Page 1
USER GUIDE
A P PL I CA T IO N V E R S I O N : 9 . 0
Kaspersky PURE
Page 2
2
Dear User!
Thank you for choosing our product. We hope that this documentation will help you in your work and will provide answers
to most of the questions regarding this software product.
Warning! This document is the property of Kaspersky Lab: all rights to this document are reserved by the copyright laws
of the Russian Federation, and by international treaties. Illegal reproduction and distribution of this document or parts
hereof result in civil, administrative or criminal liability pursuant to the laws of the Russian Federation.
Any type of reproduction or distribution of any materials, including translations, is allowed only with the written permission
of Kaspersky Lab.
This document and graphic images related to it may be used exclusively for informational, non-commercial, and personal
purposes.
This document may be amended without additional notification. You can find the latest version of this document at the
Kaspersky Lab website, at http://www.kaspersky.com/docs.
Kaspersky Lab assumes no liability for the content, quality, relevance, or accuracy of any materials used in this document
for which the rights are held by third parties, or for any potential damages associated with the use of such documents.
This document involves the registered trademarks and service marks which are the property of their respective owners.
Revision date: 12/24/2009
© 1997-2009 Kaspersky Lab ZAO. All Rights Reserved.
http://www.kaspersky.com
http://support.kaspersky.com/
Page 3
3
LICENSE AGREEMENT
KASPERSKY LAB END USER LICENSE AGREEMENT
IMPORTANT LEGAL NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT BEFORE
YOU START USING THE SOFTWARE.
BY CLICKING THE ACCEPT BUTTON IN THE LICENSE AGREEMENT WINDOW OR BY ENTERING
CORRESPONDING SYMBOL(-S) YOU CONSENT TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS
AGREEMENT. SUCH ACTION IS A SYMBOL OF YOUR SIGNATURE AND YOU ARE CONSENTING TO BE BOUND
BY AND ARE BECOMING A PARTY TO THIS AGREEMENT AND AGREE THAT THIS AGREEMENT IS
ENFORCEABLE LIKE ANY WRITTEN NEGOTIATED AGREEMENT SIGNED BY YOU. IF YOU DO NOT AGREE TO
ALL OF THE TERMS AND CONDITIONS OF THIS AGREEMENT, CANCEL THE INSTALLATION OF THE SOFTWARE
AND DO NOT INSTALL THE SOFTWARE.
THE SOFTWARE CAN BE ACCOMPANIED WITH ADDITIONAL AGREEMENT OR SIMILAR DOCUMENT
(“ADDITIONAL AGREEMENT”) WHICH CAN DEFINE NUMBER OF COMPUTERS, WHERE THE SOFTWARE CAN BE
USED, PERIOD OF USE OF THE SOFTWARE, TYPES OF OBJECTS WHICH THE SOFTWARE IS INTENDED FOR
AND OTHER ADDITIONAL TERMS OF PURCHASE, ACQUISITION AND USE. THIS ADDITIONAL AGREEMENT IS
THE INTEGRAL PART OF THE LICENSE AGREEMENT.
AFTER CLICKING THE ACCEPT BUTTON IN THE LICENSE AGREEMENT WINDOW OR AFTER ENTERING
CORRESPONDING SYMBOL(-S) YOU HAVE THE RIGHT TO USE THE SOFTWARE IN ACCORDANCE WITH THE
TERMS AND CONDITIONS OF THIS AGREEMENT.
1. Definitions
1.1. Software means software including any Updates and related materials.
1.2. Rightholder (owner of all rights, whether exclusive or otherwise to the Software) means Kaspersky Lab ZAO, a
company incorporated according to the laws of the Russian Federation.
1.3. Computer(s) means hardware(s), including personal computers, laptops, workstations, personal digital
assistants, „smart phones‟, hand-held devices, or other electronic devices for which the Software was designed
where the Software will be installed and/or used.
1.4. End User (You/Your) means individual(s) installing or using the Software on his or her own behalf or who is
legally using a copy of the Software; or, if the Software is being downloaded or installed on behalf of an
organization, such as an employer, “You” further means the organization for which the Software is downloaded
or installed and it is represented hereby that such organization has authorized the person accepting this
agreement to do so on its behalf. For purposes hereof the term “organization,” without limitation, includes any
partnership, limited liability company, corporation, association, joint stock company, trust, joint venture, labor
organization, unincorporated organization, or governmental authority.
1.5. Partner(s) means organizations or individual(s), who distributes the Software based on an agreement and
license with the Rightholder.
1.6. Update(s) means all upgrades, revisions, patches, enhancements, fixes, modifications, copies, additions or
maintenance packs etc.
1.7. User Manual means user manual, administrator guide, reference book and related explanatory or other
materials.
1.8. Software Acquisition means purchase of the Software or acquisition of the Software on terms defined in
additional agreement including acquisition at no charge.
2. Grant of License
2.1. The Rightholder hereby grants You a non-exclusive license to store, load, install, execute, and display (to “use”)
the Software on a specified number of Computers in order to assist in protecting Your Computer on which the
Software is installed, from threats described in the User Manual, according to the all technical requirements
described in the User Manual and according to the terms and conditions of this Agreement (the “License”) and
you accept this License:
Trial Version. If you have received, downloaded and/or installed a trial version of the Software and are hereby
granted an evaluation license for the Software, you may use the Software only for evaluation purposes and only
during the single applicable evaluation period, unless otherwise indicated, from the date of the initial installation.
Any use of the Software for other purposes or beyond the applicable evaluation period is strictly prohibited.
Multiple Environment Software; Multiple Language Software; Dual Media Software; Multiple Copies; Bundles. If
you use different versions of the Software or different language editions of the Software, if you receive the
Software on multiple media, if you otherwise receive multiple copies of the Software, or if you received the
Page 4
U S E R G U I D E
4
Software bundled with other software, the total permitted number of your Computers on which all versions of the
Software are installed shall correspond to the number of computers specified in licenses you have obtained from
the Rightholder provided that unless the licensing terms provide otherwise, each acquired license entitles you to
install and use the Software on such a number of Computer(s) as is specified in Clauses 2.2 and 2.3.
2.2. If the Software was acquired on a physical medium You have the right to use the Software for protection of such
a number of Computer(s) as is specified on the Software package or as specified in additional agreement.
2.3. If the Software was acquired via the Internet You have the right to use the Software for protection of such a
number of Computers that was specified when You acquired the License to the Software or as specified in
additional agreement.
2.4. You have the right to make a copy of the Software solely for back-up purposes and only to replace the legally
owned copy if such copy is lost, destroyed or becomes unusable. This back-up copy cannot be used for other
purposes and must be destroyed when you lose the right to use the Software or when Your license expires or is
terminated for any other reason according to the legislation in force in the country of your principal residence or
in the country where You are using the Software.
2.5. You can transfer the non-exclusive license to use the Software to other individuals within the scope of the
license granted from the Rightholder to You provided that the recipient agrees to be bound by all the terms and
conditions of this Agreement and substitute you in full in the license granted from the Rightholder. In case You
fully transfer the rights granted from the Rightholder to use the Software You must destroy all copies of the
Software including the back-up copy. If You are a recipient of a transferred license You must agree to abide by
all the terms and conditions of this Agreement. If You do not agree to be bound by all the terms and conditions
of this Agreement, You may not install and/or use the Software. You also agree as the recipient of a transferred
license that You do not have any additional or better rights than what the original End User who acquired the
Software from the Rightholder, did.
2.6. From the time of the Software activation or after license key file installation (with the exception of a trial version
of the Software) You have the right to receive the following services for the defined period specified on the
Software package (if the Software was acquired on a physical medium) or specified during acquisition (if the
Software was acquired via the Internet):
- Updates of the Software via the Internet when and as the Rightholder publishes them on its website or
through other online services. Аny Updates that you may receive become part of the Software and the
terms and conditions of this Agreement apply to them;
- Technical Support via the Internet and Technical Support telephone hotline.
3. Activation and Term
3.1. If You modify Your Computer or make changes to other vendors‟ software installed on it, You may be required
by the Rightholder to repeat activation of the Software or license key file installation. The Rightholder reserves
the right to use any means and verification procedures to verify the validity of the License and/or legality of a
copy of the Software installed and/or used on Your Computer.
3.2. If the Software was acquired on a physical medium, the Software can be used, upon your acceptance of this
Agreement, for the period that is specified on the package commencing upon acceptance of this Agreement or
as specified in additional agreement.
3.3. If the Software was acquired via the Internet, the Software can be used, upon your acceptance of this
Agreement, for the period that was specified during acquisition or as specified in additional agreement.
3.4. You have the right to use a trial version of the Software as provided in Clause 2.1 without any charge for the
single applicable evaluation period (30 days) from the time of the Software activation according to this
Agreement provided that the trial version does not entitle You Updates and Technical support via the Internet
and Technical support telephone hotline.
3.5. Your License to Use the Software is limited to the period of time as specified in Clauses 3.2 or 3.3 (as
applicable) and the remaining period can be viewed via means described in User Manual.
3.6. If You have acquired the Software that is intended to be used on more than one Computer then Your License to
Use the Software is limited to the period of time starting from the date of activation of the Software or license key
file installation on the first Computer.
3.7. Without prejudice to any other remedy in law or in equity that the Rightholder may have, in the event of any
breach by You of any of the terms and conditions of this Agreement, the Rightholder shall at any time without
notice to You be entitled to terminate this License to use the Software without refunding the purchase price or
any part thereof.
3.8. You agree that in using the Software and in using any report or information derived as a result of using this
Software, you will comply with all applicable international, national, state, regional and local laws and
regulations, including, without limitation, privacy, copyright, export control and obscenity law.
3.9. Except as otherwise specifically provided herein, you may not transfer or assign any of the rights granted to you
under this Agreement or any of your obligations pursuant hereto.
4. Technical Support
The Technical Support described in Clause 2.6 of this Agreement is provided to You when the latest Update of the
Software is installed (except for a trial version of the Software).
Technical support service: http://support.kaspersky.com
Page 5
L I C E N S E A G R E E M E N T
5
5. Information Collection
5.1. Having agreed with the terms and conditions of this Agreement You consent to provide information to the
Rightholder about executable files and their checksums to improve Your security protection level.
5.2. In order to improve security awareness about new threats and their sources and in order to improve Your
security protection level the Rightholder, with your consent, that has been explicitly confirmed in the Kaspersky
Security Network Data Collection Statement, is expressly entitled to receives such information. You can
deactivate the Kaspersky Security Network service during installation. Also, You can activate and deactivate the
Kaspersky Security Network service at any time in the Software options page.
You further acknowledge and agree that any information gathered by Rightholder can be used to track and
publish reports on security risk trends in the Rightholder‟s sole and exclusive discretion.
5.3. The Software does not process any personally identifiable data and does not combine the processing data with
any personal information.
5.4. If you do not wish for the information collected by the Software to be sent to the Rightholder, You should not
activate and/or de-activate the Kaspersky Security Network service.
6. Limitations
6.1. You shall not emulate, clone, rent, lend, lease, sell, modify, decompile, or reverse engineer the Software or
disassemble or create derivative works based on the Software or any portion thereof with the sole exception of a
non-waivable right granted to You by applicable legislation, and you shall not otherwise reduce any part of the
Software to human readable form or transfer the licensed Software, or any subset of the licensed Software, nor
permit any third party to do so, except to the extent the foregoing restriction is expressly prohibited by applicable
law. Neither Software‟s binary code nor source may be used or reverse engineered to re-create the program
algorithm, which is proprietary. All rights not expressly granted herein are reserved by Rightholder and/or its
suppliers, as applicable. Any such unauthorized use of the Software shall result in immediate and automatic
termination of this Agreement and the License granted hereunder and may result in criminal and/or civil
prosecution against You.
6.2. You shall not transfer the rights to use the Software to any third party except as set forth in Clause 2.5 of this
Agreement or in additional agreement.
6.3. You shall not provide the activation code and/or license key file to third parties or allow third parties access to
the activation code and/or license key which are deemed confidential data of Rightholder and you shall exercise
reasonable care in protecting the activation code and/or license key in confidence provided that you can transfer
the activation code and/or license key to third parties as set forth in Clause 2.5 of this Agreement or in additional
agreement.
6.4. You shall not rent, lease or lend the Software to any third party.
6.5. You shall not use the Software in the creation of data or software used for detection, blocking or treating threats
described in the User Manual.
6.6. The Rightholder has the right to block the key file or to terminate Your License to use the Software in the event
You breach any of the terms and conditions of this Agreement and without any refund to You.
6.7. If You are using the trial version of the Software You do not have the right to receive the Technical Support
specified in Clause 4 of this Agreement and You don‟t have the right to transfer the license or the rights to use
the Software to any third party.
7. Limited Warranty and Disclaimer
7.1. The Rightholder guarantees that the Software will substantially perform according to the specifications and
descriptions set forth in the User Manual provided however that such limited warranty shall not apply to the
following: (w) Your Computer‟s deficiencies and related infringement for which Righthold er‟s expressly disclaims
any warranty responsibility; (x) malfunctions, defects, or failures resulting from misuse; abuse; accident; neglect;
improper installation, operation or maintenance; theft; vandalism; acts of God; acts of terrorism; power failures
or surges; casualty; alteration, non-permitted modification, or repairs by any party other than Rightholder; or any
other third parties‟ or Your actions or causes beyond Rightholder‟s reasonable control; (y) any defect not made
known by You to Rightholder as soon as practical after the defect first appears; and (z) incompatibility caused by
hardware and/or software components installed on Your Computer.
7.2. You acknowledge, accept and agree that no software is error free and You are advised to back-up the
Computer, with frequency and reliability suitable for You.
7.3. The Rightholder does not provide any guarantee that the Software will work correctly in case of violations of the
terms described in the User Manual or in this Agreement.
7.4. The Rightholder does not guarantee that the Software will work correctly if You do not regularly download
Updates specified in Clause 2.6 of this Agreement.
7.5. The Rightholder does not guarantee protection from the threats described in the User Manual after the
expiration of the period specified in Clauses 3.2 or 3.3 of this Agreement or after the License to use the Software
is terminated for any reason.
Page 6
U S E R G U I D E
6
7.6. THE SOFTWARE IS PROVIDED "AS IS" AND THE RIGHTHOLDER MAKES NO REPRESENTATION AND
GIVES NO WARRANTY AS TO ITS USE OR PERFORMANCE. EXCEPT FOR ANY WARRANTY,
CONDITION, REPRESENTATION OR TERM THE EXTENT TO WHICH CANNOT BE EXCLUDED OR
LIMITED BY APPLICABLE LAW THE RIGHTHOLDER AND ITS PARTNERS MAKE NO WARRANTY,
CONDITION, REPRESENTATION, OR TERM (EXPRESSED OR IMPLIED, WHETHER BY STATUTE,
COMMON LAW, CUSTOM, USAGE OR OTHERWISE) AS TO ANY MATTER INCLUDING, WITHOUT
LIMITATION, NONINFRINGEMENT OF THIRD PARTY RIGHTS, MERCHANTABILITY, SATISFACTORY
QUALITY, INTEGRATION, OR APPLICABILITY FOR A PARTICULAR PURPOSE. YOU ASSUME ALL
FAULTS, AND THE ENTIRE RISK AS TO PERFORMANCE AND RESPONSIBILITY FOR SELECTING THE
SOFTWARE TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THE INSTALLATION OF, USE OF, AND
RESULTS OBTAINED FROM THE SOFTWARE. WITHOUT LIMITING THE FOREGOING PROVISIONS, THE
RIGHTHOLDER MAKES NO REPRESENTATION AND GIVES NO WARRANTY THAT THE SOFTWARE WILL
BE ERROR-FREE OR FREE FROM INTERRUPTIONS OR OTHER FAILURES OR THAT THE SOFTWARE
WILL MEET ANY OR ALL YOUR REQUIREMENTS WHETHER OR NOT DISCLOSED TO THE
RIGHTHOLDER .
8. Exclusion and Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL THE RIGHTHOLDER OR ITS
PARTNERS BE LIABLE FOR ANY SPECIAL, INCIDENTAL, PUNITIVE, INDIRECT, OR CONSEQUENTIAL DAMAGES
WHATSOEVER (INCLUDING, BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS OR CONFIDENTIAL OR
OTHER INFORMATION, FOR BUSINESS INTERRUPTION, FOR LOSS OF PRIVACY, FOR CORRUPTION, DAMAGE
AND LOSS OF DATA OR PROGRAMS, FOR FAILURE TO MEET ANY DUTY INCLUDING ANY STATUTORY DUTY,
DUTY OF GOOD FAITH OR DUTY OF REASONABLE CARE, FOR NEGLIGENCE, FOR ECONOMIC LOSS, AND FOR
ANY OTHER PECUNIARY OR OTHER LOSS WHATSOEVER) ARISING OUT OF OR IN ANY WAY RELATED TO THE
USE OF OR INABILITY TO USE THE SOFTWARE, THE PROVISION OF OR FAILURE TO PROVIDE SUPPORT OR
OTHER SERVICES, INFORMATON, SOFTWARE, AND RELATED CONTENT THROUGH THE SOFTWARE OR
OTHERWISE ARISING OUT OF THE USE OF THE SOFTWARE, OR OTHERWISE UNDER OR IN CONNECTION
WITH ANY PROVISION OF THIS AGREEMENT, OR ARISING OUT OF ANY BREACH OF CONTRACT OR ANY TORT
(INCLUDING NEGLIGENCE, MISREPRESENTATION, ANY STRICT LIABILITY OBLIGATION OR DUTY), OR ANY
BREACH OF STATUTORY DUTY, OR ANY BREACH OF WARRANTY OF THE RIGHTHOLDER OR ANY OF ITS
PARTNERS, EVEN IF THE RIGHTHOLDER OR ANY PARTNER HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
YOU AGREE THAT IN THE EVENT THE RIGHTHOLDER AND/OR ITS PARTNERS ARE FOUND LIABILE, THE
LIABILITY OF THE RIGHTHOLDER AND/OR ITS PARTNERS SHALL BE LIMITED BY THE COSTS OF THE
SOFTWARE. IN NO CASE SHALL THE LIABILITY OF THE RIGHTHOLDER AND/OR ITS PARTNERS EXCEED THE
FEES PAID FOR THE SOFTWARE TO THE RIGHTHOLDER OR THE PARTNER (AS MAY BE APPLICABLE).
NOTHING IN THIS AGREEMENT EXCLUDES OR LIMITS ANY CLAIM FOR DEATH AND PERSONAL INJURY.
FURTHER IN THE EVENT ANY DISCLAIMER, EXCLUSION OR LIMITATION IN THIS AGREEMENT CANNOT BE
EXLUDED OR LIMITED ACCORDING TO APPLICABLE LAW THEN ONLY SUCH DISCLAIMER, EXCLUSION OR
LIMITATION SHALL NOT APPLY TO YOU AND YOU CONTINUE TO BE BOUND BY ALL THE REMAINING
DISCLAIMERS, EXCLUSIONS AND LIMITATIONS.
9. GNU and Other Third Party Licenses
The Software may include some software programs that are licensed (or sublicensed) to the user under the GNU General
Public License (GPL) or other similar free software licenses which, among other rights, permit the user to copy, modify
and redistribute certain programs, or portions thereof, and have access to the source code (“Open Source Software”). If
such licenses require that for any software, which is distributed to someone in an executable binary format, that the
source code also be made available to those users, then the source code should be made available by sending the
request to source@kaspersky.com or the source code is supplied with the Software. If any Open Source Software
licenses require that the Rightholder provide rights to use, copy or modify an Open Source Software program that are
broader than the rights granted in this Agreement, then such rights shall take precedence over the rights and restrictions
herein.
10. Intellectual Property Ownership
10.1 You agree that the Software and the authorship, systems, ideas, methods of operation, documentation and
other information contained in the Software, are proprietary intellectual property and/or the valuable trade
secrets of the Rightholder or its partners and that the Rightholder and its partners, as applicable, are protected
by civil and criminal law, and by the law of copyright, trade secret, trademark and patent of the Russian
Federation, European Union and the United States, as well as other countries and international treaties. This
Agreement does not grant to You any rights to the intellectual property including any the Trademarks or Service
Marks of the Rightholder and/or its partners (“Trademarks”). You may use the Trademarks only insofar as to
identify printed output produced by the Software in accordance with accepted trademark practice, including
Page 7
L I C E N S E A G R E E M E N T
7
identification of the Trademark owner‟s name. Such use of any Trademark does not give you any rights of
ownership in that Trademark. The Rightholder and/or its partners own and retain all right, title, and interest in
and to the Software, including without limitation any error corrections, enhancements, Updates or other
modifications to the Software, whether made by the Rightholder or any third party, and all copyrights, patents,
trade secret rights, trademarks, and other intellectual property rights therein. Your possession, installation or
use of the Software does not transfer to you any title to the intellectual property in the Software, and you will not
acquire any rights to the Software except as expressly set forth in this Agreement. All copies of the Software
made hereunder must contain the same proprietary notices that appear on and in the Software. Except as
stated herein, this Agreement does not grant you any intellectual property rights in the Software and you
acknowledge that the License, as further defined herein, granted under this Agreement only provides you with a
right of limited use under the terms and conditions of this Agreement. Rightholder reserves all rights not
expressly granted to you in this Agreement.
10.2 You acknowledge that the source code, activation code and/or license key file for the Software are proprietary to
the Rightholder and constitutes trade secrets of the Rightholder. You agree not to modify, adapt, translate,
reverse engineer, decompile, disassemble or otherwise attempt to discover the source code of the Software in
any way.
10.3 You agree not to modify or alter the Software in any way. You may not remove or alter any copyright notices or
other proprietary notices on any copies of the Software.
11. Governing Law; Arbitration
This Agreement will be governed by and construed in accordance with the laws of the Russian
Federation without reference to conflicts of law rules and principles. This Agreement shall not be
governed by the United Nations Convention on Contracts for the International Sale of Goods, the
application of which is expressly excluded. Any dispute arising out of the interpretation or
application of the terms of this Agreement or any breach thereof shall, unless it is settled by direct
negotiation, be settled by in the Tribunal of International Commercial Arbitration at the Russian
Federation Chamber of Commerce and Industry in Moscow, the Russian Federation. Any award
rendered by the arbitrator shall be final and binding on the parties and any judgment on such
arbitration award may be enforced in any court of competent jurisdiction. Nothing in this Section 10
shall prevent a Party from seeking or obtaining equitable relief from a court of competent
jurisdiction, whether before, during or after arbitration proceedings.
12. Period for Bringing Actions
No action, regardless of form, arising out of the transactions under this Agreement, may be brought by either party hereto
more than one (1) year after the cause of action has occurred, or was discovered to have occurred, except that an action
for infringement of intellectual property rights may be brought within the maximum applicable statutory period.
13. Entire Agreement; Severability; No Waiver
This Agreement is the entire agreement between you and Rightholder and supersedes any other prior agreements,
proposals, communications or advertising, oral or written, with respect to the Software or to subject matter of this
Agreement. You acknowledge that you have read this Agreement, understand it and agree to be bound by its terms. If
any provision of this Agreement is found by a court of competent jurisdiction to be invalid, void, or unenforceable for any
reason, in whole or in part, such provision will be more narrowly construed so that it becomes legal and enforceable, and
the entire Agreement will not fail on account thereof and the balance of the Agreement will continue in full force and effect
to the maximum extent permitted by law or equity while preserving, to the fullest extent possible, its original intent. No
waiver of any provision or condition herein shall be valid unless in writing and signed by you and an authorized
representative of Rightholder provided that no waiver of any breach of any provisions of this Agreement will constitute a
waiver of any prior, concurrent or subsequent breach. Rightholder‟s failure to insist upon or enforce strict performance of
any provision of this Agreement or any right shall not be construed as a waiver of any such provision or right.
14. Rightholder Contact Information
Should you have any questions concerning this Agreement, or if you desire to contact the Rightholder for any reason,
please contact our Customer Service Department at:
Kaspersky Lab ZAO, 10 build. 1, 1st Volokolamsky Proezd
Moscow, 123060
Russian Federation
Tel: +7-495-797-8700
Fax: +7-495-645-7939
Page 8
U S E R G U I D E
8
E-mail: info@kaspersky.com
Web site: www.kaspersky.com
© 1997-2009 Kaspersky Lab ZAO. All Rights Reserved. The Software and any accompanying documentation are
copyrighted and protected by copyright laws and international copyright treaties, as well as other intellectual property
laws and treaties.
Page 9
9
CONTENTS
LICENSE AGREEMENT ............................................................................................................................................... 3
ABOUT THIS GUIDE ................................................................................................................................................... 19
OBTAINING INFORMATION ABOUT THE APPLICATION ......................................................................................... 20
Sources of information to research on your own .................................................................................................... 20
Contacting the Sales Department .......................................................................................................................... 21
Discussing Kaspersky Lab applications on the web forum .................................................................................... 21
KASPERSKY PURE .................................................................................................................................................... 22
Distribution package .............................................................................................................................................. 22
Hardware and software requirements .................................................................................................................... 22
THE CONCEPT OF KASPERSKY PURE ................................................................................................................... 24
My Backup ............................................................................................................................................................. 24
My Parental Control ............................................................................................................................................... 25
My Control Center .................................................................................................................................................. 25
My Encryption ........................................................................................................................................................ 25
My Password Manager .......................................................................................................................................... 25
My System Tune-Up .............................................................................................................................................. 26
My Computer Protection ................................................................................................................................ ........ 26
Protection components..................................................................................................................................... 27
Protection of data and online activity ................................................................................................................ 28
Control over applications and data access ....................................................................................................... 28
Network Monitor ............................................................................................................................................... 29
Virus scan tasks ............................................................................................................................................... 29
Update.............................................................................................................................................................. 29
INSTALLING KASPERSKY PURE ON YOUR COMPUTER ....................................................................................... 30
Step 1. Verifying that the system satisfies the installation requirements ................................................................ 31
Step 2. Selecting the type of the installation ................................ ................................................................ .......... 31
Step 3. Accepting the License Agreement ............................................................................................................. 31
Step 4. Participating in the Kaspersky Security Network program ......................................................................... 32
Step 5. Selecting the destination folder.................................................................................................................. 32
Step 6. Selecting application components for the installation ................................................................................ 32
Step 7. Searching for other anti-virus applications ................................................................................................. 33
Step 8. Disabling Microsoft Windows firewall ......................................................................................................... 33
Step 9. Final preparation for installation................................................................................................................. 33
MODIFYING, RESTORING, AND REMOVING THE APPLICATION WITH THE INSTALLATION WIZARD .............. 35
Step 1. Starting window of the installation program ............................................................................................... 35
Step 2. Selecting operation .................................................................................................................................... 35
Step 3. Finishing application modification, restoration, or removal ........................................................................ 36
GETTING STARTED ................................................................................................................................................... 37
Application Configuration Wizard ........................................................................................................................... 38
Step 1. Activating the application ..................................................................................................................... 39
Activating the commercial version .............................................................................................................. 39
Activating the trial version ........................................................................................................................... 40
Completing the activation ........................................................................................................................... 40
Page 10
U S E R G U I D E
10
Step 2. Restricting access to the application .................................................................................................... 40
Step 3. Selecting protection mode ................................................................................................................... 41
Step 4. Configuring application update ............................................................................................................ 41
Step 5. Selecting threats to be detected .......................................................................................................... 41
Step 6. Analyzing the applications installed on the computer........................................................................... 42
Step 7. Closing Configuration Wizard .............................................................................................................. 42
Selecting network type ........................................................................................................................................... 42
Updating the application ........................................................................................................................................ 42
Scanning computer for viruses .............................................................................................................................. 43
Scanning computer for vulnerabilities .................................................................................................................... 43
Managing license ................................................................................................................................................... 43
Participating in Kaspersky Security Network .......................................................................................................... 44
Security Management ............................................................................................................................................ 45
Protection status .................................................................................................................................................... 47
Pausing protection ................................................................................................................................................. 47
My Backup ............................................................................................................................................................. 48
My Parental Control ............................................................................................................................................... 48
My Encryption ........................................................................................................................................................ 48
My Password Manager .......................................................................................................................................... 48
APPLICATION INTERFACE ....................................................................................................................................... 50
Notification area icon ............................................................................................................................................. 50
Context menu ........................................................................................................................................................ 50
Kaspersky PURE main window ............................................................................................................................. 51
My Computer Protection................................................................................................................................... 53
Backup copy ..................................................................................................................................................... 53
My Parental Control ......................................................................................................................................... 54
Notifications ........................................................................................................................................................... 55
Application settings window ................................................................................................................................... 56
MY COMPUTER PROTECTION ................................................................................................................................. 58
Computer file system protection ............................................................................................................................ 59
Component operation algorithm ....................................................................................................................... 60
Changing security level of files and memory .................................................................................................... 61
Changing actions to be performed on detected objects ................................................................................... 61
Creating a protection scope ............................................................................................................................. 62
Using heuristic analysis .................................................................................................................................... 63
Scan optimization ............................................................................................................................................. 63
Scan of compound files .................................................................................................................................... 64
Scanning large compound files ........................................................................................................................ 64
Changing the scan mode ................................................................................................................................. 65
Scan technology ............................................................................................................................................... 65
Pausing the component: creating a schedule ................................................................................................... 66
Pausing the component: creating an applications list ....................................................................................... 67
Restoring default protection settings ................................................................................................................ 67
Mail protection ....................................................................................................................................................... 69
Component operation algorithm ....................................................................................................................... 70
Changing email protection security level .......................................................................................................... 70
Changing actions to be performed on detected objects ................................................................................... 71
Creating a protection scope ............................................................................................................................. 71
Page 11
C O N T E N T S
11
Email scanning in Microsoft Office Outlook ...................................................................................................... 72
Email scanning in The Bat! ............................................................................................................................... 72
Using heuristic analysis .................................................................................................................................... 73
Scan of compound files .................................................................................................................................... 74
Attachment filtering .......................................................................................................................................... 74
Restoring default mail protection settings......................................................................................................... 74
Web traffic protection ............................................................................................................................................. 76
Component operation algorithm ....................................................................................................................... 77
Changing HTTP traffic security level ................................................................................................................ 78
Changing actions to be performed on detected objects ................................................................................... 78
Creating a protection scope ............................................................................................................................. 78
Selecting the scan type .................................................................................................................................... 79
Kaspersky URL Advisor ................................................................................................................................... 80
Using heuristic analysis .................................................................................................................................... 81
Scan optimization ............................................................................................................................................. 81
Restoring default web protection settings......................................................................................................... 82
Protecting instant messengers traffic ..................................................................................................................... 83
Component operation algorithm ....................................................................................................................... 83
Creating a protection scope ............................................................................................................................. 84
Selecting the scan method ............................................................................................................................... 84
Using heuristic analysis .................................................................................................................................... 85
Application Control ................................................................................................................................................. 86
Component operation algorithm ....................................................................................................................... 87
Inheriting rights ........................................................................................................................................... 87
Threat rating ............................................................................................................................................... 88
Application groups ...................................................................................................................................... 88
Application run sequence ........................................................................................................................... 89
Creating a protection scope ............................................................................................................................. 89
Application Control rules .................................................................................................................................. 90
Placing applications into groups ................................................................................................................. 91
Changing the time used to determine the application status ...................................................................... 92
Editing an application rule .......................................................................................................................... 92
Editing a rule for an application group ........................................................................................................ 93
Creating a network rule for application ....................................................................................................... 93
Configuring exclusions ............................................................................................................................... 94
Deleting rules for applications..................................................................................................................... 94
Safe mode of applications execution ..................................................................................................................... 95
Running an application in safe mode ............................................................................................................... 95
Creating a shortcut for program execution ....................................................................................................... 96
Creating the list of applications running in safe mode ...................................................................................... 96
Selecting the mode: running an application...................................................................................................... 97
Selecting the mode: clearing safe mode data .................................................................................................. 97
Using a shared folder ....................................................................................................................................... 98
Clearing the safe mode data ............................................................................................................................ 98
Firewall ................................................................................................................................................................ 100
Changing the network status .......................................................................................................................... 100
Extending the range of network addresses .................................................................................................... 101
Selecting the mode of notification about network changes ............................................................................ 101
Advanced Firewall settings ............................................................................................................................. 102
Page 12
U S E R G U I D E
12
Firewall rules .................................................................................................................................................. 102
Creating a packet rule .............................................................................................................................. 103
Creating a rule for application ................................................................................................................... 103
Rule Creation Wizard ............................................................................................................................... 104
Selecting actions to be performed by the rule........................................................................................... 105
Configuring network service settings ........................................................................................................ 105
Selecting addresses range ....................................................................................................................... 106
Proactive Defense ............................................................................................................................................... 107
Using the list of dangerous activity ................................................................................................................. 107
Changing the dangerous activity monitoring rule ........................................................................................... 108
Creating a group of trusted applications ......................................................................................................... 109
System accounts control ................................................................................................................................ 109
Network Attack Blocker ........................................................................................................................................ 110
Blocking the attacking computers ................................................................................................................... 110
Types of detected network attacks ................................................................................................................. 110
Anti-Spam ............................................................................................................................................................ 113
Component operation algorithm ..................................................................................................................... 114
Training Anti-Spam ........................................................................................................................................ 115
Training using the Training Wizard ........................................................................................................... 116
Training Anti-Spam using outgoing messages ......................................................................................... 117
Training using email client ........................................................................................................................ 117
Training with reports ................................................................................................................................. 118
Changing security level .................................................................................................................................. 119
Selecting the scan method ............................................................................................................................. 119
Creating the list of trusted URLs .................................................................................................................... 120
Creating the list of blocked senders ............................................................................................................... 120
Creating the list of blocked phrases ............................................................................................................... 121
Creating the list of obscene phrases .............................................................................................................. 122
Creating the list of allowed senders ............................................................................................................... 122
Creating the list of allowed phrases ............................................................................................................... 123
Importing the list of allowed senders .............................................................................................................. 124
Determining spam and potential spam ratings ............................................................................................... 124
Selecting the spam recognition algorithm....................................................................................................... 125
Using additional spam filtering features.......................................................................................................... 125
Adding a label to message subject ................................................................................................................. 126
Filtering email messages at the server. Mail Dispatcher ................................................................................ 126
Excluding Microsoft Exchange Server messages from the scan .................................................................... 127
Actions to be performed on spam .................................................................................................................. 127
Configuring spam processing in Microsoft Office Outlook ........................................................................ 127
Configuring spam processing in Microsoft Outlook Express (Windows Mail) ........................................... 129
Configuring spam processing in The Bat! ................................................................................................. 129
Configuring spam processing in Thunderbird ........................................................................................... 130
Restoring default Anti-Spam settings ............................................................................................................. 130
Anti-Banner ................................................................................................ .......................................................... 131
Using heuristic analysis .................................................................................................................................. 131
Advanced component settings ....................................................................................................................... 132
Creating the list of allowed banner addresses ................................................................................................ 132
Creating the list of blocked banner addresses ............................................................................................... 132
Exporting / importing banner lists ................................................................................................................... 133
Page 13
C O N T E N T S
13
Computer scan .................................................................................................................................................... 134
Virus scan ...................................................................................................................................................... 134
Starting the virus scan task....................................................................................................................... 135
Creating a shortcut for task execution ...................................................................................................... 137
Creating a list of objects to scan ............................................................................................................... 137
Changing security level ............................................................................................................................ 138
Changing actions to be performed on detected objects ............................................................................ 138
Changing the type of objects to scan ........................................................................................................ 139
Scan optimization ..................................................................................................................................... 139
Scanning removable disk drives ............................................................................................................... 140
Scan of compound files ............................................................................................................................ 140
Scan technology ....................................................................................................................................... 141
Changing the scan method ....................................................................................................................... 142
Run mode: creating a schedule ................................................................................................................ 142
Run mode: specifying an account ............................................................................................................. 143
Features of scheduled task launch ........................................................................................................... 143
Restoring default scan settings................................................................................................................. 143
Vulnerability scan ........................................................................................................................................... 144
Starting the vulnerability scan task ........................................................................................................... 145
Creating a shortcut for task execution ...................................................................................................... 145
Creating a list of objects to scan ............................................................................................................... 145
Run mode: creating a schedule ................................................................................................................ 146
Run mode: specifying an account ............................................................................................................. 146
Update ................................................................................................................................................................. 148
Starting update ............................................................................................................................................... 149
Rolling back the last update ................................................................ ........................................................... 149
Selecting update source ................................................................................................................................. 150
Using a proxy server ...................................................................................................................................... 150
Regional settings ............................................................................................................................................ 151
Actions to be performed after the update ....................................................................................................... 151
Update: from a local folder ................................................................................................ ............................. 151
Changing the update task run mode .............................................................................................................. 152
Running updates under a different user's account ......................................................................................... 153
Configuring Computer Protection settings ........................................................................................................... 154
Protection ....................................................................................................................................................... 156
Enabling / disabling computer protection .................................................................................................. 156
Using interactive protection mode ............................................................................................................ 156
File Anti-Virus ................................................................................................................................................. 157
Mail Anti-Virus ................................................................................................................................................ 157
Web Anti-Virus ............................................................................................................................................... 158
IM Anti-Virus ................................................................................................................................................... 159
Application Control ......................................................................................................................................... 159
Firewall ........................................................................................................................................................... 160
Proactive Defense .......................................................................................................................................... 161
Network Attack Blocker .................................................................................................................................. 162
Anti-Spam ...................................................................................................................................................... 162
Anti-Banner .................................................................................................................................................... 163
Scan My Computer ........................................................................................................................................ 164
Update............................................................................................................................................................ 165
Page 14
U S E R G U I D E
14
Settings .......................................................................................................................................................... 165
Threats and exclusions ............................................................................................................................. 166
Network .................................................................................................................................................... 169
Quarantine and Backup ............................................................................................................................ 172
Reports ................................................................................................................................ ................................ 175
Selecting a component or a task to create a report ........................................................................................ 175
Managing grouping of information in the report ................................................................ .............................. 176
Report readiness notification .......................................................................................................................... 176
Selecting event types ..................................................................................................................................... 176
Displaying data on the screen ........................................................................................................................ 177
Extended display mode for statistics .............................................................................................................. 178
Saving a report into a file................................................................................................................................ 179
Using complex filtering ................................................................................................................................... 179
Events search ................................................................................................................................................ 180
BACKUP COPY ........................................................................................................................................................ 181
Creating a backup storage area ........................................................................................................................... 181
Connecting a storage ........................................................................................................................................... 182
Clearing a storage ............................................................................................................................................... 182
Removing a storage ............................................................................................................................................. 183
Creating a backup task ........................................................................................................................................ 183
Running a backup task ........................................................................................................................................ 184
Searching for backup copies ................................................................................................................................ 184
Viewing backup copy data ................................................................ ................................................................... 185
Restoring data ..................................................................................................................................................... 185
Viewing event report ............................................................................................................................................ 186
MY PARENTAL CONTROL ....................................................................................................................................... 187
Enabling and configuring Parental Control........................................................................................................... 188
Limiting time of Internet access ........................................................................................................................... 189
Access to web sites ............................................................................................................................................. 190
Downloading files from the Internet ..................................................................................................................... 190
Safe search mode ................................................................................................................................................ 191
Instant messaging ................................................................................................................................................ 192
Sending personal data ......................................................................................................................................... 193
Key words search ................................................................................................................................................ 194
Limiting computer usage time .............................................................................................................................. 194
Running applications and games ......................................................................................................................... 195
Saving and downloading Parental Control settings .............................................................................................. 196
MY SYSTEM TUNE-UP ............................................................................................................................................ 198
Configuring the browser ....................................................................................................................................... 198
Restoring after infection ....................................................................................................................................... 199
Rescue disk ......................................................................................................................................................... 199
Creating the rescue disk................................................................................................................................. 200
Booting the computer using the rescue disk................................................................................................... 201
Permanently Delete Data ..................................................................................................................................... 202
Delete Unused Data............................................................................................................................................. 203
Privacy Cleaner Wizard ....................................................................................................................................... 204
Page 15
C O N T E N T S
15
MY VIRTUAL KEYBOARD ........................................................................................................................................ 205
MY ENCRYPTION..................................................................................................................................................... 206
Creating a container............................................................................................................................................. 206
Connecting and disconnecting container ............................................................................................................. 207
Adding files into container .................................................................................................................................... 208
Configuring container ........................................................................................................................................... 208
Creating shortcut to access the container ............................................................................................................ 209
MY PASSWORD MANAGER .................................................................................................................................... 210
My Password Manager interface ......................................................................................................................... 211
Notification area icon ...................................................................................................................................... 211
Context menu of My Password Manager ....................................................................................................... 211
My Password Manager window ...................................................................................................................... 212
Application settings window ........................................................................................................................... 212
Caption Button ............................................................................................................................................... 213
Configuration Wizard ........................................................................................................................................... 213
Password Database management ....................................................................................................................... 214
Accessing Password Database ...................................................................................................................... 214
Adding personal data ..................................................................................................................................... 215
Account .................................................................................................................................................... 215
User name ................................................................................................................................................ 219
Identity ...................................................................................................................................................... 220
Group of accounts .................................................................................................................................... 220
Editing personal data ..................................................................................................................................... 221
Using personal data ....................................................................................................................................... 221
Finding passwords ......................................................................................................................................... 222
Deleting personal data ................................................................................................................................... 223
Importing / exporting passwords .................................................................................................................... 223
Password Database Backup / Restore ........................................................................................................... 224
Configuring application settings ........................................................................................................................... 226
Default user name .......................................................................................................................................... 227
List of frequently used accounts ..................................................................................................................... 227
List of ignored web addresses ........................................................................................................................ 228
List of trusted web addresses ......................................................................................................................... 228
Quick launch of application functions ............................................................................................................. 229
Password Database location .......................................................................................................................... 230
Creating new Password Database ................................................................................................................. 231
Password Database Backup .......................................................................................................................... 231
Selecting encryption method .......................................................................................................................... 232
Automatic locking of Password Database ...................................................................................................... 233
Password Manager authorization method ...................................................................................................... 233
Using USB and Bluetooth devices ................................................................................................................. 234
Changing Master Password ........................................................................................................................... 234
Creating a list of supported browsers ............................................................................................................. 235
Additional settings .......................................................................................................................................... 235
Application launch time ............................................................................................................................. 236
Double-click action ................................................................................................................................... 236
Notifications .............................................................................................................................................. 236
Backup time of password in clipboard ...................................................................................................... 237
Page 16
U S E R G U I D E
16
Caption Button .......................................................................................................................................... 237
Additional features ............................................................................................................................................... 239
Password Generator ...................................................................................................................................... 239
Password Manager pointer ............................................................................................................................ 240
MY CONTROL CENTER ................................................................ ........................................................................... 241
Configuring remote management ........................................................................................................................ 241
Analyzing network security .................................................................................................................................. 242
Managing protection components ........................................................................................................................ 243
Managing licenses ............................................................................................................................................... 243
Parental Control management ............................................................................................................................. 243
Remote scan for viruses and vulnerabilities ......................................................................................................... 244
Updating databases and application modules ..................................................................................................... 244
Remote backup .................................................................................................................................................... 245
CONFIGURING KASPERSKY PURE SETTINGS .................................................................................................... 246
General settings ................................................................................................................................................... 247
Running Kaspersky PURE at Windows startup ................................ .............................................................. 248
Restricting access to Kaspersky PURE.......................................................................................................... 248
Self-Defense ........................................................................................................................................................ 248
Battery saving ...................................................................................................................................................... 249
Compatibility ........................................................................................................................................................ 249
Advanced disinfection technology .................................................................................................................. 249
Computer performance during task execution ................................................................................................ 250
Proxy server ......................................................................................................................................................... 250
Notifications ......................................................................................................................................................... 250
Disabling sound notifications .......................................................................................................................... 251
Delivery of notifications using email ............................................................................................................... 251
Reports ................................................................................................................................ ................................ 252
Logging events into report .............................................................................................................................. 252
Clearing the application reports ...................................................................................................................... 252
Storing reports ................................................................................................................................................ 252
Feedback ............................................................................................................................................................. 252
Application's appearance ..................................................................................................................................... 253
Active interface elements ............................................................................................................................... 253
Kaspersky PURE skin .................................................................................................................................... 254
Gaming profile ..................................................................................................................................................... 254
Application settings management ........................................................................................................................ 254
Exporting / importing Kaspersky PURE settings ............................................................................................ 255
Restoring default settings ............................................................................................................................... 255
NOTIFICATIONS ....................................................................................................................................................... 256
Object cannot be disinfected ................................................................................................................................ 257
Unavailable update server ................................................................................................................................... 258
Malicious object detected ..................................................................................................................................... 258
Dangerous object detected in traffic .................................................................................................................... 258
Suspicious object detected ................................ ................................ .................................................................. 259
Dangerous activity detected in the system ........................................................................................................... 259
Hidden process detected ................................................................................................................................ ..... 260
Attempt to access the system registry detected ................................................................................................... 261
Network activity of an application has been detected .......................................................................................... 261
Page 17
C O N T E N T S
17
New network detected ......................................................................................................................................... 262
Phishing attack detected ...................................................................................................................................... 262
Suspicious link detected ...................................................................................................................................... 262
Invalid certificate detected ................................................................................................................................... 263
Limiting using the application ............................................................................................................................... 263
Special treatment required ................................................................................................................................... 263
File already exists ................................................................................................................................................ 263
ELIMINATING PROBLEMS ....................................................................................................................................... 265
Creating a system state report ............................................................................................................................. 265
Sending data files ................................................................................................................................................ 266
Executing AVZ script............................................................................................................................................ 267
Creating a trace file .............................................................................................................................................. 267
CONTACTING THE TECHNICAL SUPPORT SERVICE .......................................................................................... 269
KASPERSKY SECURITY NETWORK DATA COLLECTION STATEMENT ............................................................. 270
USING THIRD-PARTY CODE ................................................................................................................................... 271
Agava-Clibrary ..................................................................................................................................................... 273
Crypto C library (data security software library) ................................................................................................... 273
Fastscript 1.9 library............................................................................................................................................. 273
Pcre 7.4, 7.7 library .............................................................................................................................................. 273
GNU bison parser library ..................................................................................................................................... 274
AGG 2.4 library .................................................................................................................................................... 274
OpenSSL 0.9.8d library........................................................................................................................................ 275
Gecko SDK 1.8 library ......................................................................................................................................... 276
Zlib 1.2 library ...................................................................................................................................................... 276
Libpng 1.2.8, 1.2.29 library .................................................................................................................................. 276
Libnkfm 2.0.5 library............................................................................................................................................. 276
Expat 1.2, 2.0.1 library ......................................................................................................................................... 276
Info-ZIP 5.51 library ............................................................................................................................................. 277
Windows Installer XML (WiX) 2.0 library .............................................................................................................. 277
Passthru library .................................................................................................................................................... 280
Filter library .......................................................................................................................................................... 280
Netcfg library ........................................................................................................................................................ 280
Pcre 3.0 library ..................................................................................................................................................... 280
RFC1321-based (RSA-free) MD5 library ................................................................................................ ............. 281
Windows Template Library (WTL 7.5).................................................................................................................. 281
Libjpeg 6b library ................................................................................................................................................. 284
Libungif 3.0 library ............................................................................................................................................... 285
Libxdr library ........................................................................................................................................................ 285
Tiniconv - 1.0.0 library.......................................................................................................................................... 286
Bzip2/libbzip2 1.0.5 library ................................................................................................................................... 290
Libspf2-1.2.9 library ............................................................................................................................................. 291
Protocol Buffer library .......................................................................................................................................... 291
Sqlite 3.5.9 library ................................................................................................................................................ 292
Icu 4.0 library ....................................................................................................................................................... 292
Other information ................................................................................................................................................. 292
Page 18
U S E R G U I D E
18
GLOSSARY ............................................................................................................................................................... 293
KASPERSKY LAB ..................................................................................................................................................... 301
INDEX ....................................................................................................................................................................... 302
Page 19
19
ABOUT THIS GUIDE
Kaspersky PURE User Guide contains information about the Kaspersky PURE's principles of operation, the main tasks of
home network protection, and the application configuration. This Guide is created for all those who use the Kaspersky
PURE application for protecting computers on home networks.
Kaspersky PURE User Guide consists of the following main sections:
Obtaining information about the application (see page 20). This section describes various sources of information
about how to purchase, install and use Kaspersky PURE.
The concept of Kaspersky PURE (see page 24). This section describes the general concept of comprehensive
protection of your home network using various features of the application.
Installing the application (see page 30). This section provides step-by-step instructions for the correct application
installation.
Getting started (see page 37). This section describes the main operations, which should be performed after the
application is installed on your computer, in order to ensure reliable protection.
Application interface (see page 50). This section describes the application user interface, including the main
window, context menu, notification service, and other elements.
My Computer Protection. This section describes the operation of the components of My Computer Protection
designed for protecting your computer from various threats.
My Backup (see page 181). This section contains the information about backup and data restoration from
backup copies.
My Parental Control (see page 187). This section contains the information about the protection of home network
users from threats emerging while working on the computer or surfing the Internet, as well as the information
related to the management of Parental Control settings.
My System Tune-Up. This section contains the information about the wizards and tools that may be useful for
advanced protection.
My Virtual Keyboard (see page 205). This section describes the way of using the virtual keyboard in order to
protect your data from key-loggers.
My Data Encryption (see page 206). This section describes the way of using encrypted containers in order to
store confidential data.
My Password Manager (see page 241). This section describes the way of managing passwords and other
personal data.
My Control Center (see page 241). This section describes the remote management of home network security.
Configuring Kaspersky PURE (see page 246). This section describes the way of managing the application
settings in order to ensure flexible and efficient protection.
Eliminating problems (see page 265). This section describes the actions that should be taken when any
problems occur in the Kaspersky PURE operation.
Page 20
20
IN THIS SECTION:
Sources of information to research on your own ............................................................................................................. 20
Contacting the Sales Department .................................................................................................................................... 21
Discussing Kaspersky Lab applications on the web forum .............................................................................................. 21
OBTAINING INFORMATION ABOUT THE APPLICATION
If you have any questions regarding purchasing, installing or using Kaspersky PURE, answers are readily available.
Kaspersky Lab provides various sources of information about the application. You can choose the most suitable of them,
with regard to the question importance and urgency.
SOURCES OF INFORMATION TO RESEARCH ON YOUR OWN
You may refer to the following sources of information about the application:
application page at the Kaspersky Lab website;
application page at the Technical Support Service website (in the Knowledge Base);
service page of FastTrack Support;
Help system;
documentation.
Application page at the Kaspersky Lab website
http://www.kaspersky.com/kaspersky-pure http://www.kaspersky.com/kaspersky-pure
This page will provide you with general information on the application, its features and options.
Application page at the Technical Support Service website (Knowledge Base)
http://support.kaspersky.com/pure http://support.kaspersky.com/pure
On this page, you will find the articles created by Technical Support Service specialists.
These articles contain useful information, recommendations and FAQ on purchasing, installation and use of the
application. They are sorted by subject. The articles may provide answers to the questions that concern not only this
application but the other Kaspersky Lab products as well; they may also contain the news from Technical Support
service.
FastTrack Support service
On this service page, you can find the base of FAQs with answers which is updated on a regular basis. To use this
service, you will need an Internet connection.
To go to the service page, in the main application window click the Support link, and in the window that will open
click the FastTrack Support button.
Page 21
O B T A I N I N G I N F O R M A T I O N A B O U T T H E A P P L I C A T I O N
21
Help system
The application installation package includes the full and context help file that contains the information about how to
manage the computer protection (view protection status, scan various computer areas for viruses, execute other
tasks), and the information on each application window such as the list of its proper settings and their description,
and the list of tasks to execute.
To open the help file, click the Help button in the required window, or press the <F1> key.
Documentation
Kaspersky PURE installation package includes the User Guide document (in PDF format). This document contains
descriptions of the application's features and options as well as main operation algorithms.
CONTACTING THE SALES DEPARTMENT
If you have questions about selecting or purchasing Kaspersky PURE or extending your license, please phone the Sales
Department in our Moscow Central Office, at:
+7 (495) 797-87-00, +7 (495) 645-79-39, +7 (495) 956-70-00
The service languages are Russian and English.
You can also send your questions to the Sales Department specialists by email sales@kaspersky.com.
DISCUSSING KASPERSKY LAB APPLICATIONS ON THE
WEB FORUM
If your question does not require an urgent answer, you can discuss it with Kaspersky Lab specialists and other users of
our forum at http://forum.kaspersky.com.
In this forum you can view existing topics, leave your comments, create new topics and use the search engine.
Page 22
22
IN THIS SECTION:
Distribution package ........................................................................................................................................................ 22
Hardware and software requirements.............................................................................................................................. 22
KASPERSKY PURE
Kaspersky PURE is a new generation of home network security solutions.
What really sets Kaspersky PURE apart from other software, even from other Kaspersky Lab's products, is the
multifaceted approach to the user's home network security.
DISTRIBUTION PACKAGE
You can purchase Kaspersky PURE from our partners (boxed edition), or at an online store (e.g.,
http://www.kaspersky.com, section eStore).
If you purchase the boxed product, the distribution package includes the following:
Sealed envelope with the installation CD where the product files and documentation in PDF format are recorded.
Printed documentation, namely User Guide and Quick Start Guide.
License Agreement (depends on the region).
Activation card that contains the activation code and instructions on application activation (depends on the
region).
License agreement is a legal agreement concluded between you and Kaspersky Lab, stating the terms for use of the
software product you have purchased.
Please thoroughly read through the License Agreement.
If you do not accept the terms of the License Agreement, you can return your boxed product to the partner from which
you have purchased it; in this case, the product will be refunded at the purchase price. However, the envelope with the
installation CD (or floppy disks) should remain sealed.
You accept the terms of the License Agreement by unsealing the envelope with the installation CD (or floppy disks).
Before unsealing the envelope with the installation CD (or floppy disks), please thoroughly read through the License
Agreement.
When purchasing Kaspersky PURE at eStore, you copy the product from the Kaspersky Lab website. The installation
package includes the product itself and this Agreement. The activation code will be sent to you by email when paid.
HARDWARE AND SOFTWARE REQUIREMENTS
For the proper functioning of Kaspersky PURE, your computer should meet the following minimum requirements:
Page 23
K A S P E R S K Y PU R E
23
General requirements:
320 MB free hard drive space.
CD-ROM (for installation of Kaspersky PURE from the installation CD).
Microsoft Internet Explorer 6.0 or higher (for updating application's databases and software modules via
Internet).
Microsoft Windows Installer 2.0.
Microsoft Windows XP Home Edition (Service Pack 3), Microsoft Windows XP Professional (Service Pack 3),
Microsoft Windows XP Professional x64 Edition (Service Pack 3):
Intel Pentium 300 MHz processor or higher (or a compatible equivalent);
256 MB free RAM.
Microsoft Windows Vista Home Basic, Microsoft Windows Vista Home Premium, Microsoft Windows Vista Business,
Microsoft Windows Vista Enterprise, Microsoft Windows Vista Ultimate:
Intel Pentium 800 MHz 32-bit (x86) / 64-bit (x64) processor or higher (or a compatible equivalent);
512 MB free RAM.
Microsoft Windows 7 Home Premium, Microsoft Windows 7 Professional, Microsoft Windows 7 Ultimate:
Intel Pentium 1 GHz 32-bit (x86) / 64-bit (x64) processor or higher (or a compatible equivalent);
1 GB free RAM (32-bit); 2 GB free RAM (64-bit).
Page 24
24
IN THIS SECTION:
My Backup ....................................................................................................................................................................... 24
My Parental Control ......................................................................................................................................................... 25
My Control Center ........................................................................................................................................................... 25
My Encryption .................................................................................................................................................................. 25
My Password Manager .................................................................................................................................................... 25
My System Tune-Up ........................................................................................................................................................ 26
My Computer Protection .................................................................................................................................................. 26
SEE ALSO:
My Backup ..................................................................................................................................................................... 181
THE CONCEPT OF KASPERSKY PURE
Kaspersky PURE is a program designed for comprehensive protection of computers within your home network.
Kaspersky PURE includes the following functional modules:
My Computer Protection (see page 26), which protects your computer against known and unknown threats;
My Backup (see page 24), which quickly restores your data if data loss occurs;
My Encryption (see page 25), which protects your confidential data against unauthorized access;
My Parental Control (see page 25), which protects children and teenagers from threats related to computer and
Internet usage;
My Password Manager (see page 25), which ensures safe storage of passwords and other account data, and
confidentiality while filling various authorization forms;
My Control Center (see page 25), which allows to remotely manage the security of networked computers;
My System Tune-Up (see page 26), which is used for optimizing the operating system settings and performing
specific computer security tasks.
MY BACKUP
Data stored on a computer can be lost due to various issues, such as impact of a virus, information modification or
deletion by another user, etc. To avoid losing important information, you should regularly back up data.
Backup copying creates backup copies of objects in a special storage on the selected device. To do so, you should
configure backup tasks. After running the task manually or automatically, according to a schedule, backup copies of
selected files are created in the storage. If necessary, the required version of the saved file can be restored from the
backup copy. Thus, regular backup ensures additional security of data.
Page 25
T HE C O N C E P T O F K A S P E R S K Y P U R E
25
SEE ALSO:
My Parental Control ....................................................................................................................................................... 187
SEE ALSO:
My Control Center ......................................................................................................................................................... 241
SEE ALSO:
My Encryption ................................................................................................................................................................ 206
MY PARENTAL CONTROL
Parental Control is designed to protect children and teenagers from threats related to computer and Internet usage.
Parental Control allows a flexible limit of the access to resources and applications for different users depending on their
age and experience. Besides, this function allows to view statistical reports about the users' actions.
The specified restrictions fall into three categories:
using the Internet;
instant messaging;
using the computer.
MY CONTROL CENTER
Home network often comprises several computers, which makes it difficult to manage network security. The vulnerability
of one computer puts in jeopardy the whole network.
The Control Center allows starting virus scan tasks and update tasks for the whole network or for selected computers,
manage the backup copying of data, and configure Parental Control settings on all computers within the network
immediately from your workspace. This ensures remote security management of all computers within home network.
MY ENCRYPTION
Confidential information, which is saved in electronic mode, requires additional protection from unauthorized access.
Storing data in an encrypted container provides this protection.
Data encryption allows creating special encrypted containers on the chosen drive. In the system, such containers are
displayed as virtual removable drives. To access the data in the encrypted container, a password should be entered.
MY PASSWORD MANAGER
At the moment, registration and entering account data for authentication are required to access the majority of services
and resources. For security reasons, it is not recommended to use identical user accounts for different resources, or write
Page 26
U S E R G U I D E
26
SEE ALSO:
My Password Manager .................................................................................................................................................. 210
SEE ALSO:
My System Tune-Up ...................................................................................................................................................... 198
down your user name and password. As a result, today's user is not able to remember huge amounts of account data,
which makes safe storing of passwords particularly up-to-date.
Password Manager makes it possible to store different personal data in encrypted form (for example, user names,
passwords, addresses, phone and credit card numbers). Data access is protected with a single Master Password. After
entering the Master Password, Password Manager can automatically fill in the fields of different authorization forms.
Thus, you should remember only one Master Password to manage all account data.
MY SYSTEM TUNE-UP
Ensuring computer's security is a difficult task that requires the expertise in operating system's features and in ways of
exploiting its weak points. Additionally, volume and diversity of information about system security makes its analysis and
processing difficult.
To facilitate solving specific tasks of providing computer security, Kaspersky PURE includes the following wizards and
tools:
Browser Configuration Wizard (see page198), which performs the analysis of the Microsoft Internet Explorer settings by
assessing them, primarily, in relation to the security.
System Restore Wizard (see page 199), which removes traces left by malicious objects in the system.
Privacy Cleaner Wizard (see page 204), which finds and removes traces of user's activities in the system, and
the operating system settings, which allow gathering information about the user's activities.
Rescue Disk (see page 199), which is designed to scan and disinfect infected x86-compatible computers. It
should be used when the infection is at such level that it is deemed impossible to disinfect the computer using
anti-virus applications or malware removal utilities.
Permanently Delete Data (see page 202), which prevents unauthorized restoration of deleted files.
Unused Data Clearing Wizard (see page 203), which deletes temporary and unused files requiring considerable
volume of disk space or being at risk of a malware impact.
MY COMPUTER PROTECTION
Computer Protection protects your computer against known and new threats. Each type of threat is processed by a
separate application component. This structure of the protection system allows a flexible configuration of the application,
depending on the needs of any specific, or of an enterprise as a whole.
Computer Protection includes the following protection tools:
Protection components (see page 27), which ensure security for:
files and personal data;
system;
Page 27
T HE C O N C E P T O F K A S P E R S K Y P U R E
27
network activity.
Virus scan tasks (on page 29) used to scan individual files, folders, drives, areas, or the entire computer for
viruses.
My Update Center (on page 29), which ensures the up-to-date status of internal application modules and
databases used to scan for malicious programs.
PROTECTION COMPONENTS
The following protection components provide defense for your computer in real time:
File Anti-Virus (see page 59)
File Anti-Virus monitors the file system of the computer. It scans all files that can be opened, executed or saved on
your computer, and all connected disk drives. Computer Protection intercepts each attempt to access a file and
scans such file for known viruses. The file can only be processed further if the file is not infected or is successfully
treated by the application. If a file cannot be disinfected for any reason, it will be deleted, with a copy of it saved in
the backup, or moved to the quarantine.
Mail Anti-Virus (see page 69)
Mail Anti-Virus scans all incoming and outgoing email messages on your computer. It analyzes emails for malicious
programs. The email is available to the addressee only if it does not contain dangerous objects. The component also
analyzes email messages to detect phishing.
Web Anti-Virus (see page 76)
Web Anti-Virus intercepts and blocks scripts on websites if they pose a threat. All HTTP traffic is also subject to a
thorough monitoring. The component also analyzes web pages to detect phishing.
IM Anti-Virus (see page 83)
IM Anti-Virus ensures the safe use of Internet pagers. The component protects information that comes to your
computer via IM protocols. IM Anti-Virus ensures safe operation of various applications for instant messaging.
Application Control (see page 86)
Application Control logs the actions performed by applications in the system, and manages the applications'
activities, based on which group the component assigns them to. A set of rules is defined for each group of
applications. These rules manage applications' access to various resources.
Firewall (see page 100)
Firewall ensures security for your work in local networks and on the Internet. The component filters all network
activities using rules of two types: rules for applications and packet rules.
Proactive Defense (see page 107)
Proactive Defense allows to detect a new malicious program before it performs its malicious activity. The component
is designed around monitoring and analyzing the behavior of all applications installed on your computer. Based on
the actions being performed, Computer Protection makes a decision whether the application is potentially
dangerous, or not. So your computer is protected not only from known viruses, but from new ones as well that still
have not been discovered.
Network Attack Blocker (see page 110)
The Network Attack Blocker loads at the operating system startup, and tracks incoming network traffic for activities
characteristic of network attacks. Once an attempt of attacking your computer is detected, Computer Protection
blocks any network activity of the attacking computer towards your computer.
Anti-Spam (see page 113)
Page 28
U S E R G U I D E
28
Anti-Spam integrates into the mail client installed on your computer, and monitors all incoming email messages for
spam. All messages containing spam are marked with a special header. The option of configuring Anti-Spam for
spam processing (deleting automatically, moving to a special folder, etc.) is also provided. The component also
analyzes email messages to detect phishing.
Network Monitor (see page 29)
The component designed to view information about network activity in real-time mode.
Anti-Phishing
The component, integrated into Web Anti-Virus, Anti-Spam and IM Anti-Virus, which allows to check web addresses
if they are included in the list of phishing and suspicious web addresses.
Anti-Banner (see page 131)
Anti-Banner blocks advertising information located on banners built into interfaces of various programs installed on
your computer, or displayed online.
PROTECTION OF DATA AND ONLINE ACTIVITY
Computer Protection protects data stored on your computer against malware and unauthorized access, ensuring secure
access to the local network and to the Internet.
Protected objects are divided into three groups:
Files, personal data, parameters of access to different resources (user names and passwords), information
about banking cards etc. Protection of these objects is provided by File Anti-Virus, Application Control and
Proactive Defense.
Applications installed on your computer and operating system objects. Protection of these objects is provided by
Mail Anti-Virus, Web Anti-Virus, IM Anti-Virus, Application Control, Proactive Defense, Network Attack Blocker
and Anti-Spam.
Online activity: using e-payment systems, email protection against spam and viruses etc. Protection of these
objects is provided by Mail Anti-Virus, Web Anti-Virus, IM Anti-Virus, Firewall, Network Attack Blocker, AntiSpam, Network Monitor, Anti-Banner.
CONTROL OVER APPLICATIONS AND DATA ACCESS
Computer Protection prevents applications from executing actions which can endanger the system, monitors access to
your personal data and provides the option of running applications in the safe mode. It is performed with the help of the
following tools:
Application Activity Control (see page 86). The component logs the actions performed by applications in the
system, and manages the applications' activities, based on which group they belong to. A set of rules is defined
for each group of applications. These rules manage applications' access to various resources.
Digital Identity Protection (see page 89). Application Control manages rights of applications to perform actions
on the user's personal data. They include files, folders and registry keys, which contain the settings and
important data of the most frequently used applications, as well as user's files (My Documents folder, cookies,
information about the user's activity).
Safe Run (see page 95). Computer Protection ensures the maximum security of operating system objects and
the user's personal data by running unknown applications in the protected virtual environment.
Page 29
T HE C O N C E P T O F K A S P E R S K Y P U R E
29
NETWORK MONITOR
Network Monitor is a tool used to view information about network activities in real time. To run Network Monitor, use the
Network Monitor link in the Computer Protection main window.
The window that will open will provide the information grouped on the following tabs:
The Connections and ports tab lists all the opened ports and active network connections currently established
on your computer.
The Firewall: rule processing log tab displays information about the use of packet rules for applications.
The Network traffic tab displays information on all inbound and outbound connections established between your
computer and other computers, including web servers, mail servers, etc.
The Blocked computers tab lists the blocked computers.
VIRUS SCAN TASKS
In addition to the constant protection of all the ways that malicious programs can penetrate, it is extremely important to
periodically scan your computer for viruses. This is necessary in order to rule out the possibility of spreading malicious
programs that have not been discovered by security components, for example, because the security level was set to low
or for other reasons.
The following virus scan tasks are included in Computer Protection:
Objects Scan. Scan of objects selected by the user. You can scan any object in the computer's file system.
Full Scan. A thorough scan of the entire system. The following objects are scanned by default: system memory,
programs loaded on startup, system backup, email databases, hard drives, removable storage media and
network drives.
Quick Scan. Virus scan of operating system startup objects.
UPDATE
To block any network attack, delete a virus or other malicious program, Kaspersky PURE should be regularly updated.
The My Update Center component is designed for that purpose. It handles the update of application databases and
modules used by the application.
The update distribution service allows saving databases and program modules updates downloaded from Kaspersky Lab
servers to a local folder and then granting access to them to other computers on the network to reduce network traffic.
Page 30
30
IN THIS SECTION:
Step 1. Verifying that the system satisfies the installation requirements ......................................................................... 31
Step 2. Selecting the type of the installation .................................................................................................................... 31
Step 3. Accepting the License Agreement ....................................................................................................................... 31
Step 4. Participating in the Kaspersky Security Network program ................................................................................... 32
Step 5. Selecting the destination folder ........................................................................................................................... 32
Step 6. Selecting application components for the installation .......................................................................................... 32
Step 7. Searching for other anti-virus applications .......................................................................................................... 33
Step 8. Disabling Microsoft Windows firewall .................................................................................................................. 33
Step 9. Final preparation for installation ................................................................................................ .......................... 33
INSTALLING KASPERSKY PURE ON YOUR COMPUTER
Kaspersky PURE is installed on the computer in interactive mode using the Installation Wizard that starts when you open
the installation file.
Before beginning the installation, you are advised to close all applications currently running.
To install Kaspersky PURE on your computer, run the installation file (file with the .exe extension) on the product CD you
have purchased. You can also receive the application installation package via the Internet.
The installation of Kaspersky PURE from the installation package downloaded via the Internet is identical to that from the
installation CD.
When the installation package is opened, the application will automatically search for the installation file (with the *.msi
extension). If it is found, the application will search for a newer version of the product on Kaspersky Lab servers on the
Internet. If the installation package file cannot be found, you will be offered to download it. When the download is
complete, the installation of Kaspersky PURE starts. If the download is cancelled, the application installation will proceed
in standard mode.
The Installation Wizard is presented as a sequence of windows (steps). To ease the management of the installation
process, each window contains the following set of buttons:
Next – accept the action and move to the next step of the installation process.
Back – return to the previous step of the installation process.
Cancel – cancel the installation.
Finish – complete the application installation procedure.
Let us take a closer look at each step of the installation procedure.
Page 31
I N S T A L L I N G KA S PE R S K Y P U R E O N Y O U R C O M P U T E R
31
STEP 1. VERIFYING THAT THE SYSTEM SATISFIES THE
INSTALLATION REQUIREMENTS
Before installing Kaspersky PURE, the following items are checked:
if the operating system and the service packs meet the program requirements for installation;
if the software required for the proper functioning of Kaspersky PURE is installed on the computer;
if the user has rights to install the software.
If the check is successfully completed, the Kaspersky PURE Installation Wizard window opens.
If a condition is not met, a notification with the problem description will appear on the screen. In this case, before
installing the Kaspersky Lab's application, you are advised to install all necessary applications and the required service
packs using the Windows Update service.
STEP 2. SELECTING THE TYPE OF THE INSTALLATION
If the computer meets the system requirements, the Installation Wizard window will open. You will be offered to select
one of the following installation modes:
Express installation. When this option is selected (the Custom installation box is unchecked), the
application will be installed on your computer in its entirety. The protection settings recommended by Kaspersky
Lab will be applied. When the installation is completed, you can activate Kaspersky PURE and then configure
the application protection against unauthorized access.
Custom installation. In this case (the Custom installation box is checked), you can modify the default
installation settings. You can select which application components should be installed and specify the folder
where the application will be installed. The protection settings recommended by Kaspersky Lab will be specified
for each component you have selected. When the installation is completed, you can activate the application and
configure the protection against unauthorized access.
The custom installation mode is recommended for experienced users only.
If you select the first option, the Application Installation Wizard will offer you to view the License Agreement and the
Kaspersky Security Network Data Collection Statement. After that, the application will be installed on your computer.
If you select the second option, you will be asked to enter or to confirm certain information at each step of the installation.
To proceed with the installation, click the Next button. To cancel the installation, click the Cancel button.
STEP 3. ACCEPTING THE LICENSE AGREEMENT
Before installing the application, you will be offered to view the License Agreement concluded by you and Kaspersky Lab.
The License Agreement lists the user's rights to use the software he or she has purchased. Without accepting the terms
of the License Agreement, you cannot proceed with the application installation.
Please read the agreement carefully, and if you accept each of its terms, click the I agree button. The application
installation will go on.
To cancel the application installation, click the Cancel button.
Page 32
U S E R G U I D E
32
STEP 4. PARTICIPATING IN THE KASPERSKY SECURITY NETWORK PROGRAM
You can participate in the Kaspersky Security Network program. The purpose of the program consists in revealing new
threats to data security and improve the quality of Kaspersky Lab's products. To help us do it, you can provide our
company the right of using the information about the status of your computer's security and the threats you have
detected. To perform the analysis, you can also send information about the operating system and the unique identifier,
which is assigned to your computer by Kaspersky PURE.
Kaspersky Lab guarantees that no personal data will be used.
Please view the regulations concerning the participation in Kaspersky Security Network. If you accept all terms of it,
check the I accept the terms of participation in Kaspersky Security Network box.
Click the Next button. The installation will continue.
STEP 5. SELECTING THE DESTINATION FOLDER
This step is available if the custom selection of Kaspersky PURE is selected (see page 31).
At this step, you can select the destination folder into which Kaspersky PURE should be installed. The default path for the
application installation is as follows:
<drive> \ Program Files \ Kaspersky Lab \ Kaspersky PURE – for 32-bit systems;
<drive> \ Program Files (x86) \ Kaspersky Lab \ Kaspersky PURE – for 64-bit systems.
To change the destination folder, click the Browse button and specify a different folder in the window that will open. You
can also specify a new installation path, by entering it in the Destination folder field.
Please remember that if you enter the full path to the installation folder manually, it should not contain more than
200 characters or include any special characters.
Click the Next button. The installation will continue.
STEP 6. SELECTING APPLICATION COMPONENTS FOR THE
INSTALLATION
This step is available if the custom selection of Kaspersky PURE is selected (see page 31).
At this step, you can select the application components that will be installed on your computer. By default, all the
protection components and the program kernel are selected.
To make a decision on installing a component, you can view a brief description of the component you have selected
shown in the bottom part of the window, and find out how much free disk space is required to install this component.
To select a component for installation, open the menu by left-clicking the icon next to the name of the component and
select the This feature will be installed on the local hard drive item.
Page 33
I N S T A L L I N G KA S PE R S K Y P U R E O N Y O U R C O M P U T E R
33
To obtain detailed information about free disk space on your computer, click the Volume button. Information will be
displayed in the window that will open.
To cancel the installation of a component, select the This feature will become unavailable option from the context
menu. Note that if you cancel installation of any component you will not be protected against a number of hazardous
programs.
When you have finished selecting components to be installed, click the Next button. To return to the default list of
components to be installed, click the Reset button.
STEP 7. SEARCHING FOR OTHER ANTI-VIRUS
APPLICATIONS
At this step, the wizard searches for other anti-virus programs, including other Kaspersky Lab‟s programs, which may
conflict with Kaspersky PURE.
If any anti-virus applications were detected on your computer, they will be listed on the screen. You will be asked to
uninstall them before you proceed with the installation.
To remove the anti-virus programs that you have detected, use the Remove button.
To proceed with the installation, click the Next button.
STEP 8. DISABLING MICROSOFT WINDOWS FIREWALL
This step is only performed if the My Computer Protection module is being installed on a computer with Microsoft
Windows Firewall enabled, and Firewall is among the application components which you wish to install.
At this step of the installation of Kaspersky PURE, you are offered to disable the firewall integrated into Microsoft
Windows. The My Computer Protection module includes the Firewall component, which ensures comprehensive
protection of your network activities. So, there is no need to use additional protection provided by the operating system.
If you want to use Firewall as the main protection tool for network activity, click the Next button. Microsoft Windows
firewall will be disabled automatically.
If you want to protect your computer with Microsoft Windows firewall, select the Keep Microsoft Windows Firewall
enabled option. In this case, the Firewall component will be installed but disabled to avoid conflicts in the application's
operation.
STEP 9. FINAL PREPARATION FOR INSTALLATION
This step completes the preparation for installing Kaspersky My Computer Protection on your computer.
At the initial and custom installation (see page 31) of the application, please do not uncheck the Protect the
installation process box. If any errors occur during the application installation, enabling the protection will allow you to
perform a correct procedure of installation rollback. When you retry the installation, we recommend that you uncheck this
box.
Page 34
U S E R G U I D E
34
If the application is being remotely installed using Windows Remote Desktop, you are advised to uncheck the Protect
the installation process box. If this box is checked, the installation procedure may be left unfinished or performed
incorrectly.
To proceed with the installation, click the Install button.
When installing Kaspersky PURE components which intercept network traffic, current network connections will be
terminated. The majority of terminated connections will be restored after a pause.
Kaspersky PURE Configuration Wizard will automatically start after the installation.
Page 35
35
IN THIS SECTION:
Step 1. Starting window of the installation program ......................................................................................................... 35
Step 2. Selecting operation ............................................................................................................................................. 35
Step 3. Finishing application modification, restoration, or removal .................................................................................. 36
MODIFYING, RESTORING, AND REMOVING THE APPLICATION WITH THE INSTALLATION WIZARD
Restoring the application may be useful if you have detected some errors in its operation, which have occurred due to an
incorrect configuration or corrupted files.
Changing the set of components allows you to install new Kaspersky PURE components or remove those hampering
your work or those you find unnecessary.
To begin restoring the original state of the application, installing Kaspersky PURE components that have not been
installed before, or removing the application:
1. Insert the installation CDinto the CD/DVD-ROM if you have already used it to install the application. If you install
Kaspersky PURE from a different source (shared folder, folder on the hard drive, etc.), please make sure that
the installation package is available from that source and you have access to it.
2. Select Start Programs My Computer Protection Modify, Repair or Remove installation.
This launches the installation program, which functions as a wizard. Let us view the detailed procedure for restoring the
application, modifying the set of components, or removing the application.
STEP 1. STARTING WINDOW OF THE INSTALLATION
PROGRAM
If you have performed all the afore-mentioned actions required for restoring the application or modifying the set of its
components, the welcoming window of the Kaspersky PURE installation program will open. To proceed, click the Next
button.
STEP 2. SELECTING OPERATION
At this step, you should select which action on the application you want to take: you will be offered to modify the set of
application components, restore the original state of the components you have installed before, or remove some
components or the entire application. To take the required action, click the corresponding button. Further steps of the
installation program depend on the operation you have selected.
Modification of the set of components is performed similarly to the custom installation of the application: you can specify
which components are to be installed and select the ones you want to exclude.
Restoration of the application is performed based on the set of components installed. The application will update the files
of all components that have been installed; the Recommended protection level will be set for each of them.
Page 36
U S E R G U I D E
36
When removing the application, you can select which data items created and used by the application you want to save on
your computer. To delete all data of Kaspersky PURE, select the Complete uninstall option. To save the data, select
the Save application objects option and specify which objects should remain intact:
Keep activation data – key file required for the functioning of the application.
Anti-Spam databases – database used for recognizing unsolicited email messages. This database contains
detailed information used to tell spam messages from useful ones.
Keep backup and quarantine files. Backup objects are backup copies of the objects you have deleted or
disinfected. We recommend that you save such objects so that they can be restored in the future. Quarantine
objects are those probably infected with viruses or their modifications. Such objects contain code which is
similar to that from a known virus; however, we cannot affirm their maliciousness unambiguously. We
recommend that you save them since they may turn out to be uninfected, or become disinfectible after the
application databases are updated.
Keep protection settings – values set for the parameters of all the application components.
Keep iSwift and iChecker data – database that contains information about scanned NTFS objects. It allows
accelerating the object scan. By using the data from this database, Kaspersky PURE only scans the objects that
have been modified since the last scan.
Keep data of Safe Run Shared Folder – data which are accessible both in Safe Run and in common run mode.
If a considerable time interval has elapsed between the moment you had removed an older version of Computer
Protection and the moment you had installed a newer one, we recommend that you abstain from using the iSwift и
iChecker database saved since the previous installation of the application. During this time interval, a malicious program
may have penetrated into your computer and taken malicious actions that cannot be detected with this database, which
may eventually lead to the infection of your computer.
To start the operation you have selected, click the Next button. This launches the process of copying the required files to
your computer or removing the components and data you have selected.
STEP 3. FINISHING APPLICATION MODIFICATION,
RESTORATION, OR REMOVAL
The process of restoration, modification or removal is displayed on the screen, and you are notified of its completion.
As a rule, the removal requires that you restart your computer since it is necessary for applying the changes to the
system. The request for restarting the computer will be displayed on the screen. Click the Yes button to restart your
computer immediately. To restart your computer manually later, click the No button.
Page 37
37
GETTING STARTED
One of the main goals of Kaspersky Lab when creating Kaspersky PURE was comprehensive protection of computers
within home network. The optimal configuration of all application settings allows users with any level of computer literacy
to ensure his or her computer's protection immediately after the installation.
For the users' convenience, the initial configuration stages are combined in the interface of the Application Configuration
Wizard (see section "Application Configuration Wizard" on page 38), which starts after the installation is complete.
Following the wizard's instructions, you will be able to activate Kaspersky PURE, modify the update settings, restrict
access to the application using a password, and edit other settings.
Your computer may turn out to be infected with malware before the installation of Kaspersky PURE. To detect the
malware on your computer, run the full computer scan (see section "Scanning computer for viruses" on page 43).
As a result of malware operation and system failures, the settings of your computer can be corrupted. Run the
vulnerability scan task (see section "Scanning computer for vulnerabilities" on page 43) to find the vulnerabilities of the
installed software and anomalies in the system settings.
At the moment of application installation, databases included in the installation package may become outdated. Start the
application update (on page 42) (unless it has been done using the setup wizard or automatically immediately after the
application had been installed).
The Anti-Spam component included in the Computer Protection package uses a self-training algorithm to detect
unwanted messages. Run the Anti-Spam Training Wizard (see section "Training using the Training Wizard" on page 116)
to configure the component for working with your email.
If data loss occurs, for quick data restoration, configure the backup tasks (see section "My Backup" on page 48).
To protect confidential information against unauthorized access, create encrypted containers for data storage (see
section "My Encryption" on page 48).
To protect children and teenagers from threats related to computer usage, specify Parental Control restrictions (see
section "My Parental Control" on page 48).
After completion of the above actions, Kaspersky PURE will be ready for the operation. To evaluate the level of your
computer protection, use Security Management Wizard.
Page 38
U S E R G U I D E
38
IN THIS SECTION:
Application Configuration Wizard .................................................................................................................................... 38
Selecting network type .................................................................................................................................................... 42
Updating the application .................................................................................................................................................. 42
Scanning computer for viruses ........................................................................................................................................ 43
Scanning computer for vulnerabilities .............................................................................................................................. 43
Managing license ............................................................................................................................................................ 43
Participating in Kaspersky Security Network ................................................................................................................... 44
Security Management...................................................................................................................................................... 45
Protection status .............................................................................................................................................................. 47
Pausing protection ........................................................................................................................................................... 47
My Backup ....................................................................................................................................................................... 48
My Parental Control ......................................................................................................................................................... 48
My Encryption .................................................................................................................................................................. 48
My Password Manager .................................................................................................................................................... 48
LET US TAKE A CLOSER LOOK AT THE WIZARD'S STEPS
Step 1. Activating the application .................................................................................................................................... 39
Step 2. Restricting access to the application ................................................................................................................... 40
Step 3. Selecting protection mode ................................................................................................................................... 41
Step 4. Configuring application update ............................................................................................................................ 41
Step 5. Selecting threats to be detected .......................................................................................................................... 41
Step 6. Analyzing the applications installed on the computer .......................................................................................... 42
Step 7. Closing Configuration Wizard .............................................................................................................................. 42
APPLICATION CONFIGURATION WIZARD
The Application Configuration Wizard starts after the installation is complete. It is designed to help you configure the
initial settings of Kaspersky PURE, based on the features and tasks of your computer.
The Application Configuration Wizard's interface is a series of steps in windows that you can navigate, using the Back
button and the Next link, or close using the Cancel button.
Page 39
G E T T I N G S T A R T E D
39
SEE ALSO:
Activating the commercial version ................................................................................................................................... 39
Activating the trial version ................................................................................................................................................ 40
Completing the activation ................................................................................................................................................ 40
STEP 1. ACTIVATING THE APPLICATION
The application activation procedure consists in registering a license by installing a key file. Based on the license, the
application will determine the existing privileges and calculate its term of use.
The key file contains service information required for Kaspersky PURE to be fully functional, and additional data:
support information (who provides the support, and where it can be obtained);
key file name and number, and the license expiration date.
You will need an Internet connection to activate the application.
To obtain a key file at the activation, you should have an activation code. Activation code is provided when you purchase
the application. You will be offered the following options of Kaspersky PURE activation:
Activate commercial license. Select this activation option if you have purchased a commercial version of the
application, and you have been provided an activation code. You can use this code to obtain a key file providing
access to the application's full functionality throughout the effective term of the license.
Activate trial license. Use this activation option if you want to install the trial version of the application before
making the decision to purchase a commercial version. You will be provided a free key file valid for a term
specified in the trial version license agreement.
Activate later. If you select this option, the stage of Kaspersky PURE activation will be skipped. The application
will be installed on your computer, but you will not be able to use certain application functions, for example
update (you will be able to update the application only once after its installation), creation of an encrypted
container, additional tools, etc. The Activate later option is only available at the first start of Activation Wizard,
immediately after the application installation.
If Kaspersky PURE has been installed and then removed with activation information saved, this step will be skipped. In
this case, Configuration Wizard will automatically receive information about the existing license which will be displayed in
the wizard window.
ACTIVATING THE COMMERCIAL VERSION
If you select this option, the application will be activated from a Kaspersky Lab's server that requires an Internet
connection.
Activation is performed by entering an activation code that you receive by email when you purchase Kaspersky PURE via
Internet. If you purchase the application in a box (retail version), the activation code will be printed on the inner face of the
disk envelope cover or under the protective layer of the sticker on the inner face of the DVD box.
The activation code is a sequence of digits divided by hyphens into four groups of five symbols without spaces. For
example, 11111-11111-11111-11111. Note that the code should only be entered in Latin characters.
Activation Wizard establishes connection with a Kaspersky Lab's activation server on the Internet, and sends it your
activation code, after which the code is verified. If the activation code has passed the verification successfully, the Wizard
receives a key file which then will be installed automatically. The activation process completes accompanied by a window
with detailed information about the purchased license.
Page 40
U S E R G U I D E
40
If the activation code has not passed the verification, you will see the corresponding message on the screen. In this case,
you should contact the software vendor from which you have purchased Kaspersky PURE.
If the number of activations with the activation code has been exceeded, the corresponding notice will pop up on the
screen. Activation process will be interrupted, and the application will offer you to contact Kaspersky Lab's Technical
Support service.
If any errors have occurred when connecting to an activation server, and if you cannot obtain a key file, please contact
the Technical Support Service.
ACTIVATING THE TRIAL VERSION
Use this activation option if you want to install a trial version of Kaspersky PURE before making the decision to purchase
a commercial version. You will be provided a free key file valid for a term specified in the trial version license agreement.
When the trial license is expired, it cannot be activated for the second time.
If any errors have occurred when connecting to an activation server, and if you cannot obtain a key file, please contact
the Technical Support Service.
COMPLETING THE ACTIVATION
The Activation Wizard will inform you that Kaspersky PURE is successfully activated. Additionally, information about the
license is provided: license type (commercial, trial), expiration date, and number of hosts for the license.
STEP 2. RESTRICTING ACCESS TO THE APPLICATION
The purpose of access restriction consists in preventing unauthorized attempts of disabling the protection or modifying
the settings of the components integrated into Kaspersky PURE.
Restricting access to Kaspersky PURE with a password may be useful in the following cases:
if a personal computer is used by several persons, probably with varying levels of computer literacy;
if Kaspersky PURE ensures security of several computers joined into a home network;
if protection is at the risk of being disabled by malware.
To enable password protection, check the Enable password protection box and fill in the Password and Confirm
password fields.
Below, specify the area that you want to protect with a password:
Application settings configuration – the password will be requested when the user attempts to save
changes made to Kaspersky PURE settings.
My Backup management – the password will be requested before the backup tasks are run.
My Parental Control management – the password will be requested before the backup tasks are run.
My Control Center management – the password will be requested before modifying the Kaspersky Pure
settings via the network.
Exiting the application – the password will be requested when the user attempts to exit the application.
Page 41
G E T T I N G S T A R T E D
41
STEP 3. SELECTING PROTECTION MODE
This step of the Application Configuration Wizard will be skipped if you have selected the quick install mode. The
application settings edited at this step will be assigned the default values.
Select the protection mode provided by Kaspersky PURE.
Two modes are available:
Automatic. If any important events occur, Kaspersky PURE automatically performs the action recommended by
Kaspersky Lab. Once a threat is detected, the application attempts to disinfect the object; if it fails, the
application deletes it. Suspicious objects will be skipped without processing. Pop-up messages inform the user
about new events.
Interactive. In this mode the application reacts to events in the manner you have specified. Once an event
requiring your attention occurs, the application displays notifications which offer you to select an action.
Notifications warning about the detection of an active infection are displayed irrespective of the protection mode you have
selected.
STEP 4. CONFIGURING APPLICATION UPDATE
This step of the Application Configuration Wizard will be skipped if you have selected the quick install mode. The
application settings edited at this step will be assigned the default values.
The quality of your computer's protection depends directly on regular updates of the databases and application modules.
In this window, the Configuration Wizard asks you to select the update mode and to specify the schedule settings.
Automatic update. The application checks the update source for update packages at specified intervals.
Scanning frequency can be increased during anti-virus outbreaks and decreased when there are none. Having
discovered new updates, the program downloads and installs them on the computer. This is the default mode.
Scheduled updates (time interval may change depending on the schedule settings). Updates will run
automatically according to the schedule created. You can alter the schedule settings in the window that will open
by clicking the Settings button.
Manual updates. If you select this option, you will run application updates on your own.
Note that the databases and application modules included with the installation package may be outdated by the time you
install Kaspersky PURE. You are advised to obtain the latest updates. To do so, click the Update now button. In this
case the application will download the necessary updates from update servers, and install them on your computer.
If the databases included with the installation package are obsolete, the update package may be large-sized so that it
may cause the additional Internet traffic (up to several tens of Mb).
If you want to switch to editing the update settings (select the resource from which the updates will be downloaded, or the
user account used to run the update process, etc.), click the Settings button.
STEP 5. SELECTING THREATS TO BE DETECTED
This step of the Application Configuration Wizard will be skipped if you have selected the quick install mode. The
application settings edited at this step will be assigned the default values.
Page 42
U S E R G U I D E
42
At this step, you can select the threat categories to be detected by the Computer Protection module. Computer Protection
always detects programs that are capable of damaging your computer. including viruses, worms and Trojans.
STEP 6. ANALYZING THE APPLICATIONS INSTALLED ON THE
COMPUTER
At this stage, information about Microsoft Windows applications is collected. These applications are added to the list of
trusted applications which have no restrictions imposed on the actions they perform on the system.
Other applications are analyzed after they are started for the first time when Kaspersky PURE has been installed.
STEP 7. CLOSING CONFIGURATION WIZARD
The last window of the Wizard will inform you of a successful completion of application installation. To run Kaspersky
PURE, make sure that the Run Kaspersky PURE is checked, and click the Finish button.
SELECTING NETWORK TYPE
After Kaspersky PURE is installed, the Firewall component will analyze your computer's active network connections.
Each network connection will be assigned a status which determines the allowed network activities.
If you have selected the interactive mode of Kaspersky PURE operation (see section "Step 3. Selecting protection mode"
on page 41), a notification will appear each time a new network connection is detected. You can select the status for the
new network in the notification window:
Public network. Network connections with this status are denied access to your computer from the outside. In
such networks access to public folders and printers is denied. This status is recommended for connections to
the Internet network.
Local network. Network connections with this status are allowed access to public folders and network printers.
You are advised to assign this status to protected local networks, for example, a corporate network.
Trusted network. Network connections with this status are not restricted. You are advised to assign this status
only to absolutely secure areas.
For each network status, Kaspersky PURE uses an associated set of rules to manage the network activity. Later if
necessary you can change a connection's network status from that initially specified.
UPDATING THE APPLICATION
You will need an Internet connection to update Kaspersky PURE.
Kaspersky PURE relies upon the application databases which contain threat signatures, characteristic spam phrases,
and descriptions of network attacks. At the moment Kaspersky PURE is installed these databases may be obsolete,
since Kaspersky Lab updates both the databases and application modules on a regular basis.
When Application Configuration Wizard is active, you can select the update launch mode (see section "Step 4.
Configuring application update" on page 41). By default, Kaspersky PURE automatically checks for updates on
Kaspersky Lab's update servers. If the server contains a fresh set of updates, Kaspersky PURE will download and install
them in the silent mode.
If the databases, included in the installation package, are outdated, the update package can be large and it can cause the
additional internet traffic (up to several tens of Mb).
Page 43
G E T T I N G S T A R T E D
43
To keep your computer's protection up to date, you are advised to update Kaspersky PURE immediately after the
installation.
To manually update Kaspersky PURE, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the left part of the window that will open, select the My Update Center section.
3. Click the Start update button.
SCANNING COMPUTER FOR VIRUSES
Developers of malware make every effort to conceal the actions of their programs, and therefore you may not notice the
presence of malware on your computer.
After Kaspersky PURE has been installed, it automatically performs a Quick scan of your computer. This task searches
for and neutralizes harmful programs in objects loaded during operating system startup.
Kaspersky Lab's specialists also recommend that you perform the Full Scan task.
To start a virus scan task, perform the following actions:
1. Open the main application window and click the My Computer Protection.
2. In the left part of the window that will open, select the Scan My Computer section.
3. Click the Start Full Scan button to start the scan.
SCANNING COMPUTER FOR VULNERABILITIES
The settings of your operating system can become corrupted by system failures, or by the activities of malicious
programs. Additionally, user applications installed on your computer can have vulnerabilities which intruders can use to
damage your computer.
In order to detect and eliminate such problems, you are advised to launch the Vulnerability Scan task (see page 144)
after you have installed the application. During task execution the search is performed for vulnerabilities in installed
applications, as well as for damages and anomalies in the operating system and browser settings.
To start the vulnerability scan task:
1. Open the main application window and click the My Computer Protection.
2. In the left part of the window that will open, select the Scan My Computer section.
3. Click the Open Vulnerability Scan window button.
4. In the window that will open, click the Start Vulnerability Scan button.
MANAGING LICENSE
Kaspersky PURE needs a valid key to operate. A key file is provided using the activation code obtained when purchasing
the application, it ensures the right to use it since the date of activation. The key file contains information about the
license: the type, the expiration date, and the number of hosts.
Without a key file, unless a trial version of the application has been activated, Kaspersky PURE will run with limited
functionality. For example, only one application update will be available after the installation (the application will not
Page 44
U S E R G U I D E
44
download any new updates). A number of other application functions will also be not available, for example, additional
tools, creation of an encrypted container, etc.
If a trial version of the program has been activated, after the trial period expires, Kaspersky PURE will not run.
When the commercial license expires, the application also switches to the mode of limited functionality, in which My
System Tune-Up and a number of other functions are not available. As before, you will be able to scan your computer for
viruses and use the protection components, but only using the databases that you had when the license expired. We
cannot guarantee that you will be protected from viruses that surface after your application license expires.
To protect your computer from infection with new viruses, we recommend that you renew your license for Kaspersky
PURE. Two weeks prior to the license expiration the application will notify you about it. During some time a
corresponding message will be displayed each time the application is launched.
Information about the license currently in use is displayed in the License manager window: its type (commercial,
commercial with subscription, commercial with protection subscription, trial), the maximum number of hosts, the
expiration date, and the number of days remaining. Information about the license expiration term will not be displayed if
the commercial license with subscription or the commercial license with protection subscription is installed.
To view the provision of the application license agreement, click the View End User License Agreement button. To
delete the key file, click the button to the right of the license whose key file you wish to delete. To activate a new
license, click the Activate new license button.
Using the Purchase license (Renew license) button, you can proceed with purchasing (renewing) the license in
Kaspersky Lab's e-Store.
Kaspersky Lab has regular special pricing offers on license extensions for our products. Check for special offers on the
Kaspersky Lab website, in the Products & Services Sales and special offers section.
PARTICIPATING IN KASPERSKY SECURITY NETWORK
A great number of new threats appear worldwide on a daily basis. To facilitate the gathering of statistics about new
threats, their source and to help in developing methods to be used for their elimination, Kaspersky Lab invites you to use
the Kaspersky Security Network service.
The use of the Kaspersky Security Network involves sending the following information to Kaspersky Lab:
A unique identifier assigned to your computer by Kaspersky PURE. which characterizes the hardware settings of
your computer and does not contain any information.
Information about threats detected by application's components. The information's structure and contents
depend on the type of the threat detected.
Information about the system: operating system's version, installed service packs, services and drivers being
downloaded, versions of browsers and mail clients, browser extensions, version number of the Kaspersky Lab's
application installed.
Kaspersky Security Network also gathers extended statistics, including information about:
executable files and signed applications downloaded on your computer;
The statistical information is sent once application updating is complete.
Kaspersky Lab guarantees that no gathering and distribution of users' personal data is performed within Kaspersky
Security Network.
applications run on your computer.
Page 45
G E T T I N G S T A R T E D
45
To configure the statistics sending settings:
1. Open the main application window and click the Settings link in the top part of the window.
2. Select the Feedback section in the left part of the window.
3. Check the I agree to participate in Kaspersky Security Network box to confirm your participation in
Kaspersky Security Network.
SECURITY MANAGEMENT
Problems in computer protection are indicated by the computer protection status (see section "My Computer Protection"
on page 53), which is displayed by changes in the color of the protection status icon, and of the panel in which this icon is
located. Once problems appear in the protection system, you are advised to fix them immediately.
Figure 1. Current status of the computer protection
Page 46
U S E R G U I D E
46
You can view the list of problems occurred, their description, and possible methods of resolving, on the Status tab
(see figure below); you can select it by clicking on the status icon or on the panel on which it is located (see figure
above).
The tab shows the list of current problems. The problems are sorted with regard to their criticality: first, the most critical
ones (i.e., with red status icon), then less critical ones – with yellow status icon, and the last – information messages. A
detailed description is provided for each problem and the following actions are available:
To make hidden messages re-appear in the general list, check the Show hidden messages box.
Figure 2. Solving security problems
Eliminate immediately. Using the corresponding buttons, you can switch to fix the problem, which is the
recommended action.
Postpone elimination. If, for any reason, immediate elimination of the problem is not possible, you can put off
this action and return to it later. To do so, click the Hide message button.
Note that this option is not available for serious problems. Such problems include, for example, malicious
objects that were not disinfected, crashes of one or several components, or corruption of the program files.
Page 47
G E T T I N G S T A R T E D
47
PROTECTION STATUS
Performance of Kaspersky PURE components or of virus scan tasks is logged in the report which contains summary
information about the computer protection status. There you can learn how many dangerous and suspicious objects have
been detected by the application, and find out which of them have been disinfected, deleted, or quarantined.
The Computer Protection status (see section "My Computer Protection" on page 53) warns the user about the malicious
objects detected by the application, by changing the color of the protection status icon and that of the panel on which it is
located. If malicious objects are detected, the color of the icon and the panel will change to red. In this case, all emerging
threats should be eliminated immediately.
To view information on the computer protection status:
1. Open the main application window and click the My Computer Protection button.
2. In the window that opens, click the Report link.
To eliminate problems occurred in the computer protection:
1. Open the main application window and click the My Computer Protection.
2. In the window that opens, click the Report link.
3. In the window that opens, on the Status tab, perform the required actions. To make hidden messages re-appear
in the general list, check the Show hidden messages box.
In order to perform an action on a detected object:
1. Open the main application window and click the My Computer Protection.
2. In the window that opens, click the Report link.
3. In the window that opens, on the Detected threats tab, select the required object in the list of objects and rightclick it to open its context menu.
4. Select the required action in the context menu that will open.
To view the report on protection components operation:
1. Openthe main application window and click the My Computer Protection button.
2. In the window that opens, click the Report link.
3. In the window that opens, select the Report tab.
PAUSING PROTECTION
Pausing protection means temporarily disabling all protection components for a certain period of time.
As a result of temporarily disabling protection, all protection components will be paused. This is indicated by:
inactive (grey) application icon (see section "Notification area icon" on page 50) in the taskbar notification area;
red color of the status icon and the panel of the main Kaspersky PURE window.
If network connections were established at the same time as the protection was paused, a notification about termination
of such connections will be displayed.
Page 48
U S E R G U I D E
48
To pause the protection of your computer:
1. In the context menu (see section "Context menu" on page 50) of the application, select Pause protection.
2. In the Pause protection window that opens, select the time interval after which the protection should be
resumed:
Pause for the next <time interval> – protection will be enabled in a specified amount of time. Use the
dropdown menu to select the time interval value.
Pause until reboot – protection will be enabled after application restart or after the system restart (provided
that Kaspersky PURE is set to start automatically on startup).
Pause – protection will be enabled only after you start it manually. To enable protection, select the Resume
protection item from the application's context menu.
MY BACKUP
The most common way to protect important data from being lost is to regularly back it up. You are recommended to
configure backup tasks to regularly save up-to-date information.
Before you can start working, you should create a backup storage (see section "Creating a backup storage area" on page
181) on the selected drive. The backup copies of required files will be created in this storage. After that, you can
configure backup tasks (see section "Creating a backup task" on page 183) (select files for which backup tasks should be
created, configure the automatic startup schedule and other backup conditions).
MY PARENTAL CONTROL
Immediately after Kaspersky PURE installation, Parental Control is disabled. No restrictions are set for the users. To
protect children and teenagers from threats related to computer and Internet usage, you should timely configure Parental
Control settings for all users.
If you have not enabled password protection when installing the application (see section "Step 2. Restricting access to
the application" on page 40), at the first startup of Parental Control you are recommended to set a password for
protection from unauthorized modification of the Control settings. After that, you can enable Parental Control and impose
restrictions (see section "Enabling and configuring Parental Control" on page 188) on computer and Internet usage, and
on instant messaging for all accounts on the computer.
MY ENCRYPTION
To protect confidential information from unauthorized access, you are recommended to store it in encrypted form in a
special container.
Before you can start working, you should create an encrypted container (see section "Creating container" on page 206),
write data into it (see section "Adding files into container" on page 208) as on a standard removable drive, and then
disconnect (see section "Connecting and disconnecting container" on page 207) the container. After that, a password
should be entered to connect the container and access the data.
MY PASSWORD MANAGER
Password Manager protects your personal data and makes it easy to manage.
One of the features of the application is the optimal configuration of its initial parameters. For users' convenience, the
initial configuration stages are combined in the interface of the Application Configuration Wizard (see page 213), which
Page 49
G E T T I N G S T A R T E D
49
opens at the first startup of the application. Following the wizard's instructions, you can create a Master Password, modify
the settings for accessing the application and protecting your data.
To prevent unauthorized access to your personal data when you are away from your computer, Password Manager
automatically locks the Password Database. To use your personal data, unlock Password Manager (see page 214).
Password Manager helps you use (see page 221) and manage your personal data. To find any information you have
saved, start the password search (see page 222).
Page 50
50
IN THIS SECTION:
Notification area icon ....................................................................................................................................................... 50
Context menu .................................................................................................................................................................. 50
Kaspersky PURE main window ....................................................................................................................................... 51
Notifications ..................................................................................................................................................................... 55
Application settings window ............................................................................................................................................. 56
APPLICATION INTERFACE
Kaspersky PURE has a fairly simple and easy-to-use interface. This section will discuss its basic features in detail.
NOTIFICATION AREA ICON
Immediately after installing Kaspersky PURE, its icon will appear in the Microsoft Windows taskbar notification area.
This icon is an indicator of the application's operation. It also reflects the protection status and shows a number of basic
functions performed by the application.
If the icon is active (color), protection is fully enabled or some of its components are running. If the icon is inactive
(black and white), all protection components are disabled.
The Kaspersky PURE icon changes depending on the operation being performed:
-- email being scanned;
– web traffic being scanned;
– databases and application modules update is in progress;
- computer should be rebooted to apply updates;
– a failure occurred in the operation of some application's component.
The icon also provides access to the basic components of the application interface: context menu (see page 50) and
main window (see page 51).
Context menu is opened by right-clicking on the application icon.
To open the Kaspersky PURE main window, left-click on the application icon.
CONTEXT MENU
You can run basic protection tasks from the context menu.
The Kaspersky PURE menu contains the following items:
Page 51
A P P L I C A T I O N I N T E R F A C E
51
Update – start the application module and database updates and install updates on your computer.
Full Scan – start a complete scan of your computer for malware objects. Objects residing on all drives, including
removable storage media, will be scanned.
Virus Scan – select objects and start a virus scan. By default, the list contains several objects, such as My
documents folder and mailboxes. You can enlarge the list, select other objects for scan and start virus scan.
My Virtual Keyboard – switch to the virtual keyboard (see page 205).
Kaspersky PURE – open the main application window (see page 51).
Settings – view and configure application settings.
Activation – activate Kaspersky PURE. In order to obtain the status of a registered user, you must activate your
application. This menu item is only available if the application has not been activated.
About – display window with information about the application.
Pause protection / Resume protection – temporarily disable or enable the real-time protection components.
This menu option does not affect the application‟s updates, or the execution of virus scans.
Pause / Enable My Parental Control – temporarily disable / enable control of all users. This menu item is only
available if the Parental Control component is installed.
Block network traffic / Unblock network traffic – temporarily block / unblock all the computer's network
connections.
Exit – close Kaspersky PURE (when this option is selected, the application will be discarded from the
computer‟s RAM).
Figure 3. Context menu
If a virus scan task is running at the moment you open the context menu, its name as well as its progress status
(percentage complete) will be displayed in the context menu. By selecting the task you can go to the main window
containing a report about the current results of its execution.
KASPERSKY PURE MAIN WINDOW
The main application functions are grouped in the main window. The main window can be divided into two parts.
Page 52
U S E R G U I D E
52
From the top part of the window, you can switch to the main application functions, resume / pause protection, run a virus
scan, launch data backup etc. The following main Kaspersky PURE components are located in the top part of the
window:
My Computer Protection – comprehensive protection of your computer from any type of threats.
My Backup – creation and storage of backup copies of files that ensure restoration of important data if data loss
occurs.
My Parental Control – restriction of the users' access to web resources and applications on the computer, and
to instant messaging.
From the lower part of the window, you can switch to additional functions, which secure advanced protection and
optimize the system's functioning. In the lower part of the window, in the Security + section, the following components
and services are grouped:
My System Tune-Up – optimizing the system operation and solving specific computer security tasks.
My Virtual Keyboard – preventing the interception of data entered at the keyboard.
My Encryption – preventing unauthorized access to confidential information.
My Password Manager – protection of personal data, such as passwords, user names, Internet pager
accounts, contacts, etc.
You can also use the following buttons and links:
Figure 4. Main application window
My Control Center – remote administration of Kaspersky PURE (see page 241).
Page 53
A P P L I C A T I O N I N T E R F A C E
53
Settings – general application configuration (see page 56).
Help – view Kaspersky PURE help system.
My Kaspersky Account – to enter the user's personal cabinet (https://my.kaspersky.com) at the Technical
Support Service's website.
Support – to open the window containing information about the system and links to Kaspersky Lab's information
resources (Technical Support service site, forum).
License – Kaspersky PURE activation, and license renewal.
You can change the appearance of Kaspersky PURE by creating and using various graphics and color schemes.
MY COMPUTER PROTECTION
My Computer Protection main window can be divided into three parts:
The top part of the window indicates your computer‟s current protection status.
Figure 5. Current status of the computer protection
There are three possible values of protection status: each of them is indicated with a certain color, similar to
traffic lights. Green indicates that your computer‟s protection is at the correct level, while yellow and red colors
indicate that there exist various security threats. In addition to malicious programs, threats include obsolete
application databases, disabled protection components, the selection of minimum protection settings etc.
Security threats must be eliminated as they appear. For detailed information about threats and how to eliminate
them quickly, switch to Security Management Wizard: click the status icon or the panel on which it is located
(see fig. above).
The left part of the window provides quick access to any function of the application, including virus scan tasks,
updates, etc.
The right part of the window contains information about the application function selected in the left part, allows to
configure its settings, provides tools for executing virus scan tasks, retrieving updates etc.
You can also use the following links:
Settings – open the application settings window.
Quarantine – start working with quarantined objects.
Report – open the list of events occurred during application operation.
Help – view Kaspersky PURE help system.
BACKUP COPY
The Backup copy main window consists of two parts:
Page 54
U S E R G U I D E
54
the left part of the window provides access to the main application functions: to the management of backup
tasks and storages of backup copies, and to data restoration;
the right part of the window contains a list of settings for the function selected in the left part of the window.
Figure 6. Main window of the Backup module
MY PARENTAL CONTROL
The Parental Control main window consists of two parts:
the left part of the window provides access to the main functions of the application: custom control configuration
and report viewing;
Page 55
A P P L I C A T I O N I N T E R F A C E
55
SEE ALSO:
Notifications ................................................................................................................................................................... 256
the right part of the window contains a list of settings for the function selected in the left part of the window.
Figure 7. Main window of My Parental Control
NOTIFICATIONS
If events occur during the operation of Kaspersky PURE, special notifications will be displayed on the screen as pop-up
messages above the application icon in the Microsoft Windows taskbar.
Depending on how critical the event is for computer security, you might receive the following types of notifications:
Alarm. A critical event has occurred; for instance, a virus or dangerous activity has been detected on your
system. You should immediately decide how to deal with this threat. Notifications of this type are highlighted with
red.
Warning. A potentially dangerous event has occurred. For instance, potentially infected files or suspicious
activity have been detected on your system. You should decide on the degree of danger of this event.
Notifications of this type are highlighted with yellow.
Info. This notification gives information about non-critical events. This type, for example, includes notifications
related to the operation of the Content Filtering component. Information notifications are highlighted in green.
Page 56
U S E R G U I D E
56
APPLICATION SETTINGS WINDOW
Kaspersky PURE settings window may be opened from the main window (see page 51) or from the context menu (see
page 50). To open this window, click the Settings link in the top part of the main window, or select the appropriate option
in the application's context menu.
Figure 8. Configuring Kaspersky Anti-Virus
Page 57
A P P L I C A T I O N I N T E R F A C E
57
Also, you can configure Computer Protection settings. To do so, click the My Computer Protection button in the
Kaspersky PURE main window, and in the window that will open, click the Configure link in the top part of the window.
Figure 9. Configuring Kaspersky Anti-Virus
Settings configuration windows consist of two parts:
the left part of the window provides access to the general tasks and functions of Kaspersky PURE and
Computer Protection related to the operation of all components;
the right part of the window contains a list of settings for the application function, task, etc. selected in the left
part of the window.
Page 58
58
IN THIS SECTION:
Computer file system protection ...................................................................................................................................... 59
Mail protection ................................................................................................................................................................. 69
Web traffic protection....................................................................................................................................................... 76
Protecting instant messengers traffic............................................................................................................................... 83
Application Control .......................................................................................................................................................... 86
Safe mode of applications execution ............................................................................................................................... 95
Firewall .......................................................................................................................................................................... 100
Proactive Defense ......................................................................................................................................................... 107
Network Attack Blocker ................................................................................................................................................. 110
Anti-Spam ...................................................................................................................................................................... 113
Anti-Banner ................................................................................................................................................................... 131
Computer scan .............................................................................................................................................................. 134
Update ........................................................................................................................................................................... 148
Configuring Computer Protection settings ..................................................................................................................... 154
Reports .......................................................................................................................................................................... 175
MY COMPUTER PROTECTION
My Computer Protection components protect your computer against various threats, scan all system objects for viruses
and vulnerabilities, and regularly update Kaspersky PURE anti-virus databases and program modules.
Page 59
59
COMPUTER FILE SYSTEM PROTECTION
File Anti-Virus prevents infection of the computer's file system. It loads when you start your operating system and runs in
your computer's RAM, scanning all files that are opened, saved or executed.
By default, File Anti-Virus scans only new or modified files. A collection of settings, called the security level, determines
the conditions for file scan. If File Anti-Virus detects a threat, it will perform the assigned action.
File and memory protection level on your computer is determined by the following combinations of settings:
those creating a protection scope;
those determining the scan method;
those determining how compound files are scanned (including scanning of large compound files);
those determining the scan mode;
those allowing to pause the component by schedule or during the operation of selected applications.
Kaspersky Lab's specialists advise you not to configure File Anti-Virus settings on your own. In most cases, changing the
security level will be enough. To restore the default File Anti-Virus settings, select one of the security levels.
To modify File Anti-Virus settings:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. Make the required changes in the component settings.
Page 60
U S E R G U I D E
60
IN THIS SECTION:
Component operation algorithm ...................................................................................................................................... 60
Changing security level of files and memory ................................................................................................................... 61
Changing actions to be performed on detected objects................................................................................................... 61
Creating a protection scope ............................................................................................................................................. 62
Using heuristic analysis ................................................................................................................................................... 63
Scan optimization ............................................................................................................................................................ 63
Scan of compound files ................................................................ ................................................................ ................... 64
Scanning large compound files ....................................................................................................................................... 64
Changing the scan mode ................................................................................................................................................. 65
Scan technology .............................................................................................................................................................. 65
Pausing the component: creating a schedule .................................................................................................................. 66
Pausing the component: creating an applications list ...................................................................................................... 67
Restoring default protection settings ............................................................................................................................... 67
COMPONENT OPERATION ALGORITHM
The File Anti-Virus component loads when you start your operating system and runs in your computer's memory,
scanning all files that are opened, saved, or executed.
By default, File Anti-Virus only scans new or modified files; in other words, files that have been added or modified since
the previous scan. Files are scanned according to the following algorithm:
1. The component intercepts every attempt by the user or by any program to access any file.
2. File Anti-Virus scans iChecker and iSwift databases for information about the intercepted file, and determines if
it should scan the file, based on the information retrieved.
The following operations are performed when scanning:
1. The file is scanned for viruses. Malicious objects are recognized based on My Computer Protection databases.
The database contains descriptions of all malicious programs and threats currently known, and methods for
processing them.
2. After the analysis you have the following available courses of action for My Computer Protection:
a. If malicious code is detected in the file, File Anti-Virus blocks the file, creates a backup copy and attempts to
perform disinfection. If the file is successfully disinfected, it becomes available again. If disinfection fails, the
file is deleted.
b. If potentially malicious code is detected in the file (but the maliciousness is not absolutely guaranteed), the
file proceeds to disinfection and then is sent to the special storage area called Quarantine.
c. If no malicious code is discovered in the file, it is immediately restored.
Page 61
M Y C O M P U T E R P R O T E C T I O N
61
The application will notify you when an infected or a possibly infected file is detected. If an infected or potentially infected
object is detected, a notification with a request for further actions will be displayed onscreen. You will be offered the
following:
quarantine the object, allowing the new threat to be scanned and processed later using updated databases;
delete the object;
skip the object if you are absolutely sure that it is not malicious.
CHANGING SECURITY LEVEL OF FILES AND MEMORY
The security level is defined as a preset configuration of the File Anti-Virus component settings. Kaspersky Lab
specialists distinguish three security levels. The decision of which level to select should be made by the user based on
the operational conditions and the current situation. You will be offered to select one of the following options for security
level:
High. Set this level if you suspect that your computer has a high chance of being infected.
Recommended. This level provides an optimum balance between the efficiency and security and is suitable for
most cases.
Low. If you work in a protected environment (for example, in a corporate network with centralized security
management), the low security level may be suitable. The low security level can also be set if you are working
with resource-consuming applications.
Before enabling the low security level, it is recommended to perform the full scan of computer at high security level.
If none of the preset levels meet your needs, you can configure the File Anti-Virus's settings (see section "Computer file
system protection" on page 59) on your own. As a result, the security level's name will be changed to Custom. To restore
the default component's settings, select one of the preset security levels.
To change the current file and memory security level, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Set the required security level for the component you have selected.
CHANGING ACTIONS TO BE PERFORMED ON DETECTED OBJECTS
Based on the scan results, File Anti-Virus assigns one of the following statuses to the objects detected:
malicious program (such as, a virus or a Trojan);
potentially infected status when the scan cannot determine if the object is infected. This means that the
application detected a sequence of code in the file from an unknown virus, or modified code from a known virus.
If Computer Protection detects infected or potentially infected objects when scanning for viruses, it will notify you about it.
You should respond to the threat by selecting an action on the object. Computer Protection selects the Prompt for
action option as the action on a detected object which is the default setting. You can change the action. For example, if
you are sure that each detected object should be attempted to disinfect, and do not want to select the Disinfect action
each time you receive a notice about the detection of an infected or suspicious object, you should select the following
action: Do not prompt. Disinfect.
Page 62
U S E R G U I D E
62
Before attempting to disinfect or delete an infected object, Computer Protection creates a backup copy of it to allow later
restoration or disinfection.
If you work in automatic mode (see section "Step 3. Selecting protection mode" on page 41), Computer Protection will
automatically apply the action recommended by Kaspersky Lab's specialists when dangerous objects are detected. For
malicious objects this action is Disinfect. Delete if disinfection fails, for suspicious objects – Skip.
To change the specified action to be performed on detected objects:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Specify the required action for the component you have selected.
CREATING A PROTECTION SCOPE
A protection scope should be understood not only as the location of the objects to be scanned, but also the type of files to
be scanned. By default, Computer Protection only scans potentially infectible files run from any hard drive, network drive,
or removable medium.
You can expand or narrow down the protection scope by adding / removing objects to be scanned, or by changing the
type of files to be scanned. For example, you wish to scan only exe files run from network drives. However, you should
make sure that you will not expose your computer to the threat of infection when narrowing down the protection scope.
When selecting file types you should remember the following:
Some file formats (e.g., txt) have a low risk of containing malicious code which could subsequently be activated.
At the same time, there are formats that contain or may contain an executable code (exe, dll, doc). The risk of
activating malicious code in such files is quite high.
The intruder can send a virus to your computer with the extension txt, which could be an executable file
renamed as txt file. If you have selected the Files scanned by extension option, such a file will be skipped
by the scan. If the Files scanned by format setting has been selected, then, regardless of the extension,
File Anti-Virus will analyze the file header, uncover that the file is an .exe file, and scan it for viruses.
To edit the object scan list:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the General tab, in the Protection scope section, click the Add link.
6. In the Select object to scan window, select an object and click the Add button.
7. After you have added all required objects, click the OK button in the Select object to scan window.
8. To exclude any objects from the list of objects to be scanned, uncheck the boxes next to them.
To change the type of scanned objects:
1. Open the main application window and click the My Computer Protection button.
Page 63
M Y C O M P U T E R P R O T E C T I O N
63
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the General tab, in the File types block, select the required parameter.
USING HEURISTIC ANALYSIS
Objects are scanned using databases which contain descriptions of all known malware and the corresponding
disinfection methods. Computer Protection compares each scanned object with the database records to determine
accurately if the object is malicious, and if so, into which class of malware it falls. This approach is called signature
analysis and is always used by default.
Since new malicious objects appear daily, there is always some malware which are not described in the databases, and
which can only be detected using heuristic analysis. This method presumes the analysis of the actions an object performs
within the system. If those actions are typical of malicious objects, the object is likely to be classed as malicious or
suspicious. This allows new threats to be detected even before they have been researched by virus analysts.
If a malicious object is detected, you will receive a notification prompting for action.
Additionally you can set the detail level for scans. It sets the balance between the thoroughness of searches for new
threats, the load on the operating system's resources and the time required for scanning. The higher the detail level, the
more resources the scan will require, and the longer it will take.
To use the heuristic analysis, and set the detail level for scans:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Performance tab, in the Scan methods block, check the Heuristic
analysis box and specify the detail level for the scan.
SCAN OPTIMIZATION
To shorten the duration of scans and increase the operating speed of Computer Protection, you can opt to scan only new
files and files modified since the last scan. This mode extends to simple and compound files.
To scan only new files and files which have altered since their last scan:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Performance tab, in the Scan optimization block, check the Scan only
new and changed files box.
Page 64
U S E R G U I D E
64
SCAN OF COMPOUND FILES
A common method of concealing viruses is to embed them into compound files: archives, databases, etc. To detect
viruses that are hidden this way a compound file should be unpacked, which can significantly lower the scan speed.
Installer packages and files containing OLE objects are executed when they are opened, which makes them more
dangerous than archives. By disabling archive scans and enabling scans for these file types, you can protect your
computer against execution of malicious code and, at the same time, increase the scan speed.
By default, Computer Protection scans only embedded OLE objects.
To modify the list of scanned compound files:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Performance tab, in the Scan of compound files block, check the
boxes for the types of compound files to be scanned by the application.
SCANNING LARGE COMPOUND FILES
When large compound files are scanned, their preliminary unpacking may require a long time. This term may be reduced
if files are scanned in the background. If a malicious object is detected while working with such a file, Computer
Protection will notify you about it.
To reduce the delay when accessing compound files, one may disable unpacking the files of a size, which is larger than
the specified value. When files are extracted from an archive, they will always be scanned.
For Computer Protection to unpack large-sized files in the background:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Performance tab, in the Scan of compound files block, click the
Additional button.
6. In the Compound files window, check the Extract compound files in the background box and specify the
minimum file size in the field below.
To prevent Computer Protection from unpacking large-sized compound files:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
Page 65
M Y C O M P U T E R P R O T E C T I O N
65
5. In the window that will open, on the Performance tab, in the Scan of compound files block, click the
Additional button.
6. In the Compound files window that will open, check the Do not unpack large compound files box and
specify the file size in the field next to it.
CHANGING THE SCAN MODE
The scan mode is the condition, which triggers File Anti-Virus into activity. By default, Computer Protection uses smart
mode, which determines if the object is subject to scan, based on the actions performed on it. For example, when
working with a Microsoft Office document, Computer Protection scans the file when it is first opened and last closed.
Intermediate operations that overwrite the file do not cause it to be scanned.
You can change the object scan mode. The scan mode should be selected depending on the files you work with most of
the time.
To change the object scan mode:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Additional tab, in the Scan mode block, select the required mode.
SCAN TECHNOLOGY
Additionally you can specify which technologies will be used by the File Anti-Virus component:
iChecker. This technology can increase scan speed by excluding certain objects from the scan. An object is
excluded from the scan with a special algorithm that uses the release date of Computer Protection databases,
the date the object was last scanned, and any modifications to the scan settings.
For example, you have an archive file with the not infected status assigned after the scan. The next time the
application will exclude this archive from the scan unless it has been altered or the scan settings have been
changed. If the archive's structure has changed because a new object had been added to it, or if the scan
settings have changed, or if the application databases have been updated, then the application will re-scan the
archive.
There are limitations to iChecker: it does not work with large files and applies only to the objects with a structure
that the application recognizes (for example, .exe, .dll, .lnk, .ttf, .inf, .sys, .com, .chm, .zip, .rar).
iSwift. This technology is a development of the iChecker technology for computers using an NTFS file system.
There are limitations to iSwift: it is bound to a specific file location in the file system and can apply only to objects
in NTFS.
To change the object scan technology:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
Page 66
U S E R G U I D E
66
5. In the window that will open, on the Additional tab, in the Scan technologies block, select the required setting
value.
PAUSING THE COMPONENT: CREATING A SCHEDULE
When certain programs which require considerable computer resources are in progress, you can temporarily pause the
operation of the File Anti-Virus component, which allows quicker access to objects. To decrease the load and ensure
quick access to objects, you can set a schedule for disabling the component.
Figure 10. Creating a schedule
To configure a schedule for pausing the component:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Additional tab, in the Pause task block, check the By schedule box and
click the Schedule button.
6. In the Pausing the task window, specify the time period (in 24-hour HH:MM format) for which protection will be
paused (Pause task at and Resume task at fields).
Page 67
M Y C O M P U T E R P ROT E C T I O N
67
PAUSING THE COMPONENT: CREATING AN APPLICATIONS LIST
When certain programs which require considerable computer resources are in progress, you can temporarily pause the
operation of the File Anti-Virus component, which allows quicker access to objects. To decrease the load and ensure
quick access to objects, you can configure the settings for disabling the component when working with certain
applications.
Figure 11. Creating application list
Configuring the disabling of File Anti-Virus component if it conflicts with certain applications is an emergency measure! If
any conflicts arouse when working with the component, please contact Kaspersky Lab's Technical Support Service
(http://support.kaspersky.com). The support specialists will help you resolve simultaneous operation of Computer
Protection with the software on your computer.
To configure pausing the component while specified applications are being used, perform the following actions:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Additional tab, in the Pause task block, check the At application
startup box and click the Select button.
6. In the Applications window, create a list of applications which will pause the component when running.
RESTORING DEFAULT PROTECTION SETTINGS
When configuring File Anti-Virus, you are always able to restore its recommended settings. They are considered optimal,
recommended by Kaspersky Lab, and grouped in the Recommended security level.
To restore default protection settings, please do the following:
1. Open the main application window and click the My Computer Protection button.
Page 68
U S E R G U I D E
68
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the File Anti-Virus component.
4. In the Security level section, click the Default level button for the component selected.
Page 69
69
IN THIS SECTION:
Component operation algorithm ...................................................................................................................................... 70
Changing email protection security level ................................................................ ......................................................... 70
Changing actions to be performed on detected objects................................................................................................... 71
Creating a protection scope ............................................................................................................................................. 71
Email scanning in Microsoft Office Outlook ..................................................................................................................... 72
Email scanning in The Bat! ................................ ................................ .............................................................................. 72
Using heuristic analysis ................................................................................................................................................... 73
Scan of compound files ................................................................ ................................................................ ................... 74
Attachment filtering .......................................................................................................................................................... 74
Restoring default mail protection settings ........................................................................................................................ 74
MAIL PROTECTION
Mail Anti-Virus scans incoming and outgoing messages for the presence of malicious objects. It is launched when the
operating system loads, is located in computer RAM and scans all email messages received via the POP3, SMTP, IMAP,
MAPI and NNTP protocols.
A collection of settings called the security level, determines the way of scanning the email. Once a threat is detected, Mail
Anti-Virus performs the action you have specified (see section "Changing actions to be performed on detected objects"
on page 71). The rules with which your email is scanned are defined by a collection of settings. They can be divided into
groups, determining the following features:
from the protected mail stream;
of using the methods of heuristic analysis;
of scanning the compound files;
of filtering the attached files.
Kaspersky Lab advises you not to configure Mail Anti-Virus settings on your own. In the majority of cases, selecting a
different security level is sufficient. You can restore default settings of Mail Anti-Virus. To do so, select one of the security
levels.
To edit Mail Anti-Virus settings, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Mail Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. Make the required changes in the component settings.
Page 70
U S E R G U I D E
70
COMPONENT OPERATION ALGORITHM
Computer Protection includes the component, which ensures scanning the email for dangerous objects, named Mail AntiVirus. It loads when the operating system launches and runs continually, scanning all email on the POP3, SMTP, IMAP,
MAPI and NNTP protocols, as well as on secure connections (SSL) for POP3 and IMAP.
The indicator of the component's operation is the application icon in the taskbar notification area, which looks like
whenever an email message is being scanned.
By default, email protection is carried out as follows:
1. Each email received or sent by the user is intercepted by the component.
2. The email is broken down into its parts: the email heading, its body, and attachments.
3. The body and attachments of the email message (including OLE objects) are scanned for dangerous objects.
Malicious objects are detected with the databases used by Computer Protection, and with the heuristic
algorithm. The database contains descriptions of all the malicious programs known to date and methods for
neutralizing them. The heuristic algorithm can detect new viruses that have not yet been entered in the
database.
4. After the virus scan, the following behavior options are available:
If the body or attachments of the email contain malicious code, the File Anti-Virus component will block the
email, create a backup copy of it and attempt to disinfect the object. After the email message is successfully
disinfected, it returns to the user. If the disinfection fails, the infected object will be deleted from the
message. After the virus scan, special text is inserted in the subject line of the email, notifying you that the
email has been processed by Computer Protection.
If potentially malicious code is detected in the body or an attachment (but the maliciousness is not
absolutely guaranteed), the suspicious part of the email will be placed to the special storage area called
Quarantine.
If no malicious code is discovered in the email, it is immediately made available again to the user.
An integrated extension module is provided for Microsoft Office Outlook (see section "Email scanning in Microsoft Office
Outlook" on page 72) that allows for fine-tuning the email client.
If you are using The Bat!, Computer Protection can be used in conjunction with other anti-virus applications. At that, the
email traffic processing rules (see section "Email scanning in The Bat!" on page 72) are configured directly in The Bat!
and override the application‟s email protection settings.
When working with other mail programs, including Microsoft Outlook Express/Windows Mail, Mozilla Thunderbird,
Eudora, and Incredimail, the Mail Anti-Virus component scans email on SMTP, POP3, IMAP, and NNTP protocols.
Note that when working with Thunderbird mail client, email messages transferred via IMAP will not be scanned for
viruses if any filters moving messages from the Inbox folder are used.
CHANGING EMAIL PROTECTION SECURITY LEVEL
The security level is defined as a preset configuration of File Anti-Virus settings. Kaspersky Lab specialists distinguish
three security levels. The decision of which level to select should be made by the user based on the operational
conditions and the current situation. You may select one of the following security levels:
High. If you work in a non-secure environment, the maximum security level will suit you the best. An example of
such environment is a connection to a free email service, from a network that is not guarded by centralized
email protection.
Recommended. This level provides an optimum balance between the efficiency and security and is suitable for
most cases. This is also the default setting.
Page 71
M Y C O M P U T E R P R O T E C T I O N
71
Low. If you work in a well secured environment, low security level can be used. An example of such an
environment might be a corporate network with centralized email security.
If none of the preset levels meet your needs, you can configure the Mail Anti-Virus's settings (see section "Mail
protection" on page 69) on your own. As a result, the security level's name will be changed to Custom. To restore the
default component's settings, select one of the preset security levels.
To change the preset email security level:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Mail Anti-Virus component.
4. Set the required security level for the component you have selected.
CHANGING ACTIONS TO BE PERFORMED ON DETECTED OBJECTS
Mail Anti-Virus scans an email message. If the scan indicates that the email or any of its parts (body, attachment) is
infected or potentially infected, the component‟s further actions depend on the status of the object and the action
selected.
As a result of scanning, Mail Anti-Virus assigns one of the following statuses to detected objects:
malicious program (such as, a virus or a Trojan).
potentially infected status when the scan cannot determine if the object is infected. This means that the email or
attachment contains a sequence of code from an unknown virus, or modified code from a known virus.
If Computer Protection detects infected or potentially infected objects when scanning the email, it will notify you about
them. You should respond to the threat by selecting an action on the object. Computer Protection selects the Prompt for
action option as the action on a detected object which is the default setting. You can change the action. For example, if
you are sure that each detected object should be attempted to disinfect and do not want to select the Disinfect action
each time you receive a notice about the detection of an infected or suspicious object in a message, you should select
the following action: Do not prompt. Disinfect.
Before attempting to disinfect or delete an infected object, Computer Protection creates a backup copy of it to allow later
restoration or disinfection.
If you work in automatic mode (see section "Step 3. Selecting protection mode" on page 41), Computer Protection will
automatically apply the action recommended by Kaspersky Lab specialists when dangerous objects are detected. For
malicious objects this action is Disinfect. Delete if disinfection fails, for suspicious objects – Skip.
To change the specified action to be performed on detected objects:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Mail Anti-Virus component.
4. Specify the required action for the component you have selected.
CREATING A PROTECTION SCOPE
Protection scope is understood as the type of messages to be scanned. By default, Computer Protection scans both
incoming and outgoing messages. If you have selected the scanning of incoming messages only, you are advised to
Page 72
U S E R G U I D E
72
scan outgoing mail when you first begin using My Computer Protection, because it is likely that there are worms on your
computer which will propagate themselves via email. This will avoid unpleasant situations caused by unmonitored mass
emailing of infected emails from your computer.
The protection scope also includes the settings used to integrate the Mail Anti-Virus component into the system, and the
protocols to be scanned. By default, the Mail Anti-Virus component is integrated into the Microsoft Office Outlook and The
Bat! email client applications.
To disable scans of outgoing emails, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Mail Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the General tab, in the Protection scope block, specify the required values for
the settings.
To select the protocols to scan and the settings to integrate Mail Anti-Virus into the system, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Mail Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Additional tab, in the Connectivity block, select the required settings.
EMAIL SCANNING IN MICROSOFT OFFICE OUTLOOK
If you use Microsoft Office Outlook as the mail client, you may configure additional settings for scanning your mail for
viruses.
A special plug-in is installed in Microsoft Office Outlook when you install Computer Protection. It allows you to configure
Mail Anti-Virus settings quickly, and determine when email messages will be scanned for dangerous objects.
The plug-in comes in the form of a special Email protection tab located in the Tools Options menu. On the tab you
can specify the email scan modes.
To specify complex filtering conditions:
1. Openthe main Microsoft Outlook window.
EMAIL SCANNING IN THE BAT!
Actions on infected email objects in The Bat! are defined using the application's own tools.
Mail Anti-Virus settings determining if incoming and outgoing messages should be scanned, which actions should be
performed on dangerous objects in email, and which exclusions should apply, are ignored. The only thing that The Bat!
takes into account is scanning of attached archives.
2. Select Tools Options from the application menu.
3. On the Email protection tab specify the required email scan mode.
Page 73
M Y C O M P U T E R P R O T E C T I O N
73
The email protection settings extend to all the anti-virus modules installed on the computer that support work with the
Bat!.
Please remember, incoming email messages are first scanned by Mail Anti-Virus and only after that – by The Bat! mail
client plug-in. If a malicious object is detected, Computer Protection will inform you of this without fail. If you select the
Disinfect (Delete) action in the notification window of Mail Anti-Virus, actions aimed at eliminating the threat will be
performed by Mail Anti-Virus. If you select the Skip action in the notification window, the object will be disinfected by The
Bat! plug-in. When sending email messages, the scan is first performed by the plug-in, then by Mail Anti-Virus.
You must decide:
Which stream of email messages will be scanned (incoming, outgoing).
At what point in time email objects will be scanned (when opening an email message or before it is saved to the
disk).
The actions taken by the mail client when dangerous objects are detected in emails. For example, you could
select:
Attempt to disinfect infected parts – if this option is selected, the infected object will be attempted to
disinfect; if it cannot be disinfected, the object will remain in the message.
Delete infected parts – if this option is selected, the dangerous object in the message will be deleted
regardless of whether it is infected or suspected to be infected.
By default, The Bat! places all infected email objects in Quarantine without attempting to disinfect them.
The Bat! does not give special headers to emails containing dangerous objects.
To set up email protection rules in The Bat!:
1. Open the main The Bat! window.
2. Select the Settings item from the Properties menu of the mail client.
3. Select the Virus protection item from the settings tree.
USING HEURISTIC ANALYSIS
Essentially, the heuristic method analyzes the object's activities in the system. If those actions are typical of malicious
objects, the object is likely to be classed as malicious or suspicious. This allows new threats to be detected before they
have been analyzed by virus analysts. By default, heuristic analysis is enabled.
Computer Protection will notify you when a malicious object is detected in a message. You should react to the notification
by further processing the message.
Additionally you can set the detail level for scans: Light, Medium, or Deep. To do so, move the slider bar to the selected
position.
To enable/disable the heuristic analysis, and to set the detail level for the scan, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Mail Anti-Virus component.
4. Click the Settings button for the component you have selected.
Page 74
U S E R G U I D E
74
5. In the window that will open, on the General tab, in the Scan methods block, check / uncheck the Heuristic
analysis box and specify the detail level for the scan.
SCAN OF COMPOUND FILES
The selection of compound files scan mode affects the performance of Computer Protection. You can enable or disable
the scan of attached archives and limit the maximum size of archives to be scanned.
To configure the settings for the scan of compound files:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Mail Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the General tab, select the scan mode of compound files.
ATTACHMENT FILTERING
You can configure filtration conditions for email attachments. Using the filter will add to your computer's security since
malicious programs spread via email are most frequently sent as attachments. By renaming or deleting certain
attachment types, you can protect your computer against potential hazards, such as automatically opening attachments
when a message is received.
If your computer is not protected by any local network software (you access the Internet directly without a proxy server or
a firewall), you are advised not to disable scanning of attached archives.
To configure attachment filtering settings:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Mail Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Attachment filter tab, specify the filtering conditions for email attachments.
When you select either of the last two modes, the list of file types will become enabled in which you can specify
the required types or add a mask to select a new type.
If you need to add a mask of a new type, click the Add link and enter the required data in the Input file name
mask window that will open.
RESTORING DEFAULT MAIL PROTECTION SETTINGS
When configuring Mail Anti-Virus, you are always able to restore its recommended settings. They are considered optimal,
recommended by Kaspersky Lab, and grouped in the Recommended security level.
To restore default mail protection settings, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
Page 75
M Y C O M P U T E R P R O T E C T I O N
75
3. In the window that will open, in the Protection section select the Mail Anti-Virus component.
4. In the Security level section, click the Default level button for the component selected.
Page 76
76
WEB TRAFFIC PROTECTION
Whenever you use the Internet, you subject information stored on your computer to the risk of infection by dangerous
programs. These can infiltrate your computer while you are downloading free software, or browsing knowingly safe sites,
which have recently suffered network attacks. Moreover, network worms can penetrate your computer before you open a
webpage or download a file just because your computer is connected to the Internet.
The Web Anti-Virus component is designed to ensure the security while using the Internet. It protects your computer
against data coming into your computer via the HTTP protocol, and also prevents dangerous scripts from being executed
on the computer.
Web protection monitors HTTP traffic that passes only through the ports included in the monitored port list. A list of ports
that are most commonly used for transmitting email and HTTP traffic is included in the My Computer Protection
installation package. If you use ports that are not on this list, you must add them to the list to protect traffic using these
ports.
If you work in a non-secure area, you are recommended to use Web Anti-Virus while working in the Internet. If your
computer is running on a network protected by a firewall of HTTP traffic filters, Web Anti-Virus provides additional
security when using the Internet.
A collection of settings, called the security level, determines the way of scanning the traffic. If Web Anti-Virus detects a
threat, it will perform the assigned action.
Your web protection level is determined by a group of settings. The settings can be broken down into the following
groups:
protection scope settings;
settings that determine the efficiency of traffic protection (using heuristic analysis, scan optimization).
Kaspersky Lab advises you not to configure Web Anti-Virus component settings on your own. In the majority of cases,
selecting a different security level is sufficient.
To edit Web Anti-Virus settings:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. Make the required changes in the component settings.
Page 77
M Y C O M P U T E R P R O T E C T I O N
77
IN THIS SECTION:
Component operation algorithm ...................................................................................................................................... 77
Changing HTTP traffic security level ............................................................................................................................... 78
Changing actions to be performed on detected objects................................................................................................... 78
Creating a protection scope ............................................................................................................................................. 78
Selecting the scan type ................................................................................................................................................... 79
Kaspersky URL Advisor ................................................................................................................................................... 80
Using heuristic analysis ................................................................................................................................................... 81
Scan optimization ............................................................................................................................................................ 81
Restoring default web protection settings ........................................................................................................................ 82
COMPONENT OPERATION ALGORITHM
Web Anti-Virus protects your computer against data coming onto the computer via HTTP, and prevents hazardous scripts
from running on the computer.
This section discusses the component's operation in more detail. HTTP traffic is protected using the following algorithm:
1. Each web page or file that is accessed by the user, or by a program via the HTTP protocol, is intercepted and
2. After the analysis, you have the following available courses of action:
Scripts are scanned according to the following algorithm:
1. Each script run on a web page is intercepted by Web Anti-Virus and is analyzed for malicious code.
2. If the script contains malicious code, Web Anti-Virus blocks it and informs the user of it with a special pop-up
analyzed for malicious code by Web Anti-Virus. Malicious objects are detected using both Computer Protection
databases and the heuristic algorithm. The database contains descriptions of all the malicious programs known
to date and methods for neutralizing them. The heuristic algorithm can detect new viruses that have not yet
been entered in the database.
If a web page or an object accessed by the user contains malicious code, access to them is blocked. A
notification is displayed that the object or page being requested is infected.
If the file or web page does not contain malicious code, the program immediately grants the user access to
it.
message.
3. If no malicious code is discovered in the script, it is run.
Scripts are intercepted only on the web pages, opened in Microsoft Internet Explorer.
Page 78
U S E R G U I D E
78
CHANGING HTTP TRAFFIC SECURITY LEVEL
The security level is defined as a preset configuration of File Anti-Virus settings. Kaspersky Lab specialists distinguish
three security levels. The decision of which level to select should be made by the user based on the operational
conditions and the current situation. You will be offered to select one of the following options for security level:
High. This security level is recommended for sensitive environments when no other HTTP security tools are
being used.
Recommended. This security level is optimal for using in most situations.
Low. Use this security level if you have additional HTTP traffic protection tools installed on your computer.
If none of the preset levels meet your needs, you can configure the Web Anti-Virus's settings (see section "Web traffic
protection" on page 76) on your own. As a result, the security level's name will be changed to Custom. To restore the
default component's settings, select one of the preset security levels.
To change the preset security level for web traffic:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. Set the required security level for the component you have selected.
CHANGING ACTIONS TO BE PERFORMED ON DETECTED OBJECTS
Once analysis of an HTTP object shows that it contains malicious code, the response by the Web Anti-Virus component
depends on the action you have selected.
Web Anti-Virus always blocks actions by dangerous objects and issues pop-up messages that inform the user of the
action taken. The action on a dangerous script cannot be changed – the only available modification is disabling script
scan module (see section "Selecting the scan type" on page 79).
If you work in automatic mode (see section "Step 3. Selecting protection mode" on page 41), Computer Protection will
automatically apply the action recommended by Kaspersky Lab's specialists when dangerous objects are detected.
To change the specified action to be performed on detected objects:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
CREATING A PROTECTION SCOPE
Creating a protection scope means selecting the type of scan (see section "Selecting the scan type" on page 79) of
objects by Web Anti-Virus, and creating the list of trusted web addresses, which contain information not subject to scan
for dangerous objects by the component.
You can create a list of trusted web addresses whose content you unconditionally trust. Web Anti-Virus will not analyze
data from those addresses for dangerous objects. This option may be useful, for instance, when Web Anti-Virus
interferes with downloading a particular file.
4. Specify the required action for the component you have selected.
Page 79
M Y C O M P U T E R P R O T E C T I O N
79
To create the list of trusted web addresses, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the Web Anti-Virus window that will open, in the Scan optimization block, check the Do not scan HTTP
traffic from trusted web addresses box and click the Select button.
6. In the List of trusted web addresses window that will open, click the Add link.
7. In the Address mask (URL) window that will open, enter a trusted web address (or a mask for trusted address).
SELECTING THE SCAN TYPE
The protection scope creation task (see page 78), along with creation of the trusted web addresses list, also includes the
selection of traffic scan type performed by Web Anti-Virus. By type, the scan is divided into script scan and HTTP traffic
scan.
By default, Web Anti-Virus scans HTTP traffic and scripts simultaneously.
HTTP traffic scan includes not only virus scan but also checking links to know if they are included in the list of suspicious
web addresses and / or in the list of phishing web addresses.
Checking the links if they are included in the list of phishing web addresses allows to avoid phishing attacks, which, as a
rule, look like email messages from would-be financial institutions and contain links to their websites. The message text
convinces the reader to click the link and enter confidential information in the window that follows, for example, a credit
card number or a login and password for an Internet banking site where financial operations can be carried out.
Since the link to a phishing site may be received not only in an email message but in any other way, for example, in the
text of an ICQ message, Web Anti-Virus component traces the attempts of accessing a phishing site at the level of HTTP
traffic scan, and blocks them.
Checking the links if they are included in the list of suspicious web addresses allows to track web sites included in the
black list. The list is created by Kaspersky Lab's specialists and is part of the application installation package.
In order for Web Anti-Virus to scan scripts, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the Web Anti-Virus window that will open, in the Additional block, make sure that the Block dangerous
scripts in Microsoft Internet Explorer box is checked. Web Anti-Virus will scan all scripts processed in
Microsoft Internet Explorer, as well as any other WSH scripts (JavaScript, Visual Basic Script, etc.) launched
when the user works on the computer.
Additionally you can use the Kaspersky URL Advisor (see page 80). To do so, check the Mark phishing and
suspicious URLs in Microsoft Internet Explorer and Mozilla Firefox box. Web Anti-Virus will mark phishing
and suspicious URLs to web addresses detected in browsers (Microsoft Internet Explorer and Mozilla Firefox).
To scan links using the base of suspicious web addresses and / or phishing web addresses, please do the following:
1. Open the main application window and click the My Computer Protection button.
Page 80
U S E R G U I D E
80
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the Web Anti-Virus window that will open, in the Scan methods block, make sure that the Check if URLs
are listed in the base of suspicious web addresses and / or Check if URLs are listed in the base of
phishing web addresses boxes are checked.
KASPERSKY URL ADVISOR
Computer Protection includes the URL scanning module managed by Web Anti-Virus. This module checks if links located
on the web page belong to the list of suspicious and phishing web addresses. You can create a list of trusted web
addresses the content of which should not be scanned, and a list of web addresses the content of which should be
scanned without fail. This module is built in Microsoft Internet Explorer and Mozilla Firefox browsers as a plug-in.
To enable the URL scanning module, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. In the Security level section, click the Settings button for the component selected.
5. In the Web Anti-Virus window that will open, in the Additional block, check the Mark phishing and
suspicious URLs in Microsoft Internet Explorer and Mozilla Firefox box.
To create the list of trusted web addresses, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. In the Security level section, click the Settings button for the component selected.
5. In the Web Anti-Virus window that will open, in the Additional block, click the Settings button.
6. In the Kaspersky URL Advisor window that will open, select the On all web pages option and click the
Exclusions button.
7. In the List of trusted web addresses window that will open, click the Add link.
8. In the Address mask (URL) window that will open, enter a trusted web address (or a mask for trusted address).
To create the list of websites which content should be scanned:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. In the Security level section, click the Settings button for the component selected.
5. In the Web Anti-Virus window that will open, in the Additional block, click the Settings button.
Page 81
M Y C O M P U T E R P R O T E C T I O N
81
6. In the Kaspersky URL Advisor window that will open, select the On the selected web pages option and
click the Select button.
7. In the List of checked web addresses window that will open, click the Add link.
8. In the Address mask (URL) window that will open, enter a web address (or a mask of it).
USING HEURISTIC ANALYSIS
Essentially, the heuristic method analyzes the object's activities in the system. If those actions are typical of malicious
objects, the object is likely to be classed as malicious or suspicious. This allows new threats to be detected even before
they have been researched by virus analysts. By default, heuristic analysis is enabled.
Computer Protection will notify you when a malicious object is detected in a message. You should react to the notification
by further processing the message.
Additionally you can set the detail level of scanning: Light, Medium, or Deep. To do so, move the slider bar to the
selected position.
To enable/disable the heuristic analysis, and to set the detail level for the scan, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. Click the Settings button for the component you have selected.
5. In the Web Anti-Virus window that will open, in the Scan methods block, check / uncheck the Heuristic
analysis box and specify the scan detail level below.
SCAN OPTIMIZATION
To detect malicious code more efficiently, Web Anti-Virus buffers fragments of objects downloaded from the Internet.
When using this method, Web Anti-Virus only scans an object after it has been completely downloaded. Then, the object
is scanned for viruses and returned to the user for work or blocked, depending on scan results.
However, buffering objects increases object processing time, and hence the time before the application returns objects to
the user. This can cause problems when copying and processing large objects because the connection with the HTTP
client may time out.
To solve this problem, we suggest limiting the buffering time for web object fragments downloaded from the Internet.
When this time limit expires, the user will receive the downloaded part of the file without scanning, and once the object is
fully copied, it will be scanned in its entirety. This allows reducing the time period needed to transfer the object to the
user, and eliminating the problem of disconnection; at that, security level for Internet use will not reduce.
By default, the buffering time for file fragments is limited to one second. Increasing this value or removing the buffering
time limit will result in better virus scans but somewhat slower access to the object.
To set a time limit for fragment buffering or remove it, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. Click the Settings button for the component you have selected.
Page 82
U S E R G U I D E
82
5. In the Web Anti-Virus window that will open, in the Scan optimization block, check / uncheck the Limit
fragment buffering time box and enter the time value (in seconds) in the field right to it.
RESTORING DEFAULT WEB PROTECTION SETTINGS
When configuring Web Anti-Virus, you are always able to restore its recommended settings. They are considered
optimal, recommended by Kaspersky Lab, and grouped in the Recommended security level.
To restore default Web Anti-Virus settings, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Web Anti-Virus component.
4. In the Security level section, click the Default level button for the component selected.
Page 83
83
IN THIS SECTION:
Component operation algorithm ...................................................................................................................................... 83
Creating a protection scope ............................................................................................................................................. 84
Selecting the scan method .............................................................................................................................................. 84
Using heuristic analysis ................................................................................................................................................... 85
PROTECTING INSTANT MESSENGERS TRAFFIC
Besides the additional features for comfortable Internet surfing, instant messaging clients (further referred to as IM
clients), which have widely spread nowadays, have caused potential threats to computer security. Messages that contain
URLs to suspicious websites and those used by intruders for phishing attacks may be transferred using IM clients.
Malicious programs use IM clients to send spam messages and URLs to the programs (or the programs themselves),
which steal users' ID numbers and passwords.
The IM Anti-Virus component is designed to ensure safe operation of IM clients. It protects the information that comes to
your computer via IM protocols.
The product ensures safe operation of various applications for instant messaging, including ICQ, MSN, AIM, Yahoo!
Messenger, Jabber, Google Talk, Mail.Ru Agent and IRC.
The Yahoo! Messenger and Google Talk applications use the SSL protocol. In order for IM Anti-Virus to scan the traffic of
these applications, it is necessary to use the encrypted connections scan (see page 170). To do so, check the Scan
encrypted connections box in the Network section.
Traffic is scanned based on a certain combination of settings. If threats are detected in a message, IM Anti-Virus
substitutes this message with a warning message for the user.
Your IM traffic protection level is determined by a group of settings. The settings can be broken down into the following
groups:
settings creating the protection scope;
settings determining the scan methods.
To edit IM Anti-Virus settings, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the IM Anti-Virus component.
4. Make the required changes in the settings of the component selected.
COMPONENT OPERATION ALGORITHM
Computer Protection includes a component that ensures the scan of messages transferred via IM (instant messaging)
clients for dangerous objects, named IM Anti-Virus. It loads at the startup of operating system and runs in your
computer's RAM, scanning all incoming and outgoing messages.
By default, protection of IM clients' traffic is carried out using the algorithm described below:
Page 84
U S E R G U I D E
84
1. Each message received or sent by the user is intercepted by the component.
2. IM Anti-Virus scans the message for dangerous objects or URLs listed in databases of suspicious and/or
phishing web addresses. If a threat is detected, message text will be substituted with a warning message for the
user.
3. If no security threats are detected in the message, it becomes operable for the user.
Files transferred via IM clients are scanned by the File Anti-Virus component (see section "Computer file system
protection" on page 59) when they are attempted to save.
CREATING A PROTECTION SCOPE
Protection scope is understood as the type of messages subject to scan:
Incoming and outgoing messages. IM Anti-Virus scans both incoming and outgoing messages by default.
Incoming messages only. If you are sure that messages sent by you cannot contain dangerous objects,
select this setting. IM Anti-Virus will scan only incoming messages.
By default, Computer Protection scans both incoming and outgoing messages of IM clients.
If you are sure that the messages sent by you cannot contain any dangerous objects, you may disable the scan of
outgoing traffic.
To disable the scan of outgoing messages, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the IM Anti-Virus component.
4. In the Protection scope section, select the Incoming messages only option for the component selected.
SELECTING THE SCAN METHOD
Scan methods consist in scanning the URLs in IM clients' messages to know if they are included in the list of suspicious
web addresses and / or in the list of phishing web addresses:
Check if URLs are listed in the base of suspicious web addresses. IM Anti-Virus will scan the links inside
the messages to identify if they are included in the black list.
Check if URLs are listed in the base of phishing web addresses. Computer Protection databases include
all the sites currently known to be used for phishing attacks. Kaspersky Lab supplements this list with addresses
obtained from the Anti-Phishing Working Group, which is an international organization. Your local copy of this
list is updated when you update Computer Protection databases.
To scan links in the messages using the database of suspicious web addresses, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the IM Anti-Virus component.
4. In the Scan methods section, check the Check if URLs are listed in the base of suspicious web
addresses box for the component selected.
Page 85
M Y C O M P U T E R P R O T E C T I O N
85
To scan links in the messages using the database of phishing web addresses, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the IM Anti-Virus component.
4. In the Scan methods section, check the Check if URLs are listed in the base of phishing web addresses
box for the component selected.
USING HEURISTIC ANALYSIS
Essentially, the heuristic method analyzes the object's activities in the system. For this purpose, any script included in an
IM client's message is executed in the protected environment. If this script's activity is typical of malicious objects, the
object is likely to be classed as malicious or suspicious. By default, heuristic analysis is enabled.
Computer Protection will notify you when a malicious object is detected in a message.
Additionally you can set the detail level for scans: Light, Medium, or Deep. To do so, move the slider bar to the selected
position.
To enable/disable the heuristic analysis, and to set the detail level for the scan, please do the following:
1. Open the mainapplication window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the IM Anti-Virus component.
4. In the Scan methods section, check / uncheck the Heuristic analysis box and set the scan detail level
below for the component selected.
Page 86
86
IN THIS SECTION:
Component operation algorithm ...................................................................................................................................... 87
Creating a protection scope ............................................................................................................................................. 89
Application Control rules .................................................................................................................................................. 90
APPLICATION CONTROL
Based on the system security factor, all applications can be divided into three groups:
Safe. This group includes applications developed by well-known vendors and provided with digital signatures.
You may allow such applications to perform any actions in the system.
Dangerous. This group includes currently known threats. Activity of applications included in this group must be
blocked.
Unknown. This group may include applications developed by unknown developers which are not provided with a
digital signature. Such applications may or may not harm the system. You can make a firm decision if it is safe
to use applications in this group only after you run them and analyze their behavior. Before you decide whether
an unknown application is safe or unsafe, it would be reasonable to restrict its access to the system resources.
The Application Control component logs the actions performed by applications in the system, and manages the
applications' activities, based on which group (see section "Application groups" on page 88) they belong to. A set of rules
is defined for each group of applications (see section "Application Control rules" on page 90). These rules manage
applications' access to various resources, such as:
files and folders;
registry keys;
network addresses;
execution environment.
When an application accesses a resource, the component checks if the application has the required access rights, and
performs the action determined by the rule.
To modify the Application Control settings, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section, select the Application Control component.
4. Make the required changes in the settings for the component you have selected.
Also:
1. Open the main application window and selectthe Application Control section.
2. In the right part of the window, click the Application activity link.
3. In the Application Activity Control window that will open, make the required changes.
Page 87
M Y C O M P U T E R P R O T E C T I O N
87
SEE ALSO:
Inheriting rights ................................................................................................................................................................ 87
Threat rating .................................................................................................................................................................... 88
Application groups ........................................................................................................................................................... 88
Application run sequence ................................................................................................................................................ 89
COMPONENT OPERATION ALGORITHM
At the first startup of an application, Application Control analyzes it using the following algorithm:
1. Scans the application for viruses.
2. Verifies the application's digital signature. If the digital signature is confirmed, the application will be included in
the Trusted group. If the application has no digital signature (or if the digital signature is corrupted, or included
in the black list), the component will proceed to the next step.
3. Searches for a record of the application being started in the internal base of known applications included with
Computer Protection installation package. If a record for the application being started is found in the base, it will
be included in the corresponding group. If no record for the application being started is found in the base, the
component will proceed to the next step.
4. Sends information about the application's executable file to the base of known applications stored at a
Kaspersky Lab's server. If the base already contains a record related to the information sent, the application will
be included in the corresponding group. If the base is inaccessible (for example, no Internet connection is
active), the component will proceed to the next step.
5. Calculates the application's threat rating using the heuristic analysis. Applications with lower rating are placed
into the Low Restricted group. If the application's rating is high, Computer Protection will notify you about it,
and will offer you to select a group into which you should place this application.
When these scans are completed, a notification displays the final decision regarding the application. By default, the
notification is disabled.
When the application is restarted, Application Control checks its integrity. If the application has not been changed, the
component applies the existing rule to it. If the application has been changed, Application Control analyzes it using the
algorithm described above.
INHERITING RIGHTS
The important part of the Application Control component is the mechanism of the access rights inheritance. This
mechanism prevents the use of trusted applications by a non-trusted application or an application with restricted rights in
order to perform actions requiring certain privileges.
When an application attempts to obtain access to a monitored resource, Application Control analyzes the rights of all
parent processes of this application, and compares them to the rights required to access this resource. At that, the
minimum priority rule is observed: when comparing the access rights of the application to those of the parent process, the
access rights with a minimum priority will be applied to the application's activity.
Access right priority:
1. Allow. Access right data have the highest priority.
2. Prompt user.
3. Block. Access right data have the lowest priority.
Page 88
U S E R G U I D E
88
Example:
A Trojan attempts to use regedit.exe to edit the Microsoft Windows registry. The rule for the Trojan program sets the
Block action as the reaction to an attempt to access the registry, while the rule for regedit.exe sets the Allow action.
As a result, activities of regedit.exe run by the Trojan will be blocked since the rights of regedit.exe will be inherited
from the parent process. This event will trigger the minimum priority rule, and the action will be blocked despite the fact
that the regedit.exe program has the rights required to allow it.
SEE ALSO:
Application run sequence ................................................................................................................................................ 89
If the application's activities are blocked due to insufficient rights of a parent process, you can edit the rules (see section
"Editing an application rule" on page 92).
You should modify the rights of a parent process only if you are absolutely certain that the process' activities do not
threaten the system's security.
THREAT RATING
Application Control determines the threat rating for every application running on your computer, using the heuristic
analysis. The threat rating is the indicator of how dangerous the application is for the system; it is calculated based on
two types of criteria:
static (these criteria include information about the application's executable file: size, creation date, etc.);
dynamic, which are used while simulating the application's operation in a virtual environment (analysis of the
application's calls to system functions). Analyzing these criteria allows detecting a behavior typical of malware.
Based on rating values, Application Control divides applications into groups (see section "Application groups" on page
88). The lower the threat rating is, the more actions the application will be allowed to perform in the system.
APPLICATION GROUPS
All user's applications on the computer are divided by Application Control into groups, based on the level of danger for
the system which in turn affects the applications' rights to access the system's resources.
There are four pre-set groups of applications:
Trusted. Applications with a digital signature by trusted vendors, or applications which are recorded in the base
of trusted applications. These applications have no restrictions applied on actions performed in the system.
Those applications' activity is monitored by Proactive Defense and File Anti-Virus.
Low Restricted. Applications that do not have a digital signature from a trusted vendor, and which are not listed
in the base of trusted applications. However, these applications have received a low value of the threat rating
(on page 88). They are allowed to perform some operations, such as access to other processes, system control,
hidden network access. The user's permission is required for most operations.
High Restricted. Applications without a digital signature and which are not listed in the base of trusted
applications. These applications have a high value of the threat rating. The applications of this group require the
user's permission for most actions which affect the system: some actions are not allowed for such applications.
Page 89
M Y C O M P U T E R P R O T E C T I O N
89
SEE ALSO:
Inheriting rights ................................................................................................................................................................ 87
Untrusted. Applications without a digital signature and which are not listed in the base of trusted applications.
These applications have received a very high value of the threat rating. Application Control blocks any actions
performed by such applications.
The applications classed by Application Control in a certain group are assigned the corresponding status, and inherit the
rights of access to the resources from the group rule (see section "Application Control rules" on page 90).
Kaspersky Lab advises you not to move applications from one group to another. Instead, if required, modify the
application's rights to access specific system resources (see section "Editing an application rule" on page 92).
APPLICATION RUN SEQUENCE
Application startup may be initiated either by the user or by another application running.
If the startup is initiated by another application, it results in creating a startup procedure including parent and child
programs. Startup procedures can be saved.
When saving a startup procedure, each program included in it remain in its group.
CREATING A PROTECTION SCOPE
Application Control manages rights of user applications to perform actions with the following resource categories:
Operating system. This category includes:
registry keys containing startup settings;
registry keys containing internet use settings;
registry keys affecting system security;
registry keys containing system service settings;
system files and folders;
startup folders.
Kaspersky Lab has created a list of operating system's settings and resources which should always be protected by
Computer Protection. This list cannot be edited. However, you can renounce the monitoring of any operating system
object in the category you have selected, as well as add to the list.
Identity data. This category includes:
user's files (My Documents folder, cookie files, information about the user's activity);
registry files, folders and keys which contain the settings and important data of the most frequently used
applications: Internet browsers, file managers, mail clients, IM clients, and electronic wallets.
Kaspersky Lab has created a list of resource categories which should always be protected by Computer Protection. This
list cannot be edited. However, you can renounce the monitoring of any resource category, as well as add to the list.
Page 90
U S E R G U I D E
90
To add to the list of identity data items to be protected, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section, select the Application Control component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Personal data tab, in the Category dropdown list, select the required
category of personal data objects, and click the Add link (or click the Add category link if you wish to add a new
category of resources to be protected, and enter its name in the window that will open).
6. In the User resource window that will open, click the Browse button and specify required data, depending on
the resource being added:
File or folder. In the Select file or folder window that will open, specify a file or a folder.
Registry key. In the Please specify a registry object window that will open, specify the registry key being
protected.
Network service. In the Network service window that will open, specify the settings of monitored network
connection (see section "Configuring network service settings" on page 105).
IP addresses. Specify the protected range of addresses in the Network addresses window that will open.
After the resource has been added to the protection scope, you can edit or delete the resource using the
corresponding links in the bottom part of the tab. To exclude the resource from the protection scope, uncheck
the box next to it.
To add to the list of operating system's settings and resources to be protected, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section, select the Application Control component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Operating system tab, in the Category dropdown list, select the required
category of operating system objects, and click the Add link.
6. In the User resource window that will open, click the Browse button and specify required data, depending on
the resource being added:
File or folder. In the Select file or folder window that will open, specify a file or a folder.
Registry key. In the Please specify a registry object window that will open, specify the registry key being
protected.
APPLICATION CONTROL RULES
Rule is a set of reactions of Application Control to the application's actions on the resources being monitored (see section
"Creating a protection scope" on page 89).
After the resource has been added to the protection scope, you can edit or delete the resource using the
corresponding links in the bottom part of the tab. To exclude the resource from the protection scope, uncheck
the box next to it.
Page 91
M Y C O M P U T E R P R O T E C T I O N
91
SEE ALSO:
Placing applications into groups ...................................................................................................................................... 91
Changing the time used to determine the application status ........................................................................................... 92
Editing an application rule ............................................................................................................................................... 92
Editing a rule for an application group ............................................................................................................................. 93
Creating a network rule for application ............................................................................................................................ 93
Configuring exclusions .................................................................................................................................................... 94
Deleting rules for applications ......................................................................................................................................... 94
Possible component's reactions include the following:
Inherit. For an application's activity, Application Control will apply the rule set for the group the application
belongs to. This is the default setting for the reaction.
Allow. Application Control allows an application to perform an action.
Deny. Application Control does not allow an application to perform an action.
Prompt for action. Application Control informs the user that an application is attempting to perform an action,
and prompts the user for further actions.
Log events. Information about an application's activity and Application Control's reaction will be logged in a
report. Adding the information to a report can be used together with any other component's action.
By default, an application inherits the access rights from the group it belongs to. You can edit an application rule. In this
case, the application rule's settings will have a higher priority than those inherited from the group the application belongs
to.
PLACING APPLICATIONS INTO GROUPS
Applications included by the Application Control component in the Trusted group (see section "Application groups" on
page 88) do not impose any threat to the system.
You can use the option of specifying the range of trusted applications, activities of which will not be scanned by
Application Control. Trusted applications may include those with a digital signature or those listed in Kaspersky Security
Network's database.
For other applications, which do not fit into the trusted group, you can use heuristic analysis to determine a group, or
specify a particular group into which the application will be added automatically.
For Application Control to view applications with a digital signature and / or contained in the Kaspersky Security
Network database as trusted, and not to notify of their activity, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section, select the Application Control component.
4. In the Trusted applications section, check the Applications with digital signature box and / or the
Applications from Kaspersky Security Network database box for the component selected.
Page 92
U S E R G U I D E
92
If you want Application Control to use heuristic analysis for allocating untrusted applications to groups:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section, select the Application Control component.
4. Select the Use heuristic analysis to define status option in the Trusted applications section. When the
status is assigned, the application will be attributed to the corresponding group.
If you want Application Control to assign the specified status automatically when allocating untrusted applications to
groups:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section, select the Application Control component.
4. Select the Assign the following status automatically option in the Trusted applications section.
Applications will be distributed to corresponding groups.
CHANGING THE TIME USED TO DETERMINE THE APPLICATION STATUS
If heuristic analysis is used to determine the application status, Application Control analyzes the program for 30 seconds
by default. If threat rating has not been calculated during this time, the application receives a Low Restricted status and is
placed to the corresponding group.
Threat rating calculation continues in the background. After the application has been studied with the help of heuristic
analyzer, it receives the status according to its threat rating and is placed to the corresponding group.
You can change the time, allocated for applications analysis. If you are sure that all applications started on your computer
do not impose any threat to security, you can decrease the time spent for analysis. If, on the contrary, you are installing
the software and are not sure that it is safe, you are advised to increase the time for analysis.
To change the amount of time allocated to checking the unknown applications:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section, select the Application Control component.
4. For selected component set the value for Maximum time to define the application status parameter in the
Additional section.
EDITING AN APPLICATION RULE
When an application is started for the first time, Application Control determines its status and includes it in a certain
group. After that, the component logs the actions performed by this application in the system, and manages its activity
based on which group (see section "Application groups" on page 88) it belongs to. When an application accesses a
resource, the component checks if the application has the required access rights, and performs the action determined by
the rule. You can edit the rule that was created for the application when determining its status and including the
application in the corresponding group.
To change an application rule, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, select the Application Control section.
Page 93
M Y C O M P U T E R P R O T E C T I O N
93
3. In the window that will open, in the Application Control block, click the Application activity link.
4. In the Application Activity Control window that will open, in the Category dropdown list, select the required
category.
5. In the Status column, left-click the link with the application's status for the required application.
6. In the menu that will open, select the Custom settings item.
7. In the window that will open, on the Rules tab, edit the access rules for the required resource category.
EDITING A RULE FOR AN APPLICATION GROUP
When an application is started for the first time, Application Control determines its status and includes it in a certain
group. After that, the component logs the actions performed by this application in the system, and manages its activity
based on which group (see section "Application groups" on page 88) it belongs to. You can edit the rule for the group, if
necessary.
To change a rule for the group, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section, select the Application Control component.
4. In the Rules for application statuses block, click the Configure rules button for the component selected.
5. In the Activity Control settings window that will open, select the required group.
6. In the window that will open, on the Rules tab, edit the access rules for the required resource category.
CREATING A NETWORK RULE FOR APPLICATION
By default, after the first startup of the application, Application Control includes it in one of the preset groups. A group rule
regulates an application's access to a network with a specified status. If you need to process the application's access to
certain network services in a special way, you can create a network rule.
To create a rule controlling the application's network activity, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, select the Application Control section.
3. In the window that will open, in the Application Control block, click the Application activity link.
4. In the Application Activity Control window that will open, in the Category dropdown list, select the required
category.
5. In the Status column, left-click the link with the application's status for the required application.
6. In the menu that will open, select the Custom settings item.
7. In the window that will open, on the Rules tab, select the Network rules category from the dropdown list, and
click the Add link.
8. In the Network rule window that will open, configure the packet rule.
9. Assign the priority for created rule.
Page 94
U S E R G U I D E
94
CONFIGURING EXCLUSIONS
When you create a default application rule, Computer Protection will monitor any of the user application's actions,
including: access to files and folders, access to the execution environment, and network access. You can exclude certain
actions of a user application from the scan.
In order to exclude applications' actions from the scan:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, select the Application Control section.
3. In the window that will open, in the Application Control block, click the Application activity link.
4. In the Application Activity Control window that will open, in the Category dropdown list, select the required
category.
5. In the Status column, left-click the link with the application's status for the required application.
6. In the menu that will open, select the Custom settings item.
7. In the window that will open, on the Exclusions tab, check the boxes that correspond to the actions you want to
exclude. When excluding the application's network traffic scan, configure additional exclusion settings.
All exclusions created in the rules for user applications are accessible in the application settings window in the
Threats and exclusions section.
DELETING RULES FOR APPLICATIONS
You can use the option of deleting the rules for applications, that have not been started for some time.
To delete rules for applications, that have not been started for a specified time period:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section, select the Application Control component.
4. For selected component check the Delete rules for applications remaining inactive for more than box in
the Additional section and specify the necessary number of days in the field to the right.
Page 95
95
IN THIS SECTION:
Running an application in safe mode............................................................................................................................... 95
Creating a shortcut for program execution ...................................................................................................................... 96
Creating the list of applications running in safe mode ..................................................................................................... 96
Selecting the mode: running an application ................................................................................................ ..................... 97
Selecting the mode: clearing safe mode data .................................................................................................................. 97
Using a shared folder ...................................................................................................................................................... 98
Clearing the safe mode data ........................................................................................................................................... 98
SAFE MODE OF APPLICATIONS EXECUTION
Safe mode of applications execution is not available on computers running Microsoft Windows XP x64.
To ensure maximum security of operating system objects and of users' personal data, Kaspersky Lab has implemented
the option of running third-party applications in a protected virtual environment named Safe Run.
You are advised to avoid running the applications whose authenticity is not evident to you, when working in Safe Run
mode. This allows to avoid modifications in operating system objects which may lead to an improper functioning.
Functionalities of some applications in Safe Run mode may be reduced when started on computers running under
Microsoft Windows Vista x64 and Microsoft Windows 7 x64. If such applications are started, the corresponding message
will be displayed on the screen if you have configured the notifications about the Application functionality is limited in
safe mode event.
Running Internet browsers in a safe environment ensures security when viewing web resources, including the protection
against malware penetrating the computer and the protection of user data against any unauthorized attempts of changing
and deleting, as well as the possibility of deleting all objects accumulated during the Internet session: temporary files,
cookies, history of web pages browsed, etc. Microsoft Internet Explorer is included in the list of applications running in
safe mode, by default.
Running an application in safe mode is performed depending on the mode selected. The option of creating shortcuts is
provided for a quick start of applications in safe mode.
For the files saved or modified in safe mode to be available when working in standard mode, you should use the Safe
Run Shared Folder created exclusively for those files and available both in safe mode and in standard mode. When
clearing safe mode data (see page 98), the files stored in this folder will not be deleted.
You are advised to use Microsoft Windows standard mode to install the applications with which you wish to work in safe
mode in the future.
RUNNING AN APPLICATION IN SAFE MODE
If the Always run in safe mode option is not enabled for the application, it can be run in safe mode using one of the
following ways:
from the Microsoft Windows context menu;
Page 96
U S E R G U I D E
96
from the main window of My Computer Protection (see section "My Computer Protection" on page 53);
using an existing shortcut (see section "Creating a shortcut for program execution" on page 96).
If the Always run in safe mode option is selected for the application, it will be launched in safe mode regardless of the
run mode.
Applications running in safe mode, are highlighted with a green frame around the application window, and highlighted
with green color in the list of applications monitored by Application Control (see section "Application Control" on page 86).
To run an application in safe mode using a shortcut, please do the following:
1. Open the folder in which a shortcut was created.
2. Run the application by double-clicking its shortcut.
To run an application in safe mode from the main window of My Computer Protection, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, select the Application Control section.
3. In the bottom part of the window, select the icon of the required application.
4. Double-click the icon to run the application, or open the context menu and select the Run item.
To run an application in safe mode from the Microsoft Windows context menu, please do the following:
1. Right-click thename of the object selected: of the application shortcut or executable file.
2. In the menu that will open, select the Safe Run item.
CREATING A SHORTCUT FOR PROGRAM EXECUTION
To run applications quickly in safe mode, Computer Protection provides the possibility of creating shortcuts. This allows
running the required application in safe mode, without opening the main application window or the Microsoft Windows
context menu.
To create a shortcut to run an application in safe mode, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, select the Application Control section.
3. In the bottom part of the window, in the Safe Run applications field, select the icon of the required application.
4. By right-clicking, open the context menu and use the Create shortcut item.
5. Specify the path for saving a shortcut and its name in the window that will open. By default, a shortcut will be
created in the My Computer folder of the current user, and it will be assigned the name corresponding to the
application's process.
CREATING THE LIST OF APPLICATIONS RUNNING IN SAFE MODE
You can create a list of applications running in safe mode in the main application window. The list is displayed in the My
Security Zone section.
Page 97
M Y C O M P U T E R P R O T E C T I O N
97
If you add to the list an application that allows working with several copies of it at the same time (such as Windows
Internet Explorer), each new copy of it runs in safe mode after the application is added to the list. If you add to the list an
application that allows using only one copy of it, that application must be restarted after it is added to the list.
To add an application in the list of applications running in safe mode, please do the following:
1. Open themain application window and click the My Computer Protection button.
2. In the window that will open, select the Application Control section.
3. In the bottom part of the window, in the Safe Run applications field, click the Add link.
4. In the menu that will open, select the necessary application. Once you select the Browse item, a window will
open in which you should specify the path to an executable file. Once you select the Applications item, the list
of applications currently running will open. After this, the application icon will be added in the field.
To delete an application from the list of applications running in safe mode, select it in the list and click the Delete
link.
SELECTING THE MODE: RUNNING AN APPLICATION
By default, all the applications installed on the computer can run both in standard mode and in safe mode. When adding
an application in the list of applications running in safe mode, you can enable the Always run in safe mode option for it.
This means that the application will be run in safe mode regardless of the run mode, whether using Microsoft Windows
standard tools, or Computer Protection tools.
You are not advised to enable the Always run in safe mode option for system applications and utilities, since this can
lead to an improper functioning of the operating system.
To run an application in safe mode only, regardless of the run mode, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, select the Application Control section.
3. In the bottom part of the window, select the icon of the required application.
4. By right-clicking, open the context menu.
5. Select the Always run in safe mode item. The box will be displayed next to the menu item.
To allow the application to run in standard mode, select this item again.
SELECTING THE MODE: CLEARING SAFE MODE DATA
If an application runs in safe mode, all modifications performed by the application are performed within the scope of safe
mode only. By default, at the next application startup, all changes made and files saved will be available during the safe
mode session.
If you do not need the safe mode data any more, you can clear it (see page 98).
If you do not want the changes you have made to be available for an application at the next run in safe mode, you can
enable the Clear Safe Run data on exit mode for it. This means that the changes you have made during the session,
will be lost. Applications running in the specified mode, are marked with the icon.
Page 98
U S E R G U I D E
98
To clear Safe Run data every time the application closes, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, select the Application Control section.
3. In the bottom part of the window, select the icon of the required application.
4. By right-clicking, open the context menu.
5. Select the Clear Safe Run data on exit item. The box will be displayed next to the menu item and the
sign will appear on the application icon in the list of applications running in safe mode.
USING A SHARED FOLDER
When working in safe mode, all changes required due to the application's operation, are only made in safe mode, so they
do not affect the standard mode. Thus, files saved in safe mode cannot be transferred to the standard mode.
For the files saved or modified in safe mode to be available in standard mode, Safe Run Shared Folder can be used,
provided by Computer Protection. All files saved in this folder when working in safe mode, will be available in standard
mode.
Shared folder is a folder on the hard drive created when you install Computer Protection.
The shared folder is created in the %AllUsersProfile%\Application Data\Kaspersky Lab\SandboxShared folder during
application installation, and its location cannot be changed.
The shared folder is indicated with the icon in the Microsoft Windows Explorer. You can also go to the folder from the
Computer Protection's main window.
To open the shared folder from the Computer Protection's main window, please do the following:
1. Open the main application window and click the My Computer Protection button.
2. In the window that will open, select the Application Control section.
To disable clearing data saved during an application's session in safe mode, select this item again.
CLEARING THE SAFE MODE DATA
If you need to delete data saved in safe mode, or if you need to restore the current settings for all applications running in
Microsoft Windows standard mode, you can clear safe mode data.
Before clearing the data, saved in the safe mode, you should make sure that all information you may need for further
work has been saved in the shared folder. Otherwise, the data will be deleted without any possibility to restore them.
3. Click the Shared Folder link. The folder will open in a standard window of Microsoft Windows.
To clear safe mode data, please do the following:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, select the Application Control section.
3. In the bottom part of the window, in the Safe Run applications field, click the Clear link.
Page 99
M Y C O M P U T E R P R O T E C T I O N
99
4. In the window that will open, confirm data clearing by using the OK button, or click the Cancel button to cancel
clearing.
Page 100
100
IN THIS SECTION:
Changing the network status ......................................................................................................................................... 100
Extending the range of network addresses ................................................................................................................... 101
Selecting the mode of notification about network changes ............................................................................................ 101
Advanced Firewall settings ............................................................................................................................................ 102
Firewall rules ................................................................................................................................................................. 102
FIREWALL
Computer Protection contains a special component, Firewall, to ensure your security on local networks and the Internet. It
filters all network activities using rules of two types: rules for applications and packet rules.
Firewall analyzes settings of the networks to which you are connecting the computer. If the application runs in interactive
mode (see section "Using interactive protection mode" on page 156), Firewall will request that you specify the status of
the connected network, when first connected. If the interactive mode is off, the Firewall determines the status based on
the network type, ranges of addresses and other specifications. Depending on the network status Firewall applies various
rules to filtering network activities.
To modify Firewall's settings:
1. Open the main application window and click the My Computer Protection.
2. In the window that will open, click the Settings link in the top part of the window.
3. In the window that will open, in the Protection section select the Firewall component.
4. Click the Settings button for the component you have selected.
5. In the window that will open, on the Filtering rules and Networks tabs modify the settings of Firewall
operation.
CHANGING THE NETWORK STATUS
All network connections on your computer are monitored by Firewall. Firewall assigns a specific status to each
connection and applies various rules for filtering of network activity depending on that status.
Once you get connected to a new network, Firewall will display a notification (see page 262) on the screen. To select a
method for network activity filtering, you should specify the status for the detected network. You can select one of the
following statuses:
Public network (Internet). We recommend that you select this status for networks not protected by any anti-
virus applications, firewalls or filters (for example, for Internet cafe filters). Users of such networks are not
allowed access to files and printers located on or connected to your computer. Even if you have created a
shared folder, the information in it will not be available to users from networks with this status. If you allowed
remote access to the desktop, users of this network will not be able to obtain it. Filtering of the network activity
for each application is performed according to the rules for this application. By default, this status is assigned to
Internet.
Local network. We recommend that you assign this status to networks to which users you wish to grant access
to files and printers on your computer (for example, for your internal corporate network or home network).
Loading...