Kaspersky Internet Security Advice

Hello,

I usually just leave everything set to default except for my exclusions, but I wanted to find out from you folks if you have and setting recommendations for this suite.

Thanks in advance.

 

i set heuristic to deep on all protection.
web & mail protection default action set to block.
and the rest are default setting..

 

I go to Settings -> General Settings and uncheck "Select Action Automatically", but you shouldn't do this unless you can answer the HIPS prompts.

I set Web Anti-Virus Security Level to High and IM AV heuristics to deep scan, and enable Anti-Banner with heuristic analysis. Combined with Adblock+ I've never seen an ad in Firefox in the last two years. Then I also disable Kaspersky's URL Advisor from the Firefox extensions, it's bloatware IMO and simply slows Firefox down without adding any security.

Then I uncheck "Perform idle scan" and "Perform regular rootkit scan" from General Scan Settings, and put heuristics on high for full scan, critical areas scan and custom scan.

I also go to Advanced Settings -> Compatibility and enable "Concede resources to other applications".

The rest I leave on defaults.

 

After KIS 2011 CF1 installation and update --> Reboot --> I run all my applications (first those which I use on daily basis and then rest of apps). Later, I open Settings and do following adjustments.

1. Uncheck "Select Action Automatically" from General Protection Settings.
2. In Application Control --> Application --> Move my trusted programs to ‘Trusted’ group and sometimes reclassification according to my need.
3. In Firewall --> Settings --> I set permission of Trusted group to 'Prompt for action'. Then I manually create rules (mostly web-browsing is enough) for every application I want to connect with Internet. I block rest of the applications except KL folders.
4. I enable Anti-Banner. In Firefox, I also use ABP. I never see ads during my browsing.
5. In General Scan Settings, I uncheck "Perform Idle Scan and Perform regular rootkit scan".
6. I change settings for 'Custom Scan' and check 'Parse email formats and Scan password-protected archives' along with deep heuristics scan.
7. Under Detected Threats and Exclusion Rules, I enable detection of 'Others' too.
8. I set exclusions for my defragment program, Returnil, WinPatrol, MBAM.
9. In Network --> Monitor all network ports.
10. Adjust notifications according to my needs.
11. Adjust Reports and Storage.
12. I use Alternate Skin for better navigations and aesthetic reason.

Then I disable Self-defense --> exit from tray --> delete all files from 'C:\ProgramData\Kaspersky Lab\AVP11\Bases\Cache' and 'C:\ProgramData\Kaspersky Lab\AVP11\Data\Updater'. Run KIS again. It takes few seconds to create its cache again --> Then I run run CCleaner and Registry Mechanics (cleaning and defragmentation of registry) --> Reboot.

Later I run Critical Area Scan. Then I scan manually the following folders:
1. Driver folder (C:\Windows\System32\drivers).
2. Program folders of those softwares which I use on daily basis along with those softwares which auto start on startup.
3. KIS folders (C:\Program Files (x86)\Kaspersky Lab and C:\ProgramData\Kaspersky Lab). This helps KIS to build its iChecked and iScan cache and speed up my working. Moreover, as all programs are adjusted for their rights (OS as well as Internet), I do not have to repeat these things again. I just refresh cache of KIS from time to time and defragment system partition.

Choose your adjustments according to your needs and environment. Be careful while adjusting settings of an antivirus.

 

AV settings

Disable select action automatically
All scans to deep
Scan all files, but only new & changed and only on execution
Uncheck idle scan and regular rootkit scan

PDM/App Control

Uncheck trust apps with digital signatre in PDM and App Control
Select all PDM categories in PDM settings
Change App control to move unkown to LOW RESTRICTED but set all categories to PROMPT for the first week or so to 'learn' what's already on the system then change to move unknown to UNTRUSTED. It then acts as a reasonably good AE for unknown threats

Others

Select OTHER in threats and exclusions
Set update check by schedule every hour, delayed 5 mins after start up
Some sundry changes to Saferun using Pipkin's first 2011 skin

Running with deep scan gives extra protection but is obviously more resource intensive. New and changed and only on execution minimises this. Set unknown to untrusted sometimes means manually changing back to trusted etc but ensures nothing not known by KIS can run when the Mrs. or kids are on-line. Digital signature trust is off to avoid potential spoofing etc (unlikely I know) as I'm unsure the level of checks carried out by KIS.

Light and fast. Safe as houses.

Cheers

 

Thanks for the advice folks. I appreciate it.