How to optimize Kaspersky Internet Security 2016 setting against ransomware.

Please follow the below step-by-step instructions to configure each computers in your organization: By default, the components for System Changes Control, Anti-Spam and Anti-Banner are all turn off.



You need to manually turn it on.



1. Go to Settings > Protection > File Anti-Virus. In the File Anti-Virus Settings section, please choose "Disinfect, if not possible – delete" as the action on threat detection.



2. Go to Settings > Protection > Mail Anti-Virus. In the Mail Anti-Virus Settings section, please choose "Disinfect, if not possible – delete" as the action on threat detection.



3. Go to Settings > Protection > Web Anti-Virus. In the Web Anti-Virus Settings section, please choose "Block" as the action on threat detection.




4. 
Go to Settings > Protection > System Watcher. In the System Watcher Settings section, please choose:

• "Block" as the action on threat detection;
• "Terminate the malware" as the action on detection of malware activity;
• "Roll back" as the action to perform if malware activity can be rolled back.



5. Go to Settings > Scan. In the Scan Settings section, please choose:

• "Disinfect, if not possible - delete" as the action on threat detection;
• "Quick Scan" to scan any removable drives (USB drive) on connection with computer.




6. Go to Settings > Additional > Threats and Exclusions. In the Threats and Exclusions Settings section, please enable the check box for this option: “Detect other software that can be used by intruders to damage your computer or personal data”. By default, it is not enable.



You might want to try out our Tools such as Browser Configuration, Vulnerability Scan, Privacy Cleaner and Microsoft Windows Troubleshooting:

Browser Configuration

The Browser Configuration Wizard analyzes Microsoft Internet Explorer settings from the perspective of security, since some settings selected by the user or set by default may cause security problems. 

The Wizard checks whether the latest software updates for the browser have been installed, and whether its settings contain any potential vulnerabilities which can be used by intruders to inflict damage on your computer. 

Microsoft Internet Explorer cache contains confidential data, from which can be also obtained a history of websites visited by the user. Some malware objects also scan the cache while scanning the disk, and intruders can obtain the user is email addresses. You are advised to clear the cache every time you close your browser.


Trusted Applications Mode

The Trusted Applications Mode (TAM) inKaspersky Internet Security 2016 blocks all applications that are not considered Trusted (for example, the applications on which there is no information in Kaspersky Security Network database or those received from an unreliable source).

Before you enable the Trusted Applications mode, make sure Application Control, File Anti-Virus, and System Watcher are enabled in the product.
 

Reference : http://support.kaspersky.com/12100


 

Microsoft Windows Troubleshooting


Using the Microsoft Windows Troubleshooting tool, you can detect and eliminate the traces of actions by malware objects in the system after your computer disinfection or if you suspect your computer is infected.

You can run the Microsoft Windows Troubleshooting tool after the computer has been disinfected to make sure that all threats and damage due to the infections have been fixed. 

You can also use the Microsoft Windows Troubleshooting tool if you suspect that your computer is infected. The Microsoft Windows Troubleshooting tool checks whether there are any changes to the system. Such damage can be caused by actions of malicious programs, system failures or even incorrect operation of system optimization applications.



Vulnerability Scan


Vulnerability scan is a special tool which helps to search and eliminate security vulnerabilities of applications installed on your computer and operating system settings.





There is all the settings that you need to be done for each computers that having Kaspersky Internet Security 2015 installed.

Kaspersky Internet Security 2016 


We recommended that you review user’s installed program in their computer, look for any suspicious programs and unused programs; please remove them if you can find any. Same goes to the web browser, especially those plugin (Mozilla Firefox), add-ons (Internet Explorer), extensions (Google Chrome). Make sure that all unused and suspicious program has been remove from the web browsers.

Please do database update and full scan once a week or 3 times a week.

Recommendation steps to prevent malware infection: 
• Do not open attachment in unknown sender’s emails. Verify before opening the attachment.
• Keep operating system, antivirus and third party software timely updated.
• Turn on system watcher (applicable to workstation only).
• Create backup copies on your files and keep them in a remote storage.
• Configure limited access to shared network folder.
• Turn on system protection for all drives in system settings.

If you suspect there is a virus in your computer, please send the virus sample to us for analysis, follow the below guideline:

1. Put the suspected virus in a password-protected zip or rar archive file.
2. Compose an email message (only short description) and attach the zip or rar archive file.
3. Include the password in the content of the email.
4. Send the .zip or .rar archive file to  newvirus@kaspersky.com