shukla44's Security Configuration (Desktop)

Last updated
Dec 31, 1969
Windows Edition
Other edition for Previous versions of Windows
User Access Control
Always notify
Real-time security
Kaspersky Total Security 2017
Shadow Defender
Sticky Password Premium
Process Lasso Pro
Firewall security
Periodic malware scanners
Malwarebytes Antimalware 2.2.1.1043
HitmanPro
Adwcleaner
Malware sample testing
Browser(s) and extensions
FIREFOX 32-bit (Custom Config):
------------------------------------------------
Adguard
NoScript
HTTPS Everywhere
Kaspersky Protection

CHROME 64-bit (Default Config):
------------------------------------------------
Adguard
Windscribe VPN
WebRTC Network Limiter
Kaspersky Protection

IE 64-bit (Custom Config)
------------------------------------------------
Adobe Flash ActiveX
Easylist TPL
EasyPrivacy TPL
Fanboy TPL
Block third-party google site tracking TPL
Maintenance tools
CLEANER & OPTIMIZATION - CCleaner, Auslogics Disk Defrag Professional
UNINSTALLER - Revo Uninstaller Pro
ONLINE BACKUP/CLOUD - Google Drive, OneDrive, Dropbox, Mediafire
OFFLINE BACKUP & IMAGING - AOMEI Backupper Pro
VIRTUALIZATION - VMware Workstation Pro
VPN - Windscribe (Pro, 1-Year), Hide.me (Free, 2GB/Month), KSC (Free, 200MB/Day)
DNS - GoogleDNS
OTHER - Unlocker, Autoruns, Process Explorer, VT Hash Check, AutoHotkey
File and Photo backup
Online/Cloud
Offline/External HDD
System recovery
AOMEI Backupper Pro, Windows Backup&Restore
Computer specs
https://malwaretips.com/threads/shukla44-home-desktop.63606/

shukla44

Level 13
Thread author
Verified
Top Poster
Well-known
Jan 14, 2016
601
PS: Please keep in mind that not all programs, currently on my system, are mentioned above.

Disclaimer: All the custom settings below is done with experience. Please do not copy any unnecessary settings if you don't know what you are doing.

GENERAL:

Uncheck - perform recommended actions automatically
Create password protection
- Check all boxes in password scope

PROTECTION:

File Antivirus:
action on threat detection - prompt on detection
advanced settings - see spoiler
wo8Ltou.jpg
Application Control:
AntiWinLock - How to protect your computer from Trojan-Ransom (WinLock) using Application Control in Kaspersky Total Security
AntiFileLock - How to protect against file-encrypting malware (cryptoware) in Total Security
see spoiler
YnrSpFG.jpg
kKFgOrS.jpg
eELa5AV.jpg
Mail Antivirus:
action on threat detection - prompt on detection
advanced settings - see spoiler
bHB3zcz.jpg
Private Browsing:
Select - block detected requests
Check - block tracking
Uncheck - allow data collection on websites of kaspersky lab and its partners
Check - allow data collection on incompatible websites
Web Antivirus:
action on threat detection - block
advanced settings - see spoiler
gALIT5U.jpg
XHdUzHv.jpg
System Changes Control:
Check - use installation assistant
Check - block advertisements
Check - control changes
Uncheck - block changes automatically
Block & allowed application - CCleaner (always allow)

PERFORMANCE:

Uncheck - disable scheduled task while running on battery power
Check - use gaming profile
Uncheck - release resources to operating system when the computer starts
Check - release resources to other applications
Uncheck - perform idle scan
Uncheck - search for software that is intented to conceal traces of a malicious program in the system (rootkits)

SCAN:

Action on threat detection - prompt when scan is complete
Scan external device on connection - do not scan
Scan schedule - Vulnerability scan - scan every weekend
Advanced Settings:
Full Scan:
edit scan scope for full scan - check all the boxes
additional settings - see spoiler
0eLtELS.jpg
Quick Scan:
edit scan scope for quick scan - added 'c:\users' & 'c:\programdata'
additional settings - see spoiler
d08jlZa.jpg
Selective Scan:
additional settings - see spoiler
sWBP3PB.jpg

ADDITIONAL:

Secure Data Input:
Uncheck - open on-screen keyboard by typing
Uncheck - show quick launch icons in data entry fields
Check - secure keyboard inputs
Edit categories - check all the boxes
Threats And Exclusions:
Check - detect other softwares that can be used by criminals to damage your computer and personal data
Network:
Select - monitor all ports
Notifications:
Check - notify about events
Uncheck - All (except 'notify about events')
Appearance:
Smooth transitions between windows - Select - do not use

Note: Only changed settings are mentioned above


Vulnerable Apps & Programs on my System (beside Windows 7):

  1. Java JRE 8 32-bit (Used for Desktop Apps Only)
  2. Adobe Flash Player ActiveX (Used For IE 64-bit Only)
  3. Browsers (Firefox 32-bit, Chrome 64-bit & IE)
  4. Microsoft Office***
  5. Thunderbird
  6. Foxit Reader***
  7. Adobe Photoshop 64-bit***
  8. Windows Media Player***
  9. uTorrent (3.3.2 Build 30586)
  10. VLC Media Player***
  11. K-Lite Mega Codec Pack With MPC-HC 64-bit***
  12. Microsoft .NET Framework 4.6.2

*** - Internet connections (Incoming & Outgoing) are disabled in Firewall

Vulnerable Processes on my system (Windows 7):

  1. cmd.exe**
  2. regsvr32.exe**
  3. rundll32.exe**
  4. shell32.exe**
  5. mshta.exe**
  6. wscript.exe***
  7. cscript.exe***
  8. powershell.exe***
  9. powershell_ise.exe***

All processes both paths (system32 & syswow64) included.

** - Monitored
*** - Blocked



ADDITIONAL INFO'S:
  1. I have 3 user accounts active - 1 admin (personal use only), 1 standard (friends & family use) & 1 guest (other stuff). The standard & guest accounts enjoy the strict settings of kaspersky total security parental control.
  2. For financial/banking transaction, i use kaspersky safe money. For safe money, i use firefox only with addons kaspersky protection and https everywhere & all the plugins disabled.
  3. I use shadow defender (on admin account only) as a sandbox for testing new setting or unknown apps. But all the malware testing is done in vmware.
  4. All the internet connections are disabled in firewall for apps/programs that doesn't depend on Internet.
  5. All the important files/documents are additionally backed up in a winrar archive file without the .rar file extension.
  6. All the important passwords are kept in a password-protected doc file within a password-protected archive within a password-protected thumb drive. For emergencies, i keep some of them on a piece of paper hidden in my room. For the rest of the passwords, i use sticky password.

Suggestions & feedback are always welcome.
If you have question about my custom configurations, i'll be happy to answer as much as possible.
 
Last edited:

DracusNarcrym

Level 20
Verified
Top Poster
Well-known
Oct 16, 2015
970
Very solid config; excellent real-time security software complemented by reliable on-demand scanners.

Here's a couple of (optional) suggestions:
If you test malware samples, I recommend you do it in a virtual machine. Here's a great free (and open-source) virtual machine application: VirtualBox
You may check out uBlock Origin for Firefox-based browsers and uBlock Origin for Chromium-based browsers as lighter and and more efficient alternatives to AdBlock Plus. (I used to be an AdBlock Plus user, and I can verify that uBlock Origin is indeed an improvement over AdBlock Plus)

Other than that, you are good to go. Thanks for sharing your config with us! :p
 

shukla44

Level 13
Thread author
Verified
Top Poster
Well-known
Jan 14, 2016
601
As for custom configuration on Kaspersky. What is your recommend on " Load rules for applications from KSN." In Application Control? Do you uncheck or check?

I left that checked (by default), but i have unchecked the 'trust digitally signed applications' and i have selected low restricted in both 'change trust group for unknown applications' & 'change trust group for application started before kaspersky'.

Yes, sometimes KSN messes up my trusted group by automatically loading rules but i get notified as i use the interactive mode.

Very solid config; excellent real-time security software complemented by reliable on-demand scanners.

Here's a couple of (optional) suggestions:
If you test malware samples, I recommend you do it in a virtual machine. Here's a great free (and open-source) virtual machine application: VirtualBox
You may check out uBlock Origin for Firefox-based browsers and uBlock Origin for Chromium-based browsers as lighter and and more efficient alternatives to AdBlock Plus. (I used to be an AdBlock Plus user, and I can verify that uBlock Origin is indeed an improvement over AdBlock Plus)

Other than that, you are good to go. Thanks for sharing your config with us! :p

Thanks for your suggestions.
I forgot to mention, i do use virtualization software but i use VMware Workstation 12, been using it for years. I have XP SP3 32-bit & 7 SP1 64-bit in there always.

Already edited that in the config.

And for uBlock instead of ABP, well i have many custom filters in ABP already & it is working great for me. I have no problems with ABP using more memory as i have 8 GB of them.

I will consider it, if ABP starts giving me problems but so far so good.
 

SloppyMcFloppy

Level 13
Verified
Sep 12, 2015
617
I left that checked (by default), but i have unchecked the 'trust digitally signed applications' and i have selected low restricted in both 'change trust group for unknown applications' & 'change trust group for application started before kaspersky'.

Yes, sometimes KSN messes up my trusted group by automatically loading rules but i get notified as i use the interactive mode.

Thanks man, and what do you think about recommend settings default for files and web antivirus? I'm currently uing that for a moment, but do you think that good enouugh?
 

shukla44

Level 13
Thread author
Verified
Top Poster
Well-known
Jan 14, 2016
601
Thanks man, and what do you think about recommend settings default for files and web antivirus? I'm currently uing that for a moment, but do you think that good enouugh?

Well, default settings of kaspersky are for performance & security both. So if you want a little bit more security, you have to change a few settings without affecting performance too much.

For file & web anti-virus settings, i can tell you what i use and find good enough for my system.

Web antivirus - left it as it is (default). I have unchecked 'automatically activate kaspersky protection extension in all browsers' but it is not security related.

File antivirus - file types 'File scanned by format' to 'All Files'.

That's it.
 

shukla44

Level 13
Thread author
Verified
Top Poster
Well-known
Jan 14, 2016
601
Hi @shukla44, I liked your configuration!:):) As your primary browser is Firefox, I wondered whether you are using their 64 bit version. It has performed quite well for us, and (I've read) is compatible with all 32 bit extensions.
Thanks for sharing!:)

I tried in VMware, liked it, still not all plugins are supported so, still not upgraded to it. Will think about it from next FF releases...
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top