Kaspersky Internet Security
USER GUIDE
A P PL I CA T IO N V E R S I O N : 1 1 . 0
2011
2
Dear User!
Thank you for choosing our product. We hope that this document will be useful to you and provide answers for most of
your questions that may arise.
Warning! This document is the property of Kaspersky Lab ZAO (herein also referred to as Kaspersky Lab): all rights to
this document are reserved by the copyright laws of the Russian Federation, and by international treaties. Illegal
reproduction and distribution of this document or parts hereof result in civil, administrative or criminal liability pursuant to
the laws of the Russian Federation.
Any type of reproduction or distribution of any materials, including translations, is allowed only with the written permission
of Kaspersky Lab.
This document and graphic images related to it may be used exclusively for informational, non-commercial, and personal
purposes.
This document may be amended without additional notification. You can find the latest version of this document at the
Kaspersky Lab website, at http://www.kaspersky.com/docs.
Kaspersky Lab assumes no liability for the content, quality, relevance, or accuracy of any materials used in this
document for which the rights are held by third parties, or for any potential damages associated with the use of such
documents.
This document involves the registered trademarks and service marks which are the property of their respective owners.
Document revision date: 04/30/2010
© 1997-2010 Kaspersky Lab ZAO. All Rights Reserved.
http://www.kaspersky.com
http://support.kaspersky.com
3
CONTENT
KASPERSKY LAB END USER LICENSE AGREEMENT ............................................................................................ 10
ABOUT THIS GUIDE ................................................................................................................................................... 17
In this document ..................................................................................................................................................... 17
Document conventions ........................................................................................................................................... 18
ADDITIONAL SOURCES OF INFORMATION ............................................................................................................. 20
Sources of information for independent research ................................................................................................... 20
Discussing Kaspersky Lab applications on the web forum ..................................................................................... 21
Contacting the Sales Department ........................................................................................................................... 21
Contacting Documentation development group ...................................................................................................... 21
KASPERSKY INTERNET SECURITY 2011 ................................................................................................................. 22
What's new ............................................................................................................................................................. 22
Ensuring your computer protection ......................................................................................................................... 23
Distribution kit ......................................................................................................................................................... 25
Service for registered users .................................................................................................................................... 25
Hardware and software requirements ..................................................................................................................... 26
INSTALLING THE APPLICATION ............................................................................................................................... 27
Installation procedure ............................................................................................................................................. 27
Step 1. Searching for a newer version of the application .................................................................................. 28
Step 2. Making sure the system meets the installation requirements ............................................................... 28
Step 3. Choosing the type of installation ........................................................................................................... 29
Step 4. Reviewing the license agreement ......................................................................................................... 29
Step 5. Kaspersky Security Network Data Collection Statement ...................................................................... 29
Step 6. Searching for incompatible applications ............................................................................................... 29
Step 7. Selecting the destination folder ............................................................................................................. 30
Step 8. Preparing installation ............................................................................................................................ 30
Step 9. Installing ............................................................................................................................................... 30
Step 10. Activating the application .................................................................................................................... 31
Step 11. Registering a user............................................................................................................................... 31
Step 12. Completing the activation ................................................................................................................... 31
Step 13. Analyzing the system .......................................................................................................................... 32
Step 14. Closing the Wizard.............................................................................................................................. 32
Getting started ........................................................................................................................................................ 32
Removing the application ....................................................................................................................................... 32
Step 1. Saving data for repeated use ................................................................................................................ 33
Step 2. Confirmation of application removal...................................................................................................... 33
Step 3. Removing the application. Completing removal .................................................................................... 33
MANAGING LICENSE ................................................................................................................................................. 34
About End User License Agreement ...................................................................................................................... 34
About license .......................................................................................................................................................... 34
About activation code ............................................................................................................................................. 35
Viewing license information .................................................................................................................................... 35
APPLICATION INTERFACE ........................................................................................................................................ 37
Notification area icon .............................................................................................................................................. 37
U S E R G U I D E
4
Context menu ......................................................................................................................................................... 38
Kaspersky Internet Security main window .............................................................................................................. 39
Notification windows ............................................................................................................................................... 42
Application settings window .................................................................................................................................... 43
Kaspersky Gadget .................................................................................................................................................. 44
STARTING AND STOPPING THE APPLICATION ...................................................................................................... 45
Enabling and disabling automatic launch ............................................................................................................... 45
Starting and stopping the application manually ...................................................................................................... 45
COMPUTER PROTECTION STATUS ......................................................................................................................... 46
Diagnostics and elimination of problems in your computer protection .................................................................... 46
Enabling and disabling protection ........................................................................................................................... 48
Pausing and resuming protection ........................................................................................................................... 49
SOLVING TYPICAL TASKS ......................................................................................................................................... 51
How to activate the application ............................................................................................................................... 51
How to purchase or renew license .......................................................................................................................... 52
What to do when the application's notifications appear .......................................................................................... 53
How to update application databases ..................................................................................................................... 53
How to scan critical areas of your computer for viruses ......................................................................................... 54
How to scan an object (file, folder, disk drive) for viruses ....................................................................................... 54
How to perform full scan of your computer for viruses ............................................................................................ 55
Scanning computer for vulnerabilities ..................................................................................................................... 56
How to protect your personal data against theft ..................................................................................................... 57
Protection against phishing ............................................................................................................................... 57
Virtual keyboard. ............................................................................................................................................... 57
What to do if you suspect an object of being infected with a virus .......................................................................... 59
What to do with a large number of spam messages ............................................................................................... 59
What to do if you suspect your computer of being infected .................................................................................... 61
How to restore an object deleted or disinfected by the application ......................................................................... 62
How to create and use Rescue Disk ....................................................................................................................... 62
Creating the rescue disk ................................................................................................................................... 63
Starting the computer from the rescue disk....................................................................................................... 65
Where to view the report on the application's operation ......................................................................................... 65
How to restore application default settings ............................................................................................................. 66
Transferring Kaspersky Internet Security settings to the product installed on another computer ........................... 67
How to use Kaspersky Gadget ............................................................................................................................... 67
ADVANCED APPLICATION SETTINGS ...................................................................................................................... 69
Selecting protection mode ...................................................................................................................................... 71
Computer scan ....................................................................................................................................................... 71
Virus scan ......................................................................................................................................................... 71
Vulnerability Scan. ............................................................................................................................................ 78
Update .................................................................................................................................................................... 78
Selecting an update source............................................................................................................................... 80
Selecting the update server region ................................................................................................................... 80
Updating from a local folder .............................................................................................................................. 81
Creating the update startup schedule ............................................................................................................... 81
Rolling back the last update .............................................................................................................................. 82
Scanning Quarantine after update .................................................................................................................... 82
C O N T E N T
5
Using the proxy server ...................................................................................................................................... 83
Running updates under a different user account .............................................................................................. 83
File Anti-Virus ......................................................................................................................................................... 83
Enabling and disabling File Anti-Virus ............................................................................................................... 84
Automatically pausing File Anti-Virus ................................................................................................................ 84
Creating a protection scope .............................................................................................................................. 85
Changing and restoring security level ............................................................................................................... 86
Selecting scan mode ......................................................................................................................................... 86
Using heuristic analysis .................................................................................................................................... 87
Selecting the scan technology .......................................................................................................................... 87
Changing actions to be performed on detected objects .................................................................................... 87
Scan of compound files ..................................................................................................................................... 87
Scan optimization .............................................................................................................................................. 88
Mail Anti-Virus ........................................................................................................................................................ 89
Enabling and disabling Mail Anti-Virus .............................................................................................................. 90
Creating a protection scope .............................................................................................................................. 90
Changing and restoring security level ............................................................................................................... 91
Using heuristic analysis .................................................................................................................................... 91
Changing actions to be performed on detected objects .................................................................................... 92
Attachment filtering ........................................................................................................................................... 92
Scan of compound files ..................................................................................................................................... 92
Email scanning in Microsoft Office Outlook ....................................................................................................... 93
Email scanning in The Bat! ............................................................................................................................... 93
Web Anti-Virus ........................................................................................................................................................ 94
Enabling and disabling Web Anti-Virus ............................................................................................................. 95
Selecting the Web Anti-Virus security level ....................................................................................................... 96
Changing actions to be performed on dangerous objects ................................................................................. 96
Checking URLs using the databases of suspicious and phishing addresses .................................................... 96
Using heuristic analysis .................................................................................................................................... 97
Blocking dangerous scripts ............................................................................................................................... 98
Scan optimization .............................................................................................................................................. 98
Kaspersky URL advisor .................................................................................................................................... 98
Blocking access to dangerous websites ........................................................................................................... 99
Control requests to regional domains ............................................................................................................. 100
Controlling access to online banking services................................................................................................. 100
Creating a list of trusted addresses ................................................................................................................. 101
Restoring Web Anti-Virus default settings ....................................................................................................... 101
IM Anti-Virus ......................................................................................................................................................... 101
Enabling and disabling IM Anti-Virus .............................................................................................................. 102
Creating a protection scope ............................................................................................................................ 102
Selecting the scan method .............................................................................................................................. 102
Proactive Defense ................................................................................................................................................ 103
Enabling and disabling Proactive Defense ...................................................................................................... 104
Creating a group of trusted applications ......................................................................................................... 104
Using the dangerous activity list ...................................................................................................................... 104
Changing the dangerous activity monitoring rule ............................................................................................ 105
System Watcher ................................................................................................................................................... 105
Enabling / disabling System Watcher .............................................................................................................. 106
Using patterns of dangerous activity (BSS)..................................................................................................... 106
U S E R G U I D E
6
Rolling back a malicious program's actions .................................................................................................... 106
Application Control ............................................................................................................................................... 107
Enabling and disabling Application Control ..................................................................................................... 108
Creating a protection scope ............................................................................................................................ 108
Configuring automatic detection of application statuses ................................................................................. 110
Changing and restoring the status for the selected application ....................................................................... 111
Editing a rule for application status ................................................................................................................. 112
Editing a rule for the application selected ....................................................................................................... 112
Creating a network rule for application ............................................................................................................ 113
Excluding actions from an application rule ...................................................................................................... 113
Inheritance of restrictions of the parent process ............................................................................................. 114
Deleting rules for unused applications ............................................................................................................ 114
Interpreting the data of application usage by the participants of Kaspersky Security Network ....................... 115
Network protection ................................................................................................................................................ 116
Firewall............................................................................................................................................................ 116
Network Attack Blocker ................................................................................................................................... 120
Scanning encrypted connections .................................................................................................................... 122
Network Monitor .............................................................................................................................................. 124
Configuring the proxy server ........................................................................................................................... 125
Creating a list of monitored ports .................................................................................................................... 125
Anti-Spam ............................................................................................................................................................. 126
Enabling and disabling Anti-Spam .................................................................................................................. 128
Selecting spam protection level ...................................................................................................................... 129
Training Anti-Spam ......................................................................................................................................... 129
Scanning links in messages ............................................................................................................................ 132
Detecting spam by phrases and addresses. Creating lists ............................................................................. 132
Regulating threshold values of spam rate ....................................................................................................... 138
Using additional features affecting the spam rate ........................................................................................... 138
Selecting the spam recognition algorithm ....................................................................................................... 138
Adding a label to the message subject ........................................................................................................... 139
Excluding Microsoft Exchange Server messages from the scan ..................................................................... 139
Configuring spam processing by mail clients .................................................................................................. 140
Restoring the recommended Anti-Spam settings ............................................................................................ 142
Anti-Banner ........................................................................................................................................................... 142
Enabling and disabling Anti-Banner ................................................................................................................ 143
Selecting the scan method .............................................................................................................................. 143
Creating the lists of blocked and allowed banner addresses .......................................................................... 144
Exporting and importing the lists of addresses................................................................................................ 144
Safe Run............................................................................................................................................................... 145
Safe Run for Applications................................................................................................................................ 146
Safe Run for Websites .................................................................................................................................... 149
Parental Control .................................................................................................................................................... 150
Configuring user's Parental Control ................................................................................................................ 152
Viewing reports of user's activity ..................................................................................................................... 159
Trusted zone ......................................................................................................................................................... 160
Creating a list of trusted applications .............................................................................................................. 161
Creating the exclusion rules ............................................................................................................................ 161
Performance and compatibility with other applications ......................................................................................... 161
Selecting detectable threat categories ............................................................................................................ 162
C O N T E N T
7
Advanced disinfection technology ................................................................................................................... 162
Distributing computer resources when scanning for viruses ........................................................................... 163
Running tasks on idle computer ...................................................................................................................... 163
Application settings in full-screen mode. Gaming profile ................................................................................. 164
Battery saving ................................................................................................................................................. 164
Kaspersky Internet Security self-defense. ............................................................................................................ 164
Enabling / disabling Self-Defense ................................................................................................................... 165
Protection against external control .................................................................................................................. 165
Quarantine and Backup storage ........................................................................................................................... 165
Storing quarantine and backup objects ........................................................................................................... 166
Working with quarantined objects ................................................................................................................... 166
Additional tools for better protection of your computer ......................................................................................... 168
Eliminating activity traces ................................................................................................................................ 169
Browser configuration ..................................................................................................................................... 170
Rolling back the changes, made by the wizards ............................................................................................. 171
Reports ................................................................................................................................................................. 172
Creating a report for the selected component ................................................................................................. 173
Managing data display on the screen ............................................................................................................. 173
Data filtering .................................................................................................................................................... 174
Events search ................................................................................................................................................. 175
Saving a report to file ...................................................................................................................................... 176
Storing reports ................................................................................................................................................ 176
Clearing application reports ............................................................................................................................ 176
Logging non-critical events ............................................................................................................................. 177
Configuring the reminder of report availability ................................................................................................. 177
Application appearance ........................................................................................................................................ 177
Application skin ............................................................................................................................................... 177
Active interface elements ................................................................................................................................ 178
News Agent ..................................................................................................................................................... 178
Notifications .......................................................................................................................................................... 179
Enabling and disabling notifications ................................................................................................................ 179
Configuring the notification method ................................................................................................................. 180
Participating in the Kaspersky Security Network .................................................................................................. 180
VALIDATING KASPERSKY INTERNET SECURITY SETTINGS .............................................................................. 182
Test "virus" EICAR and its modifications .............................................................................................................. 182
Testing the HTTP traffic protection ....................................................................................................................... 184
Testing the SMTP traffic protection ...................................................................................................................... 184
Validating File Anti-Virus settings ......................................................................................................................... 184
Validating virus scan task settings ........................................................................................................................ 185
Validating Anti-Spam settings ............................................................................................................................... 185
CONTACTING THE TECHNICAL SUPPORT SERVICE ........................................................................................... 186
My Kaspersky Account ......................................................................................................................................... 186
Technical support by phone .................................................................................................................................. 187
Creating a system state report .............................................................................................................................. 187
Creating a trace file .............................................................................................................................................. 188
Sending data files ................................................................................................................................................. 188
Executing AVZ script ............................................................................................................................................ 190
U S E R G U I D E
8
APPENDIX ................................................................................................................................................................. 191
Subscription statuses ........................................................................................................................................... 191
Kaspersky Internet Security notifications list ......................................................................................................... 192
Notifications in any protection mode ............................................................................................................... 192
Notifications in interactive protection mode ..................................................................................................... 198
Working with the application from the command line ............................................................................................ 209
Activating the application ................................................................................................................................ 211
Starting the application ................................................................................................................................... 211
Stopping the application .................................................................................................................................. 212
Managing application components and tasks ................................................................................................. 212
Virus scan ....................................................................................................................................................... 214
Updating the application ................................................................................................................................. 216
Rolling back the last update ............................................................................................................................ 217
Exporting protection settings ........................................................................................................................... 218
Importing protection settings ........................................................................................................................... 218
Creating a trace file ......................................................................................................................................... 219
Viewing Help ................................................................................................................................................... 219
Return codes of the command line ................................................................................................................. 220
GLOSSARY ............................................................................................................................................................... 221
KASPERSKY LAB ...................................................................................................................................................... 230
INFORMATION ABOUT THIRD-PARTY CODE ........................................................................................................ 231
Program code ....................................................................................................................................................... 231
AGG 2.4 .......................................................................................................................................................... 233
ADOBE ABI-SAFE CONTAINERS 1.0 ............................................................................................................ 234
BOOST 1.39.0 ................................................................................................................................................ 234
BZIP2/LIBBZIP2 1.0.5 ..................................................................................................................................... 234
CONVERTUTF ............................................................................................................................................... 235
CURL 7.19.4 ................................................................................................................................................... 235
DEELX - REGULAR EXPRESSION ENGINE 1.2 ........................................................................................... 236
EXPAT 1.2, 2.0.1 ............................................................................................................................................ 236
FASTSCRIPT 1.90 .......................................................................................................................................... 236
FDLIBM 5.3 ..................................................................................................................................................... 236
FLEX: THE FAST LEXICAL ANALYZER 2.5.4 ............................................................................................... 237
FMT.H ............................................................................................................................................................. 237
GDTOA ........................................................................................................................................................... 237
GECKO SDK 1.8, 1.9, 1.9.1 ............................................................................................................................ 238
ICU4C 4.0.1 .................................................................................................................................................... 246
INFO-ZIP 5.51 ................................................................................................................................................. 246
JSON4LUA 0.9.30 .......................................................................................................................................... 247
LIBGD 2.0.35 .................................................................................................................................................. 247
LIBJPEG 6B .................................................................................................................................................... 248
LIBM (lrint.c v 1.4, lrintf.c,v 1.5) ....................................................................................................................... 249
LIBPNG 1.2.8, 1.2.9, 1.2.42 ............................................................................................................................ 249
LIBUNGIF 3.0 ................................................................................................................................................. 251
LIBXDR ........................................................................................................................................................... 251
LREXLIB 2.4 ................................................................................................................................................... 252
LUA 5.1.4 ........................................................................................................................................................ 252
C O N T E N T
9
LZMALIB 4.43 ................................................................................................................................................. 253
MD5.H ............................................................................................................................................................. 253
MD5.H ............................................................................................................................................................. 253
MD5-CC 1.02 .................................................................................................................................................. 254
OPENSSL 0.9.8K ............................................................................................................................................ 254
PCRE 7.7, 7.9 ................................................................................................................................................. 256
SHA1.C 1.2 ..................................................................................................................................................... 257
STLPORT 5.2.1 .............................................................................................................................................. 258
SVCCTL.IDL ................................................................................................................................................... 258
TINYXML 2.5.3 ............................................................................................................................................... 258
VISUAL STUDIO CRT SOURCE CODE 8.0 ................................................................................................... 258
WINDOWS TEMPLATE LIBRARY 8.0 ............................................................................................................ 258
ZLIB 1.0.4, 1.0.8, 1.2.2, 1.2.3.......................................................................................................................... 263
Development tools ................................................................................................................................................ 263
MS DDK 4.0, 2000 .......................................................................................................................................... 263
MS WDK 6000, 6001, 6002 ............................................................................................................................ 263
WINDOWS INSTALLER XML (WIX) TOOLSET 3.0 ....................................................................................... 263
Distributed program code ..................................................................................................................................... 268
GRUB4DOS 0.4.4-2009-10-16 (FILE GRLDR) ............................................................................................... 268
GRUBINST 1.1 ............................................................................................................................................... 272
Other information .................................................................................................................................................. 279
INDEX ........................................................................................................................................................................ 280
10
KASPERSKY LAB END USER LICENSE AGREEMENT
IMPORTANT LEGAL NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT BEFORE
YOU START USING THE SOFTWARE.
BY CLICKING THE ACCEPT BUTTON IN THE LICENSE AGREEMENT WINDOW OR BY ENTERING
CORRESPONDING SYMBOL(-S) YOU CONSENT TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS
AGREEMENT. SUCH ACTION IS A SYMBOL OF YOUR SIGNATURE AND YOU ARE CONSENTING TO BE BOUND
BY AND ARE BECOMING A PARTY TO THIS AGREEMENT AND AGREE THAT THIS AGREEMENT IS
ENFORCEABLE LIKE ANY WRITTEN NEGOTIATED AGREEMENT SIGNED BY YOU. IF YOU DO NOT AGREE TO
ALL OF THE TERMS AND CONDITIONS OF THIS AGREEMENT, CANCEL THE INSTALLATION OF THE SOFTWARE
AND DO NOT INSTALL THE SOFTWARE.
AFTER CLICKING THE ACCEPT BUTTON IN THE LICENSE AGREEMENT WINDOW OR AFTER ENTERING
CORRESPONDING SYMBOL(-S) YOU HAVE THE RIGHT TO USE THE SOFTWARE IN ACCORDANCE WITH THE
TERMS AND CONDITIONS OF THIS AGREEMENT.
1. Definitions
1.1 Software means software including any Updates and related materials.
1.2 Rightholder (owner of all rights, whether exclusive or otherwise to the Software) means Kaspersky Lab ZAO, a
company incorporated according to the laws of the Russian Federation.
1.3 Computer(s) means hardware(s), including personal computers, laptops, workstations, personal digital
assistants, ‘smart phones’, hand-held devices, or other electronic devices for which the Software was designed where
the Software will be installed and/or used.
1.4 End User (You/Your) means individual(s) installing or using the Software on his or her own behalf or who is
legally using a copy of the Software; or, if the Software is being downloaded or installed on behalf of an organization,
such as an employer, "You" further means the organization for which the Software is downloaded or installed and it is
represented hereby that such organization has authorized the person accepting this agreement to do so on its behalf.
For purposes hereof the term "organization," without limitation, includes any partnership, limited liability company,
corporation, association, joint stock company, trust, joint venture, labor organization, unincorporated organization, or
governmental authority.
1.5 Partner(s) means organizations or individual(s), who distributes the Software based on an agreement and
license with the Rightholder.
1.6 Update(s) means all upgrades, revisions, patches, enhancements, fixes, modifications, copies, additions or
maintenance packs etc.
1.7 User Manual means user manual, administrator guide, reference book and related explanatory or other
materials.
2. Grant of License
2.1 The Rightholder hereby grants You a non-exclusive license to store, load, install, execute, and display (to "use")
the Software on a specified number of Computers in order to assist in protecting Your Computer on which the Software is
installed, from threats described in the User Manual, according to the all technical requirements described in the User
Manual and according to the terms and conditions of this Agreement (the "License") and you accept this License:
Trial Version. If you have received, downloaded and/or installed a trial version of the Software and are hereby granted an
evaluation license for the Software, you may use the Software only for evaluation purposes and only during the single
applicable evaluation period, unless otherwise indicated, from the date of the initial installation. Any use of the Software
for other purposes or beyond the applicable evaluation period is strictly prohibited.
K A S P E R S K Y LAB E N D U S E R L I C E N S E A G R E E M E N T
11
Multiple Environment Software; Multiple Language Software; Dual Media Software; Multiple Copies; Bundles. If you use
different versions of the Software or different language editions of the Software, if you receive the Software on multiple
media, if you otherwise receive multiple copies of the Software, or if you received the Software bundled with other
software, the total permitted number of your Computers on which all versions of the Software are installed shall
correspond to the number of computers specified in licenses you have obtained from the Rightholder provided that
unless the licensing terms provide otherwise, each acquired license entitles you to install and use the Software on such a
number of Computer(s) as is specified in Clauses 2.2 and 2.3.
2.2 If the Software was acquired on a physical medium You have the right to use the Software for protection of such
a number of Computer(s) as is specified on the Software package.
2.3 If the Software was acquired via the Internet You have the right to use the Software for protection of such a
number of Computers that was specified when You acquired the License to the Software.
2.4 You have the right to make a copy of the Software solely for back-up purposes and only to replace the legally
owned copy if such copy is lost, destroyed or becomes unusable. This back-up copy cannot be used for other purposes
and must be destroyed when you lose the right to use the Software or when Your license expires or is terminated for any
other reason according to the legislation in force in the country of your principal residence or in the country where You
are using the Software.
2.5 You can transfer the non-exclusive license to use the Software to other individuals within the scope of the
license granted from the Rightholder to You provided that the recipient agrees to be bound by all the terms and
conditions of this Agreement and substitute you in full in the license granted from the Rightholder. In case You fully
transfer the rights granted from the Rightholder to use the Software You must destroy all copies of the Software including
the back-up copy. If You are a recipient of a transferred license You must agree to abide by all the terms and conditions
of this Agreement. If You do not agree to be bound by all the terms and conditions of this Agreement, You may not install
and/or use the Software. You also agree as the recipient of a transferred license that You do not have any additional or
better rights than what the original End User who acquired the Software from the Rightholder, did.
2.6 From the time of the Software activation or after license key file installation (with the exception of a trial version
of the Software) You have the right to receive the following services for the defined period specified on the Software
package (if the Software was acquired on a physical medium) or specified during acquisition (if the Software was
acquired via the Internet):
– Updates of the Software via the Internet when and as the Rightholder publishes them on its website or through other
online services. Аny Updates that you may receive become part of the Software and the terms and conditions of this
Agreement apply to them;
– Technical Support via the Internet and Technical Support telephone hotline.
3. Activation and Term
3.1 If You modify Your Computer or make changes to other vendors’ software installed on it, You may be required
by the Rightholder to repeat activation of the Software or license key file installation. The Rightholder reserves the right
to use any means and verification procedures to verify the validity of the License and/or legality of a copy of the Software
installed and/or used on Your Computer.
3.2 If the Software was acquired on a physical medium, the Software can be used, upon your acceptance of this
Agreement, for the period that is specified on the package commencing upon acceptance of this Agreement.
3.3 If the Software was acquired via the Internet, the Software can be used, upon your acceptance of this
Agreement, for the period that was specified during acquisition.
3.4 You have the right to use a trial version of the Software as provided in Clause 2.1 without any charge for the
single applicable evaluation period (30 days) from the time of the Software activation according to this Agreement
provided that the trial version does not entitle You Updates and Technical support via the Internet and Technical support
telephone hotline. If Rightholder sets another duration for the single applicable evaluation period You will be informed via
notification.
3.5 Your License to Use the Software is limited to the period of time as specified in Clauses 3.2 or 3.3 (as
applicable) and the remaining period can be viewed via means described in User Manual.
U S E R G U I D E
12
3.6 If You have acquired the Software that is intended to be used on more than one Computer then Your License to
Use the Software is limited to the period of time starting from the date of activation of the Software or license key file
installation on the first Computer.
3.7 Without prejudice to any other remedy in law or in equity that the Rightholder may have, in the event of any
breach by You of any of the terms and conditions of this Agreement, the Rightholder shall at any time without notice to
You be entitled to terminate this License to use the Software without refunding the purchase price or any part thereof.
3.8 You agree that in using the Software and in using any report or information derived as a result of using this
Software, you will comply with all applicable international, national, state, regional and local laws and regulations,
including, without limitation, privacy, copyright, export control and obscenity law.
3.9 Except as otherwise specifically provided herein, you may not transfer or assign any of the rights granted to you
under this Agreement or any of your obligations pursuant hereto.
3.10 The Rightholder reserves the right to limit the possibility of activation outside the region in which the Software
was acquired from the Rightholder and/or its Partners.
3.11 If You have acquired the Software with activation code valid for language localization of the Software of that
region in which it was acquired from the Rightholder or its Partners, You cannot activate the Software with applying the
activation code intended for other language localization.
3.12 In case of limitations specified in Clauses 3.10 and 3.11 information about these limitations is stated on package
and/or website of the Rightholder and/or its Partners.
4. Technical Support
4.1 The Technical Support described in Clause 2.6 of this Agreement is provided to You when the latest Update of
the Software is installed (except for a trial version of the Software).
Technical support service: http://support.kaspersky.com
5. Information Collection
5.1 Having agreed with the terms and conditions of this Agreement You consent to provide information to the
Rightholder about executable files and their checksums to improve Your security protection level.
5.2 In order to improve security awareness about new threats and their sources and in order to improve Your
security protection level the Rightholder, with your consent, that has been explicitly confirmed in the Kaspersky Security
Network Data Collection Statement, is expressly entitled to receives such information. You can deactivate the Kaspersky
Security Network service during installation. Also, You can activate and deactivate the Kaspersky Security Network
service at any time in the Software options page.
You further acknowledge and agree that any information gathered by Rightholder can be used to track and publish
reports on security risk trends in the Rightholder’s sole and exclusive discretion.
5.3 The Software does not process any personally identifiable data and does not combine the processing data with
any personal information.
5.4 If you do not wish for the information collected by the Software to be sent to the Rightholder, You should not
activate and/or de-activate the Kaspersky Security Network service.
6. Limitations
6.1 You shall not emulate, clone, rent, lend, lease, sell, modify, decompile, or reverse engineer the Software or
disassemble or create derivative works based on the Software or any portion thereof with the sole exception of a nonwaivable right granted to You by applicable legislation, and you shall not otherwise reduce any part of the Software to
human readable form or transfer the licensed Software, or any subset of the licensed Software, nor permit any third party
K A S P E R S K Y LAB E N D U S E R L I C E N S E A G R E E M E N T
13
to do so, except to the extent the foregoing restriction is expressly prohibited by applicable law. Neither Software’s binary
code nor source may be used or reverse engineered to re-create the program algorithm, which is proprietary. All rights
not expressly granted herein are reserved by Rightholder and/or its suppliers, as applicable. Any such unauthorized use
of the Software shall result in immediate and automatic termination of this Agreement and the License granted hereunder
and may result in criminal and/or civil prosecution against You.
6.2 You shall not transfer the rights to use the Software to any third party except as set forth in Clause 2.5 of this
Agreement.
6.3 You shall not provide the activation code and/or license key file to third parties or allow third parties access to
the activation code and/or license key which are deemed confidential data of Rightholder and you shall exercise
reasonable care in protecting the activation code and/or license key in confidence provided that you can transfer the
activation code and/or license key to third parties as set forth in Clause 2.5 of this Agreement.
6.4 You shall not rent, lease or lend the Software to any third party.
6.5 You shall not use the Software in the creation of data or software used for detection, blocking or treating threats
described in the User Manual.
6.6 The Rightholder has the right to block the key file or to terminate Your License to use the Software in the event
You breach any of the terms and conditions of this Agreement and without any refund to You.
6.7 f You are using the trial version of the Software You do not have the right to receive the Technical Support
specified in Clause 4 of this Agreement and You don’t have the right to transfer the license or the rights to use the
Software to any third party.
7. Limited Warranty and Disclaimer
7.1 The Rightholder guarantees that the Software will substantially perform according to the specifications and
descriptions set forth in the User Manual provided however that such limited warranty shall not apply to the following: (w)
Your Computer’s deficiencies and related infringement for which Rightholder’s expressly disclaims any warranty
responsibility; (x) malfunctions, defects, or failures resulting from misuse; abuse; accident; neglect; improper installation,
operation or maintenance; theft; vandalism; acts of God; acts of terrorism; power failures or surges; casualty; alteration,
non-permitted modification, or repairs by any party other than Rightholder; or any other third parties’ or Your actions or
causes beyond Rightholder’s reasonable control; (y) any defect not made known by You to Rightholder as soon as
practical after the defect first appears; and (z) incompatibility caused by hardware and/or software components installed
on Your Computer.
7.2 You acknowledge, accept and agree that no software is error free and You are advised to back-up the
Computer, with frequency and reliability suitable for You.
7.3 The Rightholder does not provide any guarantee that the Software will work correctly in case of violations of the
terms described in the User Manual or in this Agreement.
7.4 The Rightholder does not guarantee that the Software will work correctly if You do not regularly download
Updates specified in Clause 2.6 of this Agreement.
7.5 The Rightholder does not guarantee protection from the threats described in the User Manual after the
expiration of the period specified in Clauses 3.2 or 3.3 of this Agreement or after the License to use the Software is
terminated for any reason.
7.6 THE SOFTWARE IS PROVIDED "AS IS" AND THE RIGHTHOLDER MAKES NO REPRESENTATION AND
GIVES NO WARRANTY AS TO ITS USE OR PERFORMANCE. EXCEPT FOR ANY WARRANTY, CONDITION,
REPRESENTATION OR TERM THE EXTENT TO WHICH CANNOT BE EXCLUDED OR LIMITED BY APPLICABLE
LAW THE RIGHTHOLDER AND ITS PARTNERS MAKE NO WARRANTY, CONDITION, REPRESENTATION, OR
TERM (EXPRESSED OR IMPLIED, WHETHER BY STATUTE, COMMON LAW, CUSTOM, USAGE OR OTHERWISE)
AS TO ANY MATTER INCLUDING, WITHOUT LIMITATION, NONINFRINGEMENT OF THIRD PARTY RIGHTS,
MERCHANTABILITY, SATISFACTORY QUALITY, INTEGRATION, OR APPLICABILITY FOR A PARTICULAR
PURPOSE. YOU ASSUME ALL FAULTS, AND THE ENTIRE RISK AS TO PERFORMANCE AND RESPONSIBILITY
FOR SELECTING THE SOFTWARE TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THE INSTALLATION OF,
USE OF, AND RESULTS OBTAINED FROM THE SOFTWARE. WITHOUT LIMITING THE FOREGOING PROVISIONS,
THE RIGHTHOLDER MAKES NO REPRESENTATION AND GIVES NO WARRANTY THAT THE SOFTWARE WILL BE
U S E R G U I D E
14
ERROR-FREE OR FREE FROM INTERRUPTIONS OR OTHER FAILURES OR THAT THE SOFTWARE WILL MEET
ANY OR ALL YOUR REQUIREMENTS WHETHER OR NOT DISCLOSED TO THE RIGHTHOLDER.
8. Exclusion and Limitation of Liability
8.1 TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THE
RIGHTHOLDER OR ITS PARTNERS BE LIABLE FOR ANY SPECIAL, INCIDENTAL, PUNITIVE, INDIRECT, OR
CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR LOSS OF
PROFITS OR CONFIDENTIAL OR OTHER INFORMATION, FOR BUSINESS INTERRUPTION, FOR LOSS OF
PRIVACY, FOR CORRUPTION, DAMAGE AND LOSS OF DATA OR PROGRAMS, FOR FAILURE TO MEET ANY
DUTY INCLUDING ANY STATUTORY DUTY, DUTY OF GOOD FAITH OR DUTY OF REASONABLE CARE, FOR
NEGLIGENCE, FOR ECONOMIC LOSS, AND FOR ANY OTHER PECUNIARY OR OTHER LOSS WHATSOEVER)
ARISING OUT OF OR IN ANY WAY RELATED TO THE USE OF OR INABILITY TO USE THE SOFTWARE, THE
PROVISION OF OR FAILURE TO PROVIDE SUPPORT OR OTHER SERVICES, INFORMATON, SOFTWARE, AND
RELATED CONTENT THROUGH THE SOFTWARE OR OTHERWISE ARISING OUT OF THE USE OF THE
SOFTWARE, OR OTHERWISE UNDER OR IN CONNECTION WITH ANY PROVISION OF THIS AGREEMENT, OR
ARISING OUT OF ANY BREACH OF CONTRACT OR ANY TORT (INCLUDING NEGLIGENCE,
MISREPRESENTATION, ANY STRICT LIABILITY OBLIGATION OR DUTY), OR ANY BREACH OF STATUTORY
DUTY, OR ANY BREACH OF WARRANTY OF THE RIGHTHOLDER OR ANY OF ITS PARTNERS, EVEN IF THE
RIGHTHOLDER OR ANY PARTNER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
YOU AGREE THAT IN THE EVENT THE RIGHTHOLDER AND/OR ITS PARTNERS ARE FOUND LIABILE, THE
LIABILITY OF THE RIGHTHOLDER AND/OR ITS PARTNERS SHALL BE LIMITED BY THE COSTS OF THE
SOFTWARE. IN NO CASE SHALL THE LIABILITY OF THE RIGHTHOLDER AND/OR ITS PARTNERS EXCEED THE
FEES PAID FOR THE SOFTWARE TO THE RIGHTHOLDER OR THE PARTNER (AS MAY BE APPLICABLE).
NOTHING IN THIS AGREEMENT EXCLUDES OR LIMITS ANY CLAIM FOR DEATH AND PERSONAL INJURY.
FURTHER IN THE EVENT ANY DISCLAIMER, EXCLUSION OR LIMITATION IN THIS AGREEMENT CANNOT BE
EXLUDED OR LIMITED ACCORDING TO APPLICABLE LAW THEN ONLY SUCH DISCLAIMER, EXCLUSION OR
LIMITATION SHALL NOT APPLY TO YOU AND YOU CONTINUE TO BE BOUND BY ALL THE REMAINING
DISCLAIMERS, EXCLUSIONS AND LIMITATIONS.
9. GNU and Other Third Party Licenses
9.1 The Software may include some software programs that are licensed (or sublicensed) to the user under the
GNU General Public License (GPL) or other similar free software licenses which, among other rights, permit the user to
copy, modify and redistribute certain programs, or portions thereof, and have access to the source code ("Open Source
Software"). If such licenses require that for any software, which is distributed to someone in an executable binary format,
that the source code also be made available to those users, then the source code should be made available by sending
the request to source@kaspersky.com or the source code is supplied with the Software. If any Open Source Software
licenses require that the Rightholder provide rights to use, copy or modify an Open Source Software program that are
broader than the rights granted in this Agreement, then such rights shall take precedence over the rights and restrictions
herein.
10. Intellectual Property Ownership
10.1 You agree that the Software and the authorship, systems, ideas, methods of operation, documentation and
other information contained in the Software, are proprietary intellectual property and/or the valuable trade secrets of the
Rightholder or its partners and that the Rightholder and its partners, as applicable, are protected by civil and criminal law,
and by the law of copyright, trade secret, trademark and patent of the Russian Federation, European Union and the
United States, as well as other countries and international treaties. This Agreement does not grant to You any rights to
the intellectual property including any the Trademarks or Service Marks of the Rightholder and/or its partners
("Trademarks"). You may use the Trademarks only insofar as to identify printed output produced by the Software in
accordance with accepted trademark practice, including identification of the Trademark owner’s name. Such use of any
Trademark does not give you any rights of ownership in that Trademark. The Rightholder and/or its partners own and
retain all right, title, and interest in and to the Software, including without limitation any error corrections, enhancements,
Updates or other modifications to the Software, whether made by the Rightholder or any third party, and all copyrights,
K A S P E R S K Y LAB E N D U S E R L I C E N S E A G R E E M E N T
15
patents, trade secret rights, trademarks, and other intellectual property rights therein. Your possession, installation or use
of the Software does not transfer to you any title to the intellectual property in the Software, and you will not acquire any
rights to the Software except as expressly set forth in this Agreement. All copies of the Software made hereunder must
contain the same proprietary notices that appear on and in the Software. Except as stated herein, this Agreement does
not grant you any intellectual property rights in the Software and you acknowledge that the License, as further defined
herein, granted under this Agreement only provides you with a right of limited use under the terms and conditions of this
Agreement. Rightholder reserves all rights not expressly granted to you in this Agreement.
10.2 You agree not to modify or alter the Software in any way. You may not remove or alter any copyright notices or
other proprietary notices on any copies of the Software.
11. Governing Law; Arbitration
11.1 This Agreement will be governed by and construed in accordance with the laws of the Russian Federation
without reference to conflicts of law rules and principles. This Agreement shall not be governed by the United Nations
Convention on Contracts for the International Sale of Goods, the application of which is expressly excluded. Any dispute
arising out of the interpretation or application of the terms of this Agreement or any breach thereof shall, unless it is
settled by direct negotiation, be settled by in the Tribunal of International Commercial Arbitration at the Russian
Federation Chamber of Commerce and Industry in Moscow, the Russian Federation. Any award rendered by the
arbitrator shall be final and binding on the parties and any judgment on such arbitration award may be enforced in any
court of competent jurisdiction. Nothing in this Section 11 shall prevent a Party from seeking or obtaining equitable relief
from a court of competent jurisdiction, whether before, during or after arbitration proceedings.
12. Period for Bringing Actions
12.1 No action, regardless of form, arising out of the transactions under this Agreement, may be brought by either
party hereto more than one (1) year after the cause of action has occurred, or was discovered to have occurred, except
that an action for infringement of intellectual property rights may be brought within the maximum applicable statutory
period.
13. Entire Agreement; Severability; No Waiver
13.1 This Agreement is the entire agreement between you and Rightholder and supersedes any other prior
agreements, proposals, communications or advertising, oral or written, with respect to the Software or to subject matter
of this Agreement. You acknowledge that you have read this Agreement, understand it and agree to be bound by its
terms. If any provision of this Agreement is found by a court of competent jurisdiction to be invalid, void, or unenforceable
for any reason, in whole or in part, such provision will be more narrowly construed so that it becomes legal and
enforceable, and the entire Agreement will not fail on account thereof and the balance of the Agreement will continue in
full force and effect to the maximum extent permitted by law or equity while preserving, to the fullest extent possible, its
original intent. No waiver of any provision or condition herein shall be valid unless in writing and signed by you and an
authorized representative of Rightholder provided that no waiver of any breach of any provisions of this Agreement will
constitute a waiver of any prior, concurrent or subsequent breach. Rightholder’s failure to insist upon or enforce strict
performance of any provision of this Agreement or any right shall not be construed as a waiver of any such provision or
right.
14. Rightholder Contact Information
Should you have any questions concerning this Agreement, or if you desire to contact the Rightholder for any reason,
please contact our Customer Service Department at:
Kaspersky Lab ZAO, 10 build. 1, 1ST Volokolamsky Proezd
Moscow, 123060
U S E R G U I D E
16
Russian Federation
Tel: +7-495-797-8700
Fax: +7-495-645-7939
E-mail: info@kaspersky.com
Web site: www.kaspersky.com
© 1997-2010 Kaspersky Lab ZAO. All Rights Reserved. The Software and any accompanying documentation are
copyrighted and protected by copyright laws and international copyright treaties, as well as other intellectual property
laws and treaties.
17
ABOUT THIS GUIDE
IN THIS SECTION:
In this document .............................................................................................................................................................. 17
Document conventions .................................................................................................................................................... 18
This document is the Guide for installing, configuring and operating Kaspersky Internet Security 2011 (hereinafter
Kaspersky Internet Security). The document is designed for a wide audience. The application users should be able to
operate a personal computer at a basic level: to be familiar with the Microsoft Windows operating system interface and
navigation within it, and to know how to use popular emailing and Internet programs, for example, Microsoft Office
Outlook and Microsoft Internet Explorer.
The aim of the document:
to help the users to install the application on the computer on their own, activate it and configure with regard to
user's tasks;
to provide a quick search of the information on application related issues;
to provide alternate sources of information about the application and the methods of getting technical support.
IN THIS DOCUMENT
This document contains the following sections:
Additional sources of information
This section contains a description of data on the sources of additional information regarding the application, Internetresources to discuss the application, share ideas, ask questions and receive answers.
Kaspersky Internet Security 2011
This section contains the description of the application's new features, and brief information on its components and
functionality. It reveals the function of the each part of the package supplied and a range of services available to
registered users of the application. The section contains hardware and software requirements which the computer should
meet to have Kaspersky Internet Security installed on it.
Installing the application
This section contains instructions that will help you install the application on the computer and perform its initial
configuration. This section also describes the application uninstall procedure.
Managing license
This section contains information regarding the basic concepts used in the context of the application licensing. From this
section you will also learn about the automatic prolonging of the license and where to view information regarding the
current license.
U S E R G U I D E
18
Application interface
SAMPLE TEXT
DOCUMENT CONVENTIONS DESCRIPTION
Please note that...
Warnings are highlighted in red and enclosed in frames. Warnings contain
important information, for example, related to computer operations critical to its
safety.
It is recommended to use...
Notes are enclosed in frames. Notes contain additional and reference
information.
This section contains description of the basic GUI components of the application: icon and context menu, main
application window, settings window, and notification windows.
Starting and stopping the application
This section contains information regarding the application's starting and shutdown.
Computer protection status
This section contains information about how to know whether your computer is protected at the moment, or if its security
is under threat, as well as how to eliminate emerging threats. In this section, you also can find information about
enabling, disabling, and pausing protection when working with Kaspersky Internet Security.
Solving typical tasks
This section contains instructions for the basic tasks encountered by most users when working with the application.
Advanced application settings
This section provides detailed information about each application component and describes the operation and
configuration algorithms for each component.
Checking the consistency of the application settings
This section contains recommendations in how to check if the application components run correctly.
Contacting the Technical Support Service
This section contains recommendations with respect to making contact with Kaspersky Lab from My Kaspersky Account
on the Technical Support Service website and over phone.
Appendix
This section includes reference information which complements the document text.
Glossary
This section contains the list of terms used in the document and their definitions.
DOCUMENT CONVENTIONS
Document conventions described in the table below are used in this Guide.
Table 1. Document conventions
A B O U T T H I S G U I DE
19
SAMPLE TEXT
DOCUMENT CONVENTIONS DESCRIPTION
Example:
...
Examples are given in section, on a yellow background, and under the header
"Example".
Update means...
New terms are marked by italics.
ALT+F4
Names of keyboard keys are marked by semi-bold font and capital letters.
Names of the keys along with a "plus" sign means use of a key combination.
Enable
Names of interface components, for example, input fields, menu commands,
buttons, etc., are marked by semi-bold font.
To configure a task schedule:
Instructions are marked by the arrow symbol.
Instructions' introductory phrases are in italics.
help
Texts in the command line or texts of messages displayed on the screen have a
special font.
<IP address of your computer>
The variables are put in angle brackets. Instead of a variable its corresponding
value is placed in every case, and the angle brackets are omitted.
20
ADDITIONAL SOURCES OF INFORMATION
IN THIS SECTION:
Sources of information for independent research ............................................................................................................ 20
Discussing Kaspersky Lab applications on the web forum .............................................................................................. 21
Contacting the Sales Department ................................................................................................................................... 21
Contacting Documentation development group .............................................................................................................. 21
If you have any questions regarding choosing, purchasing, installing or using Kaspersky Internet Security, various
sources of information are available at your convenience. You can choose the most suitable information source,
depending on the question level of importance and urgency.
SOURCES OF INFORMATION FOR INDEPENDENT RESEARCH
Kaspersky Lab provides the following sources of information about the application:
application page at the Kaspersky Lab website;
application page at the Technical Support Service website (in the Knowledge Base);
service page of FastTrack Support;
help system.
Application page at the Kaspersky Lab website
This page (http://www.kaspersky.com/kaspersky_internet_security) provides you with general information on the
application, its features and options.
Application page at the Technical Support Service website (Knowledge Base)
On this page (http://support.kaspersky.com/kis2011) you will find the articles created by Technical Support Service
specialists.
These articles contain useful information, recommendations and FAQs on purchasing, installing and using the
application. They are sorted by subject, for example, Managing the license, Configuring Update, or Eliminating
operation failures. The articles may provide answers to the questions that concern not only this application but the
other Kaspersky Lab products as well. The articles may also contain news from the Technical Support Service.
FastTrack Support service
On this service page, you can find the database of FAQs with answers regarding the application's operation. To use
this service, you need an Internet connection.
To go to the service page, in the main application window, click the Support link and in the window that opens click
the FastTrack Support button.
Help system
The application installation package includes the full and context help file. It contains information about how to
manage computer protection (view protection status, scan various computer areas for viruses, and execute other
A D D I T I O N A L S O U R C E S O F I N F O R M AT I O N
21
tasks). The full help and context help file provides you with information about all windows of the application, listing
and describing the settings and tasks related to each of them.
To open the help file, click the Help button in the required window, or press the F1 key.
DISCUSSING KASPERSKY LAB APPLICATIONS ON THE
WEB FORUM
If your question does not require an urgent answer, you can discuss it with Kaspersky Lab's specialists and other users
in our forum at http://forum.kaspersky.com.
In this forum you can view existing topics, leave your comments, create new topics or use the search engine.
CONTACTING THE SALES DEPARTMENT
If you have questions about selecting or purchasing Kaspersky Internet Security or extending your license, you can
contact the Sales Department http://www.kaspersky.com/contacts.
You can also send your questions to the Sales Department by email at sales@kaspersky.com.
CONTACTING DOCUMENTATION DEVELOPMENT GROUP
If you have any questions regarding documentation, have found a mistake or you want to leave feedback, you can
contact the Technical documentation development group. To contact the Documentation development group, send an
email to docfeedback@kaspersky.com. Please use "Kaspersky Help Feedback: Kaspersky Internet Security" as the
subject of your message.
22
KASPERSKY INTERNET SECURITY 2011
IN THIS SECTION:
What's new ...................................................................................................................................................................... 22
Ensuring your computer protection ................................................................................................................................. 23
Distribution kit .................................................................................................................................................................. 25
Service for registered users ............................................................................................................................................ 25
Hardware and software requirements ............................................................................................................................. 26
This section contains the description of the application's new features, and brief information on its components and
functionality. It reveals the function of the each part of the package supplied and a range of services available to
registered users of the application. The section contains hardware and software requirements which the computer should
meet to have Kaspersky Internet Security installed on it.
WHAT'S NEW
The following is new in Kaspersky Internet Security:
New protection component of the System Watcher (see page 105) provides monitoring of applications activity in
the system and provides detailed information to other protection components. Due to the recoverable history of
the applications activity, the component can roll back results of a malicious application's actions when such
malicious actions are detected by various protection components.
Advanced functionality of the Safe Run, Safe Run for Applications (see page 146), is an isolated desktop
where you can launch suspicious applications without any harm to the main operating system.
New modules have been added to improve Internet protection:
Safe Surf (see page 99) – includes the link scanning module known from the previous version of the
application, and also may block access to insecure websites, which allows you staying in the safe Internet
zone.
Geo Filter (see page 100) – allows you to grant or deny access to websites based on their belonging to
certain domains. This helps you, for example, to block access to websites which belong to regional
domains with high risk of infection.
Application Control allows a more effective definition of applications statuses, as well as configuration of
application rules using Kaspersky Security Network data based on the statistics of Application Control operation
on many users' computers.
With the help of the Idle Scan (see page 163) module the computer may be scanned for viruses while you are
not working on it, then scanning will stop when you return to work. This allows you to perform a scan regularly
and at the same time prevents the reduction of the computer running speed when you need it.
The Parental Control (see page 150) functionality has been expanded: now you can control the user's access to
the computer and Internet, the launch of computer applications, restrict access to websites with undesirable
content and downloading files from the Internet, control user's communication in social networks and through
Instant Messengers, as well as view reports on the controlled user's actions. To optimize the Parental Control
configuration the module also includes an export and import option with these settings for the account.
K A S P E R S K Y I N T E R N E T S E C U R I T Y 2 0 1 1
23
ENSURING YOUR COMPUTER PROTECTION
Kaspersky Internet Security provides comprehensive protection of your computer against known and unknown threats,
network and intruder attacks, spam and other unwanted information.
Every type of threat is handled by a separate security component (see the description of components further in this
section). Components can be enabled or disabled independently of one another and configured accordingly.
In addition to constant protection provided by the security components, we recommend regularly scanning your computer
for viruses. This is necessary in order to rule out the possibility of spreading malicious programs that have not been
discovered by security components, for example, because the security level was set to low or for other reasons.
To keep Kaspersky Internet Security up-to-date, you need to update the bases and software modules used by the
application. The application is updated automatically by default. However, you can always update the bases and
software modules manually, if necessary.
You can control the individual applications that are launched on your computer by using the application activity monitor.
The way applications access personal data is subject to special control. These data include files, folders and registry
keys, which contain the settings and important data of the most frequently used applications, as well as the user's files
(My Documents folder, cookies, information about the user's activity). When the safety of any application raises doubts,
they can be run in a safe environment.
Certain specific tasks that need to be performed occasionally can be performed with the help of advanced tools and
wizards (see section "Additional tools for better protection of your computer" on page 168), such as configuring Microsoft
Internet Explorer or erasing the traces of user activity in the system.
Protection components
The following protection components provide protection for your computer in real time:
File Anti-Virus
File Anti-Virus prevents infection of the computer's file system. The components starts at startup of the operating
system, continuously remains in the computer's RAM, and scans all files being opened, saved, or launched on your
computer and all connected drives. Kaspersky Internet Security intercepts each attempt to access a file and scans
the file for known viruses. The file can only be processed further if the file is not infected or is successfully treated by
the application. If a file cannot be disinfected for any reason, it will be deleted. A copy of the file will be saved in the
backup, or moved to the quarantine.
Mail Anti-Virus
Mail Anti-Virus scans incoming and outgoing email messages on your computer. The email is available to the
addressee only if it does not contain dangerous objects.
Web Anti-Virus
Web Anti-Virus intercepts and blocks scripts on websites if they pose a threat. All HTTP traffic is also subject to a
thorough monitoring. Additionally, the component blocks access to malicious websites.
IM Anti-Virus
IM Anti-Virus ensures the safe use of Internet pagers. The component protects information that comes to your
computer via IM protocols. IM Anti-Virus ensures safe operation of various applications for instant messaging.
Proactive Defense
Proactive Defense allows detection of a new malicious program before it can perform its malicious activity. The
component's operation is based on monitoring and analyzing the behavior of all applications installed on your
computer. Depending on the actions being performed, Kaspersky Internet Security makes a decision whether each
application is potentially dangerous or not. So your computer is protected not only from known viruses, but from new
ones as well that have not yet been discovered.
U S E R G U I D E
24
Anti-Phishing
A component integrated in Web Anti-Virus, Anti-Spam and IM Anti-Virus, which checks web addresses to see if they
are included in the list of phishing and suspicious web addresses.
Application Control
Application Control logs the actions performed by applications in the system, and manages the applications'
activities, based on which group the component assigns them to. A set of rules is defined for each group of
applications. These rules manage applications' access to various operating system resources.
Firewall
The Firewall ensures security for your work in local networks and on the Internet. The component filters all network
activities using two types of rules: rules for applications and packet rules.
Network Attack Blocker
The Network Attack Blocker loads during the operating system launch, and scans incoming network traffic for
activities characteristic of network attacks. Once an attempt to attack the computer is detected, Kaspersky Internet
Security blocks any network activity of the attacking computer towards your computer.
Anti-Spam
Anti-Spam integrates into the mail client installed on your computer, and monitors all incoming email messages for
spam. All messages containing spam are marked with a special header. An option to configure Anti-Spam for spam
processing (deleting automatically, moving to a special folder, etc.) is also provided. The component also analyzes
email messages to detect phishing.
Network Monitor
The component designed to view information about network activity in real-time mode.
Anti-Banner
Anti-Banner blocks advertising information located on banners built into interfaces of various programs installed on
your computer, or displayed online.
Parental Control
Parental Control functionality is designed to protect children and teenagers from threats associated with using the
computer and Internet browsing.
Parental Control lets you set flexible restrictions on access to web resources and applications for different users
depending on their age. It also lets you view statistical reports on controlled user activity.
There are three groups of objects protected by the application components:
Files, identity data, user names and passwords, information about banking cards, etc. These files are protected
by File Anti-Virus, Application Control and Proactive Defense.
Applications installed on your computer and operating system objects. These files are protected by Mail Anti-
Virus, Web Anti-Virus, IM Anti-Virus, Application Control, Network Attack Blocker, Anti-Spam and Proactive
Defense.
Online activity: using e-payment systems, email protection against spam and viruses etc. These files are
protected by Mail Anti-Virus, Web Anti-Virus, IM Anti-Virus, Firewall, Network Attack Blocker, Anti-Spam,
Network Monitor, Anti-Banner, Parental Control and Anti-Phishing.
The grouping of components depending on the objects they protect is graphically illustrated in the Protection Center
section in the main application window (see section "Kaspersky Internet Security main window" on page 39).
K A S P E R S K Y I N T E R N E T S E C U R I T Y 2 0 1 1
25
DISTRIBUTION KIT
You can purchase the boxed version of Kaspersky Internet Security from our resellers, or purchase it online from Internet
shops, such as the eStore section of http://www.kaspersky.com.
If you buy the boxed version of the program, the package will include:
A sealed envelope with the installation CD containing the program files and documentation in PDF format.
Documentation in printed form, notably Quick Start Guide and User's Guide documents (depending on the
region).
License Agreement (depending on the region).
Activation card containing an activation code (depending on the region).
Read the EULA through carefully (see section "About End User License Agreement" on page 34)!
If you do not agree with the terms of the EULA, you can return your boxed product to the reseller from whom you
purchased it and be reimbursed the amount you paid for the program, provided that the envelope containing the
installation disk is still sealed.
By opening the sealed installation disk, you accept all the terms of the EULA.
Before breaking the seal on the installation disk envelope, carefully read through the EULA.
If you buy Kaspersky Internet Security from eStore, you will download the product from the Kaspersky Lab website; the
present User Guide is included with the installation package. You will be sent an activation code by email after your
payment has been received.
SERVICE FOR REGISTERED USERS
Kaspersky Lab offers legal users a set of services that allow increasing efficiency of the application use.
When you purchase the license, you become a registered user, which entitles you to benefit from the following services:
hourly updating application databases and providing new product versions;
consulting on how to install, configure, and use the product - by phone or in the Personal Cabinet;
notifying of new software products released by Kaspersky Lab and new viruses emerging all over the world.
This service is provided to the users who have subscribed to Kaspersky Lab's news delivery on the Technical
Consulting on issues related to functioning and use of operating systems, third-party software, and various technologies
are not provided.
Support Service website (http://support.kaspersky.com/subscribe).
U S E R G U I D E
26
HARDWARE AND SOFTWARE REQUIREMENTS
For a proper functioning of Kaspersky Internet Security, a computer should meet the defined requirements.
General requirements:
480 MB free disk space.
CD / DVD-ROM (to install Kaspersky Internet Security from the distribution CD).
Internet connection (to update databases and application modules).
Microsoft Internet Explorer 6.0 or higher.
Microsoft Windows Installer 2.0.
Requirements for Microsoft Windows XP Home Edition (Service Pack 2 or higher), Microsoft Windows XP Professional
(Service Pack 2 or higher), Microsoft Windows XP Professional x64 Edition (Service Pack 2 or higher):
Intel Pentium 800 MHz 32-bit (x86) / 64-bit (x64) processor or higher (or a compatible equivalent);
512 MB free RAM.
Requirements for Microsoft Windows Vista Home Basic, Microsoft Windows Vista Home Premium, Microsoft Windows
Vista Business, Microsoft Windows Vista Enterprise, Microsoft Windows Vista Ultimate, Microsoft Windows 7 Starter,
Microsoft Windows 7 Home Basic, Microsoft Windows 7 Home Premium, Microsoft Windows 7 Professional, Microsoft
Windows 7 Ultimate:
Intel Pentium 1 GHz 32-bit (x86) / 64-bit (x64) processor or higher (or a compatible equivalent);
1GB free RAM (32-bit); 2 GB free RAM (64-bit).
You cannot enable Safe Run when working under Microsoft Windows XP (64-bit) operating system. The Safe Run is
restricted when working in Microsoft Windows Vista (64-bit) and Microsoft Windows 7(64-bit) operating systems.
Requirements for netbooks:
Intel Atom 1.33 MHz (Z520) processor or a compatible equivalent.
Intel GMA950 video card with video RAM more than 64 MB (or a compatible equivalent).
Screen size not less than 10.1".
Microsoft Windows XP Home Edition or higher.
27
INSTALLING THE APPLICATION
IN THIS SECTION:
Installation procedure ...................................................................................................................................................... 27
Getting started ................................................................................................................................................................. 32
Removing the application ................................................................................................................................................ 32
This section contains instructions that will help you install the application on the computer and perform its initial
configuration. This section also describes the application uninstall procedure.
INSTALLATION PROCEDURE
Kaspersky Internet Security will install on your computer in an interactive mode with the help of the Installation Wizard.
The wizard consists of a series of screens (steps) navigated using the Back and Next buttons. To close the wizard once
it completes its work, use the Finish button. To stop the wizard at any stage, use the Cancel button.
If the application is going to protect more than one computer, it should be installed on all computers in the same way.
Remember that in this case, according to the license agreement, the license term begins from the date of the first
activation. If you activate the application to protect a second and subsequent computers, the license validity period will
be reduced by the number of days that has passed from the date of the first activation. Therefore, the license term will
expire for all installed copies of the application simultaneously.
To install Kaspersky Internet Security on your computer,
run the setup file (a file with the *.exe extension) on the CD containing the product.
The process of installing Kaspersky Internet Security from a setup file downloaded online is identical to the installation
from the setup CD.
U S E R G U I D E
28
IN THIS SECTION:
Step 1. Finding a newer version of the application .......................................................................................................... 28
Step 2. Making sure the system meets the installation requirements .............................................................................. 28
Step 3. Choosing the type of installation ......................................................................................................................... 29
Step 4. Reviewing the license agreement ....................................................................................................................... 29
Step 5. Kaspersky Security Network Data Collection Statement ..................................................................................... 29
Step 6. Searching for incompatible applications .............................................................................................................. 29
Step 7. Selecting the destination folder ........................................................................................................................... 30
Step 8. Preparing installation .......................................................................................................................................... 30
Step 9. Installing .............................................................................................................................................................. 30
Step 10. Activating the application .................................................................................................................................. 31
Step 11. Registering a user ............................................................................................................................................. 31
Step 12. Completing the activation .................................................................................................................................. 31
Step 13. Analyzing the system ........................................................................................................................................ 32
Step 14. Closing the Wizard ............................................................................................................................................ 32
STEP 1. SEARCHING FOR A NEWER VERSION OF THE APPLICATION
Before setup the installer checks the update servers of Kaspersky Lab for a newer version of Kaspersky Internet
Security.
If it finds no newer product versions on the update servers of Kaspersky Lab, the setup wizard for the current version will
be started.
If the update servers offer a newer version of Kaspersky Internet Security, you will see a prompt to download and install it
on the computer. If you cancel downloading the new version, the setup wizard for the current version will be started. If
you decide to install the newer version, product distribution files will be downloaded to your computer and the setup
wizard for that new version will be started automatically. For further description of the installation procedure for the newer
version please refer to its corresponding documentation.
STEP 2. MAKING SURE THE SYSTEM MEETS THE INSTALLATION
REQUIREMENTS
Before Kaspersky Internet Security installation on your computer the installer checks the operating system and service
packs to make sure they meet the software requirements for product installation (see section "Hardware and software
requirements" on page 26). In addition, the installer checks the presence of required software and the credentials
necessary to install applications.
If any condition is not observed, a corresponding notification will be displayed. In that case you are advised to install the
required software and use the Windows Update service to download and apply the necessary service packs before
installing the product of Kaspersky Lab.
I N S T A L L I N G T H E A P P L I C A T I O N
29
At this step, the application searches for Kaspersky Lab applications that may lead to conflicts when used together with
Kaspersky Internet Security. If such applications are found, you are offered to remove them manually.
If an earlier version of Kaspersky Anti-Virus or Kaspersky Internet Security is found, all data that can be used by
Kaspersky Internet Security 2011 (activation information, application settings, etc.) will be saved and used when
installing the application.
STEP 3. CHOOSING THE TYPE OF INSTALLATION
At this stage, you can choose the most suitable type of Kaspersky Internet Security installation:
Standard installation. If you choose this option (the Change installation settings box is unchecked), the
application will be fully installed on your computer with protection settings recommended by Kaspersky Lab
experts.
Custom installation. In this case (the Change installation settings box is checked) you will be offered to
specify the destination folder to install the application to (see section "Step 7. Selecting the destination folder"
on page 30), and disable the installation process protection, if required (see section "Step 8. Preparing
installation" on page 30).
To proceed with the installation, click Next.
STEP 4. REVIEWING THE LICENSE AGREEMENT
At this stage you should review the license agreement made between you and Kaspersky Lab.
Read the agreement carefully and signify your consent by clicking the I Agree button. The installation will continue.
To cancel the installation, click the Cancel button.
STEP 5. KASPERSKY SECURITY NETWORK DATA COLLECTION STATEMENT
At this stage you will be offered to participate in Kaspersky Security Network. Participation in the program involves
sending information about new threats detected on your computer, running applications, and downloaded signed
applications to Kaspersky Lab, along with the unique ID assigned to your copy of Kaspersky Internet Security and your
system information. We guarantee that none of your personal data will be sent.
Review the text of the Kaspersky Security Network Data Collection Statement. If you agree with all points of the
statement, check the box I accept the terms of participation in Kaspersky Security Network.
Click the Next button if you carry out the custom installation (see section "Step 3. Choosing the type of installation" on
page 29). When carrying out the standard installation, click the Install button. Installation will continue.
STEP 6. SEARCHING FOR INCOMPATIBLE APPLICATIONS
At this step, the applications checks if any applications incompatible with Kaspersky Internet Security are installed on
your computer.
If no such applications are found, the Wizard automatically proceeds to the next step.
If any incompatible applications are detected, they are displayed in a list on the screen, and you are offered to remove
them automatically or manually. While removing incompatible applications, you will need to reboot your operating
system, after which installation of Kaspersky Internet Security will continue automatically.
To proceed with the installation, click Next.
U S E R G U I D E
30
STEP 7. SELECTING THE DESTINATION FOLDER
This step of the Installation Wizard is only available if the custom installation is selected. (see section "Step 3. Choosing
the type of installation" on page 29). In standard installation, this step is omitted and the application is installed to the
default folder.
At this stage you are offered to choose the folder to which Kaspersky Internet Security will be installed. The following
path is set by default:
<disk> \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2011 – for 32-bit systems;
<disk> \ Program Files (x86) \ Kaspersky Lab \ Kaspersky Internet Security 2011 – for 64-bit systems.
To install Kaspersky Internet Security to a different folder, specify the path to it in the input field or click View and choose
the folder in the window that opens.
The path to the installation folder cannot be longer than 200 characters or contain special characters \, /, ?, :, *, ", >, <
and |.
To find out if there is enough disk space on your computer to install the application, click the Disk button. In the window
that opens you can view the disk space information. To close the window, click OK.
To proceed with the installation, click Next in the wizard window.
STEP 8. PREPARING INSTALLATION
This step of the Installation Wizard is only available if the custom installation is selected. (see section "Step 3. Choosing
the type of installation" on page 29). In standard installation, this step is skipped.
Since your computer may be infected with malicious programs that may impact installation of Kaspersky Internet
Security, the installation process should be protected.
By default, installation process protection is enabled – the Protect the installation process box is checked in the
Wizard window.
You are advised to uncheck this box if the application cannot be installed (for example, when performing remote
installation using Windows Remote Desktop). Enabled protection may be the reason.
In this case, you should interrupt installation, restart it, check the Change installation settings box at the Choosing the
type of installation step (see section "Step 3. Choosing the type of installation" on page 29), and, when reaching the
Preparing installation step, uncheck the Protect the installation process box.
To proceed with the installation, click Install.
When installing the application on a computer running under Microsoft Windows XP, active network connections are
terminated. The majority of terminated connections is restored after a pause.
STEP 9. INSTALLING
Installation of the application takes some time. Wait for it to complete.
Once the installation is complete, the Wizard will proceed automatically to the next step.
I N S T A L L I N G T H E A P P L I C A T I ON
31
If an installation error occurs, being caused by malicious programs that prevent anti-virus applications from being
installed on your computer, the Installation Wizard offers you to download a special tool for neutralizing infection named
Kaspersky Virus Removal Tool utility.
If you agree to install the utility tool, the Installation Wizard downloads it from Kaspersky Lab servers, after which
installation of the utility starts automatically. If the Wizard cannot download the utility, you will be offered to download it
on your own by clicking the link provided.
After you finish working with the utility, you should delete it and restart installation of Kaspersky Internet Security.
STEP 10. ACTIVATING THE APPLICATION
Activation is a procedure of activating a license that allows you to use a fully functional version of the application until the
license expires.
You will need an Internet connection to activate the application.
You will be offered the following options of Kaspersky Internet Security activation:
Activate commercial license. Select this option and enter the activation code (see section "About activation
code" on page 35) if you have purchased a commercial version of the application.
If you specify an activation code for Kaspersky Anti-Virus in the entry field, the procedure of switching to
Kaspersky Anti-Virus starts after the completion of activation.
Activate trial license. Use this activation option if you want to install the trial version of the application before
making the decision to purchase a commercial version. You will be able to use the fully-functional version of the
application for the duration of a term limited by the license for the trial version of the application. When the
license expires, it cannot be activated for a second time.
Activate later. If you choose this option, the Kaspersky Internet Security activation stage is skipped. The
application will be installed on your computer with all of its functions, except updates, available. You will only be
able to update anti-virus databases and modules of Kaspersky Internet Security once after installation. The
Activate later option is only available at the first start of the Activation Wizard, immediately after installing the
application.
If Kaspersky Internet Security has been installed and then removed with activation information saved, this step is
skipped. In this case the wizard will automatically retrieve information about the existing license and proceed to the final
stage of activation (see section "Step 12. Completing the activation" on page 31).
STEP 11. REGISTERING A USER
This step is only available when activation the commercial version of the application. When activating the trial version,
this step is skipped.
You need to register in order to be able to contact Kaspersky Lab Technical Support Service in the future. Unregistered
users receive only minimal support.
If you agree to register, specify your registration data in the corresponding fields and click the Next button.
STEP 12. COMPLETING THE ACTIVATION
The Wizard informs you that Kaspersky Internet Security has been successfully activated. Additionally, information about
the license is provided: license type (commercial or trial), date of expiry, and number of hosts for the license.
U S E R G U I D E
32
If you have activated the subscription, information about the subscription status (see section "Subscription statuses" on
page 191) is displayed instead of the license expiration date.
Click the Next button in order to continue the work of the Wizard.
STEP 13. ANALYZING THE SYSTEM
At this stage, information about Microsoft Windows applications is collected. These applications are added to the list of
trusted applications which have no restrictions imposed on the actions they perform in respect of the system.
Once the analysis is complete, the Wizard will proceed automatically to the next step.
STEP 14. CLOSING THE WIZARD
The last window of the Wizard informs you of the successful completion of application installation. To run Kaspersky
Internet Security, make sure that the Start Kaspersky Internet Security box is checked, and click the Finish button.
In some cases, you may need to reboot your operating system. If the Start Kaspersky Internet Security box is
checked, the application will be automatically run after you reboot your operating system.
If you have unchecked the box before closing the Wizard, you should run the application manually (see section "Starting
and stopping the application manually" on page 45).
GETTING STARTED
The application is ready to be used after installation. To ensure proper protection of your computer, we recommend
performing the following immediately after installation and configuration:
Update application databases (see section "How to update application databases" on page 53).
Scan your computer for viruses (see section "viruses" on page 55) and vulnerabilities (see section "Scanning
computer for vulnerabilities" on page 56).
Check the protection status of your computer (on page 46) and eliminate problems in protection if necessary
(see section "Diagnostics and elimination of problems in your computer protection" on page 46).
REMOVING THE APPLICATION
After the uninstallation of Kaspersky Internet Security your computer and personal data will be unprotected.
Kaspersky Internet Security is uninstalled with the help of the installation wizard.
To start the Wizard:
1. In the Start menu of the operating system select Programs Kaspersky Internet Security 2011 Repair or
Remove.
2. In the window that opens, click the Remove button.
I N S T A L L I N G T H E A P P L I C A T I O N
33
IN THIS SECTION:
Step 1. Saving data for repeated use .............................................................................................................................. 33
Step 2. Confirmation of application removal .................................................................................................................... 33
Step 3. Removing the application. Completing removal .................................................................................................. 33
STEP 1. SAVING DATA FOR REPEATED USE
At this point you can specify which of the data used by the application you want to retain for repeated use during the next
installation of the application (e.g., a newer version of the application).
By default, the application is removed from the computer entirely.
To save data for repeated use, perform the following:
1. Select Save application objects.
2. Check boxes opposite the data types you want to save:
Activation data – data that eliminates the need to activate the application in the future by automatically
using the current license as long as it does not expire by the time of the next installation.
Anti-Spam databases – bases containing signatures of spam messages downloaded and saved by the
application.
Backup and Quarantine files – files checked by the application and placed into backup storage or
quarantine.
Operational settings of the application – values of the application settings selected while configuring it.
iSwift and iChecker data – files which contain information about the objects that have been already
scanned for viruses.
Safe Run shared folder data – files saved by the application working in a safe environment in a special
folder that is also accessible in the normal environment.
STEP 2. CONFIRMATION OF APPLICATION REMOVAL
Since removing the application threatens the security of the computer and your personal data, you will be asked to
confirm your intention to remove the application. To do so, click the Remove button.
To stop removing the application at any time, you can cancel this operation by clicking the Cancel button.
STEP 3. REMOVING THE APPLICATION. COMPLETING REMOVAL
At this step, the wizard removes the application from your computer. Wait until removal is complete.
When removing the application, your operating system may require reboot. If you cancel immediate reboot, completion of
the removal procedure will be postponed until the operating system is rebooted, or the computer is turned off and then
restarted.
34
MANAGING LICENSE
IN THIS SECTION:
About End User License Agreement ............................................................................................................................... 34
About license ................................................................................................................................................................... 34
About activation code ...................................................................................................................................................... 35
Viewing license information ............................................................................................................................................. 35
This section contains information regarding the basic concepts used in the context of the application licensing. From this
section you will also learn about the automatic prolonging of the license and where to view information regarding the
current license.
ABOUT END USER LICENSE AGREEMENT
End User License Agreement – is an agreement between natural or legal person lawfully in possession of a copy of an
application. The EULA is included in each Kaspersky Lab application. It contains a detailed description of rights and
Kaspersky Internet Security usage restrictions.
According to the EULA, when you purchase and install a Kaspersky Lab application, you get a perpetual right to possess
its copy.
ABOUT LICENSE
License is a right to use Kaspersky Internet Security and the related additional services offered by Kaspersky Lab or its
partners.
Each license has an expiration date and a type.
License term – a period during which the additional services are offered:
technical support;
update databases and application modules.
The services provided depend on the license type.
The following license types are provided:
Trial – a free license with a limited validity period, for example, 30 days, offered to get familiar with Kaspersky
Internet Security.
A trial license can be used only once and cannot be used after the commercial license!
A trial license is supplied with the trial version of the application. If a trial license is activated, you can contact
the Technical Support Service only for application activation or purchasing a commercial license. As soon as the
trial license expires, all Kaspersky Internet Security features become disabled. To continue using the
application, you should activate it (see section "How to activate the application" on page 51).
M A N A G I N G L I C E N S E
35
Commercial – a commercial license with limited validity period (for example, one year), offered at Kaspersky
Internet Security's purchase. One license can cover several computers.
If a commercial license is activated, all application features and additional services are available.
As soon as a commercial license expires, Kaspersky Internet Security remains a full-featured application, but
the anti-virus databases are not updated. You can still scan your computer for viruses and use the protection
components, but only using the databases that you had when the license expired. Two weeks before the
expiration date, the application will notify you about this event so you could renew the license in advance (see
section "How to purchase or renew license" on page 52).
Commercial with an update subscription and commercial with an update and protection subscription – a paid-for
license with flexible management: you can suspend and resume the subscription, extend its validity period in the
automatic mode, cancel the subscription. A license with subscription is distributed by service providers. You
can manage the subscription from the user personal cabinet on the website of service provider.
The validity period of a subscription can be limited (for example, one year) or unlimited. If a subscription with a
limited validity period is activated, you should renew it on your own when it expires. A subscription with unlimited
validity period is extended automatically subject to timely prepayment to the provider.
If the subscription term is limited, upon its expiration you will be offered a grace period for subscription renewal,
during which application will run in the full-featured mode.
If the subscription is renewed, upon grace period expiration Kaspersky Internet Security ceases to update the
application databases (for license with update subscription) and stops performing computer protection or
executing scan tasks (for license with protection subscription).
When using the subscription, you will not be able to use another activation code to renew the license. This
action becomes available only after subscription expiration date.
If you have already had an activated license with a limited term at the time of subscription activation, it is
substituted with the subscription license. To cancel the subscription, contact the service provider from whom
you purchased Kaspersky Internet Security.
Depending on the subscription provider, the set of available actions to take on the subscription (see section
"Subscription statuses" on page 191) may vary. Also, the grace period when subscription renewal is available,
is not provided by default.
ABOUT ACTIVATION CODE
Activation code is a code supplied with a Kaspersky Internet Security commercial license. This code is required for
application activation.
The activation code represents a sequence of Latin characters and digits divided by hyphens into four groups of five
symbols without spaces. For example, 11111-11111-11111-11111.
If you purchase the application in an online shop, the activation code is sent by email. If you purchase the application in a
box (retail version), the activation code is printed on the inner face of the disk envelope cover or under the protective
layer of the sticker on the inner face of the box containing the installation disk.
VIEWING LICENSE INFORMATION
To view information about the active license:
1. Open the main application window.
2. Click the License button in the bottom part of the window to open the License management window.
U S E R G U I D E
36
In this window, you can start the application activation (see section "How to activate the application" on
page 51), purchase a new license, or renew your current one (see section "How to purchase or renew license"
on page 52).
Figure 1. The License management window
37
APPLICATION INTERFACE
IN THIS SECTION:
Notification area icon ....................................................................................................................................................... 37
Context menu .................................................................................................................................................................. 38
Kaspersky Internet Security main window ....................................................................................................................... 39
Notification windows ........................................................................................................................................................ 42
Application settings window ............................................................................................................................................ 43
Kaspersky Gadget ........................................................................................................................................................... 44
Kaspersky Internet Security has a fairly simple and easy-to-use interface. This section discusses its basic features in
detail.
Kaspersky Internet Security includes extension components (plug-ins) for Microsoft Office Outlook, Microsoft Outlook
Express, The Bat!, Thunderbird, Mozilla Firefox, Microsoft Internet Explorer and Microsoft Windows Explorer. The plugins expand the functionality of the host applications, providing access to the configuration of product components within
their interface.
NOTIFICATION AREA ICON
Immediately after installing the application, the application icon appears in the Microsoft Windows taskbar notification
area.
In the Microsoft Windows 7 operating system by default the application icon is hidden, but you can display it to access
the application easier (see the operating system documentation).
The icon has the following basic purposes:
It is an indicator of the application's operation.
It provides access to the context menu, main application window and the news window.
Indication of the application activity
This icon is an indicator of the application's operation. It also reflects the protection status and shows a number of basic
functions performed by the application at the moment:
– scanning email message;
– scanning web traffic;
– updating databases and application modules;
U S E R G U I D E
38
– computer should be rebooted to apply updates;
– a failure occurred in the operation of some application component.
By default the icon is animated: for example, during the email message scan a miniature letter symbol is pulsating
against the application icon; when update is in progress there is a revolving symbol of a globe. You can deactivate
animation (see section "Active interface elements" on page 178).
When the animation is disabled the icon can take on the following appearances:
(colored symbol) – all or certain protection components are activated;
(black-and-white symbol) – all protection components are disabled.
Access to the context menu and application windows
You can use the icon to open the context menu (on page 38) and the main application window (see section "Kaspersky
Internet Security main window" on page 39).
To open the context menu,
roll over the icon with the mouse pointer and right-click the area.
To open the main application window,
roll over the icon with the mouse pointer and left-click the area.
If news from Kaspersky Lab is available, the icon appears in the Microsoft Windows taskbar notification area. Doubleclick this icon to open News Agent window (see section "News Agent" on page 178).
CONTEXT MENU
You can run basic protection tasks from the context menu.
The Kaspersky Internet Security menu contains the following items:
Tools – opens a submenu containing the following items:
Application Control – opens the Applications Activity window;
Network Monitor – opens the Network Monitor window;
Virtual Keyboard – displays the Virtual Keyboard.
Safe Run for Applications – activates a safe environment for running applications that you suspect of being
insecure. If the safe environment is launched, the computer switches to it.
When working in the safe environment, this menu item is called To the main and serves to switch from the safe
environment to the operating system main environment.
Kaspersky Internet Security – opens the main application window.
Pause protection / Resume protection – temporarily turns off / on the real-time protection components. This
menu item does not affect the application’s updates, or the execution of virus scans.
Enable Parental Control / Disable Parental Control – enables / disables Parental Control for the current
account.
A P P L I C A T I O N I N T E R F A C E
39
Setting – opens the application settings window.
About – opens a window containing information about the application.
News – opens the news agent window (see section "News Agent" on page 178). This menu item is displayed if
there are unread news.
Exit – close Kaspersky Internet Security (when this item is selected, the application is unloaded from the
computer’s RAM).
Figure 2. Context menu
If a virus scan or update task is running at the moment you open the context menu, its name as well as its progress
status (percentage complete) is displayed in the context menu. When you select a menu item with the name of a task,
you can switch to the main window with a report of current task run results.
To open the context menu,
roll over the application icon in the taskbar notification area with the pointer and right-click it with the mouse.
In the Microsoft Windows 7 operating system by default the application icon is hidden, but you can display it to access
the application easier (see the operating system documentation).
KASPERSKY INTERNET SECURITY MAIN WINDOW
The main application window contains interface elements that provide access to all the main features of the application.
The main window can be divided into three parts:
The top part of the window contains the protection status indicator which informs you of the current condition of
your computer's protection.
Figure 3. Current computer protection status
U S E R G U I D E
40
There are three possible values of protection status: each of them is indicated with a certain color. Green
indicates that your computer’s protection is at the correct level, while yellow and red indicate that there are
various security threats. In addition to malicious programs, threats include obsolete application databases,
disabled protection components, the selection of minimum protection settings etc.
Security threats must be eliminated as they appear (see section "Diagnostics and elimination of problems in
your computer protection" on page 46).
The left part of the window allows you to quickly switch to the main application features: enabling and disabling
protection components, running virus scan tasks, updating databases and program modules, etc.
Figure 4. Left part of the main window
A P P L I C A T I O N I N T E R F A C E
41
The right part of the window contains information about the application function selected in the left part, and
allows configuring its settings, provides tools for executing virus scan tasks, retrieving updates etc.
Figure 5. Right part of the main window
You can also use the following buttons and links:
Settings – to open the application settings window.
Quarantine – to start working with quarantined objects.
Reports – switch to the application operation report in diagram format.
News – switch to viewing news in the News Agent window (see section "News Agent" on page 178). This link is
displayed after the application receives the first piece of news.
Help – to view the Kaspersky Internet Security help system.
My Kaspersky Account – to enter the user's personal account at the Technical Support Service website (see
section "My Kaspersky Account" on page 186).
Support – to open the window containing information about the system and links to Kaspersky Lab's
information resources (Technical Support Service website, forum).
License – Kaspersky Internet Security activation, license renewal.
You can change the appearance of Kaspersky Internet Security using alternate skins (see section "Application
appearance" on page 177).
U S E R G U I D E
42
To open the main application window, perform one of the following actions:
roll over the application icon in the taskbar notification area with the pointer and left-click it with the mouse.
In the Microsoft Windows 7 operating system by default the application icon is hidden, but you can display it to
access the application easier (see the operating system documentation).
select Kaspersky Internet Security from the context menu (see section "Context menu" on page 38);
click the Kaspersky Internet Security icon located in the center of Kaspersky Gadget (only for Microsoft
Windows Vista and Microsoft Windows 7).
NOTIFICATION WINDOWS
If events occur during the Kaspersky Internet Security operation, special notifications are displayed on the screen, as
pop-up messages above the application icon's in the Microsoft Windows taskbar notification area.
Depending on how critical the event is for computer security, you might receive the following types of notifications:
Critical notifications – inform you of events of crucial importance from the viewpoint of computer security: for
example, detection of a malicious object or dangerous activity in the system. If such notification is displayed,
you should immediately make a decision on further actions. The notification window of this type is red.
Important notifications – inform you of events which are potentially important from the viewpoint of computer
security: for example, detection of a potentially infected object or suspicious activity in the system. If such
notification is displayed, you should make a decision on how dangerous the detected object or process is, and
choose your further actions. The notification window of this type is yellow.
Information notifications – inform you of non-critical events. The notification window of this type is green.
A P P L I C A T I O N I N T E R F A C E
43
APPLICATION SETTINGS WINDOW
The Kaspersky Internet Security settings window is designed for configuring the entire application, separate protection
components, scan and update tasks, and for running other advanced configuration tasks (see section "Advanced
application settings" on page 69).
Figure 6. Application settings window
The application settings window consists of two parts:
in the left part of the window you can choose the application component, task or another item that should be
configured;
the right part of the window contains the controls that you can use to configure the item selected in the left part
of the window.
U S E R G U I D E
44
The components, tasks and other parts in the left part of the window are combined in the following sections:
– Protection Center;
– Scan;
– Update Center;
– Advanced Settings.
To open the settings window, perform one of the following actions:
click the Settings link in the top part of the main application window (see section "Kaspersky Internet Security
main window" on page 39);
select Settings from the context menu (see section "Context menu" on page 38);
click the button with the Settings icon in the Kaspersky Gadget interface (only for Microsoft Windows Vista
and Microsoft Windows 7). The option of option of opening the settings window should be assigned to the button
(see section "How to use Kaspersky Gadget" on page 67).
To select the required section in the configuration window,
click the icon corresponding to the section in the top left part of the window (see picture above).
KASPERSKY GADGET
When using Kaspersky Internet Security on a computer running under Microsoft Windows Vista or Microsoft Windows 7,
you can also use the Kaspersky Gadget.
Gadget is designed for quick access to the main features of the application: protection status indication, virus scan of
objects, application operation reports, etc.
After you install Kaspersky Internet Security on a computer running under Microsoft Windows 7, the gadget appears on
your desktop automatically. After you install the application on a computer running under Microsoft Windows Vista, you
should add the gadget to Microsoft Windows Sidebar manually (see the operating system documentation).
Figure 7. Kaspersky Gadget
45
STARTING AND STOPPING THE
IN THIS SECTION:
Enabling and disabling automatic launch ........................................................................................................................ 45
Starting and stopping the application manually ............................................................................................................... 45
APPLICATION
After Kaspersky Internet Security is installed, it starts automatically. The application is launched automatically each time
the operating system starts.
ENABLING AND DISABLING AUTOMATIC LAUNCH
Automatic launch of the application means that Kaspersky Internet Security launches after the operating system startup.
This is the default start mode.
To disable or enable automatic launch of the application:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the General Settings subsection.
3. To disable automatic launch of the application, uncheck the Launch Kaspersky Internet Security at computer
startup box in the Autorun section, in the right part of the window. To enable automatic launch of the
application, check this box.
STARTING AND STOPPING THE APPLICATION MANUALLY
Kaspersky Lab specialists do not recommend you stop Kaspersky Internet Security, because your computer and
personal data's protection will be at risk. If disabling protection is really necessary, you are advised to pause your
computer's protection for a specified period without exiting the application.
Kaspersky Internet Security should be started manually if you have disabled automatic launch of the application (see
section "Enabling and disabling automatic launch" on page 45).
To launch the application manually,
in the Start menu, select Programs Kaspersky Internet Security 2011 Kaspersky Internet Security 2011.
To exit the application,
right-click to open the context menu of the application icon in the taskbar notification area and select Exit.
In the Microsoft Windows 7 operating system by default the application icon is hidden, but you can display it to
access the application easier (see the operating system documentation).
46
COMPUTER PROTECTION STATUS
IN THIS SECTION:
Diagnostics and elimination of problems in your computer protection ............................................................................. 46
Enabling and disabling protection ................................................................................................................................... 48
Pausing and resuming protection .................................................................................................................................... 49
This section contains information about how to know whether your computer is protected at the moment, or if its security
is under threat, as well as how to eliminate emerging threats. In this section, you also can find information about
enabling, disabling, and pausing protection when working with Kaspersky Internet Security.
DIAGNOSTICS AND ELIMINATION OF PROBLEMS IN YOUR
COMPUTER PROTECTION
Problems with computer protection are indicated by the computer protection status indicator located in the top part of the
main application window (see section "Kaspersky Internet Security main window" on page 39). The indicator changes
color depending upon the host protection status: green means that the computer is protected, yellow indicates protectionrelated problems, red alerts of serious threats to computer security. You are advised to fix immediately the problems and
security threats.
Figure 8. Current computer protection status
C O M P U T E R P R O T E CT I O N S T A T U S
47
Clicking the indicator icon in the main application window opens the Protection state window (see the figure below)
containing detailed information about the status of computer protection and troubleshooting suggestions for the detected
problems and threats.
Figure 9. Resolving security problems
The Status tab of the Protection state window lists the protection-related problems including those caused by
deviations from the normal product operation mode (e.g., outdated databases). To address the issues, the product offers
the following options as further steps:
Eliminate immediately. Clicking the corresponding buttons will take you to the appropriate problem solution. This
is the recommended action.
Postpone elimination. If, for whatever reason, immediate elimination of the problem is not possible, you can
postpone this action and return to it later. To do so, click the Hide message button.
Note that postponing the elimination is not available for serious problems. Such problems include, for example,
malicious objects that were not disinfected, crashes of one or several components, or corruption of program
files.
U S E R G U I D E
48
To display in the common list the notifications hidden earlier, check the box Show hidden messages, which appears in
the bottom part of the tab when there are hidden messages.
You can use the Detected threats tab to view the list of revealed malware and riskware and select the operation which
will be performed over the objects (e.g., move to Quarantine). To select an operation, use the controls above the list and
the context menu for the listed records.
On the Report tab you can review the application activity reports (see section "Where to view the report on the
application's operation" on page 65).
ENABLING AND DISABLING PROTECTION
By default, Kaspersky Internet Security is launched when the operating system loads and protects your computer until it
is switched off. All protection components are running.
You can fully or partially disable the protection provided by Kaspersky Internet Security.
The Kaspersky Lab specialists strongly recommend that you do not disable protection, since this may lead to an infection
of your computer and data loss. If it is really necessary, we recommend that you pause protection for the required period
of time (see section "Pausing and resuming protection" on page 49).
When protection is disabled, all its components become inactive.
This is indicated by the following signs:
inactive (gray) application icon in the taskbar notification area (see section "Notification area icon" on page 37);
red color of the security indicator in the upper part of the main application window.
In this case, protection is discussed in the context of the protection components. Disabling or pausing protection
components does not affect the performance of virus scan tasks and Kaspersky Internet Security updates.
You can completely enable or disable protection in the application settings window (see section "Application settings
window" on page 43). You can enable or disable separate application components either in the settings window, or in the
main application window (see section "Kaspersky Internet Security main window" on page 39).
To completely enable or disable protection:
1. Open the application settings window.
2. In the left part of the window, select the Protection Center section, General Settings subsection.
3. Uncheck the Enable protection box if you need to disable protection. Check this box if you need to enable
protection.
To enable or disable a protection component in the settings window:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the component that should be enabled or
disabled.
3. In the right part of the window, uncheck the Enable <Component name> box if you need to disable this
component. Check this box if you need to enable the component.
C O M P U T E R P R O T E CT I O N S T A T U S
49
To enable or disable a protection component in the main application window:
1. Open the main application window and select the Protection Center section.
2. In the left part of the window, left-click the section that comprises the component being enabled or disabled.
3. Open the action selection menu by clicking the button with the name of the component on it. Select Enable
<Component name> if you need to enable this component, or select Disable <Component name> if you need
to disable it.
PAUSING AND RESUMING PROTECTION
Pausing protection means temporarily disabling all protection components for a certain period of time.
As a result of temporarily disabling protection, all protection components are paused.
This is indicated by the following signs:
inactive (gray) application icon in the taskbar notification area (see section "Notification area icon" on page 37);
red color of the security indicator in the upper part of the main application window.
In this case, protection is discussed in the context of the protection components. Disabling or pausing protection
components does not affect the performance of virus scan tasks and Kaspersky Internet Security updates.
If network connections were established at the same time as the protection was paused, a notification about termination
of such connections is displayed.
When working on a computer running under Microsoft Windows Vista or Microsoft Windows 7, you can pause protection
using Kaspersky Gadget. To do this, Kaspersky Gadget should be configured so that the option of opening the reports
window would be assigned to one of its buttons (see section "How to use Kaspersky Gadget" on page 67).
To pause the protection of your computer:
When enabling a component, the icon on its left goes green, when disabling it, the icon goes grey.
1. Open the Pause protection window using one of the following methods:
select Pause protection from the context menu of the application icon (see section "Context menu" on
page 38);
click the button with the Pause protection icon in the Kaspersky Gadget interface (only for Microsoft
Windows Vista and Microsoft Windows 7).
2. In the Pause protection window, select the time interval after which the protection should be resumed:
Pause for the specified time – protection will be enabled after the time interval specified in the field below.
Pause until reboot – protection will be enabled after the application is restarted or the operating system is
rebooted (provided that automatic application launch is enabled (see section "Enabling and disabling
automatic launch" on page 45)).
Pause – protection will only be enabled when you decide to resume it (please see further).
U S E R G U I D E
50
To resume computer protection,
select Resume protection from the context menu of the application icon (see section "Context menu" on page 38).
You can use this method to resume computer protection when the Pause option has been selected, or when you have
chosen to Pause for the specified time or Pause until reboot.
51
SOLVING TYPICAL TASKS
IN THIS SECTION:
How to activate the application ........................................................................................................................................ 51
How to purchase or renew license .................................................................................................................................. 52
What to do when the application's notifications appear ................................................................................................... 53
How to update application databases ............................................................................................................................. 53
How to scan critical areas of your computer for viruses .................................................................................................. 54
How to scan an object (file, folder, disk drive) for viruses ............................................................................................... 54
How to perform full scan of your computer for viruses .................................................................................................... 55
Scanning computer for vulnerabilities.............................................................................................................................. 56
How to protect your personal data against theft .............................................................................................................. 57
What to do if you suspect an object of being infected with a virus .................................................................................. 59
What to do with a large number of spam messages ....................................................................................................... 59
What to do if you suspect your computer of being infected ............................................................................................. 61
How to restore an object deleted or disinfected by the application .................................................................................. 62
How to create and use Rescue Disk ............................................................................................................................... 62
Where to view the report on the application's operation .................................................................................................. 65
How to restore application default settings ...................................................................................................................... 66
Transferring Kaspersky Internet Security settings to the product installed on another computer .................................... 67
How to use Kaspersky Gadget ........................................................................................................................................ 67
This section contains instructions for the basic tasks encountered by most users when working with the application.
HOW TO ACTIVATE THE APPLICATION
Activation is a procedure of activating a license that allows you to use a fully functional version of the application until the
license expires.
If you have not activated the application during installation, you can do so later. You will be reminded about the need to
activate the application by Kaspersky Internet Security messages appearing in the system tray.
U S E R G U I D E
52
To run the Kaspersky Internet Security activation wizard, perform one of the following actions:
Click the Please activate the application link in the Kaspersky Internet Security notice window appearing in
the system tray.
Click the License link in the bottom part of the main application window. In the License management window
that opens, click the Activate new license button.
Let us review the steps of the wizard in more detail.
Step 1. Selection of the license type and entry of the activation code
Make sure you have selected Activate commercial license in the Activation Wizard window, enter the
activation code (see section "About activation code" on page 35) in the corresponding field, and click the Next
button.
Step 2. Requesting for activation
At the first step, the Wizard sends a request to the activation server to obtain permission for activation of the
commercial version of the application. If the request is sent successfully, the Wizard automatically proceeds to
the next step.
Step 3. Entry of registration data
User registration is necessary for the user to be able to contact the Support Service. Unregistered users receive
only minimal support.
Specify your registration data and click the Next button.
Step 4. Activation
At this step, the Wizard connects with the activation server in order to finish the application activation and user
registration after which the Wizard automatically proceeds to the next window.
Step 5. Closing the Wizard
This window displays information on the results of activation: type of license used and license expiry date.
Click the Finish button to close the Wizard.
HOW TO PURCHASE OR RENEW LICENSE
If you have installed Kaspersky Internet Security without a license, you can purchase one after installation. When your
license expires, you can renew it. When purchasing or renewing a license, you receive an activation code that you
should use to activate the application (see section "How to activate the application" on page 51).
To purchase a license:
1. Open the main application window.
2. Click the Purchase license button in the bottom part of the window.
The eStore web page opens where you can purchase a license.
S O L VI N G T Y P I C A L T A S K S
53
To renew a license:
1. Open the main application window and click the License link in the bottom part of the main window.
The License management window opens.
2. Click the Renew license button.
WHAT TO DO WHEN THE APPLICATION'S NOTIFICATIONS
APPEAR
Application's notifications that appear in the taskbar notification area inform you of events occurring in the application's
operation and requiring your attention. Depending on how critical the event is, you may receive the following types of
notifications:
Critical notifications – inform you of events of crucial importance from the viewpoint of computer security: for
example, detection of a malicious object or dangerous activity in the system. If such notification is displayed,
you should immediately make a decision on further actions. The notification window of this type is red.
Important notifications – inform you of events which are potentially important from the viewpoint of computer
security: for example, detection of a potentially infected object or suspicious activity in the system. If such
notification is displayed, you should make a decision on how dangerous the detected object or process is, and
choose your further actions. The notification window of this type is yellow.
Information notifications – inform you of non-critical events. The notification window of this type is green.
If such notification is displayed on the screen, you should select one of the suggested options. Optimum option is the one
recommended by Kaspersky Lab experts by default.
The license renewal center web page opens where you can renew your license.
HOW TO UPDATE APPLICATION DATABASES
By default, Kaspersky Internet Security automatically checks for updates on Kaspersky Lab's update servers. If the
server contains new updates, the application downloads and installs them in silent mode. You can start Kaspersky
Internet Security update at any time.
To download updates from Kaspersky Lab servers, you should have an Internet connection established.
To start Kaspersky Internet Security update from the main application window:
1. Open the main application window and select the Update Center section in the left part of the window.
2. Click the Run Update button in the right part of the window.
Update information is displayed in the Update Center section of the main application window, as well as in the
application icon context menu.
U S E R G U I D E
54
HOW TO SCAN CRITICAL AREAS OF YOUR COMPUTER FOR
VIRUSES
Scan of critical areas consists of scanning the objects which are loaded at startup of the operating system, scanning the
system memory, boot sectors of the disk drive, and the objects that have been added by the user (see section "Creating
a list of objects to scan" on page 74).
You can start the scan of critical areas using one of the following methods:
using the shortcut created earlier (see page 78);
from the main application window (see section "Kaspersky Internet Security main window" on page 39).
To start the scan using a shortcut:
1. Open the Microsoft Windows Explorerwindow and go to the folder where you have created the shortcut.
2. Double-click the shortcut to start scan.
The task progress will be displayed in the Kaspersky Internet Security main window, in the Scan section, in the
Critical Areas Scan window that opens by clicking the Critical Areas Scan is in progress subsection in the
Scan section of the main window when scan is in progress; it is also displayed in the context menu of the
application icon.
To start scan from the main application window:
1. Open the main application window and select the Scan section in the left part of the window.
2. In the right part of the main application window, click the Run Critical Areas Scan button.
The task progress will be displayed in the Kaspersky Internet Security main window, in the Scan section, in the
Critical Areas Scan window that opens by clicking the Critical Areas Scan is in progress subsection in the
Scan section of the main window when scan is in progress; it is also displayed in the context menu of the
application icon.
HOW TO SCAN AN OBJECT (FILE, FOLDER, DISK DRIVE)
FOR VIRUSES
You can use the following methods to scan an object for viruses:
using the context menu of the object;
from the main application window (see section "Kaspersky Internet Security main window" on page 39);
using the Kaspersky Internet Security gadget (only for Microsoft Windows Vista and Microsoft Windows 7).
To start a virus scan task from the object context menu:
1. Open the Microsoft Windows Explorer window and go to the folder with the object that should be scanned.
2. Right-click to open the context menu of the object (see figure below) and select Scan for Viruses.
S O L VI N G T Y P I C A L T A S K S
55
The process and the results of the task will be displayed in the Virus Scan window that opens.
Figure 10. Context menu of an object in Microsoft Windows
To start scanning an object from the main application window:
1. Open the main application window and select the Scan section in the left part of the window.
2. Specify the object to scan, using one of the following methods:
Click the select link in the right part of the window to open the Custom Scan window, and check the boxes
next to the folders and drives that you need to scan. If the window displays no objects to scan, open the
Select object to scan window by clicking the Add link, and select objects to scan.
Drag an object to scan into the dedicated area of the main window (see figure below).
Task run progress is displayed in the Virus Scan window that opens.
Figure 11. Window area into which you should drag an object to scan
To scan an object for viruses using the gadget,
drag the object to scan onto the gadget.
Task run progress is displayed in the Virus Scan window that opens.
HOW TO PERFORM FULL SCAN OF YOUR COMPUTER FOR
VIRUSES
You can start full scan for viruses using one of the following methods:
using the shortcut created earlier (see page 78);
from the main application window (see section "Kaspersky Internet Security main window" on page 39).
U S E R G U I D E
56
To start the full scan using a shortcut:
1. Open Microsoft Windows Explorer and go to the folder where you have created the shortcut.
2. Double-click the shortcut to start scan.
The task progress will be displayed in the Kaspersky Internet Security main window, in the Scan section, in the
Full Scan window that you can open by clicking the Full Scan is in progress section in the Scan section of the
main window when scanning, and in the context menu of the application icon.
To start full scan from the main application window:
1. Open the main application window and select the Scan section in the left part of the window.
2. In the right part of the window, click the Run Full Scan button.
The task progress will be displayed in the Kaspersky Internet Security main window, in the Scan section, in the
Full Scan window that you can open by clicking the Full Scan is in progress section in the Scan section of the
main window when scanning, and in the context menu of the application icon.
SCANNING COMPUTER FOR VULNERABILITIES
Vulnerabilities are unprotected portions of software code which intruders may deliberately use for their purposes, for
example, to copy data used in unprotected applications. Scanning your computer for vulnerabilities helps you to reveal
any such weak points in your computer. You are advised to eliminate the detected vulnerabilities.
You can use the following methods to scan the system for vulnerabilities:
from the main application window (see section "Kaspersky Internet Security main window" on page 39);
using the shortcut created earlier.
To start the task using a shortcut:
1. Open the Microsoft Windows Explorer window and go to the folder where you have created the shortcut.
2. Double-click the shortcut to start the task scanning the system for vulnerabilities.
The task progress is displayed in the main application window.
To start the task from the application window:
1. Open the main application window and select the Tools section in the left part of the window.
2. Click the button Vulnerability Scan in the right part of the window.
3. In the displayed Vulnerability Scan window, click the button Run Vulnerability Scan in the upper part of the
window.
The task progress is displayed in the Finish field. To stop the task, click the Vulnerability Scan is in progress
button in the top part of the window.
S O L VI N G T Y P I C A L T A S K S
57
IN THIS SECTION:
Protection against phishing ............................................................................................................................................. 57
Virtual keyboard. ............................................................................................................................................................. 57
HOW TO PROTECT YOUR PERSONAL DATA AGAINST THEFT
With Kaspersky Internet Security, you can protect your personal data against theft; this includes items such as:
passwords, usernames, and other registration data;
numbers of accounts and banking cards.
Kaspersky Internet Security includes components and tools that allow you to protect your personal data against theft
attempts committed by hackers using such methods as phishing and interception of data entered at the keyboard.
Protection against phishing is ensured by Anti-Phishing implemented in the Web Anti-Virus, Anti-Spam, and IM Anti-Virus
components.
Protection against interception of data entered at the keyboard is ensured by the use of Virtual Keyboard.
PROTECTION AGAINST PHISHING
Phishing is a type of online fraud that involves tricking users into disclosing their credit card numbers, PIN codes and
other personal details with the objective of stealing funds.
Phishing often targets online banking users. Criminals create an exact copy of the website of a chosen bank and send
emails to customers on behalf of this bank. They claim that a malfunction or replacement of online banking system
software has resulted in the loss of user details, necessitating the user to confirm or modify such details on the bank's
website. Users click the link that takes them to the fake website, enter their details, which then end up in the hands of
criminals.
Protection against phishing is ensured by Anti-Phishing implemented in the Web Anti-Virus, Anti-Spam, and IM Anti-Virus
components. Enable these components to ensure comprehensive protection against phishing.
To enable components providing protection against phishing:
1. Open the main application window and select the Protection Center section in the left part of the window.
2. In the right part of the window, left-click to open the Online Security section.
3. Open the menu for selecting an action on the component by clicking the Anti-Phishing button and select
Enable Anti-Phishing item from the menu.
This action enables Anti-Phishing and all components that it makes part of.
VIRTUAL KEYBOARD.
When working on your computer, instances frequently occur when entering your personal data, or username and
password is required. That happens, for example, during account registration on web sites, web shopping or Internet
banking.
There is a risk that this personal information is intercepted using hardware keyboard interceptors or keyloggers, which
are programs that register keystrokes.
The Virtual Keyboard tool prevents the interception of data entered via the keyboard.
U S E R G U I D E
58
The Virtual Keyboard cannot protect your personal data if the website requiring the entry of such data has been hacked,
because in this case the information is obtained directly by the intruders.
Many of the applications classified as spyware have the function of making screenshots which then are transferred to an
intruder for further analysis and for stealing the user's personal data. Virtual Keyboard prevents the personal data being
entered from being intercepted with the use of screenshots.
Virtual Keyboard only prevents the interception of privacy data when working with Microsoft Internet Explorer and Mozilla
Firefox browsers.
Before you start using the Virtual Keyboard, please learn its peculiarities:
Before entering data from the Virtual Keyboard, make sure using the mouse pointer that the appropriate entry
field is selected.
You can press the Virtual Keyboard buttons with the mouse.
Unlike real keyboards, there is no way to press two keys simultaneously on the Virtual Keyboard. Therefore, to
use combinations of keys (e.g., ALT+F4), you have to press the fist key (e.g., ALT), then the next key (e.g., F4),
and then press the first key again. Second key press acts like key release on a real keyboard.
Input language for the Virtual Keyboard is toggled using the CTRL+SHIFT key combination (the SHIFT key
should be pressed using the right mouse button) or CTRL+LEFT ALT (the LEFT ALT key should be pressed
using the right mouse button) depending upon the specified settings.
You can open the Virtual Keyboard in the following ways:
from the context menu of the application icon;
from the main application window;
from the window of Microsoft Internet Explorer or Mozilla Firefox;
using keyboard shortcut.
To open the Virtual Keyboard from the context menu of the application icon,
select Tools Virtual Keyboard from the context menu of the application icon.
To open the Virtual Keyboard from the main application window:
1. Open the main application window and select the Safe Run section in the left part of the window.
2. Select the Virtual Keyboard section in the right part of the window.
To open the Virtual Keyboard for the browser's window,
click the Virtual Keyboard button in the toolbar of Microsoft Internet Explorer or Mozilla Firefox.
To open the Virtual Keyboard using computer keyboard,
use the following key combination: CTRL+ALT+SHIFT+P.
S O L VI N G T Y P I C A L T A S K S
59
WHAT TO DO IF YOU SUSPECT AN OBJECT OF BEING
INFECTED WITH A VIRUS
If you suspect an object of being infected, first scan it using Kaspersky Internet Security (see section "How to scan an
object (file, folder, disk drive) for viruses" on page 54).
If the application reports after scan that the object is not infected, though you think it is, you can do the following:
Move the object to Quarantine. Quarantined objects are stored in archives so they pose no threat to your
computer. After the databases are updated, Kaspersky Internet Security will probably be able to clearly identify
and eliminate the threat.
Send the object to Virus Lab. Virus Lab specialists scan the object. If it turns out to be infected with a virus, they
immediately add the description of the new virus into the databases that will be downloaded by the application
with an update (see section "How to update application databases" on page 53).
You can move an object to Quarantine using one of the two methods:
using the Move to Quarantine link in the Protection state window;
using the context menu of the object.
To move an object to Quarantine from the Protection state window:
1. Open the main application window.
2. Click the Quarantine link in the top part of the main window to open the Protection state window on the
Detected threats tab.
3. Click the Move to Quarantine link located over the list of threats.
4. In the window that opens, select the object that you want to move to Quarantine.
To move an object to Quarantine using the context menu:
1. Open Microsoft Windows Explorer and go to the folder with the object that you want to move to Quarantine.
2. Right-click to open the context menu of the object and select Move to Quarantine.
To send an object to Virus Lab:
1. Go to the Virus Lab request page (http://support.kaspersky.com/virlab/helpdesk.html).
2. Follow the instructions on this page to send your request.
WHAT TO DO WITH A LARGE NUMBER OF SPAM MESSAGES
If you receive large quantities of unsolicited mail (spam), enable the Anti-Spam component and set the recommended
security level. Then train the component using the Training Wizard. Correct spam recognition requires training using at
least 50 samples of useful messages and 50 samples of unwanted mail.
To enable Anti-Spam and set the recommended security level:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Anti-Spam component.
U S E R G U I D E
60
3. Check the Enable Anti-Spam box in the right part of the window.
4. In the Security level section, the security level should be set to Recommended by default.
If the security level is set to Low or Other, click the Default button. Security level will be automatically set to
Recommended.
To train Anti-Spam using the Training Wizard:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Anti-Spam component.
3. Click the Train button in the Anti-Spam training section within the right part of the window.
The Training Wizard window will open.
Detailed discussion of the wizard steps.
Step 1. Starting the Wizard
Click the Next button to start the training.
Step 2. Selecting folders containing good mail
At this stage, you can specify folders which contain good mail. You should only select folders which you are
absolutely sure contain good email messages.
Only Microsoft Office Outlook and Microsoft Outlook Express (Windows Mail) accounts are accessible.
Step 3. Selecting folders containing spam
At this stage you can specify folders containing unsolicited mail (spam). If you do not have such folders in your
email client application, skip this step.
Only Microsoft Office Outlook and Microsoft Outlook Express (Windows Mail) accounts are accessible.
Step 4. Training Anti-Spam
At this stage, the Anti-Spam component is trained using the folders selected during the previous steps. The
emails in those folders fill the Anti-Spam database. The senders of good mail are automatically added to the list
of allowed senders.
Step 5. Saving the training results
At this stage of the Wizard, you must save the training results using one of the following methods:
add training results into the existing Anti-Spam database (select Add the results to an existing Anti-
Spam database);
replace the current database with a database containing only the training results (select the option Create
new Anti-Spam databases).
Click the Finish button to close the Wizard.
S O L VI N G T Y P I C A L T A S KS
61
WHAT TO DO IF YOU SUSPECT YOUR COMPUTER OF BEING
INFECTED
If you suspect infection of your computer, use the System Restore Wizard neutralizing the consequences of malicious
activity in the system. Kaspersky Lab recommends that you run the Wizard after the computer has been disinfected to
make sure that all threats and damage caused by infections have been fixed.
The Wizard checks whether there are any changes to the system, such as: access to the network is blocked, known
format file extensions are changed, the toolbar is blocked, etc. Such damage can have various causes. The latter may
include the activity of malicious programs, incorrect system configuration, system failures or even incorrect operation of
system optimization applications.
After the review is complete, the Wizard analyzes the information to evaluate whether there is system damage which
requires immediate attention. Based on the review, a list of actions necessary to eliminate the problems is generated.
The Wizard groups these actions by categories based on the severity of the problems detected.
The wizard consists of a series of screens (steps) navigated using the Back and Next buttons. To close the wizard once
it completes its work, use the Finish button. To stop the wizard at any stage, use the Cancel button.
To start the System Restore Wizard:
1. Open the main application window and select the Tools section in the left part of the window.
2. In the right part of the window click the System Restore button.
Detailed discussion of the wizard steps.
Step 1. Starting system restore
Make sure that the wizard option to Search for problems caused by malware activity is selected and click
Next.
Step 2. Problems search
The Wizard will search for the problems and damage, which should be fixed. Once the search is complete, the
Wizard will proceed automatically to the next step.
Step 3. Selecting the troubleshooting actions
All damage found during the previous step is grouped on the basis of the type of danger it poses. For each
group of damage, Kaspersky Lab recommends a sequence of actions to repair the damage. There are three
groups of actions:
Strongly recommended actions eliminate problems posing a serious security threat. You are advised to
perform all actions in this group.
Recommended actions eliminate problems presenting a potential threat. You are advised to perform all
actions in this group as well.
Additional actions repair system damage which does not pose a current threat, but may pose a danger to
the computer's security in the future.
To view the actions within a group, click the + icon to the left of the group name.
To make the Wizard perform a certain action, check the box to the left of the corresponding action name. By
default, the Wizard performs all recommended and strongly recommended actions. If you do not wish to perform
a certain action, uncheck the box next to it.
U S E R G U I D E
62
Unchecking the boxes selected by default is strongly discouraged because doing so will leave your computer
IN THIS SECTION:
Creating the rescue disk.................................................................................................................................................. 63
Starting the computer from the rescue disk ..................................................................................................................... 65
vulnerable.
Having defined the set of actions, which the Wizard will perform, click Next.
Step 4. Eliminating problems
The Wizard will perform the actions selected during the previous step. The elimination of problems may take
some time. Once the troubleshooting is complete, the Wizard will proceed automatically to the next step.
Step 5. Closing the Wizard
Click the Finish button to close the Wizard.
HOW TO RESTORE AN OBJECT DELETED OR DISINFECTED
BY THE APPLICATION
Kaspersky Lab recommends that you avoid restoring deleted and disinfected objects since they may pose threats to your
computer.
If you want to restore a deleted or disinfected object, you can use a backup copy of it which has been created by the
application when scanning the object.
To restore an object that has been deleted or disinfected by the application:
1. Open the main application window.
2. Click the Quarantine link in the top part of the main window to open the Protection state window on the
Detected threats tab.
3. Select neutralized object to display by clicking the Neutralized link located over the list of threats.
The list of disinfected and deleted objects will be displayed on the Detected threats tab. Objects are grouped
with regard for their statuses. To display the list of objects in a group, click the + icon located to the left of the
group header.
4. Right-click to open the context menu of the object that you want to restore, and select Restore.
HOW TO CREATE AND USE RESCUE DISK
We recommend that you create Rescue Disk after you have installed and configured Kaspersky Internet Security,
scanned your computer, and made sure that it was not infected. You will further be able to use Rescue Disk for scanning
and disinfecting infected computers that cannot be disinfected using other methods (e.g., with anti-virus applications).
S O L VI N G T Y P I C A L T A S K S
63
CREATING THE RESCUE DISK
Creating the rescue disk means the creation of a disk image (ISO file) with up-to-date anti-virus databases and
configuration files.
The source disk image serving as a base for new file creation can be downloaded from Kaspersky Lab server or copied
from a local source.
You can create rescue disk using the Rescue Disk Creation Wizard. The rescuecd.iso file created by the Wizard is saved
on the hard drive of your computer:
in Microsoft Windows XP – in the following folder: Documents and Settings\All Users\Application
Data\Kaspersky Lab\AVP11\Data\Rdisk\;
in Microsoft Windows Vista and Microsoft Windows 7 – in the following folder: ProgramData\Kaspersky
Lab\AVP11\Data\Rdisk\.
The wizard consists of a series of screens (steps) navigated using the Back and Next buttons. To close the wizard once
it completes its work, use the Finish button. To stop the wizard at any stage, use the Cancel button.
To start the Rescue Disk Creation Wizard:
1. Open the main application window and select the Tools section in the left part of the window.
2. In the right part of the window click the Rescue Disk button.
Detailed discussion of the wizard steps.
Step 1. Searching for an existing disk image
If the Wizard has found a rescue disk image file created earlier in the dedicated folder (see above), you can
check the Use existing ISO image box to use this file as the original disk image and proceed to the Updating
image file step (see below). Uncheck this box if you do not want to use the disk image that has been found, and
the Wizard proceeds to the Select disk image source window.
If the Wizard cannot find any ISO file, this step is skipped, and the Wizard proceeds to the Select disk image
source window.
Step 2. Selecting the disk image source
If you have checked the Use existing ISO image box in the first wizard window, then this step will be skipped.
At this step, you should select the image file source from the list of options:
Select Copy ISO image from local or network drive if you already have a rescue disk or an image
prepared for it and stored on your computer or on a local network resource.
Select the Download ISO image from Kaspersky Lab server option if you do not have an image file, and
you want to download it from Kaspersky Lab server (file size is about 100 MB).
Step 3. Copying (downloading) disk image
If you have checked the Use existing ISO image box in the first wizard window, then this step will be skipped.
If you have selected the option of copying the image from a local source at the previous step (Copy ISO image
from local or network drive), you should specify the path to the ISO file at this current step. To do so, click the
U S E R G U I D E
64
Browse button. After you have specified the path to the file, click the Next button. The progress of disk image
copying is displayed in the Wizard window.
If you have selected Download ISO image from Kaspersky Lab server, the progress of disk image
downloading is displayed immediately.
When copying or downloading the ISO image is completed, the Wizard automatically proceeds to the next step.
Step 4. Updating image file
File update procedure includes:
update of anti-virus databases;
update of configuration files.
Configuration files determine the possibility of starting the computer from a removable disk or CD / DVD written
using a rescue disk image provided by the wizard.
When updating anti-virus databases, those distributed at the last update of Kaspersky Internet Security are
used. If the databases are obsolete, it is recommended to update and restart the rescue disk creation wizard.
To begin updating the ISO file, click the Next button. The progress of updating displays in the wizard window.
Step 5. Recording the image on a data medium
In this window, the Wizard informs you of a successful creation of Rescue Disk and offers you to record it on a
data medium.
Specify a data medium to record the ISO image:
Select Record to CD / DVD to record the image on a CD / DVD.
You will be offered to specify the CD / DVD on which the image should be recorded. After that, the ISO
image will be recorded on this CD / DVD. Recording process may take some time, please wait until it is
completed.
Select the Record to USB flash drive option to record the image on a removable drive.
Kaspersky Lab recommends that you do not record the ISO image on devices which are not designed
specifically for data storage, such as smartphones, cellphones, PDAs, and MP3 players. Recording ISO
images on these devices may lead to their incorrect functioning in the future.
You will be offered to specify the removable drive on which the image should be recorded. After that, the
image will be recorded on this removable drive. Recording process may take some time, please wait until it
is completed.
Select the Do not record option to cancel recording the image that you have created on a data medium.
In this case, the folder with the disk image file that you have created will open.
Step 6. Closing the Wizard
To finish with the Wizard, click the Finish button. You can use the disk that you have created for further loading
the computer (see page 65).
S O L VI N G T Y P I C A L T A S K S
65
STARTING THE COMPUTER FROM THE RESCUE DISK
If the operating system cannot be started as a result of a virus attack, use the rescue disk.
To boot the operating system, you should use a CD / DVD or removable drive with the rescue disk image (.iso) file
recorded on it (see section "Creating the rescue disk" on page 63).
Loading a computer from a removable drive cannot be performed in any conditions. In particular, this mode is not
supported by some obsolete computer models. Before shutting down your computer for further booting from a removable
drive, make sure that this operation can be performed.
To boot your computer from the Rescue Disk:
1. In the BIOS settings, enable booting from a CD / DVD or removable drive (for detailed information please refer
to the documentation for your computer's motherboard).
2. Insert a CD / DVD with the rescue disk image into the CD/DVD drive of an infected computer or connect a
removable drive to it.
3. Restart your computer.
For detailed information about the use of the Rescue Disk, please refer to the Kaspersky Rescue Disk User Guide.
WHERE TO VIEW THE REPORT ON THE APPLICATION'S
OPERATION
Kaspersky Internet Security creates operation reports for each component. Using a report, you can find out, for example,
how many malicious objects (such as viruses and Trojan programs) have been detected and eliminated by the
application during the specified period, how many times the application has been updated during the same period, how
many spam messages have been detected, and many other characteristics.
When working on a computer running under Microsoft Windows Vista or Microsoft Windows 7, you can open reports
using Kaspersky Gadget. To do this, Kaspersky Gadget should be configured so that the option of opening the reports
window would be assigned to one of its buttons (see section "How to use Kaspersky Gadget" on page 67).
To view the application operation report:
1. Open the Protection state window on the Report tab using one of the following methods:
click the Reports link in the top part of the main application window;
click the button with the Reports icon in the Kaspersky Gadget interface (only for Microsoft Windows
Vista and Microsoft Windows 7).
The Report tab displays application operation reports in diagram format.
2. If you want to view a detailed application operation report (for example, a report representing the operation of
each component), click the Detailed report button in the bottom part of the Report tab.
The Detailed report window opens where data are represented in a table. For a convenient view of reports, you
can select various options of entry sorting.
U S E R G U I D E
66
HOW TO RESTORE APPLICATION DEFAULT SETTINGS
You can always restore the settings of Kaspersky Internet Security which are recommended by Kaspersky Lab and
considered optimal. The settings can be restored using the Application Configuration Wizard.
When the Wizard completes its operations, the Recommended security level is set for all protection components. While
restoring the settings, you will also be offered to define which settings should or should not be kept for which components
together with restoring the recommended security level.
To restore protection settings:
1. Open the application settings window.
2. Run the Application Configuration Wizard using one of the following methods:
click the Restore link in the bottom part of the window;
in the left part of the window, select the Advanced Settings section, Manage Settings subsection, and
click the Restore button in the Restore default settings section.
Detailed discussion of the wizard steps.
Step 1. Starting the Wizard
Click the Next button in order to continue the work of the Wizard.
Step 2. Selecting settings to save
This window of the Wizard shows which Kaspersky Internet Security components have settings that are different
from the default value, either because they were changed by the user, or were changed because of
accumulated training by Kaspersky Internet Security (Firewall or Anti-Spam). If special settings have been
created for any of the components, they will also be shown in the window.
Special settings include the lists of allowed and blocked phrases and addresses used by Anti-Spam, lists of
trusted web addresses and ISP phone numbers, exclusion rules created for application components, Firewall's
packet and application filtering rules.
Those lists are created when working with Kaspersky Internet Security with regard to individual tasks and
security requirements. Creating the lists may take a long time, so you are advised to save them before restoring
the application's default settings.
Check the boxes for the settings that you want to save and click the Next button.
Step 3. Analyzing the system
At this stage, information about Microsoft Windows applications is collected. These applications are added to
the list of trusted applications which have no restrictions imposed on the actions they perform in respect of the
system.
Once the analysis is complete, the Wizard will proceed automatically to the next step.
Step 4. Finishing restoration
To finish with the Wizard, click the Finish button.
S O L VI N G T Y P I C A L T A S K S
67
TRANSFERRING KASPERSKY INTERNET SECURITY
SETTINGS TO THE PRODUCT INSTALLED ON ANOTHER
COMPUTER
Having configured the product, you can apply its settings in Kaspersky Internet Security installed on another computer.
Consequently, the application will be configured identically on both computers. This is a helpful feature when, for
example, Kaspersky Internet Security is installed on your home computer and in your office.
Application settings are stored in a special configuration file, which you can transfer to another computer. To do this:
1. Perform the Export procedure – save the application settings to a configuration file.
2. Move the file you have saved to another computer (for example, send it by email or use a removable data
medium).
3. Perform the Import procedure – apply the settings from the configuration file to the application installed on
another computer.
To export the current settings of Kaspersky Internet Security:
1. Open the application settings window.
2. Select the Manage Settings section in the left part of the window.
3. In the Restore default settings section, click the Save button.
4. In the window that opens enter the name of the configuration file and the path where it should be saved.
To import the application's settings from a saved configuration file:
1. Open the application settings window.
2. Select the Manage Settings section in the left part of the window.
3. In the Restore default settings section, click the Load button.
4. In the window that opens, select a file that you wish to import the Kaspersky Internet Security settings from.
HOW TO USE KASPERSKY GADGET
When using Kaspersky Internet Security on a computer running under Microsoft Windows Vista or Microsoft Windows 7,
you can also use the Kaspersky Gadget.
After you install Kaspersky Internet Security on a computer running under Microsoft Windows 7, the gadget appears on
your desktop automatically. After you install the application on a computer running under Microsoft Windows Vista, you
should add the gadget to Microsoft Windows Sidebar manually (see the operating system documentation).
Gadget color indicator displays your computer protection status in the same manner as the protection status indicator in
the main application window does (see section "Kaspersky Internet Security main window" on page 39). Green indicates
that your computer is duly protected, while yellow indicates that there are protection problems, and red indicates that
your computer' security is at serious risk. Grey color indicates that the application is stopped.
Gadget's appearance allows you to monitor update download: when updating databases and application modules is in
progress, a spinning globe icon appears in the center of the gadget.
U S E R G U I D E
68
You can use the gadget to perform the following main tasks:
run the application if it has been stopped;
open the main application window;
scan specified objects for viruses;
open the news window.
To run the application using the gadget,
click the Enable icon located in the center of the gadget.
To open the main application window using the gadget,
click the Kaspersky Internet Security icon located in the center of the gadget.
To scan an object for viruses using the gadget,
drag the object to scan onto the gadget.
Task run progress is displayed in the Virus Scan window that opens.
To open the news window using the gadget,
click the icon which is displayed in the center of the gadget when a piece of news is released.
Configuring the gadget
You can configure Gadget so that you can use its buttons to initiate the following actions:
edit the application settings;
view application reports;
enable applications run in safe mode;
switch to the safe desktop (only for 32-bit operating systems);
view Parental Control reports;
view information about network activity (Network Monitor);
pause protection.
Additionally, you can change the gadget's appearance by selecting another skin for it.
To configure the gadget:
1. Open the gadget settings window by clicking the icon that appears in the right top corner of the gadget block if
you roll over it with the mouse cursor.
2. From the Left icon and Right icon dropdown lists, select the actions that should be performed when clicking
the left and the right buttons of the gadget.
3. Select a skin for the gadget by clicking the buttons.
4. Click the OK button to save the changes that you have made.
69
ADVANCED APPLICATION SETTINGS
This section provides detailed information about each application component and describes the operation and
configuration algorithms for each component.
To adjust the advanced application settings, open the settings window using one of the following methods:
click the Settings link in the top part of the main application window;
select Settings from the context menu of the application icon.
U S E R G U I D E
70
IN THIS SECTION:
Selecting protection mode ............................................................................................................................................... 71
Computer scan ................................................................................................................................................................ 71
Update............................................................................................................................................................................. 78
File Anti-Virus .................................................................................................................................................................. 83
Mail Anti-Virus ................................................................................................................................................................. 89
Web Anti-Virus ................................................................................................................................................................ 94
IM Anti-Virus .................................................................................................................................................................. 101
Proactive Defense ......................................................................................................................................................... 103
System Watcher ............................................................................................................................................................ 105
Application Control ........................................................................................................................................................ 107
Network protection ........................................................................................................................................................ 116
Anti-Spam ..................................................................................................................................................................... 126
Anti-Banner ................................................................................................................................................................... 142
Safe Run ....................................................................................................................................................................... 145
Parental Control ............................................................................................................................................................ 150
Trusted zone ................................................................................................................................................................. 160
Performance and compatibility with other applications .................................................................................................. 161
Kaspersky Internet Security self-defense. ..................................................................................................................... 164
Quarantine and Backup storage .................................................................................................................................... 165
Additional tools for better protection of your computer .................................................................................................. 168
Reports.......................................................................................................................................................................... 172
Application appearance ................................................................................................................................................. 177
Notifications ................................................................................................................................................................... 179
Participating in the Kaspersky Security Network ........................................................................................................... 180
A D V A N C E D A P P L I C A T I O N S E T T I N G S
71
IN THIS SECTION:
Virus scan ....................................................................................................................................................................... 71
Vulnerability Scan. .......................................................................................................................................................... 78
SELECTING PROTECTION MODE
By default, Kaspersky Internet Security runs in automatic protection mode. In this mode the application automatically
applies actions recommended by Kaspersky Lab in response to dangerous events. If you wish Kaspersky Internet
Security to notify you of all hazardous and suspicious events in the system and to allow to decide which of the actions
offered by the application should be applied, you can enable interactive protection mode.
To select protection mode:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the General Settings subsection.
3. In the Interactive protection section check or uncheck the boxes depending on the selected protection mode:
to enable interactive protection mode, uncheck the Select action automatically;
to enable automatic protection mode, check the Select action automatically.
If you do not want Kaspersky Internet Security to delete suspicious objects when running in automatic
mode, check the Do not delete suspicious objects box.
COMPUTER SCAN
Scanning the computer for viruses and vulnerabilities is one of the most important tasks in ensuring the computer's
security. It is necessary to scan your computer for viruses on a regular basis in order to rule out the possibility of
spreading malicious programs that have not been discovered by security components, for example, because the security
level was set to low or for other reasons.
Vulnerability scan performs the diagnostics of operating system and detects software features that can be used by
intruders to spread malicious objects and obtain access to personal information.
The following sections contain detailed information about scan tasks features and configuration, security levels, scan
methods, and scan technologies.
VIRUS SCAN
Kaspersky Internet Security comprises the following tasks to scan for viruses:
Custom Scan. Scan of objects selected by the user. You can scan any object of the computer's file system
from the following list: system memory, objects loaded on startup, system backup, email databases, hard drives,
removable storage media and network drives.
Full Scan. A thorough scan of the entire system. The following objects are scanned by default: system memory,
objects loaded on startup, system backup, email databases, hard drives, removable storage media and network
drives.
Critical Areas Scan. Virus scan of operating system startup objects.
U S E R G U I D E
72
The Full Scan and the Critical Areas Scan tasks have their peculiarities. For these tasks, it is not recommended to edit
IN THIS SECTION:
Changing and restoring security level ............................................................................................................................. 73
Creating the scan startup schedule ................................................................................................................................. 73
Creating a list of objects to scan ..................................................................................................................................... 74
Selecting the scan method .............................................................................................................................................. 75
Selecting the scan technology ......................................................................................................................................... 75
Changing actions to be performed on detected objects .................................................................................................. 75
Running scan under a different user account .................................................................................................................. 75
Changing the type of objects to scan .............................................................................................................................. 76
Scan of compound files ................................................................................................................................................... 76
Scan optimization ............................................................................................................................................................ 77
Scanning removable drives on connection ...................................................................................................................... 77
Creating a task shortcut .................................................................................................................................................. 78
the lists of objects to scan.
Each scan task is performed in the specified area and can be started according to the schedule created. Each scan task
is characterized with a security level (combination of settings that impact the depth of the scan). By default, the mode of
using application's database records to search for threats is always enabled. You can also apply various scan methods
and technologies (see page 75).
After the virus scan task starts, its progress is displayed under the name of the task started in the Scan section of the
main application window.
If a threat is detected, Kaspersky Internet Security assigns one of the following statuses to the found object:
malicious program (such as a virus or Trojan);
potentially infected (suspicious) status if the scan cannot determine whether the object is infected or not. The file
may contain a sequence of code appropriate for viruses, or modified code from a known virus.
The application displays a notification about detected threat and performs the assigned action. You can change actions
to be performed on detected threat.
If you work in automatic mode (see section "Selecting protection mode" on page 71), Kaspersky Internet Security will
automatically apply the action recommended by Kaspersky Lab specialists when dangerous objects are detected. For
malicious objects this action is Disinfect. Delete if disinfection fails, for suspicious objects – Move to Quarantine.
Before attempting to disinfect or delete an infected object, Kaspersky Internet Security creates a backup copy for
subsequent restoration or disinfection. Suspicious (potentially infected) objects are quarantined. You can enable the auto
scan for quarantined objects after each update.
Information on the scan results and events, which have occurred during the execution of the task, is logged in a
Kaspersky Internet Security report.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
73
CHANGING AND RESTORING SECURITY LEVEL
Depending on your current needs, you can select one of the preset security levels, or modify the scan settings manually.
When configuring scan task settings, you can always restore the recommended ones. They are considered optimal,
recommended by Kaspersky Lab, and grouped in the Recommended security level.
To change the defined security level, perform the following actions:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the required task (Full Scan, Critical Areas Scan, or
Custom Scan).
3. In the Security level section, set the required security level for the task selected, or click the Settings button to
modify scan settings manually.
If you modify the settings manually, the name of the security level will change to Custom.
To restore the default scan settings:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the required task (Full Scan, Critical Areas Scan, or
Custom Scan).
3. In the Security level section, click the Default level button for the task selected.
CREATING THE SCAN STARTUP SCHEDULE
You can create a schedule to automatically start virus scan tasks: specify task run frequency, start time (if necessary),
and advanced settings.
If it is not possible to start the task for any reason (for example, the computer was not on at that time), you can configure
the skipped task to start automatically as soon as it becomes possible. You can automatically pause the scan when a
screensaver is inactive or the computer is unlocked. This functionality postpones the launch until the user has finished
working on the computer. The scan will then not take up system resources during the work.
Special Idle Scan mode (see section "Running tasks on idle computer" on page 163) allows you to start scan of the
system memory, system partition, and startup objects when your computer is idle.
To modify a schedule for scan tasks:
1. Open the application settings window.
2. In the left part of the window, select the required task in the Scan (Full Scan, Critical Areas Scan, Custom
Scan, or Vulnerability Scan) section.
3. In the Run mode section, click the Settings button for the task selected.
4. In the window that opens, on the Run mode tab select the required startup mode in the Schedule section.
U S E R G U I D E
74
To enable automatic launch of skipped task:
1. Open the application settings window.
2. In the left part of the window, select the required task in the Scan (Full Scan, Critical Areas Scan, Custom
Scan, or Vulnerability Scan) section.
3. In the Run mode section, click the Settings button for the task selected.
4. In the window that opens, on the Run mode tab, in the Schedule section, check the Run skipped tasks
box.
To launch scans only when the computer is not being used:
1. Open the application settings window.
2. In the left part of the window, select the required task in the Scan (Full Scan, Critical Areas Scan, Custom
Scan, or Vulnerability Scan) section.
3. In the Run mode section, click the Settings button for the task selected.
4. In the window that opens, on the Run mode tab, in the Schedule section, check the Pause scheduled scan
when screensaver is inactive and computer is unlocked box.
CREATING A LIST OF OBJECTS TO SCAN
Each virus scan task has its own default list of objects. These objects may include items in the computer's file system,
such as logical drives and email databases, or other types of objects such as network drives. You can edit this list.
If the scan scope is empty, or it contains no selected objects, a scan task cannot be started.
To create a list of objects for an object scan task:
1. Open the main application window.
2. In the left part of the window, select the Scan section.
3. In the right part of the window click the select link to open the list of objects for scanning.
4. In the displayed Custom Scan window, click the Add link to open the object addition dialog.
5. In the Select object to scan window that opens, select the required object and click the Add button. Click the
OK button after you have added all the objects you need. To exclude any objects from the list of objects to be
scanned, uncheck the boxes next to them.
You can also drag files to be scanned directly into a marked area located in the Scan section.
To create the list of objects for quick scan or full scan tasks:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the Full Scan or Critical Areas Scan task.
3. In the Scan scope section, click the Settings button for the task selected.
4. In the <Scan task name>: scan scope window that opens, create the list using the Add, Configure, Delete
links. To exclude any objects from the list of objects to be scanned, uncheck the boxes next to them.
Objects which appear on the list by default cannot be edited or deleted.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
75
SELECTING THE SCAN METHOD
During virus scan, signature analysis is always used: Kaspersky Internet Security compares the object found with the
database records.
You can use the additional scan methods to increase the scan efficiency: heuristic analysis (analysis of the actions an
object performs within the system) and rootkit scan (tools that can hide malicious programs in your operating system).
To specify which scan method to use:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the required task (Full Scan, Critical Areas Scan, or
Custom Scan).
3. In the Security level section, click the Settings button for the task selected.
4. In the window that opens, on the Additional tab, in the Scan methods section, select the required values for
the settings.
SELECTING THE SCAN TECHNOLOGY
In addition to the scan methods you can use special technologies, allowing you to increase the virus scan speed by
excluding the files that have not been modified since they were last scanned.
To enable the object scan technologies:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the required task (Full Scan, Critical Areas Scan, or
Custom Scan).
3. In the Security level section, click the Settings button for the task selected.
4. In the window that opens, on the Additional tab, in the Scan technologies section, select the required values.
CHANGING ACTIONS TO BE PERFORMED ON DETECTED OBJECTS
If infected or potentially infected objects are detected, the application performs the specified action.
To change the action to be performed on detected objects:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the required task (Full Scan, Critical Areas Scan, or
Custom Scan).
3. In the right part of the window, select in the Action on threat detection section the required option.
RUNNING SCAN UNDER A DIFFERENT USER ACCOUNT
By default, the scan tasks are run under your system account. However, you may need to run task under a different user
account. You can specify an account to be used by the application when performing a scan task.
To start the scan under a different user's account:
1. Open the application settings window.
U S E R G U I D E
76
2. In the left part of the window, select the required task in the Scan (Full Scan, Critical Areas Scan, Custom
Scan, or Vulnerability Scan) section.
3. In the Run mode section, click the Settings button for the task selected.
4. In the window that opens, on the Run mode tab, in the User account section, check the Run task as box.
Specify the user name and password.
CHANGING THE TYPE OF OBJECTS TO SCAN
When specifying the type of objects to scan, you establish which file formats and sizes will be scanned for viruses when
the selected scan task runs.
When selecting file types please remember the following:
Probability of malicious code penetrating several file formats (such as .txt) and its further activation is quite low.
At the same time, there are formats that contain or may contain an executable code (such as .exe, .dll, .doc).
The risk of penetrating and activating malicious code in such files is quite high.
The intruder can send a virus to your computer in an executable file renamed as txt file. If you have selected the
scan of files by extension, such a file is skipped by the scan. If the scan of files by format is selected, then,
regardless of the extension, File Anti-Virus will analyze the file header, and reveal that the file is an .exe file.
Such a file would be thoroughly scanned for viruses.
To change the type of scanned objects:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the required task (Full Scan, Critical Areas Scan, or
Custom Scan).
3. In the Security level section, click the Settings button for the task selected.
4. In the window that opens, on the Scope tab, in the File types section, select the required option.
SCAN OF COMPOUND FILES
A common method of concealing viruses is to embed them into compound files: archives, databases, etc. To detect
viruses that are hidden in this way a compound file should be unpacked, which can significantly lower the scan speed.
For each type of compound file, you can select to scan either all files or only new ones. To make your selection, click the
link next to the name of the object. It changes its value when you left-click on it. If you select the scan new and changed
files only scan mode (see page 77), you will not be able to select the links allowing you to scan all or new only files.
You can restrict the maximum size of the compound file being scanned. Compound files larger than the specified value
will not be scanned.
When large files are extracted from archives, they will be scanned even if the Do not unpack large compound files
box is checked.
To modify the list of scanned compound files:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the required task (Full Scan, Critical Areas Scan, or
Custom Scan).
3. In the Security level section, click the Settings button for the task selected.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
77
4. In the window that opens, on the Scope tab, in the Scan of compound files section, select the required types
of compound files to be scanned.
In order to set the maximum size of compound files to be scanned:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the required task (Full Scan, Critical Areas Scan, or
Custom Scan).
3. In the Security level section, click the Settings button for the task selected.
4. In the window that opens, on the Scope tab, in the Scan of compound files section, click the Additional
button.
5. In the Compound files window that opens, check the Do not unpack large compound files box and
specify the maximum file size.
SCAN OPTIMIZATION
You can shorten the scan time and speed up Kaspersky Internet Security. This can be achieved by scanning only new
files and those files that have altered since the last time they were scanned. This mode applies both to simple and
compound files.
You can also set a restriction on scan duration for a file. Once the specified time period has elapsed, the file will be
excluded from the current scan.
To scan only new and changed files:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the required task (Full Scan, Critical Areas Scan, or
Custom Scan).
3. In the Security level section, click the Settings button for the task selected.
4. In the window that opens, on the Scope tab, in the Scan optimization section, check the Scan only new
and changed files box.
To set a restriction on scan duration:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select the required task (Full Scan, Critical Areas Scan, or
Custom Scan).
3. In the Security level section, click the Settings button for the task selected.
4. In the window that opens, on the Scope tab, in the Scan optimization section, check the Skip files
scanned longer than box and specify the scan duration for a file.
SCANNING REMOVABLE DRIVES ON CONNECTION
Nowadays, malicious objects using operating systems' vulnerabilities to replicate via networks and removable media
have become increasingly widespread. Kaspersky Internet Security allows to scan removable drives when connecting
them to the computer.
To configure scanning of removable media at connection:
1. Open the application settings window.
U S E R G U I D E
78
2. In the left part of the window, in the Scan section, select General Settings.
3. In the Scan removable drives on connection section, select the action and define the maximum size of a
drive to scan in the field below, if necessary.
CREATING A TASK SHORTCUT
The application provides the option of creating shortcuts for a quick start of full, quick and vulnerability scan tasks. This
can start the required scan without opening the main application window or the context menu.
To create a shortcut to start a scan:
1. Open the application settings window.
2. In the left part of the window, in the Scan section, select General Settings.
3. In the right part of the window, in the Scan tasks quick run section, click the Create shortcut button next to
the name of the required task (Critical Areas Scan, Full Scan, or Vulnerability Scan).
4. Specify the path for saving a shortcut and its name in the window that opens. By default, the shortcut is created
with the name of a task in the My Computer folder of the current computer user.
VULNERABILITY SCAN.
Vulnerabilities of the operating system could be caused by programming or engineering mistakes, unreliable passwords,
malicious programs’ activity, and so on. When scanning for vulnerabilities, the application analyzes the system, searches
for anomalies and damaged settings of the operating system and web browser, looks for vulnerable services and takes
other security-related precautions.
The diagnostics may take some time. When it is complete, found problems are analyzed from the perspective of a
possible threat to the system.
After the vulnerability scan task start (see page 56), its progress is displayed in the Vulnerability Scan window, in the
Finish field. Vulnerabilities detected when scanning the system and applications, are displayed in the same window, on
the System vulnerabilities and Vulnerable applications tabs.
When searching for threats, information on the results is logged in a Kaspersky Internet Security report.
As with virus scan tasks, you can set a start schedule for a vulnerability scan task, create a list of objects to scan (see
page 74), specify an account (see section "Running scan under a different user account" on page 75) and create a
shortcut for quick start of a task. By default, the applications already installed on the computer are selected as scan
objects.
UPDATE
Updating databases and program modules of Kaspersky Internet Security ensures the up-to-date protection status for
your computer. New viruses, Trojans, and other types of malware appear worldwide on a daily basis. Kaspersky Internet
Security databases contain information about threats and ways of eliminating them, so regular application update is
required for ensuring your computer's security and for timely detection of new threats.
Regular update requires an active license for application usage. Without a license, you will only be able to update the
application once.
Application update downloads and installs the following updates on your computer:
Kaspersky Internet Security databases.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
79
IN THIS SECTION:
Selecting an update source ............................................................................................................................................. 80
Selecting the update server region .................................................................................................................................. 80
Updating from a local folder ............................................................................................................................................ 81
Creating the update startup schedule ............................................................................................................................. 81
Rolling back the last update ............................................................................................................................................ 82
Scanning Quarantine after update .................................................................................................................................. 82
Using the proxy server .................................................................................................................................................... 83
Running updates under a different user account ............................................................................................................. 83
The protection of information is based on databases which contain signatures of threats and network attacks,
and the methods used to fight them. Protection components use these databases to search for and disinfect
dangerous objects on your computer. The databases are supplemented every hour with records of new threats.
Therefore, you are advised to update them on a regular basis.
In addition to the Kaspersky Internet Security databases, the network drivers that enable the application's
components to intercept network traffic are updated.
Application modules.
In addition to the databases of Kaspersky Internet Security, you can also update the program modules. The
update packages fix Kaspersky Internet Security's vulnerabilities, and supplement or improve the existing
functionality.
The main update source of Kaspersky Internet Security are special Kaspersky Lab update servers. While updating
Kaspersky Internet Security, you can copy database and program module updates received from Kaspersky Lab servers
into a local folder, providing access to other networked computers. This saves Internet traffic.
You can also modify automatic update startup settings.
Your computer should be connected to the Internet for successful downloading of updates from our servers. By default,
the Internet connection settings are determined automatically. If you use a proxy server, you may need to adjust the
connection settings.
When performing updates (see page 125), the application modules and databases on your computer are compared with
the up-to-date version at the update source. If your current databases and modules differ from those in the actual version
of the application, the lacking portion of updates will be installed on your computer.
If the databases are outdated, the update package may be large, which may cause additional Internet traffic (up to
several dozen MB).
Prior to updating the databases, Kaspersky Internet Security creates backup copies of them if you want to roll back to the
previous version of databases.
Information about the current condition of Kaspersky Internet Security databases is displayed in the Update Center
section of the main application window.
Information on the update results and events, which have occurred during the execution of the update task, is logged in a
Kaspersky Internet Security report.
U S E R G UIDE
80
SELECTING AN UPDATE SOURCE
The update source is a resource containing updates for databases and application modules of Kaspersky Internet
Security. You can specify HTTP/FTP servers, local and network folders as update sources.
The main update sources are Kaspersky Lab update servers where database updates and application module updates
for all Kaspersky Lab products are stored.
If you do not have access to Kaspersky Lab's update servers (for example, the access to the Internet is restricted), you
can call the Kaspersky Lab headquarters (http://www.kaspersky.ru/contacts) to request contact information of Kaspersky
Lab partners who can provide you with updates on removable media.
When ordering updates on removable media, please specify whether you also require updates for the application
modules.
By default, the list of update sources contains only Kaspersky Lab's update servers. If several resources are selected as
update sources, Kaspersky Internet Security tries to connect to them one after another, starting from the top of the list,
and retrieves the updates from the first available source.
If you select a resource outside the LAN as an update source, you must have an Internet connection to update.
To choose an update source:
1. Open the application settings window.
2. In the left part of the window, in the Update Center section, select the Update Settings component.
3. Click the Settings button in the Update source section.
4. In the window that opens, on the Source tab, open the selection window by clicking the Add link.
5. In the Select update source window that opens, select the folder that contains the updates, or enter an
address in the Source field to specify the server from which the updates should be downloaded.
SELECTING THE UPDATE SERVER REGION
If you use Kaspersky Lab servers as the update source, you can select the optimal server location when downloading
updates. Kaspersky Lab servers are located in several countries.
Using the closest Kaspersky Lab update server allows you to reduce the time period required for receiving updates and
increase the operation performance speed. By default, the application uses information about the current region from the
operating system's registry. You can select the region manually.
To select the server region:
1. Open the application settings window.
2. In the left part of the window, in the Update Center section, select the Update Settings component.
3. Click the Settings button in the Update source section.
4. In the window that opens, on the Source tab, in the Regional settings section, select the Select from the
list option, and then select the country nearest to your current location from the dropdown list.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
81
UPDATING FROM A LOCAL FOLDER
To save Internet traffic, you can configure update of Kaspersky Internet Security from a local folder when updating the
application on networked computers. If done, one of the networked computers receives an update package from
Kaspersky Lab servers or from another web resource that contains the required set of updates. The received updates
are copied into a shared folder. Other networked computers access this folder to receive updates for Kaspersky Internet
Security.
To enable updates distribution mode:
1. Open the application settings window.
2. In the left part of the window, in the Update Center section, select the Update Settings component.
3. Check the Copy updates to folder box in the Additional section and specify the path to a public folder
where all downloaded updates are copied in the field below. You can also select a folder by clicking the Browse
button.
To enable updating the application on a specified computer from the shared folder you have selected:
1. Open the application settings window.
2. In the left part of the window, in the Update Center section, select the Update Settings component.
3. Click the Settings button in the Update source section.
4. In the window that opens, on the Source tab, open the selection window by clicking the Add link.
5. In the Select update source window that opens, select a folder or enter the full path to it in the Source field.
6. Uncheck the Kaspersky Lab's update servers box on the Source tab.
CREATING THE UPDATE STARTUP SCHEDULE
You can create a schedule to automatically start an update task: specify task run frequency, start time (if necessary), and
advanced settings.
If it is not possible to start the task for any reason (for example, the computer was not on at that time), you can configure
the skipped task to start automatically as soon as it becomes possible.
You can also postpone automatic startup of the task after the application is started. Note that all scheduled tasks will be
run only after the specified time interval elapses since the startup of Kaspersky Internet Security.
Special Idle Scan mode (see section "Running tasks on idle computer" on page 163) allows you to start automatic
updates when your computer is idle.
To configure the update task startup schedule:
1. Open the application settings window.
2. In the left part of the window, in the Update Center section, select the Update Settings component.
3. Click the Settings button in the Run mode section.
4. In the window that opens, on the Run mode tab select the required startup mode in the Schedule section.
To enable automatic launch of skipped task:
1. Open the application settings window.
U S E R G U I D E
82
2. In the left part of the window, in the Update Center section, select the Update Settings component.
3. Click the Settings button in the Run mode section.
4. In the window that opens, on the Run mode tab, in the Schedule section, check the Run skipped tasks
box.
To postpone task run after the application startup:
1. Open the application settings window.
2. In the left part of the window, in the Update Center section, select the Update Settings component.
3. Click the Settings button in the Run mode section.
4. In the window that opens, on the Run mode tab, in the Schedule section, check the Postpone running
after application startup for box and specify the time interval for which task run should be postponed.
ROLLING BACK THE LAST UPDATE
After first update of Kaspersky Internet Security databases and program modules, the option of rolling back to the
previous databases becomes available.
At the start of the update process, Kaspersky Internet Security creates a backup copy of the current databases and
application modules. If necessary, you can restore the previous databases. Update roll back feature is useful in case the
new databases version contains an invalid signature that makes Kaspersky Internet Security block a safe application.
In the event of Kaspersky Internet Security database damage it is recommended to launch update to download a valid
set of databases for up-to-date protection.
To roll back to the previous database version:
1. Open the main application window.
2. Select the Update Center section in the left part of the window.
3. Click the Roll back to previous databases button in the right part of the window.
SCANNING QUARANTINE AFTER UPDATE
If the application has scanned an object and has not found out what malicious programs have infected it, the object is
quarantined. After the next database update, the product may be able to recognize the threat unambiguously and
neutralize it. You can enable the auto scan for quarantined objects after each update.
For this reason, the application scans quarantined objects after each update. Scanning may change their status. Some
objects can then be restored to the previous locations, and you will be able to continue working with them.
To enable scanning quarantined files after update:
1. Open the application settings window.
2. In the left part of the window, in the Update Center section, select the Update Settings component.
3. Check the Rescan Quarantine after update box in the Additional section.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
83
USING THE PROXY SERVER
If you use a proxy server for Internet connection, you should reconfigure it to allow proper update of Kaspersky Internet
Security.
To configure the proxy server:
1. Open the application settings window.
2. In the left part of the window, in the Update section, select the Update Settings component.
3. Click the Settings button in the Update source section.
4. In the window that opens, on the Source tab, click the Proxy server button.
5. Configure the proxy server settings in the Proxy server settings window that opens.
RUNNING UPDATES UNDER A DIFFERENT USER ACCOUNT
By default, the update procedure is run under your system account. However, Kaspersky Internet Security can update
from a source for which you have no access rights (for example, from a network folder containing updates) or authorized
proxy user credentials. You can run Kaspersky Internet Security updates on behalf of the user account that has such
rights.
To start the update under a different user's account:
1. Open the application settings window.
2. In the left part of the window, in the Update Center section, select the Update Settings component.
3. Click the Settings button in the Run mode section.
4. In the window that opens, on the Run mode tab, in the User account section, check the Run task as box.
Specify the user name and password.
FILE ANTI-VIRUS
File Anti-Virus prevents infection of the computer's file system. The components starts at startup of the operating system,
continuously remains in the computer's RAM, and scans all files being opened, saved, or launched on your computer and
all connected drives.
You can create the protection scope and set the security level (collection of settings that determine the scan's
thoroughness).
When the user or a program attempts to access a protected file, File Anti-Virus checks if the iChecker and iSwift
databases contain information about this file, and makes a decision on whether the file should be scanned or not.
By default, the mode of using application's database records to search for threats is always enabled. Additionally, you
can apply heuristic analysis (see page 87) and various scan technologies (see page 87).
If a threat is detected, Kaspersky Internet Security assigns one of the following statuses to the found object:
malicious program (such as a virus or Trojan);
potentially infected (suspicious) status if the scan cannot determine whether the object is infected or not. The file
may contain a sequence of code appropriate for viruses, or modified code from a known virus.
U S E R G U I D E
84
The application displays a notification about detected threat and performs the assigned action. You can change actions
IN THIS SECTION:
Enabling and disabling File Anti-Virus ............................................................................................................................. 84
Automatically pausing File Anti-Virus .............................................................................................................................. 84
Creating a protection scope ............................................................................................................................................ 85
Changing and restoring security level ............................................................................................................................. 86
Selecting scan mode ....................................................................................................................................................... 86
Using heuristic analysis ................................................................................................................................................... 87
Selecting the scan technology ......................................................................................................................................... 87
Changing actions to be performed on detected objects .................................................................................................. 87
Scan of compound files ................................................................................................................................................... 87
Scan optimization ............................................................................................................................................................ 88
to be performed on detected threat.
If you work in automatic mode (see section "Selecting protection mode" on page 71), Kaspersky Internet Security will
automatically apply the action recommended by Kaspersky Lab specialists when dangerous objects are detected. For
malicious objects this action is Disinfect. Delete if disinfection fails, for suspicious objects – Move to Quarantine.
Before attempting to disinfect or delete an infected object, Kaspersky Internet Security creates a backup copy for
subsequent restoration or disinfection. Suspicious (potentially infected) objects are quarantined. You can enable the auto
scan for quarantined objects after each update.
ENABLING AND DISABLING FILE ANTI-VIRUS
By default, File Anti-Virus is enabled, functioning in normal mode. You can disable File Anti-Virus, if necessary.
To disable File Anti-Virus:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Uncheck the Enable File Anti-Virus box in the right part of the window.
AUTOMATICALLY PAUSING FILE ANTI-VIRUS
When carrying out resource-intensive works, you can pause File Anti-Virus. To reduce workload and ensure quick
access to objects, you can configure automatic pausing of the component at a specified time or when handling specified
programs.
Pausing File Anti-Virus when it conflicts with some programs is an emergency operation! If any conflicts arise when
working with the component, please contact Kaspersky Lab Technical Support Service (http://support.kaspersky.com).
The support specialists will help you resolve the simultaneous operation of Kaspersky Internet Security with other
applications on your computer.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
85
To pause the component at a specified time:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Settings button in the Security level section in the right part of the window.
4. In the window that opens, on the Additional tab, in the Pause task section, check the By schedule box and
click the Schedule button.
5. In the Pause task window, specify the time (in 24-hour hh:mm format) for which protection will be paused
(Pause task at and Resume task at fields).
To pause the component when running specified applications:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Settings button in the Security level section in the right part of the window.
4. In the window that opens, on the Additional tab, in the Pause task section, check the At application
startup box and click the Select button.
5. In the Applications window create a list of applications which pause the component when running.
CREATING A PROTECTION SCOPE
Protection scope is the location of objects being scanned and the types of files to be scanned. By default, Kaspersky
Internet Security scans only potentially infectable files stored on any hard drive, network drive or removable media.
You can expand or restrict the protection scope by adding / removing objects to be scanned or changing the type of files
to be scanned. For example, you can only select EXE files run from network drives to be scanned.
When selecting file types please remember the following:
Probability of malicious code penetrating several file formats (such as .txt) and its further activation is quite low.
At the same time, there are formats that contain or may contain an executable code (such as .exe, .dll, .doc).
The risk of penetrating and activating malicious code in such files is quite high.
The intruder can send a virus to your computer in an executable file renamed as txt file. If you have selected the
scan of files by extension, such a file is skipped by the scan. If the scan of files by format is selected, then,
regardless of the extension, File Anti-Virus will analyze the file header, and reveal that the file is an .exe file.
Such a file would be thoroughly scanned for viruses.
To edit the object scan list:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Settings button in the right part of the window.
4. In the window that opens, on the General tab, in the Protection scope section, open the object selection
window by clicking the Add link.
5. In the Select object to scan window, select an object and click the Add button.
6. After you have added all required objects, click the OK button in the Select object to scan window.
U S E R G U I D E
86
7. To remove an object from the scan list, uncheck the box next to it.
To change the type of scanned objects:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Settings button in the right part of the window.
4. In the window that opens, on the General tab, in the File types section, select the required settings.
CHANGING AND RESTORING SECURITY LEVEL
Depending on your actual needs, you can select one of the preset file/memory security levels or configure File Anti-Virus
on your own.
When configuring File Anti-Virus, you can always roll back to the recommended settings. These settings are considered
optimal, recommended by Kaspersky Lab, and grouped in the Recommended security level.
To change the current file and memory security level:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. In the right part of the window, in the Security level section, set the required security level, or click the Settings
button to modify the settings manually.
If you modify the settings manually, the name of the security level will change to Custom.
To restore the default protection settings:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Default level button in the Security level section in the right part of the window.
SELECTING SCAN MODE
The scan mode is the condition which triggers File Anti-Virus into activity. The default setting for Kaspersky Internet
Security is smart mode, which determines if the object is subject to scanning on the basis of the actions performed in
respect of it. For example, when working with a Microsoft Office document, Kaspersky Internet Security scans the file
when it is first opened and last closed. Intermediate operations that overwrite the file do not cause it to be scanned.
You can change the object scan mode. The scan mode should be selected depending on the files you work with most of
the time.
To change the object scan mode:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Settings button in the Security level section in the right part of the window.
4. In the window that opens on the Additional tab, in the Scan mode section, select the required mode.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
87
USING HEURISTIC ANALYSIS
During File Anti-Virus operation, signature analysis is always used: Kaspersky Internet Security compares the object
found with the database records.
To improve protection efficiency, you can use the heuristic analysis (i.e., analysis of activity that an object performs in the
system). This analysis allows detecting new malicious objects which are not yet described in the databases.
To enable the heuristic analysis:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Settings button in the Security level section in the right part of the window.
4. In the window that opens, on the Performance tab, in the Scan methods section, check the Heuristic
analysis box and specify the detail level for the scan.
SELECTING THE SCAN TECHNOLOGY
In addition to the heuristic analysis you can use special technologies, allowing an increase in the objects scan speed by
excluding the files that have not been modified since they were last scanned.
To enable the object scan technologies:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Settings button in the Security level section in the right part of the window.
4. In the window that opens, on the Additional tab, in the Scan technologies section, select the required values.
CHANGING ACTIONS TO BE PERFORMED ON DETECTED OBJECTS
If infected or potentially infected objects are detected, the application performs the specified action.
To change the specified action to be performed on detected objects:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. In the right part of the window, select in the Action on threat detection section the required option.
SCAN OF COMPOUND FILES
A common method of concealing viruses is to embed them into compound files: archives, databases, etc. To detect
viruses that are hidden in this way a compound file should be unpacked, which can significantly lower the scan speed.
For each type of compound file, you can select to scan either all files or only new ones. To make your selection, click the
link next to the name of the object. It changes its value when you left-click on it. If you select the scan new and changed
files only scan mode (see page 88), you will not be able to select the links allowing you to scan all or new only files.
By default, Kaspersky Internet Security scans only embedded OLE objects.
U S E R G U I D E
88
When large compound files are scanned, their preliminary unpacking may take a long period of time. This period can be
reduced by enabling unpacking of compound files in background mode if they exceed the specified file size. If a
malicious object is detected while working with such a file, the application will notify you about it.
You can restrict the maximum size of the compound file being scanned. Compound files larger than the specified value
will not be scanned.
When large files are extracted from archives, they will be scanned even if the Do not unpack large compound files
box is checked.
To modify the list of scanned compound files:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Settings button in the Security level section in the right part of the window.
4. In the window that opens, on the Performance tab, in the Scan of compound files section, select the required
type of compound files to be scanned.
In order to set the maximum size of compound files to be scanned:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Settings button in the Security level section in the right part of the window.
4. In the window that opens, on the Performance tab, in the Scan of compound files section, click the
Additional button.
5. In the Compound files window, check the Do not unpack large compound files box and specify the
maximum file size.
To unpack large-sized compound files in background mode:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
3. Click the Settings button in the Security level section in the right part of the window.
4. In the window that opens, on the Performance tab, in the Scan of compound files section, click the
Additional button.
5. In the Compound files window, check the Extract compound files in the background box and specify the
minimum file size.
SCAN OPTIMIZATION
You can shorten the scan time and speed up Kaspersky Internet Security. This can be achieved by scanning only new
files and those files that have altered since the last time they were scanned. This mode applies both to simple and
compound files.
To scan only new and changed files:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the File Anti-Virus component.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
89
3. Click the Settings button in the right part of the window.
4. In the window that opens, on the Performance tab, in the Scan optimization section, check the Scan only
new and changed files box.
MAIL ANTI-VIRUS
Mail Anti-Virus scans incoming and outgoing messages for malicious objects. It loads when the operating system launches and runs continually, scanning all email sent or received on the POP3, SMTP, IMAP, MAPI and NNTP protocols, as well as on secure connections (SSL) for POP3 and IMAP.
The indicator of the component's operation is the application icon in the taskbar notification area, which looks like
whenever an email message is being scanned.
You can specify the types of messages which should be scanned and select the security level (see page 91)
(configuration settings affecting the scan intensity).
The application intercepts each message that the user sends or receives and parses it into basic components: message
header, body, attachments. Message body and attachments (including attached OLE objects) are scanned for the
presence of threats.
By default, the mode of using application's database records to search for threats is always enabled. In addition, you can
enable heuristic analysis. Furthermore, you can enable filtering of attachments (see page 92), which allows automatic
renaming or deletion of specified file types.
If a threat is detected, Kaspersky Internet Security assigns one of the following statuses to the found object:
malicious program (such as a virus or Trojan);
potentially infected (suspicious) status if the scan cannot determine whether the object is infected or not. The file
may contain a sequence of code appropriate for viruses, or modified code from a known virus.
The application blocks a message, displays a notification about detected threat and performs the assigned action. You
can change actions to be performed on detected threat (see section "Changing actions to be performed on detected
objects" on page 92).
If you work in automatic mode (see section "Selecting protection mode" on page 71), Kaspersky Internet Security will
automatically apply the action recommended by Kaspersky Lab specialists when dangerous objects are detected. For
malicious objects this action is Disinfect. Delete if disinfection fails, for suspicious objects – Move to Quarantine.
Before attempting to disinfect or delete an infected object, Kaspersky Internet Security creates a backup copy for
subsequent restoration or disinfection. Suspicious (potentially infected) objects are quarantined. You can enable the auto
scan for quarantined objects after each update.
After the email message is successfully disinfected, it returns to the user. If the disinfection fails, the infected object is
deleted from the message. After the virus scan, a special text is inserted in the subject line of the email, stating that the
email was processed by Kaspersky Internet Security.
An integrated plug-in is provided for Microsoft Office Outlook (see section "Email scanning in Microsoft Office Outlook"
on page 93) that allows you to fine-tune the email client.
If you use The Bat!, Kaspersky Internet Security can be used in conjunction with other anti-virus applications. At that, the
email traffic processing rules (see section "Email scanning in The Bat!" on page 93) are configured directly in The Bat!
and override the application’s email protection settings.
When working with other mail programs, including Microsoft Outlook Express/Windows Mail, Mozilla Thunderbird,
Eudora, and Incredimail, the Mail Anti-Virus component scans email on SMTP, POP3, IMAP, and NNTP protocols.
Note that when working with the Thunderbird mail client, email messages transferred via IMAP will not be scanned for
U S E R G U I D E
90
viruses if any filters moving messages from the Inbox folder are used.
IN THIS SECTION:
Enabling and disabling Mail Anti-Virus ............................................................................................................................ 90
Creating a protection scope ............................................................................................................................................ 90
Changing and restoring security level ............................................................................................................................. 91
Using heuristic analysis ................................................................................................................................................... 91
Changing actions to be performed on detected objects .................................................................................................. 92
Attachment filtering ........................................................................................................................................................ 92
Scan of compound files ................................................................................................................................................... 92
Email scanning in Microsoft Office Outlook ..................................................................................................................... 93
Email scanning in The Bat! .............................................................................................................................................. 93
ENABLING AND DISABLING MAIL ANTI-VIRUS
By default, Mail Anti-Virus is enabled, functioning in normal mode. You can disable Mail Anti-Virus, if necessary.
To disable Mail Anti-Virus:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Mail Anti-Virus component.
3. In the right part of the window, uncheck the Enable Mail Anti-Virus box.
CREATING A PROTECTION SCOPE
Protection scope is understood as the type of messages to be scanned. By default, Kaspersky Internet Security scans
both incoming and outgoing emails.
If you have selected scan only incoming messages, you are advised to scan outgoing email when you first begin using
Kaspersky Internet Security since it is likely that there are worms on your computer which will distribute themselves via
email. This will avoid unpleasant situations caused by unmonitored mass emailing of infected emails from your computer.
The protection scope also includes the settings used to integrate the Mail Anti-Virus component into the system, and the
protocols to be scanned. By default, the Mail Anti-Virus component is integrated into the Microsoft Office Outlook and
The Bat! email client applications.
To disable scans of outgoing emails:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Mail Anti-Virus component.
3. Click the Settings button in the right part of the window.
4. Use the General tab of the displayed window to select in the Protection scope section the option Incoming
messages only.
A DVA N C E D A P P L I C A T I O N S E T T I N G S
91
To select the protocols to scan and the settings to integrate Mail Anti-Virus into the system:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Mail Anti-Virus component.
3. Click the Settings button in the right part of the window.
4. In the window that opens, on the Additional tab, in the Connectivity section select the required settings.
CHANGING AND RESTORING SECURITY LEVEL
Depending on your actual needs, you can select one of the preset file/memory security levels or configure File Anti-Virus
on your own.
Kaspersky Lab advises you not to configure Mail Anti-Virus settings on your own. In most cases, it is enough to select a
different security level.
When configuring File Anti-Virus, you can always roll back to the recommended values. These settings are considered
optimal, recommended by Kaspersky Lab, and grouped in the Recommended security level.
To change the preset email security level:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Mail Anti-Virus component.
3. In the right part of the window, in the Security level section, set the required security level, or click the Settings
button to modify the settings manually.
If you modify the settings manually, the name of the security level will change to Custom.
To restore default mail protection settings:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Mail Anti-Virus component.
3. Click the Default level button in the Security level section in the right part of the window.
USING HEURISTIC ANALYSIS
During Mail Anti-Virus operation, signature analysis is always used: Kaspersky Internet Security compares the object
found with the database records.
To improve protection efficiency, you can use the heuristic analysis (i.e., analysis of activity that an object performs in the
system). This analysis allows detecting new malicious objects which are not yet described in the databases.
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Mail Anti-Virus component.
3. Click the Settings button in the right part of the window.
4. In the window that opens, on the General tab, in the Scan methods section, check the Heuristic analysis
box and specify the detail level for the scan.
U S E R G U I D E
92
CHANGING ACTIONS TO BE PERFORMED ON DETECTED OBJECTS
If infected or potentially infected objects are detected, the application performs the specified action.
To change the specified action to be performed on detected objects:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Mail Anti-Virus component.
3. In the right part of the window, select in the Action on threat detection section the required option.
ATTACHMENT FILTERING
Malware is most often distributed in mail as objects attached to messages. To protect your computer, for example, from
automatic launch of attached files, you can enable filtering of attachments, which can automatically rename or delete files
of specified types.
To enable filtering of attachments:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Mail Anti-Virus component.
3. Click the Settings button in the right part of the window.
4. Use the Attachment filter tab of the displayed window to select the filtering mode for attachments. When you
select either of the last two modes, the list of file types (extensions) will become enabled; there you can select
the required types or add a mask to select a new type.
To add a new type mask to the list, click the Add link to open the Input file name mask window and enter the
necessary information.
SCAN OF COMPOUND FILES
A common method of concealing viruses is to embed them into compound files: archives, databases, etc. To detect
viruses that are hidden in this way a compound file should be unpacked, which can significantly lower the scan speed.
You can enable or disable the scan of attached archives and limit the maximum size of archives to be scanned.
If your computer is not protected by any local network software (you access the Internet directly without a proxy server or
a firewall), it is not recommended to disable the scanning of attached archives.
To configure the settings for the scan of compound files:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Mail Anti-Virus component.
3. Click the Settings button in the right part of the window.
4. Use the General tab in the displayed window to define necessary settings.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
93
EMAIL SCANNING IN MICROSOFT OFFICE OUTLOOK
If you are using Microsoft Office Outlook as your mail client, you may modify additional settings for scanning your mail for
viruses.
When installing Kaspersky Internet Security, a special plug-in is installed in Microsoft Office Outlook. It allows you to
configure Mail Anti-Virus settings quickly, and determine when email messages are scanned for dangerous objects.
The plug-in comes in the form of Email protection tab located in the Tools Options menu.
To define the proper time for mail scanning, perform the following steps:
1. Open the main Microsoft Outlook application window.
2. Select Tools Options from the application menu.
3. Use the Email protection tab to select necessary settings.
EMAIL SCANNING IN THE BAT!
Actions in respect of infected email objects in The Bat! are defined using the application's own tools.
Mail Anti-Virus settings determining if incoming and outgoing messages should be scanned, which actions should be
performed in respect of dangerous objects in email, and which exclusions should apply, are ignored. The only thing that
The Bat! takes into account is the scanning of attached archives.
The email protection settings extend to all the anti-virus components installed on the computer that support working with
the Bat!.
Note that incoming email messages are first scanned by Mail Anti-Virus and only after that – by the plug-in of The Bat!. If
a malicious object is detected, Kaspersky Internet Security immediately notifies you of this event. If you select the
Disinfect (Delete) action in the notification window of Mail Anti-Virus, actions aimed at eliminating the threat are
performed by Mail Anti-Virus. If you select the Ignore option in the notification window, the object will be disinfected by
the plug-in of The Bat!. When sending email messages, they are first scanned by the plug-in and then - by Mail AntiVirus.
You have to define the following criteria:
which mail stream (incoming, outgoing) should be scanned;
when the mail objects should be scanned (when opening a message, before saving to disk);
what actions are performed by the mail client if dangerous objects are detected in email messages. For
example, you could select:
Attempt to disinfect infected parts – if this option is selected, the attempt is made to disinfect the infected
object; if it cannot be disinfected, the object remains in the message.
Delete infected parts – if this option is selected, the dangerous object in the message is deleted
regardless of whether it is infected or suspected to be infected.
By default, The Bat! places all infected email objects in Quarantine without attempting to disinfect them.
The Bat! does not give special headers to emails containing dangerous objects.
To set up email protection rules in The Bat!:
1. Open the main The Bat! window.
U S E R G U I D E
94
2. Select the Settings item from the Properties menu of the mail client.
3. Select the Virus protection object from the settings tree.
WEB ANTI-VIRUS
Whenever you use the Internet, the information stored on your computer becomes subject to the risk of infection from
dangerous programs. These can infiltrate your computer while you are downloading free software, or browsing known
safe websites, which have been subject to hacker attacks before you have gone on them. Moreover, network worms can
penetrate your computer before you open a webpage or download a file just because your computer is connected to the
Internet.
The Web Anti-Virus component is designed to ensure security while using the Internet. It protects your computer against data coming in via the HTTP and HTTPS protocols, and also prevents dangerous scripts from being executed on the computer.
Web protection monitors the data stream that passes only through the ports included in the monitored port list. A list of
ports that are most commonly used for data transfer is included in the Kaspersky Internet Security package. If you use
any ports that are not included in this list, add them into the list of monitored ports (see section "Creating a list of
monitored ports" on page 125) to ensure protection of data streams being directed via them.
A collection of settings called the security level defines how the data stream will be scanned (see section "Selecting the
Web Anti-Virus security level" on page 96). If Web Anti-Virus detects a threat, it will perform the assigned action.
Kaspersky Lab advises you not to configure Web Anti-Virus settings on your own. In most cases, it is enough to select an
appropriate security level.
Component operation algorithm
Web Anti-Virus protects the data reaching your computer and transferred from it over HTTP and HTTPS, and prevents
hazardous scripts from running on the computer. By default, scan of secure connections (via HTTPS) is disabled, you
can enable and configure it (see section "Scanning encrypted connections" on page 122).
Data is protected using the following algorithm:
1. Each web page or file that is accessed by the user or an application via the HTTP or HTTPS protocols, is
intercepted and analyzed for malicious code by Web Anti-Virus. Malicious objects are detected using both
Kaspersky Internet Security databases and the heuristic algorithm. The database contains descriptions of all the
malicious programs known to date and methods for neutralizing them. The heuristic algorithm can detect new
viruses that have not yet been entered in the database.
2. After the analysis, you have the following courses of action available:
If a web page or an object accessed by the user contains malicious code, access to them is blocked. A
notification is displayed that the object or page being requested is infected.
If the file or web page does not contain malicious code, the program immediately grants the user access to
it.
Scripts are scanned according to the following algorithm:
1. Each script run is intercepted by Web Anti-Virus and is analyzed for malicious code.
2. If the script contains malicious code, Web Anti-Virus blocks this script and informs the user of it with a special
pop-up message.
3. If no malicious code is discovered in the script, it is run.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
95
IN THIS SECTION:
Enabling and disabling Web Anti-Virus ........................................................................................................................... 95
Selecting the Web Anti-Virus security level ..................................................................................................................... 96
Changing actions to be performed on dangerous objects ............................................................................................... 96
Checking URLs using the databases of suspicious and phishing addresses .................................................................. 96
Using heuristic analysis ................................................................................................................................................... 97
Blocking dangerous scripts ............................................................................................................................................. 98
Scan optimization ............................................................................................................................................................ 98
Kaspersky URL advisor ................................................................................................................................................... 98
Blocking access to dangerous websites .......................................................................................................................... 99
Control requests to regional domains ............................................................................................................................ 100
Controlling access to online banking services ............................................................................................................... 100
Creating a list of trusted addresses ............................................................................................................................... 101
Restoring Web Anti-Virus default settings ..................................................................................................................... 101
Web Anti-Virus intercepts only scripts using the Microsoft Windows Script Host functionality.
ENABLING AND DISABLING WEB ANTI-VIRUS
There are two ways to enable or disable the component:
from the main application window (see section "Kaspersky Internet Security main window" on page 39);
from the settings window (see section "Application settings window" on page 43).
To enable or disable Web Anti-Virus in the main window, perform the following steps:
1. Open the main application window and select the Protection Center section in the left part of the window.
2. In the right part of the window, left-click to open the Online Security or the System and Applications
Protection section.
3. Open the menu for selecting an action on the component by clicking the Web Anti-Virus button and select
Enable Web Anti-Virus (if the component should be enabled) or Disable Web Anti-Virus (if it should be
disabled).
When enabling a component, the icon on its left goes green, when disabling it, the icon goes grey.
To enable or disable Anti-Spam in the settings window:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
U S E R G U I D E
96
3. Check the Enable Web Anti-Virus box in the right part of the window, if the component should be enabled.
Uncheck the box if the component should be disabled.
SELECTING THE WEB ANTI-VIRUS SECURITY LEVEL
The security level is defined as a preset configuration of the Web Anti-Virus settings providing for a certain level of
protection for the data received and transmitted over HTTP and HTTPS. Kaspersky Lab specialists distinguish three
security levels:
High level provides maximum protection necessary while working in dangerous environment.
Recommended level provides optimal protection recommended in most cases.
Low level allows maximum performance.
The user should decide which level to select according to the working conditions and the current situation.
To select one of the preset security levels, perform the following steps:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Use the slider in the right part of the window to choose the required security level.
If none of the preset levels satisfies your requirements, you can configure the Web Anti-Virus, for example, modify the
level of scanning intensity during heuristic analysis. Such configuration will change the security level name to Custom.
If you need to revert again to a preset security level, simply restore the default settings of the component (see section
"Restoring Web Anti-Virus default settings" on page 101).
CHANGING ACTIONS TO BE PERFORMED ON DANGEROUS OBJECTS
Once analysis of an HTTP object shows that it contains malicious code, the response by the Web Anti-Virus component
depends on the action you have selected.
Web Anti-Virus always blocks actions by dangerous scripts and issues messages that inform the user of the action
taken. The action on a dangerous script cannot be changed – the only available modification is disabling scan of scripts
(see section "Blocking dangerous scripts" on page 98).
If you are working in automatic mode, then Kaspersky Internet Security automatically applies the action recommended by
Kaspersky Lab's specialists when dangerous objects are detected.
To select the action to be performed on detected objects:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. In the Action on threat detection section in the right part of the window, choose the action, which the
application should perform with the discovered dangerous object.
CHECKING URLS USING THE DATABASES OF SUSPICIOUS AND
PHISHING ADDRESSES
Web Anti-Virus can scan HTTP traffic for viruses and also check URLs to make sure they are not present in the lists of
suspicious or phishing web addresses.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
97
Checking the links if they are included in the list of phishing addresses allows avoiding phishing attacks, which look like
email messages from would-be financial institutions and contain links to the websites of these organizations. The
message text convinces the reader to click the link and enter confidential information in the window that follows, for
example, a credit card number or a login and password for an Internet banking site where financial operations may be
carried out. A phishing attack can be disguised, for example, as a letter from your bank with a link to its official website.
By clicking the link, you go to an exact copy of the bank's website and can even see the real address in the browser,
even though you are actually on a counterfeit site. From this point forward, all your actions on the site are tracked and
can be used to steal your money.
The lists of phishing URLs are included with the Kaspersky Internet Security delivery set. Since links to phishing web
sites may be received not only in email, but also from other sources, such as ICQ messages, Web Anti-Virus monitors
attempts to access a phishing web site on the level of HTTP traffic and blocks access to such locations.
To configure Web Anti-Virus to check URLs against the databases of suspicious and phishing web addresses,
perform the following steps:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Click the Settings button in the right part of the window.
The Web Anti-Virus window opens.
4. In the Scan methods section of the General tab, make sure that the boxes Check if URLs are listed in the
database of suspicious URLs and Check if URLs are listed in the database of phishing URLs are
selected.
USING HEURISTIC ANALYSIS
Heuristic analysis is a special inspection method. It is used to analyze the activity of an object within the host system. If
that activity is typical of harmful objects, then such object will be recognized as malicious or suspicious with sufficient
probability even if the dangerous code in it is yet unknown to the anti-virus analysts.
You can select the level of heuristic analysis intensity:
light scan – a quick check;
deep scan – a thorough check taking more time;
medium scan – an optimal combination of scanning speed and depth suitable in most cases.
If heuristic analysis reveals a malicious object, Kaspersky Internet Security will notify you about that and suggest
appropriate handling for the detected object.
Heuristic analysis is enabled by default, the intensity level is set to medium scan.
To enable heuristic analysis and define its intensity level or disable it, perform the following steps:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Click the Settings button in the right part of the window.
The Web Anti-Virus window opens.
4. To enable heuristic analysis, go to the General tab and check in the Scan methods section the Heuristic
analysis box. Use the slider below to define the necessary scanning intensity level. Uncheck the box Heuristic
analysis if that scanning method should not be used.
U S E R G U I D E
98
BLOCKING DANGEROUS SCRIPTS
Web Anti-Virus can scan all scripts processed in Microsoft Internet Explorer, as well as any other WSH scripts
(JavaScript, Visual Basic Script, etc.) launched when the user works on the computer. If a script presents a threat to your
computer, it will be blocked.
In order for Web Anti-Virus to scan and block scripts:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Click the Settings button in the right part of the window.
The Web Anti-Virus window opens.
4. Make sure that the Block dangerous scripts in Microsoft Internet Explorer box is checked on the General
tab in the Additional section.
SCAN OPTIMIZATION
To detect malicious code more efficiently, Web Anti-Virus caches fragments of objects downloaded from the Internet.
When using this method, Web Anti-Virus only scans an object after it has been completely downloaded. The object is
then scanned for viruses and returned to the user for work or blocked, depending on the scan results.
Caching objects increases object processing time, and hence the time before the application returns objects to the user.
Caching can cause problems when downloading or processing large objects, as the connection with the HTTP client may
time out.
To solve this problem, we suggest limiting the caching time for the object fragments downloaded from the Internet. When
a specified period of time expires, the user will receive the downloaded part of the object without scanning, and once the
object is fully copied, it will be scanned in full. This allows reducing the time needed to transfer the object to the user and
eliminating the disconnection problem. The Internet security level will not be reduced in that case.
Removing the limit of caching time results in improved efficiency of anti-virus scan though causing a slight slowdown of
access to the object.
To set a time limit for fragment buffering or remove it:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Click the Settings button in the right part of the window.
The Web Anti-Virus window opens.
4. To restrict the traffic scanning duration, on the General tab check in the Additional section the Limit traffic
caching time to optimize scan box. Uncheck the box, if you need to cancel the restriction.
KASPERSKY URL ADVISOR
Kaspersky Internet Security includes the URL scanning module managed by Web Anti-Virus. This module is built into
Microsoft Internet Explorer and Mozilla Firefox browsers as a plug-in.
This module checks if links located on the webpage belong to the list of suspicious and phishing web addresses. You
can create a list of web addresses whose content will not be checked for the presence of suspicious or phishing URLs, or
a list of web sites whose content must be scanned. You can also completely exclude scan of URLs.
The below-listed options of Kaspersky URL advisor configuration can be selected not only in the application settings
window but also in the advisor module settings window that you open from your web browser.
A D V A N C E D A P P L I C A T I O N S E T T I N G S
99
To create a list of websites whose content will not be scanned for the presence of suspicious or phishing URLs:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Click the Settings button in the right part of the window.
The Web Anti-Virus window opens.
4. On the Safe Surf tab in the Kaspersky URL Advisor section, select the On all web pages except the
exclusions option and click the Exclusions button.
5. Use the displayed Exclusions window to create the list of web sites whose content will not be scanned for the
presence of suspicious or phishing URLs.
To create a list of websites whose content must be scanned for the presence of suspicious or phishing URLs:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Click the Settings button in the right part of the window.
The Web Anti-Virus window opens.
4. On the Safe Surf tab in the Kaspersky URL advisor section, select the On the selected web pages option
and click the Select button.
5. Use the displayed Checked URLs window to create the list of web addresses whose content must be checked
for the presence of suspicious or phishing URLs.
If you want no URLs to be checked by the advisor:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Click the Settings button in the right part of the window.
The Web Anti-Virus window opens.
4. On the Safe Surf tab in the Kaspersky URL advisor section, select the Do not check URLs option.
To open the Kaspersky URL advisor settings window from your web browser,
click the button with the Kaspersky Internet Security icon in the browser toolbar.
BLOCKING ACCESS TO DANGEROUS WEBSITES
You can block access to websites which have been considered as suspicious or phishing by Kaspersky URL advisor
(see section "Kaspersky URL advisor" on page 98).
If the application cannot make a clear decision on security of a website to which the URL redirects, you are offered to
load this website in Safe Run for Websites mode (see page149) (only for Microsoft Internet Explorer, Mozilla Firefox
browsers). When running in Safe Run mode, malicious objects do not pose any threat to your computer.
To block access to dangerous websites:
1. Open the application settings window.
U S E R G U I D E
100
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Click the Settings button in the right part of the window.
The Web Anti-Virus window opens.
4. On the Safe Surf tab, in the Block dangerous websites section, check the Block dangerous websites box.
CONTROL REQUESTS TO REGIONAL DOMAINS
Depending on the user's choice, Web Anti-Virus in Geo Filter mode can block or allow access to websites on the grounds
of their belonging to regional web domains. This allows you, for example, to block access to websites which belong to
regional domains with a high risk of infection.
To allow or block access to websites which belong to specified domains:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Click the Settings button in the right part of the window.
The Web Anti-Virus window opens.
4. On the Geo Filter tab, check the Enable filtering by regional domains box and specify in the list of controlled
domains below which domains should be allowed or blocked, and for which ones the application should request
access permission using a notification (see section "Requesting for permission of accessing a website from a
regional domain" on page 195).
By default, access is allowed for regional domains that match your location. Access permission request is set for
other domains by default.
CONTROLLING ACCESS TO ONLINE BANKING SERVICES
When working with online banking, the user needs special protection, since leakages of confidential information may lead
to financial losses. Web Anti-Virus can control access to the resources that you use when working with online banking,
downloading them in a safe browser, thus ensuring advanced protection. Web Anti-Virus automatically defines which
web resources are online banking services. For guaranteed identification of a web resource as online banking service,
you can specify its URL in the corresponding list.
To enable control of access to online banking services:
1. Open the application settings window.
2. In the left part of the window, in the Protection Center section, select the Web Anti-Virus component.
3. Click the Settings button in the right part of the window.
The Web Anti-Virus window opens.
4. On the Online Banking tab, check the Enable control box. You are offered to start the Certificate Installation
Wizard that you can use to install the Kaspersky Lab certificate for scanning encrypted connections.
5. If required, create a list of resources that should be necessarily identified as online banking services by the
application.
Loading...