shukla44's Security Configuration (Desktop)

[shukla44]

PS: Please keep in mind that not all programs, currently on my system, are mentioned above.

Disclaimer: All the custom settings below is done with experience. Please do not copy any unnecessary settings if you don't know what you are doing.​

Spoiler: Kaspersky 2016 Interactive Mode Config [Will update it with 2017 config ASAP] (Last Edited: 12-03-2016)

GENERAL:

Uncheck - perform recommended actions automatically
Create password protection
- Check all boxes in password scope

PROTECTION:

File Antivirus:
action on threat detection - prompt on detection
advanced settings - see spoiler

Spoiler

Application Control:
AntiWinLock - How to protect your computer from Trojan-Ransom (WinLock) using Application Control in Kaspersky Total Security
AntiFileLock - How to protect against file-encrypting malware (cryptoware) in Total Security
see spoiler

Spoiler

Mail Antivirus:
action on threat detection - prompt on detection
advanced settings - see spoiler

Spoiler

Private Browsing:
Select - block detected requests
Check - block tracking
Uncheck - allow data collection on websites of kaspersky lab and its partners
Check - allow data collection on incompatible websites
Web Antivirus:
action on threat detection - block
advanced settings - see spoiler

Spoiler

System Changes Control:
Check - use installation assistant
Check - block advertisements
Check - control changes
Uncheck - block changes automatically
Block & allowed application - CCleaner (always allow)

PERFORMANCE:

Uncheck - disable scheduled task while running on battery power
Check - use gaming profile
Uncheck - release resources to operating system when the computer starts
Check - release resources to other applications
Uncheck - perform idle scan
Uncheck - search for software that is intented to conceal traces of a malicious program in the system (rootkits)

SCAN:

Action on threat detection - prompt when scan is complete
Scan external device on connection - do not scan
Scan schedule - Vulnerability scan - scan every weekend
Advanced Settings:
Full Scan:
edit scan scope for full scan - check all the boxes
additional settings - see spoiler

Spoiler

Quick Scan:
edit scan scope for quick scan - added 'c:\users' & 'c:\programdata'
additional settings - see spoiler

Spoiler

Selective Scan:
additional settings - see spoiler

Spoiler

ADDITIONAL:

Secure Data Input:
Uncheck - open on-screen keyboard by typing
Uncheck - show quick launch icons in data entry fields
Check - secure keyboard inputs
Edit categories - check all the boxes
Threats And Exclusions:
Check - detect other softwares that can be used by criminals to damage your computer and personal data
Network:
Select - monitor all ports
Notifications:
Check - notify about events
Uncheck - All (except 'notify about events')
Appearance:
Smooth transitions between windows - Select - do not use

Note: Only changed settings are mentioned above

Spoiler: Vulnerable Apps (Last Edited: 13-09-2016)

Vulnerable Apps & Programs on my System (beside Windows 7):

1. Java JRE 8 32-bit (Used for Desktop Apps Only)
2. Adobe Flash Player ActiveX (Used For IE 64-bit Only)
3. Browsers (Firefox 32-bit, Chrome 64-bit & IE)
4. Microsoft Office***
5. Thunderbird
6. Foxit Reader***
7. Adobe Photoshop 64-bit***
8. Windows Media Player***
9. uTorrent (3.3.2 Build 30586)
10. VLC Media Player***
11. K-Lite Mega Codec Pack With MPC-HC 64-bit***
12. Microsoft .NET Framework 4.6.2

*** - Internet connections (Incoming & Outgoing) are disabled in Firewall

Spoiler: Vulnerable Processes (Last Edited: 18-01-2017)

Vulnerable Processes on my system (Windows 7):

1. cmd.exe**
   
2. regsvr32.exe**
3. rundll32.exe**
4. shell32.exe**
5. mshta.exe**
   
6. wscript.exe***
7. cscript.exe***
8. powershell.exe***
9. powershell_ise.exe***

All processes both paths (system32 & syswow64) included.

** - Monitored
*** - Blocked

Spoiler: Additional Info (Last Edited: 18-01-2017)

ADDITIONAL INFO'S:

1. I have 3 user accounts active - 1 admin (personal use only), 1 standard (friends & family use) & 1 guest (other stuff). The standard & guest accounts enjoy the strict settings of kaspersky total security parental control.
2. For financial/banking transaction, i use kaspersky safe money. For safe money, i use firefox only with addons kaspersky protection and https everywhere & all the plugins disabled.
3. I use shadow defender (on admin account only) as a sandbox for testing new setting or unknown apps. But all the malware testing is done in vmware.
4. All the internet connections are disabled in firewall for apps/programs that doesn't depend on Internet.
5. All the important files/documents are additionally backed up in a winrar archive file without the .rar file extension.
6. All the important passwords are kept in a password-protected doc file within a password-protected archive within a password-protected thumb drive. For emergencies, i keep some of them on a piece of paper hidden in my room. For the rest of the passwords, i use sticky password.

Suggestions & feedback are always welcome.
If you have question about my custom configurations, i'll be happy to answer as much as possible.​

 

[Soulbound]

Nothing really to add. thanks for sharing your config.

 

[SloppyMcFloppy]

As for custom configuration on Kaspersky. What is your recommend on " Load rules for applications from KSN." In Application Control? Do you uncheck or check?

 

[Exterminator]

Seems like a solid config to me! Thanks for sharing it with us

 

[DracusNarcrym]

Very solid config; excellent real-time security software complemented by reliable on-demand scanners.

Here's a couple of (optional) suggestions:
► If you test malware samples, I recommend you do it in a virtual machine. Here's a great free (and open-source) virtual machine application: VirtualBox
► You may check out uBlock Origin for Firefox-based browsers and uBlock Origin for Chromium-based browsers as lighter and and more efficient alternatives to AdBlock Plus. (I used to be an AdBlock Plus user, and I can verify that uBlock Origin is indeed an improvement over AdBlock Plus)

Other than that, you are good to go. Thanks for sharing your config with us!

 

[frogboy]

Looks very good to me. Thanks for sharing.

Other than maybe some form of virtualization software.

 

[shukla44]

As for custom configuration on Kaspersky. What is your recommend on " Load rules for applications from KSN." In Application Control? Do you uncheck or check?

I left that checked (by default), but i have unchecked the 'trust digitally signed applications' and i have selected low restricted in both 'change trust group for unknown applications' & 'change trust group for application started before kaspersky'.

Yes, sometimes KSN messes up my trusted group by automatically loading rules but i get notified as i use the interactive mode.

Very solid config; excellent real-time security software complemented by reliable on-demand scanners.

Here's a couple of (optional) suggestions:
► If you test malware samples, I recommend you do it in a virtual machine. Here's a great free (and open-source) virtual machine application: VirtualBox
► You may check out uBlock Origin for Firefox-based browsers and uBlock Origin for Chromium-based browsers as lighter and and more efficient alternatives to AdBlock Plus. (I used to be an AdBlock Plus user, and I can verify that uBlock Origin is indeed an improvement over AdBlock Plus)

Other than that, you are good to go. Thanks for sharing your config with us!

Thanks for your suggestions.
I forgot to mention, i do use virtualization software but i use VMware Workstation 12, been using it for years. I have XP SP3 32-bit & 7 SP1 64-bit in there always.

Already edited that in the config.

And for uBlock instead of ABP, well i have many custom filters in ABP already & it is working great for me. I have no problems with ABP using more memory as i have 8 GB of them.

I will consider it, if ABP starts giving me problems but so far so good.

 

[SloppyMcFloppy]

I left that checked (by default), but i have unchecked the 'trust digitally signed applications' and i have selected low restricted in both 'change trust group for unknown applications' & 'change trust group for application started before kaspersky'.

Yes, sometimes KSN messes up my trusted group by automatically loading rules but i get notified as i use the interactive mode.

Thanks man, and what do you think about recommend settings default for files and web antivirus? I'm currently uing that for a moment, but do you think that good enouugh?

 

[shukla44]

Thanks man, and what do you think about recommend settings default for files and web antivirus? I'm currently uing that for a moment, but do you think that good enouugh?

Well, default settings of kaspersky are for performance & security both. So if you want a little bit more security, you have to change a few settings without affecting performance too much.

For file & web anti-virus settings, i can tell you what i use and find good enough for my system.

Web antivirus - left it as it is (default). I have unchecked 'automatically activate kaspersky protection extension in all browsers' but it is not security related.

File antivirus - file types 'File scanned by format' to 'All Files'.

That's it.

 

[shukla44]

UPDATED: Added real-time protection - unchecky

 

[DracusNarcrym]

UPDATED: Added real-time protection - unchecky

This is an excellent utility.
It takes the hassle out of unchecking every PUP opt-in manually from software installers.

 

[harlan4096]

KIS/KTS2016MR1 comes with a similar feature integrated in "System Changes Control" module, but I guess still not so mature than Unchecky

 

[Mihir :-)]

Solid configuration.Nothing to add.Thanks for sharing.Another Kaspersky user B-)

 

[Cats-4_Owners-2]

Hi @shukla44, I liked your configuration! As your primary browser is Firefox, I wondered whether you are using their 64 bit version. It has performed quite well for us, and (I've read) is compatible with all 32 bit extensions.

• Firefox All Systems

Thanks for sharing!

 

[jamescv7]

Everything are well intact and covered, well done!

 

[Deleted member 178]

Approved by Staff

nothing much to add

 

[shukla44]

Approved by Staff

nothing much to add

Thanks

 

[shukla44]

Hi @shukla44, I liked your configuration! As your primary browser is Firefox, I wondered whether you are using their 64 bit version. It has performed quite well for us, and (I've read) is compatible with all 32 bit extensions.

• Firefox All Systems

Thanks for sharing!

I tried in VMware, liked it, still not all plugins are supported so, still not upgraded to it. Will think about it from next FF releases...

 

[DracusNarcrym]

@shukla44 If you would like to try a x64 Firefox variant I would recommend Cyberfox by far.
It's been my favorite browser ever since I first tried it. Also, all Firefox add-ons should be supported by it.

 

[Overlord]

Really solid and good configuration. Thanks for sharing!