Setup Idea Hardened System with Kaspersky

Operating System
Windows 10 / Windows 11
Login unlock
    • Passwordless (PIN or Biometrics)
User Access Control
Always notify
Malware protection
  • Kaspersky Standard / Plus / Premium
  • Kaspersky KIS / KTS / KSCloud
  • Macrium Reflect Home -> Image Guardian
Firewall protection
Other firewall software (3rd-party vendor)
Custom security info
* Custom RTP Kaspersky settings:
Settings -> Performance Settings -> PC Resource Consumption -> Perform recommended Actions Automatically: Deselect
(For users who don't like warning prompts, They may keep this setting Selected by default)

Settings -> Security Settings -> Intrusion Prevention -> Trust Digitally Signed Application: Deselect

Settings -> Security Settings -> Intrusion Prevention -> Trust group for applications that could not be added to existing groups: UnTrusted

Settings -> Security Settings -> Intrusion Prevention -> Trust group for applications started before startup of Kaspersky: High Restricted

Additionally, You can implement Stronger Rules to protected Folders/Files against Ransomware Attacks

Note: settings not mentioned would remain by default.

* OS Settings: disable lots of services with WPD
Periodic scanners
  • WiseVector StopX (resident modules disabled)
  • Norton Power Eraser
  • AdwCleaner
Default browser / extensions
* Browser: Mozilla FireFox

* Search Engine: Google

* Add-ons: uBlock Origin, Dark Reader, IndicateTLS, Simple Translate, LT Language Tool
Secure DNS
CloudFlare / NextDNS / Quad9
VPN
Mullvad / WindScribe
Password manager
KeePass 2 (manually -> Perform Auto-Type inside Mozilla FireFox)
Security keys
Maintenance tools
PatchMyPC and/or RuskZuck to update system applications.
Personal backup
* At least 1 Cloud services: Mega, OneDrive, Google Drive, etc.

* 2 External Devices to save redundant BackUps.
Recovery backup
Macrium Reflect Home / AOMEI BackUpper
Recommended for
  1. Experienced users

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,258
This proposal of Setup Idea is relevant to these Kaspersky Products:
  • Kaspersky Standard / Plus / Premium
  • Kaspersky KIS / KTS / KSCloud

These Kaspersky Hardening tweaks try to emulate the old Trusted Application Mode, a feature that was removed by Kaspersky in their home products a few years ago, but in fact, it goes further and imposes stricter restrictions on the system.


* Some tips to working with PatchMyPC, RuckZuck, and new applications installations in general:

In many occasions, some unknown files by KSN spawn during installing new applications, and with current Intrusion Prevention settings, Kaspersky will irrevocably Block/Stop your installation. To avoid this inconvenience, see example below with PathMyPC, We can edit its Applications Rules and set these Exclusions:

1651573180947.png

For a new application installer (We take it for granted that we previously trusted it) that never was executed in the system, We may pre add it to Trusted Group this way:

1651573857222.png

Being in Intrusion Prevention -> Manage Applications: 1 left mouse click over Trusted Group, then 1 right mouse click, and select Add Application to Group, and finally select the new installer.

Once added, find the new installer via Search on top right of the window, select it with 1 right mouse click: Details and Rules -> Exclusions, set the Exclusions and Save.

Finally, run normally the installer :)
 
Last edited:

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,258
If I use Nextdns desktop app, do I need ublock origin?

I haven't used NextDNS, but probably running both is overkill :)

EEK is ok, but terribly annoying (slow) when downloading/applying new updates/signatures... HMP, only can detect exe in general, but not scripts or other types of malware in Office docs, also can detect registry keys in Windows AutoRuns sections... VoodooShield is not a periodic Scanner :)
 

zkSnark

Level 4
Verified
Well-known
Jan 13, 2019
157
I haven't used NextDNS, but probably running both is overkill :)

EEK is ok, but terribly annoying (slow) when downloading/applying new updates/signatures... HMP, only can detect exe in general, but not scripts or other types of malware in Office docs, also can detect registry keys in Windows AutoRuns sections... VoodooShield is not a periodic Scanner :)
In my other thread, people were suggesting me Nextdns or Adguard and no one mentioned ublock. Just curious which one is better among these 3.
Regarding periodic scanning, from your explanation about EEK and HMP, I guess ir's better to use the three apps you have recommended, right?
Since I see Voodoo Shield mentioned many times in this forum, do I need it too?
 

zkSnark

Level 4
Verified
Well-known
Jan 13, 2019
157
Voodoo Shield, You can use it if You keep KTS default settings... but properly tweaking KTS, You would not need it :)



Yes, I prefer these 3 ones, although with NPE You can get some false positives :)
Just found out about Herdprotect and on their website, it says "herdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud". What is your opinion on this since it uses 58 engines to scan?
 
F

ForgottenSeer 95367

Since I see Voodoo Shield mentioned many times in this forum, do I need it too?
You are on the path of "overkilling" your system.

Popularity of software is not a scientific, unbiased measure of that software's effectiveness. There's many variables that determine absolute security that are not measured by popular-vote style polls or recommendation lists.
 
Last edited by a moderator:
F

ForgottenSeer 95367

I am just curious with all these programs mentioned in the forum lol
Keep your system tidy. Test all these suggestions in a virtual machine so that you can make your own, informed decisions as to which will work best for you personally. Figuring that out is a long process.

Evidently you were secure before you showed up here at MT. Now you found this place and all these suggestions are being thrown at you. It is creating doubts in your mind about your security. You are OK. You have to step back and keep perspective.
 
Last edited by a moderator:

harlan4096

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,258
erdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud". What is your opinion on this since it uses 58 engines to scan?
I tried it long years ago, I though was dead hehe... Sincerely I find it excessive :)
 

Shiz

Level 1
Verified
Nov 16, 2018
48
In my other thread, people were suggesting me Nextdns or Adguard and no one mentioned ublock. Just curious which one is better among these 3.
Regarding periodic scanning, from your explanation about EEK and HMP, I guess ir's better to use the three apps you have recommended, right?
Since I see Voodoo Shield mentioned many times in this forum, do I need it too?
I would still run ublock with Nextdns because ublock blocks things on the browser level. There is a reason why you cannot block YouTube ads with only DNS. An adblocker on the browser is needed to help with things such as YouTube ads.
 
  • Like
Reactions: zkSnark

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top