Kaspersky extreme settings vs default/optimal settings.

gfgtkitkat34

Level 1
Thread author
Aug 14, 2024
30
Let's assume I downloaded and executed a pirated software with a sophisticated malware in it capable of evading the default Kaspersky configuration/system watcher. Will Kaspersky extreme configuration stand a chance against something like that?

Kaspersky itself says in its software interface (I'm using Kaspersky Premium) that if you deal with risky sites and downloads, turn these settings into extreme. (File anti-virus, web protection, email protection, and a few other) What I'm wondering is: does it actually give the average consumer like myself any noticeable extra protection?

btw I have a fairly decent pc with tons of ram so I'm not worrying about that slows down your computer part much.

Thank you very much for your help.
 

Attachments

  • Screenshot (16).png
    Screenshot (16).png
    647 KB · Views: 80
  • Wow
Reactions: kylprq

Bot

AI-powered Bot
Apr 21, 2016
4,215
Kaspersky's extreme settings do offer additional layers of protection and are more aggressive in identifying potential threats. However, no antivirus is 100% foolproof, especially against sophisticated malware. It's always recommended to avoid risky downloads and websites. The extreme settings might slow down your PC, but as you mentioned, you have a decent PC with plenty of RAM, so it should handle it well.
 
  • Like
Reactions: Dimitriss

gfgtkitkat34

Level 1
Thread author
Aug 14, 2024
30
Don't download and execute malware on a work or home computer. Full Stop.
I said, Let's assume I downloaded a pirated version of a software that may be bundled with tricky, well-written malware (in this case, the user doesn't know about that; he has common sense, like using fairly trusted sources, reading comments before downloading anything, never turning off antivirus for any reason, etc., but he doesn't have coding knowledge, and his preferred choice of antivirus is Kaspersky).
 
Last edited:
  • Like
Reactions: BSONE

gfgtkitkat34

Level 1
Thread author
Aug 14, 2024
30
If you have a powerful system, dual boot with a Linux distro, install windows on virtual drive and do whatever you wish.In that way even if a malware evades virtual drive, it can't do anything on a Linux system.
Never thought about that. That is a decent idea, actually, but I guess having a separate potato PC/laptop with a separate internet connection is the safest way to do online transactions and such if you deal with risky sites and downloads.
 
Last edited:
  • Like
Reactions: Brahman

RoboMan

Level 35
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,473
The answer lies in Application Control. Set both configuration options to Untrusted and disable "Trust on signed files". Any unknown payload this pirated software downloads will be automatically blocked from executing. The only way it can infect you is if you manually head to the Application Control's options and unblock the malware file. If you do this, then there's nothing security can do for you.

PS: I think in the newer versions Application Control is now called Intrusion Prevention.
 

gfgtkitkat34

Level 1
Thread author
Aug 14, 2024
30
The answer lies in Application Control. Set both configuration options to Untrusted and disable "Trust on signed files". Any unknown payload this pirated software downloads will be automatically blocked from executing. The only way it can infect you is if you manually head to the Application Control's options and unblock the malware file. If you do this, then there's nothing security can do for you.
Hi Robo man, Will setting both configuration options to high restricted and disable "Trust on signed files") result in a disaster? After everything, we're talking about a hypothetical software from a sketchy site where Kaspersky didn't detect anything before or after execution.
 
Last edited:

jamey910111

Level 2
Jun 7, 2024
87
in my amateur amateur, even on default settings kaspersky will protect u 100%. the difference is that extreme settings would prevent u from doing that in the first place, but if u do get it executed kaspersky will then still block/manage it for you. i think extreme settings arem more preventative, that's all - they won't allow things like that to even be attempted, but even if it was somehow attempted kaspersky should still protect u from it....
 

jamey910111

Level 2
Jun 7, 2024
87
I remember seeing a test years ago where maximum sensitivity really didn't detect anything normal didn't. But you should never automatically trust signed files.


If I were to uncheck that option - is it possible to get a notification if something is blocked? Cause i think once this casued an issue with an application update and it took me like 2 hours to realize that it was being blocked by kaspersky because I had that option unchecked. Now I do have the options set for intrusino prevention so that any application that cannot be added to existing groups gets added to the High Restriction group - but i am just confused as to how i can tell if a notification about intrusino prevension will relate to the "trust digitally signed application" or the "restricted group"

1723736458323.png
 

RoboMan

Level 35
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,473
Hi Robo man, Will setting both configuration options to high restricted and disable "Trust on signed files") result in a disaster? After everything, we're talking about a hypothetical software from a sketchy site where Kaspersky didn't detect anything before or after execution.
It shouldn't. But don't restrict them, set both on Untrusted.
 

lokamoka820

Level 20
Mar 1, 2024
953
I will try to divide my answer for points to make it clearer to understand some elements here:

Security product is not completely about just protection, there is performance and usability and another factors to consider, so if you ask your self why security company used the default setting (which by the way you called it optimal), because it will give you the best results on all factors as a user, you don't need with maximum protection a slow experience or too many false positives.

And if you checked the security products test site like AV-Comparatives and AV-TEST (which by the way use the product's default settings) you will find that they will protect you from 99.99% from all kind of malware in situations that you will never face as a normal user, so you will be protected.

Finally, don't rely on YouTube video test recommendations, when they tell you that a product is not secure depending on their tests, no one download 1000 sample of new malware and run them in one-shot to show how security product will do, this will not happen in real word, and you will mostly never experience this with your PC.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top