Yes. I 'm always testing fresh malware samples and goodware , changing KTS configs trying to find out what is the best setup. But in fact, changing that switch is not that hard. Awesome tip.
Is Kaspersky Application Control unbeatable?
- Thread starter RiderExpert
- Start date
Yes. I 'm always testing fresh malware samples and goodware , changing KTS configs trying to find out what is the best setup. But in fact, changing that switch is not that hard. Awesome tip.
5
509322
All the work is in initial configuration. After you will find that you rarely need to disable something. You might have to Allow one or two processes permanently. However, since most everything else is disabled, Allowing one or two processes so things work does not introduce much risk to the system. You will see.
The biggest pain is getting to the toggle switch. Really. That's the annoying part.
Yes. I've already sent Kaspersky a suggestion about shortcuts to some settings. Maybe even put some options on the context menu, but I don't think they care.
5
509322
Application Control in the tray icon context menu.
Application Control of Kaspersky uses Cloud analyzer to determine the ratings of the certain product and set depends on restriction.
The best option is put it on High Restricted or Untrusted however it does not determine full proof concept, it can generally block majority of executable attacks and new strain of fileless attacks may prone to bypass.
You need to tune up properly on how a certain component works, sometimes by customizing will work flawlessly in that certain system only.
The best option is put it on High Restricted or Untrusted however it does not determine full proof concept, it can generally block majority of executable attacks and new strain of fileless attacks may prone to bypass.
You need to tune up properly on how a certain component works, sometimes by customizing will work flawlessly in that certain system only.
Just an update
Kaspersky Password Manager extension does not work with cmd.exe disable :/
5
509322
Yes, Kaspersky's browser extensions use processes that use cmd.exe (password manager) and reg.exe (web filtering).
I also find that cmd.exe is the hardest of the common script interpreters to block. There are just too many programs/processes that need it.
For me, the easiest and most effective way to get control of these vulnerable processes is to run NVT ERP free beta in combo with Kaspersky.
For me, the easiest and most effective way to get control of these vulnerable processes is to run NVT ERP free beta in combo with Kaspersky.
5
509322
That is the rationale for those that combo AppGuard and NVT ERP; to monitor cmd.exe and rundll32.exe.
I have run both cmd.exe and rundll32.exe completely disabled on a system. There were block events, but nothing was broken. What happens when you disable those two processes depends to a large extent upon what you have installed on your system. Rundll32 is used for some Windows background activities.
D
Deleted member 178
I need cmd.exe so i run it guarded in AG. however i disabled rundll32.exe
I assume that you need to renable rundll32 when you install a program, or run an update?
Regarding cmd, someone told me that disabling it borked their system, when a Windows update came along that needed it. So it sounds wise to me, not to disable it.
5
509322
Disabling cmd.exe will not bork a system. It might temporarily break a couple of things, and it is not permanent damage. There are Windows processes that, if disabled, will bork Windows but none of the interpreters are one of them.
D
Deleted member 178
Yes , depending the case. That is the beauty of Appguard, you block everything you want, anywhere you want, and can unblock them if needed by one click.
You may also like...
-
-
Simple Steps to Secure Your Windows 11 PC- Started by Divergent
- Replies: 0
-
-
