Hot Take KIS/KTS/KSCloud/KStandard/KPlus/KPremium - Implementing Protected Folders via Manage Resources (+ Default Deny Mode)

[harlan4096]

No, only in supported browsers with Kaspersky Protection add-on enabled and Secure Data Input enabled.

 

[PandaSecurity]

Does anyone know how to implement interactive mode within kaspersky standard edition? I cant for the life of me find out how to put the protection mode in ask or interactive anywhere.

 

[harlan4096]

The same was as in KPlus: Settings -> Performance Settings -> PC Resource Consumption:

Disable as showed that setting -> Perform recommended...

 

[HarborFront]

I think this feature looks like Norton Data Protecter whereby a list of folders are protected by default. Of course you can add other folders as well.

Need Advice - Norton Data Protector

Well Good Afternoon Does anyone know when Norton Data Protector will exit the Beta and stay public?

malwaretips.com

If any of the protected folder is infected say by a ransomware does Kaspersky System Watcher rolls it back?

 

[harlan4096]

SW will try to recover always, regardless of this custom tweaks of protected folders.

 

[HarborFront]

SW will try to recover always, regardless of this custom tweaks of protected folders.

Thanks

Does SW rollback only protected folders stated in this thread or eveything that's infected? It must backup before rollback, right? Is there some settings to backup and rollback?

If a ransomware hits many files like below how do K backup/rollback?

About 6 mins to encrypt 100000 files like what the link below says

This is how fast a ransomware attack encrypts all your files

Researchers examined how quickly ransomware encrypts files - in some cases, it just takes a matter of minutes.

www.zdnet.com

 

[harlan4096]

SW has its limits of recovering, anyway with these tweaks would be very difficult files are affected.

 

[HarborFront]

SW has its limits of recovering, anyway with these tweaks would be very difficult files are affected.

I believe it's difficult.

BTW do SW perform backup otherwise how to rollback?

 

[harlan4096]

I don't think SW performs any previous back, I guess it recovers on real time...

 

[Guilhermesene]

Just to contribute to this topic, I created a spreadsheet containing the permissions for each K group.

I hope it's useful to someone

Spoiler

 

[Guilhermesene]

Just to help understand the great topic created by @harlan4096, I made this image to explain in a more visual way what @harlan4096 demonstrated in the tutorial

I hope it is useful to someone

 

[Ranking4029]

What about Internet Access? Say a Password Stealer was downloaded on the device whose sole function is to steal user logins and Kaspersky doesn't detect it. With the configuration in this thread, will it be blocked from stealing user credentials or do I have to set network access on High Restricted to denied too?

 

[SHvFl]

With the setting in this topic if the stealer runs and it's not on the Trusted application list it will either get denied from read/write/create/delete or ask you what to do based on the group it gets added. This picture shows what it is suggested but you can change all except Trusted application to deny if you wish.
Remember that you must add all drive you want to protect in the protected folders as shown on the first page of the topic.

 

[harlan4096]

Just, with this simple config but quite paranoid settings :



If the stealer is not known by KSN, and course nor tagged as Trusted by error, it directly will be go to UnTrusted, and won't run...

 

[petok]

Today expired my EAM license and I buy license for Kaspersky Standard and happy with no big resource eat just 35 MB + 14 MB for two process.

 

[Studynxx]

I have both in the OP set to High Restricted and Do Not Trust digitally signed apps. Thoughts OP?

 

[harlan4096]

Good enough

 

[Studynxx]

Good enough

Can you expand on the Protected Folder module? If I protect, for example, my Scripts folder which is actually a network share, then what happens?

 

[harlan4096]

A network share located where? in that system or in a different system in Your local network?

 

[Studynxx]

A network share located where? in that system or in a different system in Your local network?

It's a synology NAS so I guess the latter