About Kaspersky solutions
- Comparison of subscription plans
- Hardware and software requirements
- Compatibility with other Kaspersky applications
- What's new in the latest version of the application
- Limited free version of Kaspersky application
Data provision
- Data provision under the End User License Agreement
- Data provision under the End User License Agreement on the territory of the European Union, the United Kingdom, Brazil, Vietnam, or by California residents
- Data provision to Kaspersky Security Network
- Saving data to the application operation report
- Locally processed data
- Saving data for Customer Service
- About using the application in the European Union, the United Kingdom, Brazil, Vietnam, or by California residents
How subscription works
- How to buy a subscription
- How to manage your subscription using your My Kaspersky account
- How to cancel the subscription
- How to set a different payment method
How to activate a subscription on your device
- If you purchased a subscription from Kaspersky website
- If you purchased a box or an activation card
- Activating your subscription if the application is already installed on your device
How to install or remove the application
- How to install the application
- Installing over other Kaspersky applications
- Kaspersky Protection browser extension
- How to uninstall the application
- How to update the application
How to protect more devices
Basic functionality of the application
- Assessing computer protection status and resolving security issues
- How to fix security issues on your PC
- Security news
- Application activity log and detailed report
- How to configure the application interface
- How to restore the default settings of the application
- How to apply the application settings on another computer
- How to pause and resume computer protection
- Evaluating Kaspersky application
- Searching the functionality of the application
- Store
Security
- Scanning the computer
- Updating anti-virus databases and application modules
  - About updating databases and application modules
  - How to start an update of databases and application modules
- Intrusion Prevention
- Weak Settings Scan
- Network Monitor
- Pre-Kaspersky virus removal
- How to restore a deleted or disinfected file
- Protecting email
  - Configuring Mail Anti-Virus
- Participating in Kaspersky Security Network
  - How to enable or disable participation in Kaspersky Security Network
  - How to check the connection to Kaspersky Security Network
- Protection using Antimalware Scan Interface (AMSI)
- Remote management of computer protection
Performance
- Quick Startup
- PC Speed-Up
- App Updater
- Duplicates
- Large Files
- Unused Apps
- Hard Drive Health Monitor
- Backup and Restore
- Current Activity
- Do not Disturb Mode
- Game mode
- Battery Saver
- Optimizing the load on the operating system
Privacy
- Kaspersky VPN
- Data Leak Checker
- Private Browsing
- Password Manager
- Safe Money
- Webcam and Mic Control
- Detection of stalkerware and other applications
- Anti-Banner
- Unwanted App Installation Blocker
- How to change Application Manager settings
- Adware Remover
- Secret Vault
- File Shredder
- Privacy Cleaner
- Protection using hardware virtualization
  - About protection using hardware virtualization
  - How to enable protection using hardware virtualization
- Protecting personal data on the Internet
Identity
- Identity Protection Wallet
- Remote Access Detection
- Identity Theft Check
- Premium Support Services
Home Wi-Fi
- Smart Home Monitor
- Wi-Fi Analyzer
How to uninstall incompatible applications
Using the application from the command prompt
Contacting Customer Service
- How to get support
- Collecting information for Customer Service
Limitations and warnings
Other sources of information about the application
Network settings for interaction with external services
Information about third-party code
Trademark notices

About Kaspersky solutions

Our new solutions embody our vision of modern-day cybersecurity. In addition to new names, you will find a brand new user interface, and a host of new functionality.

Solutions are presented by several plans. The plans differ by level of protection, and by the number of features and services made available to users. Plans contain both new and time-tested features which fall into three categories.

Explore the features available to you in each category:

Security
Performance
Privacy
Identity
Home Wi-Fi

In this section

Comparison of subscription plans

Functionality	Standard	Plus	Premium
Security
Quick Scan
Full Scan
Selective Scan
Removable Drive Scan
Background Scan
Vulnerability Scan
File Anti-Virus
Safe Browsing
Mail Anti-Virus
Update of databases and application modules
Reports
Quarantine
Microsoft Windows Troubleshooting
Emergency Recovery
Exploit Prevention
System Watcher
Weak Settings Scan
Network Attack Blocker
URL Advisor
Kaspersky Protection extension
Intrusion Prevention
Firewall
Network Monitor
Smart Home Monitor	–
Anti-Phishing
Security news
Performance
Quick Startup
PC Speed-Up
Duplicates
Large Files
Unused Apps
App Updater
Current Activity
Game mode
Do not Disturb Mode
Battery Saver
Hard Drive Health Monitor	–
Backup and Restore	–
Privacy
Data Leak Checker	single account
Private Browsing
Safe Money
Webcam and Mic Control
Stalkerware Detection
Unwanted App Installation Blocker
Adware Remover
Anti-Banner
Privacy Cleaner
Kaspersky VPN (not available in some regions)
Password Manager	–
File Shredder	–
Secret Vault	–
Identity	–	–
Identity Protection Wallet	–	–
Remote Access Detection	–	–
Identity Theft Check	–	–
Premium Support Services	–	–
Home Wi-Fi
Smart Home Monitor	–
Wi-Fi Analyzer	–	–

Operating system	CPU	Free RAM	Restrictions
Microsoft Windows 11 Home (21H2, 22H2, 23H2)	1 GHz or higher	4 GB (for a 64-bit operating system)	Windows Subsystem for Linux 2 (WSL2) is not supported.
Microsoft Windows 11 Enterprise (21H2, 22H2, 23H2)
Microsoft Windows 11 Pro (21H2, 22H2, 23H2)
Microsoft Windows 10 Home (versions: 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004, 20H2, 21H1, 21H2, 22H2)	1 GHz or higher	1 GB (for 32-bit operating systems) or 2 GB (for 64-bit operating systems)	Windows Subsystem for Linux 2 (WSL2) is not supported.
Microsoft Windows 10 Enterprise (versions: 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004, 20H2, 21H1, 21H2, 22H2)
Microsoft Windows 10 Pro (versions: 1507, 1511, 1607, 1703, 1709, 1803, 1809, 1903, 1909, 2004, 20H2, 21H1, 21H2, 22H2)
Microsoft Windows 8.1 (Service Pack 0 or later, Windows 8.1 Update)	1 GHz or higher	1 GB (for 32-bit operating systems) or 2 GB (for 64-bit operating systems)
Microsoft Windows 8.1 Pro (Service Pack 0 or later, Windows 8.1 Update)
Microsoft Windows 8.1 Enterprise (Service Pack 0 or later, Windows 8.1 Update)
Microsoft Windows 8 (Service Pack 0 or later)	1 GHz or higher	1 GB (for 32-bit operating systems) or 2 GB (for 64-bit operating systems)
Microsoft Windows 8 Pro (Service Pack 0 or later)
Microsoft Windows 8 Enterprise (Service Pack 0 or later)
Microsoft Windows 7 Starter (Service Pack 1 or later)	1 GHz or higher	1 GB (for 32-bit operating systems) or 2 GB (for 64-bit operating systems)
Microsoft Windows 7 Home Basic (Service Pack 1 or later)
Microsoft Windows 7 Home Premium (Service Pack 1 or later)
Microsoft Windows 7 Professional (Service Pack 1 or later)
Microsoft Windows 7 Ultimate (Service Pack 1 or later)

Command name	Value	Example
/s	Non-interactive (silent) mode: dialog boxes are not displayed during installation.	saas21.exe /s
/mybirthdate=YYYY‑MM‑DD	Birth date. If you are younger than 16, installation is not performed. This option is: Required for non-interactive installation Optional for installing the application in OEM mode	saas21.exe /mybirthdate=1986‑12‑23
/l	Selecting the language used for installing the multi-language version.	saas21.exe /len-us
/t	Folder where the installation log is saved.	saas21.exe /tC:\KasperskyLab
/p<property>=<value>	Sets installation properties.	saas21.exe /pALLOWREBOOT=1 /pSKIPPRODUCTCHECK=1
/h	Display help.	saas21.exe /h

Type	Name	Description
Client-IRC	IRC clients	People install these apps to communicate with each other in Internet Relay Chats (IRC). Criminals can use these apps to spread malware.
Dialer	Autodialers	Allow covertly establishing phone connections over a modem. Criminals can use software of this type to make calls from the user's device, which can cause financial damage to the user.
Downloader	Downloaders	Allow covertly downloading files from web pages. Criminals can use such software to download malware to your computer.
Monitor	Monitor apps	Allow monitoring the activity of the computer on which they are installed (tracking which applications are running and how they are exchanging data with apps on other computers). Criminals can use these to spy on the user's device.
PSWTool	Password recovery tools	Enable users to see and recover forgotten passwords. Criminals secretly deploy these apps on people's computers for the same purpose.
RemoteAdmin	Remote administration tools	Widely used by system administrators to get access to remote computers’ interfaces to monitor and control them. Criminals covertly deploy these apps on people's computers for the same purpose, to spy on remote computers and control them. Legitimate remote administration tools are different from backdoors (remote control Trojans). Backdoors can infiltrate a system and install themselves there on their own, without the user's permission, whereas legitimate apps do not have this functionality.
Server-FTP	FTP servers	Operate as FTP servers. Criminals can deploy them on your computer to open remote access to it using the FTP protocol.
Server-Proxy	Proxy servers	Operate as proxy servers. Criminals deploy them on a computer to use it for sending out spam.
Server-Telnet	Telnet servers	Operate as Telnet servers. Criminals deploy them on a computer to open remote access to it using the Telnet protocol.
Server-Web	Web servers	Operate as web servers. Criminals can deploy them on your computer to open remote access to it using the HTTP protocol.
RiskTool	Local tools	They give users additional capabilities for managing their computers (enabling them to hide files or active application windows, or to close active processes). This group includes miners that can be covertly installed and consume large amounts of computational resources. Criminals can use all actions described above to conceal malware installed on your device or make its detection harder.
NetTool	Network tools	They give the users of computers on which they are installed additional capabilities for interacting with other computers on the network (restart remote computers, find open ports, launch applications installed on those computers). All actions listed above can be used for malicious purposes.
Client-P2P	P2P network clients	Enable people to use P2P (Peer-to-Peer) networks. They can be used by criminals to spread malware.
Client-SMTP	SMTP clients	Can covertly send emails. Criminals deploy them on a computer to use it for sending out spam.
WebToolbar	Web toolbars	Add search engine toolbars to the interface of other apps. Often spread with the help of malware or adware.

Address	Description
`activation-v2.kaspersky.com/activationservice/activationservice.svc` Protocol: `HTTPS` Port: `443`	Activating the application.
`s00.upd.kaspersky.com` `s01.upd.kaspersky.com` `s02.upd.kaspersky.com` `s03.upd.kaspersky.com` `s04.upd.kaspersky.com` `s05.upd.kaspersky.com` `s06.upd.kaspersky.com` `s07.upd.kaspersky.com` `s08.upd.kaspersky.com` `s09.upd.kaspersky.com` `s10.upd.kaspersky.com` `s11.upd.kaspersky.com` `s12.upd.kaspersky.com` `s13.upd.kaspersky.com` `s14.upd.kaspersky.com` `s15.upd.kaspersky.com` `s16.upd.kaspersky.com` `s17.upd.kaspersky.com` `s18.upd.kaspersky.com` `s19.upd.kaspersky.com` `cm.k.kaspersky-labs.com` Protocol: `HTTPS` Port: `443`	Updating databases and application software modules.
`downloads.upd.kaspersky.com` Protocol: `HTTPS` Port: `443`	Updating databases and application software modules. Verifying access to Kaspersky servers. If access to the servers using system DNS is not possible, the application uses public DNS. This is necessary to make sure anti-virus databases are updated and the level of security is maintained for the computer. Kaspersky application uses the following list of public DNS servers in the following order: Google Public DNS (8.8.8.8). Cloudflare DNS (1.1.1.1). Alibaba Cloud DNS (223.6.6.6). Quad9 DNS (9.9.9.9). CleanBrowsing (185.228.168.168). Requests sent by the application may contain addresses of domains and the public IP address of the user because the application establishes a TCP/UDP connection with the DNS server. This information is needed, for example, to validate the certificate of a web resource when using HTTPS. If Kaspersky application is using a public DNS server, data processing is governed by the privacy policy of the relevant service. If you want to prevent Kaspersky application from using a public DNS server, contact Customer Service for a private patch.
`touch.kaspersky.com` Protocol: `HTTP`	Receiving the trusted time for checking the validity period of the certificate (TLS connection). Warning that access to a web resource is denied in the browser when Safe Browsing enabled.
`p00.upd.kaspersky.com` `p01.upd.kaspersky.com` `p02.upd.kaspersky.com` `p03.upd.kaspersky.com` `p04.upd.kaspersky.com` `p05.upd.kaspersky.com` `p06.upd.kaspersky.com` `p07.upd.kaspersky.com` `p08.upd.kaspersky.com` `p09.upd.kaspersky.com` `p10.upd.kaspersky.com` `p11.upd.kaspersky.com` `p12.upd.kaspersky.com` `p13.upd.kaspersky.com` `p14.upd.kaspersky.com` `p15.upd.kaspersky.com` `p16.upd.kaspersky.com` `p17.upd.kaspersky.com` `p18.upd.kaspersky.com` `p19.upd.kaspersky.com` `downloads.kaspersky-labs.com` `cm.k.kaspersky-labs.com` Protocol: `HTTP` Port: `80`	Updating databases and application software modules.
`ds.kaspersky.com` Protocol: `HTTPS` Port: `443`	Using Kaspersky Security Network.
`ksn-a-stat-geo.kaspersky-labs.com` `ksn-file-geo.kaspersky-labs.com` `ksn-verdict-geo.kaspersky-labs.com` `ksn-url-geo.kaspersky-labs.com` `ksn-a-p2p-geo.kaspersky-labs.com` `ksn-info-geo.kaspersky-labs.com` `ksn-cinfo-geo.kaspersky-labs.com` Protocol: `Any` Port: `443`, `1443`	Using Kaspersky Security Network.
`click.kaspersky.com` `redirect.kaspersky.com` Protocol: `HTTPS`	Follow links from the interface.

Port	Protocol	Vulnerability
22	SSH	Full access
23	Telnet	Full access
992	Telnet over TLS/SSL	Full access
2323	2323/TCP as an alternate port for Telnet	Full access

Configure application settings	Change application settings in the main window, the Settings window, Notification Center and notifications. Enable and disable application traces.
Manage Backup and Restore	Create, modify and remove Backup and Restore jobs.
Manage children's protection	Block startup of Kaspersky Safe Kids using the Host Intrusion Prevention component, exit Kaspersky application or configure Kaspersky application so as to disable protection. When trying to download, install, or launch Kaspersky Safe Kids, the password is not requested.
Exit the application	Exit the application.
Remove / modify / restore the application	Remove, modify and restore the application.
Remove key	Remove or modify an activation code and reserve activation code.
View reports	Go to the Reports window.
Disable protection components	Disable and enable protection components available in the Settings window.

Action	Description
Inherit	The application or group inherits the response from the parent group.
Allow	Kaspersky application allows applications included in the selected group to access the resource.
Deny	Kaspersky application does not allow applications included in the selected group to access the resource.
Ask user	If the Perform recommended actions automatically check box is selected under Settings → Security settings → Exclusions and actions on object detection, Kaspersky application automatically selects the action to take on this resource based on the rules created by Kaspersky experts. You can follow the footnote to read about exactly which action will be selected. If the check box is cleared, Kaspersky application asks the user whether or not to allow this application to access the resource.
Log events	Besides the specified response, Kaspersky application logs information about the application's attempts to access the resource and records the information in a report.

Settings	Description
Security level	Kaspersky application uses various sets of settings for scanning. The sets of settings that are stored in the application are called security levels: Extreme. Kaspersky application scans all types of files. When scanning compound files, the application also scans mail-format files. Optimal. Kaspersky application scans only specified file formats on all hard drives, network drives, removable storage media of the computer, and embedded OLE objects. The application does not scan archives and installation packages. Low. Kaspersky application only scans new and changed files with certain file extensions on all of the computer’s hard drives, removable drives, and network drives. The application does not scan compound files.
Action on threat detection	Ask user. If Kaspersky application detects an infected or probably infected object during a scan, it immediately notifies you of this event and prompts you for an action to take on the detected object. This option is available if the Perform recommended actions automatically check box is cleared under Settings → Security settings → Exclusions and actions on object detection. Select action automatically. When infected or probably infected objects are detected, Kaspersky application performs the action that is recommended by Kaspersky specialists: Kaspersky application first tries to disinfect an infected object. If disinfection fails, it deletes the file. Kaspersky application deletes a probably infected object if the Delete malicious tools, adware, auto-dialers and suspicious packers check box is selected. If the check box is cleared, the application does not delete a probably infected object. Instead, a notification about the detection of this object is displayed in the Notification Center (click the Details button in the main application window to open it). This option is available if the Perform recommended actions automatically check box is selected under Settings → Security settings → Exclusions and actions on object detection. Disinfect, delete if disinfection fails. If this option is selected, the application automatically attempts to disinfect all infected files that are detected. If disinfection fails, the application deletes the objects. Disinfect, block if disinfection fails. If you select this action, then Kaspersky application will automatically try to disinfect all infected files that it finds. If disinfection fails, the application will add information about the infected files that it finds to the list of detected objects. Inform. If this option is selected, Kaspersky application will add information about infected files that it finds to the list of detected objects. Before attempting to disinfect or delete an infected file, the application creates a backup copy in case you subsequently need to restore the file or it becomes possible to disinfect it later.
Edit scan scope (not available in the Context Menu Scan settings)	Clicking the link opens a window with a list of objects that Kaspersky application can scan. Depending on the type of scan (Full Scan, Quick Scan or Selective Scan), various objects will be included by default in the list. You can add objects to the list or delete the objects that you add. To remove an object from the scan, you do not have to delete the object from the list. All you need to do is clear the check box next to the object name.
Scan schedule (not available in the Context Menu Scan settings)	Manually. Run mode in which you can start scan manually at a time when it is convenient for you. By schedule. Scan run mode in which the application runs the scan task according to the schedule you have created. If you select this scan run mode, you can also run the scan task manually.
Run scan as	Clicking the link opens a window in which you can choose to run the scan with a particular user’s rights. By default the scan task is run in the name of the user with whose rights you are registered in the operating system. The protection scope may include network drives or other objects that require special rights to access. You can specify a user that possesses the required rights in the application settings and run the scan task on behalf of this user.
File types	Kaspersky application treats files without extensions as executables. The application always scans them, regardless of the file types you have selected for scanning. All files. If this setting is enabled, Kaspersky application scans all files without exception (all formats and extensions). Files scanned by format. If you select this setting, the application will scan only potentially infected files A file that, due to its structure or format, can be used by criminals as a "container" to store and spread malicious code. As a rule, they are executable files, for example, files with the extensions COM, EXE, DLL, etc. The risk of penetration of malicious code into such files is quite high. A file that, due to its structure or format, can be used by criminals as a "container" to store and spread malicious code. As a rule, they are executable files, for example, files with the extensions COM, EXE, DLL, etc. The risk of penetration of malicious code into such files is quite high. . Before searching for malicious code in a file, its internal header is analyzed to determine the file format (for example, TXT, DOC, EXE). The scan also looks for files with particular file extensions. Files scanned by extension. If you select this setting, the application will scan only potentially infected files. The file format is determined based on the extension of a file.
Scan only new and modified files	Scans only new files and those files that have been modified since the last time they were scanned. This will allow you to save time performing the scan. This scan mode applies both to simple and compound files.
Skip file that is scanned for longer than N seconds	Limits the duration for scanning a single object. After the specified amount of time has run out, the application will stop the file scan. This will allow you to save time performing the scan.
Scan archives	Scan ZIP, GZIP, BZIP, RAR, TAR, ARJ, CAB, LHA, JAR, ICE and other archives. The application scans archives not only by their extension, but by their format as well. When checking archives, the application performs a recursive unpacking. This allows to detect threats inside multi-level archives (archive within an archive).
Scan distribution packages	The check box enables/disables the scanning of third-party distribution packages.
Scan files in Microsoft Office formats	Scans Microsoft Office files (DOC, DOCX, XLS, PPT and other Microsoft extensions). Office format files also include OLE objects. Kaspersky application scans office format files that are smaller than 1 MB, regardless of whether the check box is selected or not.
Scan email format files	This check box enables / disables the option for Kaspersky application to scan files in email formats and mail databases. The application fully scans only Microsoft Outlook, Windows Mail/Microsoft Outlook Express and EML mail file formats, and only if the computer has the Microsoft Outlook x86 mail client. If this check box is selected, Kaspersky application parses the email format file and analyzes each component (body, attachments) for viruses. If this check box is cleared, Kaspersky application scans the email format file as a single object.
Scan password-protected archives	If the check box is selected, the application scans password-protected archives. Before files contained in the archive can be scanned, a request for password will be displayed on the screen. If the check box is not selected, the application skips scanning password-protected archives.
Do not unpack large compound files Maximum file size	If the check box is selected, the application does not scan compound files that are larger than the specified value. If this check box is cleared, the application scans compound files of all sizes. The application scans large files that are extracted from archives regardless of whether the check box is selected or not.
Heuristic analysis	A technique for detecting threats that cannot be identified using the current version of Kaspersky application databases. It allows you to find files that may contain unknown malware or a new modification of a known malware program. When scanning files for malicious code, the heuristic analyzer executes instructions in the executable files. The number of instructions that are executed by the heuristic analyzer depends on the level that is specified for the heuristic analyzer. The heuristic analysis level sets the balance between the thoroughness of searches for new threats, the load on the operating system resources, and the time required for heuristic analysis.
iSwift Technology	This technology is a development of the iChecker technology for computers using the NTFS file system. There are limitations to iSwift Technology: it is bound to a specific file's location in the file system and works only with objects in the NTFS file system. When you upgrade Kaspersky application to a new version, the iSwift technology is enabled for all scan types, even if it was previously disabled.
iChecker Technology	This technology allows increasing scan speed by excluding certain files from scanning. Files are excluded from the scan using a special algorithm that takes into account the release date of Kaspersky application databases, the date when the file was scanned last, and any changes made to the scan settings. There are limitations to iChecker Technology: it does not work with large files and applies only to files with a structure that the application recognizes (for example, EXE, DLL, LNK, TTF, INF, SYS, COM, CHM, ZIP, and RAR).

Settings	Description
Action on a removable drive connection	Quick Scan. If you select this option, then after you connect an external device, Kaspersky application will only scan files with certain formats that are the most susceptible to infection and are located in the root folder. Also, Quick Scan does not include decompressing and scanning of archives. Detailed Scan. If this check box is selected, then after you connect an external device, Kaspersky application will scan all files located in every folder of the external device. Also, it decompresses and scans archives, except for the password protected ones.
Maximum removable drive size	If this check box is selected, Kaspersky application will scan all external devices that do not exceed the specified maximum size. If this check box is cleared, Kaspersky application scans external devices of all sizes.
Show scan progress	If this check box is selected, Kaspersky application shows the progress of external device scans in a separate window and in the running scan window.
Block the stopping of the scan task	If this check box is selected, the Stop button is unavailable for external device scans in the running scan window.

Settings	Description
Security level	The application uses various groups of settings to run Safe Browsing. The sets of settings that are stored in the application are called security levels: Extreme. The web traffic security level that Safe Browsing uses to thoroughly scan web traffic that is received by the computer over the HTTP and FTP protocols. Safe Browsing performs a detailed scan of all web traffic objects using the full set of application databases, and it also performs the deepest heuristic analysis A technique for detecting threats that cannot be identified using the current version of Kaspersky application databases. It allows you to find files that may contain unknown malware or a new modification of a known malware program. . Optimal. The web traffic security level that strikes the optimal balance between Kaspersky application performance and web traffic security. Safe Browsing performs a heuristic analysis at the medium level. This web traffic security level is recommended by Kaspersky specialists. Low. The web traffic security level whose settings ensure the maximum web traffic scanning speed. Safe Browsing performs a heuristic analysis at the light level.
Action on threat detection	Inform. Safe Browsing informs you of detection of an infected or probably infected object and prompts you for the action to take on it. This option is available if the Perform recommended actions automatically check box is cleared under Settings → Security settings → Exclusions and actions on object detection. Perform action automatically. Safe Browsing selects an action automatically based on the current settings. If a web resource is listed as an exclusion, or it contains no infected or probably infected objects, Safe Browsing allows access to it. If a scan performed by Safe Browsing detects an infected or probably infected object in the web resource, access to the web resource is blocked. This option is available if the Perform recommended actions automatically check box is selected under Settings → Security settings → Exclusions and actions on object detection. Block. If you select this option, then if an infected object is discovered in web traffic, Safe Browsing blocks access to this object and displays a message in the browser.
Scan methods Check the web address against the database of malicious web addresses	Scanning the links to determine whether they are included in the database of malicious links allows you to track websites that have been added to denylist. The database of malicious links is generated by Kaspersky specialists. It forms part of the software distribution kit, and it is updated together with Kaspersky application databases.
Check the web address against the database of web addresses containing adware	An example could be software that redirects your search query in the Internet to an advertising website. This way, you get to an advertising website instead of the web resource that is most relevant to your search query.
Check the web address against the database of web addresses containing legitimate applications that can be used by intruders to damage your computer or personal data	An example of this category could be a remote administration tool which is legally used for troubleshooting by system administrators. A criminal can install such a tool on your computer without your knowledge to gain access to your computer and use it for criminal purposes. Kaspersky application allows downloading such applications by clicking links on web pages. Single-use links are an exception. You cannot use them to download legitimate applications that hackers can use to cause harm to your computer or your data.
Use heuristic analysis	A technique for detecting threats that cannot be identified using the current version of Kaspersky application databases. It allows you to find files that may contain unknown malware or a new modification of a known malware program. When web traffic is scanned for viruses and other applications that present a threat, the heuristic analyzer performs instructions in the executable files. The number of instructions that are executed by the heuristic analyzer depends on the level that is specified for the heuristic analyzer. The heuristic analysis level sets the balance between the thoroughness of searches for new threats, the load on the operating system resources, and the time required for heuristic analysis.
Anti-Phishing Check the web address against the database of phishing and fake crypto web addresses (or Check the web address against the database of phishing web addresses)	The contents of the phishing link and fake cryptocurrency exchange database include the web addresses of currently known websites that are used for phishing attacks. Kaspersky supplements this database with addresses obtained from the international organization Anti-Phishing Working Group. The database of phishing links and fake cryptocurrency exchanges forms part of the software distribution kit, and it is updated together with Kaspersky application databases.
Use heuristic analysis	A technique for detecting threats that cannot be identified using the current version of Kaspersky application databases. This enables detection of phishing even if the URL is not in the database of phishing web addresses.
Check URLs	The URL Advisor component checks links on a web page opened in Chromium-based Microsoft Edge, Google Chrome, or Mozilla Firefox. Kaspersky application displays one of the following icons next to the checked link: – if the linked web page is safe according to Kaspersky; – if there is no information about the safety status of the linked web page; – if according to Kaspersky, hackers can cause harm to your computer or your data by using the web page that the link leads to; – if according to Kaspersky, the web page that the link leads to can be infected or hacked; – if the linked web page is dangerous according to Kaspersky. To view a pop-up window with more details on the link, move the mouse pointer to the corresponding icon.
On all websites except those specified Manage exclusions	When this option is selected, the application scans links on all websites except those that are indicated in the Exclusions window. The Exclusions window is opened by clicking the Manage exclusions link.
On specified websites only Configure checked websites	When this option is selected, Kaspersky application scans links only on those websites that are indicated in the Checked websites window. The Checked websites window is opened by clicking the Configure checked websites link.
Configure URL Advisor	All URLs. The application scans links on all types of web pages. Only URLs in search results. The application scans links on web pages containing search results received from search engines.
Website categories	If the Show information on the categories of website content check box is selected, the application adds to the link comments to indicate whether the website belongs to one of the indicated categories (for example, Violence, intolerance or Adult content). You can remove check boxes next to the categories that do not require warnings.
Do not scan web traffic from trusted URLs	If the check box is selected, Safe Browsing does not scan the contents of web pages/websites whose addresses are included in the list of trusted web addresses. You can add both specific web pages/website addresses as well as web page/website address masks to the list of trusted web addresses. The list of trusted web addresses is available in the Trusted URLs window, which can be opened by clicking the link from the trusted URLs.

Settings	Description
Security level	Kaspersky application uses various groups of settings to run Mail Anti-Virus. The sets of settings that are stored in the application are called security levels: Extreme. When this mail security level is selected, Mail Anti-Virus applies maximum scrutiny to messages. Mail Anti-Virus scans incoming and outgoing mail messages, and it also performs a deep heuristic analysis. The High mail security level is applied when working in a dangerous computing environment. An example of such an environment is a connection to a free email service from a home network that is not guarded by centralized email protection. Optimal. The mail security level that strikes the optimal balance between Kaspersky application performance and mail security. Mail Anti-Virus scans incoming and outgoing mail messages, and it also performs a medium-level heuristic analysis. This mail security level is recommended by Kaspersky specialists. Low. This is the mail security level that Mail Anti-Virus uses only to scan incoming mail messages as well as to perform a surface heuristic analysis. It does not use this level to scan archives that are attached to messages. When this mail security level is selected, the Mail Anti-Virus component scans email messages as fast as possible and consumes the least amount of operating system resources. The Low mail security level is recommended to be used when working in a reliably protected environment. An example of such an environment might be a local network with centralized email security.
Action on threat detection	Ask user. Mail Anti-Virus informs you of detection of an infected or probably infected object, prompting you for further actions to take on this object. This option is available if the Perform recommended actions automatically check box is cleared under Settings → Security settings → Exclusions and actions on object detection. Select action automatically. When infected or probably infected objects are detected, Mail Anti-Virus automatically performs the action that is recommended by Kaspersky specialists. For infected objects, this action is Disinfect. This value is selected by default. Before attempting to disinfect or delete an infected object, Mail Anti-Virus creates a backup copy in case there is a later need to restore the object or possibility of disinfecting it. This option is available if the Perform recommended actions automatically check box is selected under Settings → Security settings → Exclusions and actions on object detection. Disinfect, delete if disinfection fails. If an infected object is detected in an incoming or outgoing message, Kaspersky application tries to disinfect the discovered object. The user will be able to access the message with a secure attachment. However, if Kaspersky application is unable to disinfect the object, then it will delete it. Kaspersky application adds information about the performed action in the message subject: [Message has been processed] <message subject>. Disinfect, block if disinfection fails. If an infected object is detected in an incoming message, Kaspersky application tries to disinfect the discovered object. The user will be able to access the message with a secure attachment. If the object cannot be disinfected, Kaspersky application will add a warning to the message subject. The user will be able to access the message with the original attachment. If an infected object is detected in an outgoing message, Kaspersky application will try to disinfect the discovered object. If Kaspersky application is not able to disinfect the object, it will block the message from being sent, and the mail client will display an error message. Block. If an infected object is detected in an incoming message, Kaspersky application will add a warning to the message subject. The user will be able to access the message with the original attachment. If an infected object is detected in an outgoing message, Kaspersky application will block the message from being sent, and the mail client will display an error.
Protection scope	The Protection scope includes objects that the component checks when it is run: incoming and outgoing messages or incoming messages only. In order to protect your computers, you need only scan incoming messages. You can turn on scanning for outgoing messages to prevent infected files from being sent in archives. You can also turn on the scanning of outgoing messages if you want to prevent files in particular formats from being sent, such as audio and video files, for example.
Scan POP3, SMTP, NNTP, and IMAP traffic	This check box enables/disables the scanning by Mail Anti-Virus of mail traffic that is sent over the POP3, SMTP, NNTP and IMAP protocols.
Connect Microsoft Outlook extension	If the check box is selected, email messages transmitted via the POP3, SMTP, NNTP, and IMAP protocols will be scanned using the extension that is integrated into Microsoft Outlook. If email is scanned using the extension for Microsoft Outlook, it is recommended to use Cached Exchange Mode. You can find more details about the Cached Exchange Mode and recommendations for how to use it in the Microsoft Knowledge Base.
Heuristic analysis	A technique for detecting threats that cannot be identified using the current version of Kaspersky application databases. It allows you to find files that may contain unknown malware or a new modification of a known malware program. When scanning files for malicious code, the heuristic analyzer executes instructions in the executable files. The number of instructions that are executed by the heuristic analyzer depends on the level that is specified for the heuristic analyzer. The heuristic analysis level sets the balance between the thoroughness of searches for new threats, the load on the operating system resources, and the time required for heuristic analysis.
Scan attached files of Microsoft Office formats	Scans Microsoft Office files (DOC, DOCX, XLS, PPT and other Microsoft extensions). Office format files also include OLE objects. Kaspersky application scans office format files that are smaller than 1 MB, regardless of whether the check box is selected or not.
Scan attached archives	Scan ZIP, GZIP, BZIP, RAR, TAR, ARJ, CAB, LHA, JAR, ICE and other archives. The application scans archives not only by their extension, but by their format as well. When checking archives, the application performs a recursive unpacking. This allows to detect threats inside multi-level archives (archive within an archive).
Do not scan archives larger than	If this check box is selected, Mail Anti-Virus excludes archives that are attached to mail messages from scanning if their size exceeds the value that you have specified. If the check box is cleared, Mail Anti-Virus scans archives of any size that are attached to mail messages.
Limit the time for checking archives to	If the check box is selected, then the amount of time that is needed to scan archives that are attached to mail messages will be limited to the specified period.
Attachment filter	The attachment filter does not work for outgoing mail messages. Disable filtering. If you select this option, Mail Anti-Virus will not filter files that are attached to mail messages. Rename attachments of selected types. If you select this option, Mail Anti-Virus will replace the last extension character found in the attached files of the specified types with the underscore character (for example, attachment.doc_). Thus, in order to open the file, the user must rename the file. Delete attachments of selected types. If you select this option, Mail Anti-Virus will delete files of the specified types that are attached to mail messages. You can specify the types of attached files that you must rename or delete from Email messages in the file mask list.

Settings	Description
Quick Startup	If this check box is selected, the application automatically searches for applications that run at operating system startup. When the analysis is complete, Kaspersky application displays a notification with information about discovered applications. Details.
PC Speed-Up	If this check box is selected, the application automatically searches for unused operating system files and Windows Registry faults. When the search is complete, Kaspersky application displays a notification with information about search results. Details.
Duplicates	If this check box is selected, the application automatically searches for files that have the same name and the same contents. When the search is complete, Kaspersky application displays a notification with information about discovered duplicates. Details.
Large Files	If this check box is selected, the application automatically searches for large files. By default, this means files larger than 1 GB. When the search is complete, Kaspersky application displays a notification with information about discovered large files. Details.
Unused Apps	If this check box is selected, a monthly automatic search is performed to find applications that have not been used for over three months. When the search is complete, Kaspersky application displays a notification with information about discovered unused applications. Details.
Launch Kaspersky at computer startup (recommended)	When the check box is selected, Kaspersky application is started after the operating system loads, protecting the computer during the entire session. When the check box is cleared, Kaspersky application is not started after the operating system loads, until the user starts it manually. Computer protection is disabled and user data may be exposed to threats.
Battery Saver	If the check box is selected, energy conservation mode is enabled. Kaspersky application postpones scheduled tasks. You can start scan and update tasks manually, if necessary.
Game Mode	If the check box is selected, Kaspersky application does not run scan or update tasks and does not display notifications when you play games or run applications in full-screen mode.
Do not Disturb Mode	If this check box is selected, Kaspersky application does not display notifications about events that occur during video calls, when watching videos, when working with applications, or using the keyboard. Do not Disturb Mode can also pause some automatically started tasks or delay running scheduled tasks to avoid excessive utilization of computer resources.
Postpone computer scan tasks when the CPU and disk systems are at high load	When Kaspersky application runs schedule tasks, this may result in increased workload on the CPU and disk subsystems, which affects the performance of other applications. When the check box is selected, Kaspersky application suspends scheduled tasks when it detects an increased load and frees up operating system resources for user applications.
Perform hard drive health scan	If this check box is selected, automatic hard drive diagnostics is carried out. Details.
Enable dump writing	If the check box is selected, Kaspersky application writes dumps when it crashes. If the check box is cleared, Kaspersky application does not write dumps. The application also deletes existing dump files from the computer hard drive.
Enable dump and trace files protection	If the check box is selected, access to dump files is granted to the system administrator and local administrator as well as to the user who enabled dump writing. Only system and local administrators can access trace files. If the check box is cleared, any user can access dump files and trace files.

Settings	Description
Perform recommended actions automatically	If the check box is cleared, main components of Kaspersky application work in interactive mode. This means that Kaspersky application asks you to decide which action to take on detected objects and threats if the Ask user option is selected in the settings of File Anti-Virus, Safe Browsing, Mail Anti-Virus, System Watcher, and Intrusion Prevention. If the check box is selected, Kaspersky application automatically chooses the action based on rules defined by Kaspersky experts.
Delete malicious tools, adware, auto-dialers and suspicious packers	If the check box is selected, Kaspersky application deletes malicious tools, adware, auto-dialers and packed files that may contain viruses and other threats in automatic protection mode. The function is available if the Perform recommended actions automatically check box is selected.
Use Advanced Disinfection technology (requires considerable computer resources)	If the check box is selected, a pop-up notification appears on the screen when malicious activity is detected in the operating system. In its notification, Kaspersky application offers the user to perform Advanced Disinfection of the computer. After the user approves this procedure, Kaspersky application neutralizes the threat. After completing the advanced disinfection procedure, Kaspersky application restarts the computer. The advanced disinfection technology uses considerable computing resources, which may slow down other applications. While the application is detecting an active infection, some operating system functionality may not be available (e.g. launching modules of a process running in the background). Availability of the operating system is restored after Advanced Disinfection is complete and the computer is restarted.
Types of detected objects	The application detects various types of objects, such as viruses and worms, Trojans, and adware. For details, please refer to the Kaspersky Encyclopedia.
Detect stalkerware	If this check box is selected, Kaspersky application detects stalkerware applications that help criminals gain access to your location, messages, or websites and social networks you visit.
Detect legitimate apps that intruders can use to damage your computer or personal data	If the check box is selected, Kaspersky application detects legitimate software that can be used by criminals to damage your computer or personal data. This software includes remote administration applications that system administrators can use to access the interface of a remote computer for monitoring or management purposes. Kaspersky application does not detect remote administration applications that are considered as trusted.
Multi-packed objects	If this check box is selected, Kaspersky application detects files that are packed multiple times, including by various packers. Multi-packing makes it more difficult to scan objects.
Manage exclusions	Clicking this link opens the Exclusions window containing a list of scan exclusions. A scan exclusion is a set of conditions that, when fulfilled, cause the application to not scan a particular object for viruses and other threats. You can add, edit, or delete exclusions from the list. In the window for adding or editing an exclusion, you can define specific conditions that, when fulfilled, will prevent objects from being scanned (the application will not scan them): File or folder that should be excluded from scans (you can also exclude executable files of applications and processes). You can use masks in accordance with the following rules: The `` (asterisk) character, which takes the place of any set of characters, except the `\` and `/` characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask `C:\\.txt` will include all paths to files with the TXT extension located in folders on the C: drive, but not in subfolders. Two consecutive `` characters take the place of any set of characters (including an empty set) in the file or folder name, including the `\` and `/` characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask `C:\Folder\*\.txt` will include all paths to files with the TXT extension located in the folder named `Folder` except for the `Folder` itself. The mask must include at least one nesting level. The mask `C:\*\.txt` is not a valid mask. The `?` (question mark) character, which takes the place of any single character, except the `\` and `/` characters (delimiters of the names of files and folders in paths to files and folders). For example, the mask `C:\Folder\???.txt` will include paths to all files residing in the folder named `Folder` that have the TXT extension and a name consisting of three characters. Type of objects that must be excluded from scans. Enter the name of the object type according to the classification of the Kaspersky Encyclopedia (for example, `Email-Worm`, `Rootkit` or `RemoteAdmin`). You can use masks with the `?` character (replaces any single character) and the `` character (replaces any number of characters). For example, if the `Client` mask is specified, the application excludes `Client-IRC`, `Client-P2P` and `Client-SMTP` objects from scans. Object checksum. Comparing the checksum of an object with the checksum indicated in this setting enables the scan to exclude an object that has not been modified since the last scan. Protection components for which the exclusion is applied. Instead of deleting an exclusion from the list, you can change the status of an en exclusion to Inactive (in the window for adding or editing an exclusion). When inactive, the exclusion will not be applied.
Specify trusted applications	Clicking this link opens a window with the list of trusted applications. Kaspersky application does not monitor file activity and network activity of trusted applications (including malicious ones), and does not monitor these applications' queries to the system registry. You can add, edit, or delete trusted applications from the list. Even if an application is on the trusted list, Kaspersky application continues to scan the executable file and process of this application for viruses and other threats. If you do not want to scan the executable file and process of a trusted application, add the application to the list of exclusions. When adding or editing a trusted application, in the Exclusions for application window you can specify rules that will be used by Kaspersky application to monitor the activity of the trusted application. In the Exclusions for application window, the following rules are available: Do not scan opened files. Do not monitor application activity. Intrusion Prevention does not monitor any application activity. Do not inherit restrictions from the (application’s) parent process. If restrictions of a parent process or application are not inherited, application activity is monitored according to your defined rules or according to the rules of the trust group to which the application belongs. Do not monitor the activity of child applications. Do not block interaction with Kaspersky application interface. The application is allowed to manage Kaspersky application by using its graphical interface. You may need to allow the application to manage the interface of Kaspersky application when using a remote desktop connection application or an application supporting the operation of a data input device. Examples of such devices include touch pads and graphic tablets. Do not scan all traffic (or encrypted traffic). Depending on the selected option (Do not scan all traffic or Do not scan encrypted traffic), Kaspersky application excludes all network traffic of the application or traffic transmitted over SSL from being scanned. The value of this setting does not affect Firewall operation: Firewall scans application traffic in accordance with Firewall settings. Exclusions affect Mail Anti-Virus, and Safe Browsing. You can specify the IP addresses or network ports to which the traffic control restriction must apply. If you change the status of an application to Inactive in the Exclusions for application window, Kaspersky application does not treat the application as a trusted application. This way, you can temporarily exclude an application from the trusted list without actually deleting it from the list.

Settings	Description
Limit traffic on metered connections	If this check box is selected, the application limits its own network traffic when the Internet connection is limited. Kaspersky application identifies a high-speed mobile Internet connection as a limited connection and identifies a Wi-Fi connection as an unlimited connection. Cost-Aware Networking works on computers running Windows 8 or higher.
Inject script into web traffic to interact with web pages	If the check box is selected, Kaspersky application injects a web page interaction script into web traffic. This script ensures the operation of such components as Safe Money, Private Browsing, Anti-Banner, and URL Advisor.
Support DNS over HTTPS (DoH)	If the check box is selected, the application correctly processes DNS data transmitted over HTTPS. We do not recommend clearing this check box.
Manage DoH servers	The link opens a window where you can manually add a DoH server through which DNS data will be transferred in a browser. Here you can read about DNS over HTTPS (DoH) and how to add a DoH server.
Monitored ports	Monitor all network ports. In this port monitoring mode, Mail Anti-Virus and Safe Browsing monitor all open ports of your computer. Monitor selected network ports only. In this port monitoring mode, Mail Anti-Virus and Safe Browsing monitor the selected ports of your computer. You can specify the monitored network ports in the Network ports window, which can be opened by clicking the Select link. You can also specify the particular applications where monitoring of all the network ports used by these applications should be enabled: Monitor all ports for the applications from the list recommended by Kaspersky. The list of these applications is specified by default and included in the software package for Kaspersky application. If this check box is selected, Kaspersky application monitors all ports for the following applications: Adobe Acrobat Reader. Apple Application Support. Google Chrome. Microsoft Edge. Mozilla Firefox. Internet Explorer. Java. mIRC. Opera. Pidgin. Safari. Mail.ru Agent. Yandex Browser. Monitor all ports for specified applications. You can specify the applications in the Applications window, which can be opened by clicking the Select link.
Network ports	A list of ports that are normally used for transferring email and web traffic is included in Kaspersky application distribution kit. By default, Kaspersky application monitors traffic passing through all ports from this list. You can add ports to the list or delete them from the list. If the Active value is set in the port line in the Status column, Kaspersky application monitors the traffic passing through this port. If the Inactive value is set in the port line in the Status column, Kaspersky application excludes this port from scans, but does not remove it from the list of ports. You can change the status and other port settings in the window by clicking the Edit button.
Encrypted connections scan	You can select one of the following modes for scanning encrypted connections over SSL: Do not scan encrypted connections. Scan encrypted connections upon request from protection components. Always scan encrypted connections. If the Scan encrypted connections upon request from protection components option is selected, Kaspersky application uses the installed Kaspersky certificate to verify the security of SSL connections if this is required by the Safe Browsing and URL Advisor protection components. If these components are disabled, Kaspersky application does not verify the security of SSL connections. After Kaspersky application verifies an SSL connection, the certificates of websites may not display the name of the organization under which the website is registered. Show certificates. Some well-known sites are now using new root certificates. We consider the connection to such sites safe. This feature allows you to add or remove this certificate from the trusted list. If you do not want the application to verify an SSL connection with a website, you can add the website to the list of exclusions by clicking the Configure trusted addresses link.
Visiting a domain with an encrypted connections scan error	In the drop-down list, you can select the action that the application will perform if a secure connections scan error occurs on a website. Ignore. The application terminates the connection with the website on which the scan error occurred. Ask. The application shows you a notification with a prompt to add a website address to the list of websites on which scan errors occurred. The website address will be checked against the database of malicious objects. Allow and add domain to exclusions. The application adds the website address to the list of websites on which scan errors occurred. The website address will be checked against the database of malicious objects.
Domains with scan errors	List of domains that could not be scanned due to errors when connecting to them. The addresses of the domains were checked against the database of malicious objects.
Configure trusted addresses	Click this link to open the Trusted addresses window, which contains a list of websites that you added as an exclusion for the Safe Browsing and URL Advisor components.
Configure trusted applications	List of applications whose activity is not monitored by Kaspersky application during its operation. You can select the types of application activity that Kaspersky application will not monitor (for example, do not scan network traffic). Kaspersky application supports environment variables, and the `*` and `?` masks.
Block SSL 2.0 connections (recommended)	If the check box is selected, the application blocks network connections established over the SSL 2.0 protocol. If the check box is cleared, the application does not block network connections established over the SSL 2.0 protocol and does not monitor network traffic transmitted over these connections.
Decrypt an encrypted connection with the website that uses EV certificate	EV certificates (Extended Validation Certificates) confirm the authenticity of websites and enhance the security of the connection. Browsers use a lock icon in their address bar to indicate that a website has an EV certificate. Browsers may also fully or partially color the address bar in green. If the check box is selected, the application decrypts and monitors encrypted connections with websites that use an EV certificate. If the check box is cleared, the application does not have access to the contents of HTTPS traffic. For this reason, the application monitors HTTPS traffic only based on the website address, for example, `https://bing.com`. If you are opening a website with an EV certificate for the first time, the encrypted connection will be decrypted regardless of whether or not the check box is selected.
Proxy server settings	Settings of the proxy server used for Internet access of users of client computers. Kaspersky application uses these settings for certain protection components, including for updating databases and application modules. For automatic configuration of a proxy server, Kaspersky application uses the WPAD protocol (Web Proxy Auto-Discovery Protocol). If the IP address of the proxy server cannot be determined by using this protocol, the application uses the proxy server address that is specified in the Microsoft Internet Explorer browser settings.
To scan encrypted connections in applications with their own certificate store, use	If this check box is selected, the application scans encrypted traffic in supported browsers and mail clients. Access to some websites via the HTTPS protocol may be blocked. To scan traffic in Mozilla Firefox and Thunderbird, you must enable Encrypted Connections Scan. If Encrypted Connections Scan is disabled, the application does not scan encrypted traffic in Mozilla Firefox and Thunderbird. The application uses Kaspersky root certificate to decrypt and analyze encrypted traffic. You can select the certificate store that will contain the Kaspersky root certificate. Windows certificate store (recommended). The Kaspersky root certificate is added to this store during installation of Kaspersky application. Own certificate store. Some browsers and mail clients use their own certificate store instead of the Windows certificate store. If you selected the own certificate store, add the Kaspersky root certificate to the store manually through the browser or mail client properties.

Settings	Description
Import	Extract application settings from a file in CFG format and apply them.
Export	Save the current application settings to a file in CFG format.
Restore	You can restore the application settings recommended by Kaspersky experts at any time. When the settings are restored, the Optimal security level is set for all protection components.

Settings	Description
Notify of vulnerabilities in Wi-Fi networks	If this check box is selected, Kaspersky application shows notifications when any vulnerabilities are detected on a Wi-Fi network. This check box can be accessed if Kaspersky VPN Secure Connection is not installed on the computer. If the Block and warn about insecure transmission of passwords over the Internet check box is selected, Kaspersky application blocks the transmission of a password in non-encrypted text format when you fill in the Password field on the Internet. Clicking the Select categories link opens the Categories window in which you can specify the types of vulnerabilities of Wi-Fi networks. The application will alert you when you try to connect to a Wi-Fi network that has a specified vulnerability.
Show devices that are connected to my networks	If the check box is selected, Smart Home Monitor is enabled and functional.
Allow connections on random ports for active FTP mode	If the check box is selected, Firewall allows connections to your computer on random ports if switching to active FTP mode was detected on the host connection.
Do not disable Firewall until the operating system shuts down completely	If this check box is selected, Firewall does not stop working until the operating system shuts down completely.
Block network connections if the user cannot be prompted for action	If this check box is selected, Firewall does not stop when the interface of Kaspersky application is not loaded.
Application rules	Clicking this link opens the Application network rules window. This window displays information related to control of the network activity of applications and application groups. The Intrusion Prevention component regulates the network activity of applications in accordance with network rules of applications and application groups. You can configure permissions for network activity of an application or application group via the menu of a cell in the Network column. The menu items are described in the Intrusion Prevention rules section. By selecting Details and rules in the context menu of a row, you can proceed to configure network rules for an application or application group.
Packet rules	Clicking this link opens the Packet rules window. By default, the window shows predefined network packet rules that are recommended by Kaspersky experts for optimum protection of the network traffic of computers running Microsoft Windows operating systems. Network packet rules serve to impose restrictions on network packets, regardless of the application. Such rules restrict inbound and outbound network traffic through specific ports of the selected data protocol. Network packet rules have higher priority than network rules for applications. How to add or edit a packet rule? Open the main application window. Click in the lower part of the main window. This opens the Settings window. Go to Security settings → Firewall. Define or edit the following settings: Status. Firewall applies only packet rules that have the Active status. You can set the Inactive status to temporarily disable a packet rule without deleting it from the list of packet rules. Name. Name of the rule. Action. Allow. Kaspersky application allows the network connection. Block. Kaspersky application blocks the network connection. By application rules. Kaspersky application does not process the data stream according to a packet rule, but instead applies an application rule (see Application rules above). Direction. Inbound. Kaspersky application applies the rule to network connections opened by a remote computer. Outbound. Kaspersky application applies the rule to the network connection that was opened by your computer. Inbound / Outbound. Kaspersky application applies the rule both to inbound and outbound data packets or streams, regardless of which computer (your computer or a remote computer) initiated the network connection. Inbound (packet). Kaspersky application applies the rule to data packets received by your computer. Outbound (packet). Kaspersky application applies the rule to data packets sent by your computer. Protocol. Protocol used by packet rules. ICMP settings. You can specify the type and code of data packets to be scanned. The settings section is available if the ICMP or ICMPv6 protocols are selected. Remote ports. Ports of a remote computer. Local ports. Ports of your computer. You can specify a range of remote or local ports (for example, `6660–7000`), list multiple ports separated by commas, or combine both methods (for example, `80–83,443,1080`). Address (local and remote). Any address. Subnet addresses. Kaspersky application applies the rule to IP addresses of all networks that are currently connected and are of the specified type (Public, Local or Trusted). The network type can be selected from the drop-down list that is displayed below if the Subnet addresses option is selected. Addresses from the list. Kaspersky application applies the rule to IP addresses within the specified range. Log events. Logging events to Kaspersky application report. Network adapters. Network adapters traversed by network packets. Use TTL. Kaspersky application controls the transmission of network packets whose time to live (TTL) does not exceed the specified value. In the general list of packet rules, the priority of rules is determined from top to bottom, going from the highest priority to the lowest priority. If two rules are mutually exclusive, then the top one will be performed first. If two rules are complementary, the both rules will be performed. To change the rule position in the list, select the rule and use Up and Down buttons on the Packet rules page. To quickly add a rule, you can select one of the predefined templates in the drop-down list in the lower part of the window.
Available networks	Clicking this link opens the Networks window containing a list of network connections that are detected on the computer by Firewall. In the list, you can change the type of network (Public, Trusted or Local) by using the menu in the Network type cell. You can edit network settings in the Network properties window, which can be opened by double-clicking the row of the network. The Public type is assigned to the Internet by default. You cannot change the network type or other settings for the Internet. In the Network properties window, you can edit the following network settings: Network name. Network type. Display of notifications about the following: Connection to the network. Changed MAC address (for example, if the network adapter is replaced). Changed MAC address/IP address pairing (for example, when the DHCP service assigns a different IP address). Choice of printer that should be recommended by default when connecting to this network. This setting is displayed if a printer is installed in the operating system on your computer. List of additional subnets (separated by commas).

Settings	Description
File (only in the Application rules window)	Reference information about an application and about the application's executable file. Kaspersky application receives information about an application from the application's executable file and from Kaspersky Security Network.
Files and system registry	Rules for accessing system registry keys and files related to operation of the operating system or to your personal data. The individual access settings for read, write, create, and delete operations can be defined independently by using the menu in the cells of the corresponding table columns. The menu items are described in the Intrusion Prevention rules section.
Rights	Rights to access operating system resources and processes, and startup rights. You can set access rights by using the menu in the cells of the Action column. The menu items are described in the Intrusion Prevention rules section.
Network rules	Rules applied by Kaspersky application to regulate the network activity of an application or application group. By default, the list displays the predefined application network rules that are recommended by Kaspersky experts. You cannot delete or edit predefined network rules (except changing the action in the Permission column; please refer to the description of available actions in the Intrusion Prevention rules section). When adding or editing a rule, you can define the following settings: Action: Allow. Kaspersky application allows the network connection. Block. Kaspersky application blocks the network connection. Ask user. If the Perform recommended actions automatically check box is cleared under Settings → Security settings → Exclusions and actions on object detection, Kaspersky application asks the user to decide whether or not to allow or deny the network connection. If the check box is selected, the action is chosen automatically. You can follow the footnote in the application window to read about exactly which action will be selected. Name. Direction: Inbound. Kaspersky application applies the rule to network connections opened by a remote computer. Outbound. Kaspersky application applies the rule to the network connection that was opened by your computer. Inbound / Outbound. Kaspersky application applies the rule both to inbound and outbound data packets or streams, regardless of which computer (your computer or a remote computer) initiated the network connection. Protocol. ICMP settings. You can specify the type and code of data packets to be scanned. The settings section is available if the ICMP or ICMPv6 protocols are selected. Remote ports (ports of a remote computer). Local ports (ports of your computer). You can specify a range of remote or local ports (for example, `6660–7000`), list multiple ports separated by commas, or combine both methods (for example, `80–83,443,1080`). Address: Any address. Subnet addresses. Kaspersky application applies the rule to IP addresses of all networks that are currently connected and are of the specified type (Public, Local or Trusted). The network type can be selected from the drop-down list that is displayed below if the Subnet addresses option is selected. Addresses from the list. Kaspersky application applies the rule to IP addresses within the specified range. You can specify IP addresses in the Remote address field, which is displayed below if the Addresses from the list option is selected. Network adapters traversed by network packets. Use of TTL. Kaspersky application controls the transmission of network packets whose time to live (TTL) does not exceed the specified value. Logging events to Kaspersky application report. To quickly add a rule, you can select one of the predefined templates in the drop-down list in the lower part of the window.
Exclusions (only in the Application rules window)	You can select rules that will be used to exclude an application from scans: Do not scan opened files. Do not monitor application activity. Intrusion Prevention does not monitor any application activity. Do not inherit restrictions from the (application’s) parent process. If restrictions of a parent process or application are not inherited, application activity is monitored according to your defined rules or according to the rules of the trust group to which the application belongs. Do not monitor the activity of child applications. Do not block interaction with Kaspersky application interface. The application is allowed to manage Kaspersky application by using its graphical interface. You may need to allow the application to manage the interface of Kaspersky application when using a remote desktop connection application or an application supporting the operation of a data input device. Examples of such devices include touch pads and graphic tablets. Do not scan all traffic (or encrypted traffic). Depending on the selected option (Do not scan all traffic or Do not scan encrypted traffic), Kaspersky application excludes all network traffic of the application or traffic transmitted over SSL from being scanned. The value of this setting does not affect Firewall operation: Firewall scans application traffic in accordance with Firewall settings. Exclusions affect Mail Anti-Virus, and Safe Browsing. You can specify the IP addresses or network ports to which the traffic control restriction must apply.
History (only in the Application rules window)	Reference information about actions taken on the application, such as starting the application or assigning a trust group Kaspersky assigns trust groups to all applications started on a computer depending on the level of danger that these applications pose to the system. The trust groups are as follows: Trusted. This group is for applications that have a digital signature from trusted vendors, and applications that have a record in the database of trusted applications. These applications are not restricted from any activity in the system. Activity of these applications is monitored by Proactive Defense and File Anti-Virus. Low Restricted. This group is for applications that do not have a digital signature from trusted vendors or corresponding records in the database of trusted applications but pose a low level of threat (based on Kaspersky Security Network data). They are allowed to perform specific operations, such as access to other processes, management of the system, and hidden network access. User permission is required for most operations. High Restricted. This group is for applications that do not have a digital signature or records in the database of trusted applications. These applications pose a medium level of threat. Applications in this group require user permission to perform most operations in the system. Untrusted. This group is for applications that do not have a digital signature or records in the database of trusted applications. These applications have a high threat level. Kaspersky blocks all activity of these applications. .

Settings	Description
Use hardware virtualization if available	If the check box is selected, hardware virtualization (hypervisor) is used for the operation of Protected Browser. The application uses hypervisor technology for additional protection against complex malware that could intercept your personal data by using the clipboard or phishing. This check box is displayed when the application is installed on a 64-bit version of Windows 8, Windows 8.1 and Windows 10. For more details about hardware virtualization and how it works, click the link.
Protection using hardware virtualization	Secure Keyboard Input helps you prevent cybercriminals from intercepting the data that you enter from the keyboard when visiting websites (for more details, please refer to the About Secure Keyboard Input section). Select the check boxes for categories of websites on which you want to protect data that is entered via the keyboard. Click the Manage exclusions link to create lists of websites on which you want to enable or disable Secure Keyboard Input irrespective of the selected website categories. You can use masks when adding exclusions.
On-Screen Keyboard	Many programs classified as spyware can take screenshots, which then are automatically transmitted to an intruder for further analysis to steal the user's personal data. On-Screen Keyboard protects entered personal data from attempts to intercept it by means of screenshots. (For more details, please refer to About On-Screen Keyboard). You can choose how you will be able to open On-Screen Keyboard: Open On-Screen Keyboard by typing CTRL+ALT+SHIFT+P. Show quick launch icon in data entry fields. The On-Screen Keyboard quick launch icon is displayed in the password input fields on web pages. Select the check boxes for categories of websites on which you want to protect data that is entered via the On Screen Keyboard. Click the Manage exclusions link in the Exclusions for On-Screen Keyboard window to create lists of websites on which you want to enable or disable display of the On-Screen Keyboard quick launch icon irrespective of the selected website categories. You can use masks when adding exclusions.
Show hints for creating strong passwords	If the check box is selected, Kaspersky application checks the strength of a password that you are entering in the browser for the first time, and notifies you about it.
Protection against using the same passwords	When you enter a password on a website where password security is especially important (such as on a social network), Kaspersky application prompts you to enable protection against the use of the same passwords. If the Warn about using the same passwords on websites check box is selected, protection against using the same passwords is enabled. You can select the categories of websites that should be protected from using the same passwords. These categories include banks and payment system websites, social networking websites, and mail service websites. You can click the Delete saved data link to delete all previously saved passwords.

Functionality	Restrictions	Limited functionality mode
Virus scan		yes
Updating anti-virus databases and application modules	Only critical updates are available.	no
Application Vulnerability Scan		yes
Safe Browsing		yes on Windows 7, 8 / no on Windows 10, 11
File Anti-Virus		yes on Windows 7, 8 / no on Windows 10, 11
Mail Anti-Virus		yes on Windows 7, 8 / no on Windows 10, 11
System Watcher		yes on Windows 7, 8 / no on Windows 10, 11
Checking of the reputation of files in Kaspersky Security Network		no
Secure Data Input		no
Emergency Recovery	Kaspersky Rescue Disk can be downloaded in the application interface.	yes
Exclusions and actions on object detection		yes
Network settings		yes
Reports and Quarantine		yes
Application display settings		yes
Game mode		no
Do not Disturb Mode		no
Intrusion Prevention		yes on Windows 7, 8 / no on Windows 10, 11
Firewall		yes
Network Attack Blocker		yes
Anti-Banner		yes
Safe Money		no
Private Browsing		yes
Privacy Cleaner		no
Smart Home Monitor		no
Webcam and Mic Control		yes on Windows 7, 8 / no on Windows 10, 11
Network Monitor		yes
Application Manager		no
Password Manager		yes
File Shredder		yes
Secret Vault	Only access to data in previously created secret vaults is available.	no
Backup and Restore	Only recovery of data from previously created backup copies is available.	no
App Updater		no
PC Cleaner		no
PC Speed-Up		no
Kaspersky VPN	Kaspersky VPN functionality is not available in some regions.	yes
Data Leak Checker		no
Microsoft Windows Troubleshooting		yes
Quick Startup		no
Weak Settings Scan		no
Duplicates		no
Large Files		no
Unused Apps		no
Hard Drive Health Monitor		no
Current Activity		no
Battery Saver		no
Stalkerware Detection		no
Unwanted App Installation Blocker		no
Adware Remover		no
AMSI Protection		yes, only on Windows 10, 11
Manage Settings		yes
Password protection of application settings		yes
PC resource consumption settings		yes
History		yes
Recommendations		yes
Security news		yes
Parental Control	Only report viewing is available.	no
Contacting Customer Service		yes

Contents

About Kaspersky solutions

Comparison of subscription plans

Hardware and software requirements

Compatibility with other Kaspersky applications

What's new in the latest version of the application

Limited free version of Kaspersky application

Data provision

Data provision under the End User License Agreement

Data provision under the End User License Agreement on the territory of the European Union, the United Kingdom, Brazil, Vietnam, or by California residents

Data provision to Kaspersky Security Network

Saving data to the application operation report

Locally processed data

Saving data for Customer Service

About using the application in the European Union, the United Kingdom, Brazil, Vietnam, or by California residents

How subscription works

How to buy a subscription

How to manage your subscription using your My Kaspersky account

How to cancel the subscription

How to set a different payment method

How to activate a subscription on your device

If you purchased a subscription from Kaspersky website

If you purchased a box or an activation card

Activating your subscription if the application is already installed on your device

Subscription with automatic renewal

Your subscription expired

Renewing the subscription using a reserve activation code

Switching from trial subscription to paid subscription

How to install or remove the application

How to install the application

Installing over other Kaspersky applications

Kaspersky Protection browser extension

How to uninstall the application

How to update the application

How to protect more devices

Basic functionality of the application

Assessing computer protection status and resolving security issues

How to fix security issues on your PC

Security news

About security news

How to enable or disable security news

How to enable or disable the receipt of security news on My Kaspersky

Application activity log and detailed report

How to configure the application interface

How to configure application notifications

How to change the application design theme

How to configure the application icon

How to password-protect access to the application management functions

How to restore the default settings of the application

How to apply the application settings on another computer

How to pause and resume computer protection

Evaluating Kaspersky application

Searching the functionality of the application

Store

Security

Scanning the computer

How to run a Quick Scan

How to run a Full Scan

How to run a Custom Scan

How to run a removable drive scan

How to run a Context Menu File or Folder Scan

How to enable or disable a background scan

How to create a scan schedule

How to search for vulnerabilities in applications installed on your computer

How to exclude a file, folder, or threat type from scanning

Scanning files in OneDrive cloud storage

Updating anti-virus databases and application modules

About updating databases and application modules

How to start an update of databases and application modules

Intrusion Prevention

About Intrusion Prevention

How to change Intrusion Prevention settings

Checking application reputation

Weak Settings Scan

About weak settings of the operating system

How to find and fix weak settings in the operating system

How to enable Weak Settings Scan

Network Monitor

Pre-Kaspersky virus removal

Recovering the operating system after infection