To select the Application Startup Control mode:
In the right part of the window, the settings of the Application Startup Control component are displayed.
When this mode is selected, two Application Startup Control rules are created by default: Golden Image and Trusted Updaters. You cannot delete these rules. The settings of these rules cannot be edited. You can enable or disable these rules by selecting or clearing the check box opposite the relevant rule. By default, the Golden Image rule is enabled, and the Trusted Updaters rule is disabled. All users are allowed to start applications that match the trigger conditions of these rules.
All rules created during the selected mode are saved after the mode is changed so that the rules can be used again. To revert to using these rules, all you have to do is select the necessary mode in the Application Startup Control mode drop-down list.
Information about the module and the application that loaded the module will be saved to a report.
If the check box is selected, DLL modules and drivers are monitored before Kaspersky Endpoint Security is started. To configure subsequent monitoring of all DLL modules and drivers before application startup, restart the computer after selecting the Monitor DLL and drivers check box. If you are unable to restart the computer, after selecting the Monitor DLL and drivers check box you can load DLL modules and drivers while Kaspersky Endpoint Security is running. In this case, monitoring takes effect only for DLL modules and drivers that are loaded while Kaspersky Endpoint Security is running.
When monitoring DLL modules and drivers, it is not recommended to use Application Startup Control rules that were created based on KL categories. Determining KL categories (including in the “Operating system and its components” rules) for DLL modules and drivers may not work correctly. In particular, the “Operating system and its components” rule was created by default and is not distributed at DLL module and driver launch. When turning on this function, it is necessary to create separate allow rules for DLL modules and drivers. Using the Control DLL and drivers function if such allow rules do not exist could make the system unstable.
We recommend password protection be turned on to configure program settings so that it is possible to turn off allow rules blocking the launch of critically important DLL modules and drivers while not changing Kaspersky Security Center policy settings in the process.