Need Advice Trade-off: Windows Virtualization-based Security VS Kaspersky Functionalities


Level 2
Thread author
Sep 21, 2021
I need recommendations (and further explanation) on which to choose:

1.) Hypervisor-Protected Code Integrity (HVCI)/Memory Integrity VS Kaspersky with "better" System Watcher & Protected Browser/Safe Money additional functionality.

When HVCI (or any VBS) is enabled, Kaspersky protection using hardware virtualization becomes unavailable.
Back then I asked the Kaspersky community. According to Kaspersky Employee, other than Safe Money, virtualization is also used in System Watcher in certain scenarios (I'm not sure which).
Also, he said that "Kaspersky products definitely protect from the injection and execution of malicious or unverified code with the help of File Anti-Virus, System Watcher and Application Control." suggesting that Kaspersky could protect users from threat just like HVCI except it's not by isolated area of system memory but protecting it from malicious code injection.

With all of this information, it seems that both are good with their trade-off, but for me, HVCI is more important especially with isolated secure system memory areas and easy pick.

2.) Credential-Guard VS Various Kaspersky Functionalities

Kaspersky Total Security will have the following limitations on Windows 10 versions 1803, 1809, 1903, 2004:
  1. Clipboard protection.
  2. Browser protection against keyboard and mouse emulation software.
  3. Protection against unauthorized remote access.
  4. Browser protection: management through API, protection against attacks through browser windows, protection against message queue management.
  5. Detection of screen lockers when the UMCI mode is enabled.
First managed to activate both HVCI and Credential Guard but I have to reinstall my android emulator because it needs to run with Hyper-V if Windows VBS is enabled but after that, I had trouble with credential guard (only HVCI enabled) and have to find ways to fix it. After I fixed it look like this:

(At first, IIRC WD App Ctrl user mode policy set to off, and policy is enforced). Immediately after I managed to fix it, I suddenly got this warning message from Kaspersky (after I close it, there's no warning appears anywhere, not even in reports):

I'm using Windows 10 Pro 21H1 but it still generates this warning, most likely article above forget this version exists.
Which "Learn more" hyperlink leads to limitation details above, even worse for older Windows: limitations against file-encrypting malware and screen lockers (only these two), most likely if System Watcher is the last resort. AFAIK, limitations mean there's still functionality but will not be optimal, except it directly said that certain functionality won't work at all.

I think is both are important but the Kaspersky functionality trade-off is a bit too much variety compared to Credential Guard.
Still, no idea what three kinds of three browser protection mean, also what kind of unauthorized remote access is, RCE?
Any suggestions for my case (latest Windows)?


Staff Member
Malware Hunter
Apr 28, 2015

With Kaspersky installed, You can't enable Windows Hypervisor, both can't run at the same time...

Possible reasons why the protection through hardware virtualization does not work:


Level 2
Thread author
Sep 21, 2021
With Kaspersky installed, You can't enable Windows Hypervisor, both can't run at the same time...
Thanks for your answers. I think that means can't run both with complete functionalities.
Now I've disabled all other VBS security features but leaving only HVCI/Memory Integrity enabled and the warning no longer reappears every boot.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.