Kaspersky Internet Security 2014 config

hello,

with KIS 2014 are there any settings that need to be changed to get maximized security ? besides putting the level of security in each part on high, any recommanded changes ? ..

 

Except for putting it on "low", which is still too much in most regards due to the lacking of advanced configuration options.

Putting it on "high" will more likely just increase the suites wear on your system's performance by doing a lot of additional scanning, which wouldn't have been necessary in the first place or would have been done anyway, just at a later point, when it counts. I find the designations "low", "recommended" and "high" very misleading to say the least.

Do yourself a favor and activate Trusted Applications Mode, if you haven't done so already. That alone is more powerful than File-Anti-Virus, Web-Anti-Virus, etc. on "high" combined. Then set all levers on "low". This will yield much better and on top of that more efficient protection.

With Trusted Applications Mode active, even 90% of "low" is too much. Actually without it I would probably make use of the "low" setting regardless. The other good stuff, like System Watcher and Automatic Exploit Prevention, won't be affected by those levers anyway.

Aside from that, I would go to Settings \ Additional \ Threats and Exclusions and check "Detect other software..."

 

I'm cannot remember if KIS 2014 has a default setting of trust digitally signed apps or not but in 2013 that was a setting I unchecked.

 

Last time I saw it, it was checked by default.

 

As said before activate "Trusted Applications Mode" + turn ON detection for unwanted application (riskware).
No need to change the default settings related to digitally signed apps with "Trusted Applications Mode".

 

These are the settings I changed in KIS 2014:

To start Kaspersky as early as possible uncheck concede `resources to operating system when the computer starts'.

For me Kaspersky didn't detect eicar file downloaded using secure connection. I had to set File antivirus to high to make it detect.

Enable detection of riskware.

Enable monitoring of all network ports.

Some ICMP inbound requests were allowed in firewall settings. You could block them.

Set web antivirus to high

Under application control block all unknown applications.

 

All settings on "high" will still protect you less than all settings on "low" with Trusted Applications Mode active.

That doesn't mean anything. First of all, downloading files is completely harmless. Second, it wasn't allowed to do anything. Just because some unimportant scanning tasks or the GUI process and its notifications are delayed to concede resources to the operating system, it doesn't have to mean that real malware would have been allowed to do anything. This EICAR business does not help you in verifying if you are actually protected. For that actual malware has to attempt to make actual changes to your computer and I am sure exactly this would have been stopped by KIS regardless of these performance concession settings.

I can't help but to wonder if all this unnecessary scanning of anything and everything all the time is just pacify those, who post on message boards that their protection isn't working, because someone was able to download the EICAR file.

 

True but I attempted to enable that mode on 2 different machines and there were so many files detected by the scan as incompatible on each of them that it just wasn't practical.

 

@FleischmannTV After I downloaded eicar com file I could double click it using my mouse without any reaction from Kaspersky at default settings. The file was detected only at high settings. But I think you are right too. Since my system is 64 bit eicar could not execute and hence there was no response from KIS. However I like a security suite to react quickly on seeing a threat for which it has a signature in its database rather than waiting for it to execute. To conserve resources one can turn off idle scans in settings. May be KIS is slow to display alerts if advanced disinfection is enabled. But I am not sure. I have to check it.

 

my conf. KIS2014.
-file anti-virus settings - high
action on threat detection - delete
- application control
automatically move unknown application to - Untrusted
That's it.

 

Kav detected Eicar as soon as I clicked on the download button with default settings.

 

Thanks I tried again. KIS didn't react at default settings.

Did you try downloading eicar from this https link: -https://secure.eicar.org/eicar.com-

May be this issue is specific to my system. I have windows 8.1 64bit OS

I had the same issue when using emsisoft. I had to change real time settings to scan all files. When I was using built in windows defender it alerted for threats when using IE but not while using firefox. When I chose custom scan to check the download folder windows defender froze

Anyway there is no performance degradation at high settings. So I just disabled idle scans in settings

 

I am running Win 7 ultimate 64. I tried it from several sites and it detected it every time with default settings.

 

Kaspersky has no problem in blocking the download from normal sites since the file will be blocked by its web av component. I have set KIS not to scan secure connections due to issues with security certificates. So when I download eicar from a secure https website I expect Kaspersky file protection to quarantine the file. But it does it only at high settings in my system. Probably the issue is system specific.

 

KIS 2014 with default settings is blocking the eicar virus fine for me as well.

Running Windows 8.1