วิธี set Kaspersky เพื่อป้องกัน Encrypting malware(Cryptowall)
Cr.Support.kaspersky.com
How to protect against file-encrypting malware (cryptoware) in Kaspersky Internet Security 2015
To reduce the risk of infection by cryptoviruses and avoid false positives on installation of applications and games, Kaspersky Lab specialists recommend to configure Kaspersky Internet Security 2015:
1. Create the Protected file types category
- Open Kaspersky Internet Security 2015.
- In the lower part of the main application window, click Settings.
- In the Settings window, go to the Protection Center section and select Application Control in the right frame.
- In the Application Control settings window, click Manage identity protection.
- In the Digital identity protection window, go to the Identity data tab and select User files.
- Click Add category.
- Create the category under the name Protected file types.
- Click OK.
- Select the Protected file types category and create several subcategories in it (Documents, Images, etc.).
- Select the category corresponding to the protected files type (for example, Documents for files with the .doc extension) and click Add.
- Instead of the path to the file, enter the mask for the file type: *.
. - Click OK.
- Add the rest of file types the same way.
- Close the Digital identity protection window.
2. Create rules for applications
Configure the rules for the Protected file types category on access of applications with high and low restrictions:
- Open Kaspersky Internet Security 2015.
- At the bottom of the main application window, click Settings.
- In the Settings window, go to the General section and clear the check box Perform recommended actions automatically.
- In the Settings window, go to the Protection Center section and select Application Control in the right frame.
- In the Application Control settings window, click Manage applications.
- In the Application management window, select Restrictions.
- Right-click the Trusted group and select Details and rules.
- In the Application rules window, go to the Files and system registry tab. Make sure the rule that allows to read, write, create, and delete is set for the Protected file types resource.
- Close the Application rules window.
- Right-click the Low Restricted or High Restricted group and select Details and rules.
- In the Application rules window, go to the Files and system registry tab. Make sure the Prompt for action rule is set on sections Read, Write, Create, and Delete for the Protected file types resource.
- Close the Application rules window.
3. Enable System Watcher
The System Watcher component in Kaspersky Internet Security 2015
collects data about the actions performed by applications on your
computer and submits this information to other components for improved
protection. Make sure the System Watcher component is enabled and configure it. When the start of cryptoware or its activity is detected, Kaspersky Internet Security 2015 terminates the process. The file from which the process was started is quarantined.
4. Configure Firewall
All network connections on your computer are monitored by Firewall. Firewall
assigns a specific status to each connection and applies packet and
network rules for filtering network activity depending on that status.
Using Firewall, block the Internet access to Low Restricted, High Restricted, and Untrusted applications.
This will not allow cryptoware receive unique encryption keys from the
Internet, therefore they will not be able to encrypt files.
5. File types
| File type | Extension |
|---|---|
Documents
|
.doc .docx .pdf |
| .ppt .pptx .rtf | |
| .odt .odp .ods | |
| .djvu | |
Images
|
.jpg .jpeg .bmp |
| .gif .png .psd | |
| .cdr .dwg .max | |
| .3ds | |
Archives
|
.rar .zip .7z |
| .tar .gz | |
Multimedia
|
.avi .mp3 .wav |
| .mkv .flac .mp4 | |
| .mov .wmv | |
Databases
|
.mdb .1cd .sqlite |
| .sql | |
Other
|
.kwm .iso .torrent |
| .php .c .cpp | |
| .pas .cer .key | |
| .pst .lnk | |
No comments:
Post a Comment