestion to protect for example full drive ?

 

 

[harlan4096]

An interesting link on how to use masks for creating Exclusions, although for KES, also valid for Home products:

 

https://support.kaspersky.com/KESWin/11.1.1/en-US/128138.htm

[andrew75]

@harlan4096, according to the documentation, the mask c:\**\* won't work.

The mask must include at least one nesting level. The mask C:\**\*.txt is not a valid mask

And yes, the masks described in the documentation for corporate products can be used for home products. I clarified this question in technical support.

[harlan4096]

But C:\**\* works, which is not the same ;) this is a full general mask...

[andrew75]

May be. Need to check )

[harlan4096]

👌

[andrew75]

@harlan4096, yes you are right, the "x:\**\*" mask works

[harlan4096]

Great! :)