KAV/KIS 2015 Beta started! - Final Has Been Released!

Discussion in 'other anti-virus software' started by thanhtai2009, Mar 4, 2014.

  1. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Extensions are pointless. In the Trend thread you were told this. ;-) They are either a pretty lousy password manager, or an informational one that is being phased out.
     
  2. Pirate_fin

    Pirate_fin Guest

    Any recommended settings for Kaspersky Anti-Virus or is it good enough on default settings?
     
  3. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,718
    I notice (from Softpedia screenshots) that Application Control is not present in the AV, only in the IS.
    That's their HIPS isn't it?
     
  4. Cabville

    Cabville Registered Member

    Joined:
    Feb 19, 2014
    Posts:
    66
    I think so. But most aftermarket firewalls include hips, so that seems like the right move to me. People doing just the AV are likely to combine it with one of those products.
     
  5. Cabville

    Cabville Registered Member

    Joined:
    Feb 19, 2014
    Posts:
    66
    That's up to you. It's good enough as is, but you can make it tough, if. Your willing to configure and take a bit of a performance hit.
     
  6. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Assuming KAV is the same as the anti malware component in KIS:

    With the exception of the first year of The New Norton, I had used Kaspersky from the first it was sold here through some small fairly unknown online re-seller I think its name began with a C and it had a red and black logo and website and screen saver and did not have Kaspersky in its name. At that time it was almost totally unknown among consumers, but I had read a lot about it-must have been around 16 or so years ago. For part of that time, I was using Zone Alarm when it was using a a version of the Kasperky engine BUT: I had to stop using KIS mid last year cuz for some unknown reason it started to prevent me from accessing the server of an online game I was playing at the time. I tried EVERYTHING with no success. Non-Trusted/Trusted/Exceptions, etc.

    If I recall correctly the only changes I made were: 1) Increase the level of its On-Demand Scanner - All files at max settings; 2) Enable for key loggers-not sure if that's the default setting but probably not since I recall a pop-up saying requires a reboot; 3) There is a setting for the types of threats it detects-there is in the default settings one unchecked box that says "Other" check that box!! (Umm-not sure that empty box was in KIS 2015) I once read a review of KIS where the reviewer attributed KIS's failure to detect a certain kind of threat to his not having checked that box after his speaking with Kaspersky Labs: 4) Do not give KAV low priority on start up: and 5) Reduce priority of KAV for on demand scans. 4) Will slow your boot time , but IMHO is worth it, failing to do 5) will likely make your PC largely not useable for other tasks while doing an On-Demand scan.

    I do not recall if protection is enabled on start-up by default. And NB: even if you don't see a full red K Icon on start-up, that does not mean that protection is not fully enabled at that time. It relates more to the GUI than the protection being enabled.The only seriously frustrating factor of KIS 2015 I found was that it took forever the first time you open the GUI. Other than that, for me it was an excellent program

    But overall you'd be in better shape respecting protection than most, even if you didn't alter any default setting.

    If you create a restore point disable self-protect. K's self-protect module is tough as all hell and can prevent the creation of a reliable restore point. In fact, I always had issues with System Restore when KIS was on my system. Probably was just my config, but when I used KIS, System Restore would not keep my restore points, and if by chance there was a restore point preserved -System Restore was Rarely Successfully Completed.

    If you buy KAV one of the first things I would do is go to the KAV/KIS Forum http://forum.kaspersky.com/index.php?showforum=4 and ask how to best create a restore point with KAV installed and the best way to assure a Successful SR.
     
    Last edited: Feb 15, 2015
  7. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
  8. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,624
    Location:
    USA
    The Self Defense will prevent you from being able to restore but I have never had it interfere with the creation of restore points. Not that it isn't possible but I doubt it likely. Just disable it before attempting to restore and it should be fine. Norton and various other products have the same issue.

    My testing of build 15.0.2.361 is going well. I may go back to it. Norton is having startup issues for some reason.
     
  9. 142395

    142395 Guest

    Tho I don't know if the setting exists also in KAV, I always check "monitor all traffic" in KIS. KIS only monitor certain ports by default, but sophisticated attack leverage this tendency in some AV products. It's not hard to find websites trying to connect via TCP81, but when it comes to FTP it's more serious. Also set schduled scan with customised setting and high heuristic, enable other software detection, make sure firewall is set to public network, disalble promotion related stuffs, add many entries to application control, add websites to keyboard input protection, disable displaying websites category.

    Yes, you're right so I'm not sure why hawki had problem on making SR. But anyway I don't rely on SR, dedicated backup solution or rollback software is much better.
     
    Last edited by a moderator: Feb 18, 2015
  10. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,624
    Location:
    USA
    Much agreed. A backup solution is the only way to go. As for any service that runs on a port, I find that as long as it isn't a web server, picking a non default port makes things a lot harder to identify. Don't put that FTP server on port 21 if it can be avoided. Don't put your SQL Server on 1433, your Terminal Server on 3389, etc.
     
  11. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Hi xxJackxx :)

    I was under the misunderstanding that after you disabled "self protect" in KIS, that it automatically returned to the default "on" when restarted. I assume that was the cause of my misunderstanding about System Restore and KIS. But for whathatever the reason, as a noted it was likely caused by KIS not mixing well with my config or another program on my PC, I always had issues with System Restore when KIS was on my PC.

    NB: KIS Forum Global Moderator recommends disabling "self protect" when creating a restore point:

    http://forum.kaspersky.com/index.php?showtopic=301008&hl=system restore

    But looks like I was wrong about KIS auto re-enabling Self Protect on restart, though disabling "self protect while reverting to a restore point is recommended.

    "If you (or anyone else stumbling upon this thread) absolutely positively must revert to an earlier Windows System Restore point, then at the minimum please disconnect from the internet, then disable Kaspersky self defense, then re-enable self defense when done reverting to the earlier point. Update/re-activate, too."

    By top Global Moderator on KIS Forum

    http://forum.kaspersky.com/index.php?showtopic=270581&hl=system restore

    And thanks xxJackxx for your frequent posts on Wilders that you have made in helping members resolve various issues, which I always have found to be informative and helpful. I have always considered you to be highly experienced and an "expert"/highly knowdegable in all Kasperky issues as well as on other issues.
     
    Last edited: Feb 17, 2015
  12. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,624
    Location:
    USA
    Yes, the Self Defense should stay disabled after a System Restore unless something is wrong with your PC or your Kaspersky installation. That said, KIS will prompt you with a red popup that it is disabled and if you click on that it will re-enable itself. Maybe it is easy to do that and not realize that is has happened?

    I appreciate if you have found any of my posts helpful. I have taken a lot of knowledge from forums such as this over the years. I make every effort to give something back when I can. I'm not always right, but I do try. :argh:
     
  13. 142395

    142395 Guest

    Yup, that is good security measure, tho sometimes makes problem. But regardless of what ports are used, AV should monitor all ports. I don't understand why Kaspersky don't make it default, but maybe they care performance? When I used KIS 2013, I noticed significant slow down on internet. I confirmed it is solved on KIS 2014 & 2015 tho. As to KIS' performance, what I experienced so far are:
    -it is light usually, but once it started update or scan, it suddenly go heavy. (not always the case for other AV/IS)
    -it won't affect usual file related operation much, but affect internet connection to some extent.
    -overall, it is light.
     
  14. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,624
    Location:
    USA
    It really only makes problems for web servers, which is why you really can't do it there. We don't host public anything else, so only the people we want accessing anything need to know what ports to use. I have been doing this for a decade with no real problems to speak of. If you don't know what I am running on some odd port, even if you find it, then you likely will move on to an easier target. And even if you don't, there still is nothing worth finding if you do waste the effort.

    As for AV monitoring particular ports, if you don't know what I am running, the odds of you infecting that unknown service are pretty low. And even then, you would likely have to drop a file on my system, which the file AV would hopefully take care of. Most residential systems will have most ports blocked by their ISP (ones of the ways they get away with charging significantly more for business class service) and if you are the IT for a business, you should have no problem configuring it as you want. I don't personally feel it is much of an issue. KIS is a consumer class product and not a business class one, so it is likely configured for the average home user, that probably don't know what an FTP or Remote Desktop session is, let alone have open ports for it. Performance would definitely decrease if it were trying to monitor every port there is. A lot of wasted effort for nothing. Just because a port exists does not mean it can be exploited.
     
  15. 142395

    142395 Guest

    Yup, you're right. Although through port scanning and persistent monitoring attacker can get some hints of what service you're running on what port, if I'm attacker I will most likely to move another target as there're usually many easy-to-break target out there.
    But for consumer AV part, as I said earlier there're already nasty website which tries to connect via TCP81 to avoid http scanning, and website which uses non-standard port for FTP for probably same reason. This is why I don't understand Kaspersky do this, already most other AV monitor all ports. I know you have used Norton which is one of them, but did you notice significant network slow down?
     
  16. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,624
    Location:
    USA
    I'm not sure how a website is going to connect to port 81. I have no services running on port 81. If you are saying they attempt to redirect me to port 81, I would think that would raise some red flags that something would catch it. And yes, Norton is slower than Kaspersky on network connections, at least for me and my setup. It is faster at other things though, so it is pretty much a wash, where speed it concerned.
     
  17. 142395

    142395 Guest

    It's not redirect, just the site connect via 81. Note it's outbound connection, so actually your browser connect to 81 port of that site. AFAIK, no AV warn or block it just because a website connect via 81, and to be fair not all those sites actually convey malware. In my case I manually control firewall so it have to be blocked but if one didn't, probably he won't notice unless he see the URL bar which shows sth like www.example.com:81.

    Okay, I respect your experience and to be honest that my terrible experience on KIS2013 was after setting up monitoring all ports (but no problem on 2014 & 2015). But I think most legitimate apps anyway conncet via those common ports which are protected by default, so I don't think that change causes serious slow down for most home user.

    Well, there's another discussion if web scanning is really needed or not, tho I don't repeat this here, but personally believe KIS also should monitor all ports to eliminate those risk for average user. But as Kapersky always keep excellent score on most tests, maybe such threats are rare (yup, I come across not so often) and even then still other layer are most often good enough.
     
  18. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    How do you guys not get managed machines infected with KAV? (as in not mine, but ones I maintain for family) I was left with the impression Kaspersky spends a lot of time passing tests, but less time with real stuff that people run into...

    I put KAV on 12 machines here, and within a couple weeks ALL OF THEM had something on them. (usually PUP) That was with PUA/PUP detection enabled! This was unacceptable. The only worse performance with PUA I have seen was with Webroot that left a few dozen junkware's on my father in-law's system. Unless I am missing something but it really didn't work well for us. Also, the bugs... I noticed it would stop updating for 'days' at a time, and posted about it, and others indicated they noticed it not updating.

    I still own a 10PC license for KAV2015, but can't risk the infections and bugs - unless there is a way to make it work?
     
  19. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    No issue with KAV and PUP or difficult users that get always infected. Just change the default settings not to prompt to users (both in the web scanner and on-access scanner). This was for me the problematic issue with KAV, KAV pop-up messages leaving the user to decide... after this change no more problems ;)
     
  20. 142395

    142395 Guest

    Agreed. Tho I'm not in IT charge like you guys, when I install KIS (not KAV) for someone who are not familiar with security I disable those prompt e.g. set external drive scan to quick scan. I haven't heard infection so far.
     
  21. harlan4096

    harlan4096 Registered Member

    Joined:
    May 6, 2008
    Posts:
    234
    Location:
    Almería (Spain)
    Certainly Kaspersky has never been good at detecting PUPs (even with "Other" setting enabled)... They used not to add them because of EULA, treating them as legal and leaving the responsibility to users in most cases.. in Kaspersky Official Forums dailiy many users with PUP's/Adware infections are asking for help.

    But I think things are changing... in recent months, almost every week I've been sending PUPs/adware samples to KL Labs and They are adding many of them, still a long way to walk, but...
     
  22. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    It's good to hear I wasn't imagining things.. I removed 4 PUA's on a machine after just a week or so with KAV on it. The same machine was running 'months' with Norton 2015 never having an issue. I made sure PUP/PUA was set to detect as well. To me this is a measure of a good product. The reason is these PUA's often do not have uninstallers, and often cause slowdowns/instability on systems. They take time/resources/money to remove and clean up. If a product can't keep them away from a system I don't really have much use for it. I wish I had known this prior to buying a 10 user license....

    Also, I suspect the machines became infected due to 'user prompt'. I never like to allow the decision in the hands of the user. I always want this off.. (such as in Norton and Trend)
     
  23. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,624
    Location:
    USA
    I say this not in defense of KIS but in general, PUP/PUA programs are almost always installed by the user. They are not an infection. They are junk though. Any AV program that blocks them is giving you an extra service of protecting you from you and some don't want the legal liability. I do not have any users that get them, I have trained them well. Run a different product, run MBAM, or run Unchecky. Nobody likes PUPs and PUAs but you can't be mad that an AV let you install them. Well you can, but it isn't really justified. It's not their job.
     
  24. sm1

    sm1 Registered Member

    Joined:
    Jan 1, 2011
    Posts:
    570
    I use KIS mainly for its safe money feature. It saved me from a possible virus. When using safe money it successfully blocked that virus from stealing my online credentials. It could not identify the virus and other scanners didn't report any infection but I noticed from KIS reports that something was trying to infiltrate my online banking through explorer.exe and synaptics touchpad files. Also before I was using KIS whenever I logged in to my banking website the last login time was always shown as a minute before my current login which I suspect that the malware was logging in to my account almost simultaneously! Also whenever I logged in to my Yahoo mail Yahoo reported my password as wrong. But without retyping it I would just press enter it would log in. These weird issues stopped happening to me after installing KIS as it enables secure keyboard input for typing in password fields. Now I have formatted my laptop and reinstalled everything from scratch to doubly make sure that it is malware free. As for PUPs Kaspersky failed to detect an adware installer for me. Might be KIS would have picked it up had I tried to run it.
     
  25. chachazz

    chachazz Updates Team

    Joined:
    Apr 23, 2004
    Posts:
    841
    Does anyone know what feature(s) are affected by this note on the website - system requirements of KIS/KIS mult-device:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.