Kaspersky 7.0: No Need for Zero Day Apps?

Discussion in 'other anti-virus software' started by mrm1233, Dec 28, 2007.

Thread Status:
Not open for further replies.
  1. mrm1233

    mrm1233 Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    3
    Hello.

    I'm thinking of purchasing Kaspersky 7.0. Kaspersky states,

    1. "Intelligent Proactive Heuristics--Zero-day exploits can attack and destroy in seconds. Kaspersky Anti-Virus runs all files that don't match our signature database in a safe, isolated section to check for malicious behavior. This failsafe method checks the code without endangering your computer; and
    2. "Real-Time Behavior Analysis--Kaspersky prevents infections by monitoring your computer for any malicious behavior. If detected, Kaspersky immediately alerts you and rolls back any malicious changes, including restoring files encrypted by ransomware

    My question is, would this obviate the need for applications such as ThreatFire, Dynamic Security Agent, System Safety Monitor, etcetera? If not, can anyone say if such applications would be a useful addition to Kaspersky 7.0?

    Thank you again.
     
  2. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,531
    Location:
    Sneffels volcano
    Kaspersky is all you need, IMHO.
     
  3. Hangetsu

    Hangetsu Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    259
    Personally, I think KIS covers things. However, for the paranoid among us, there's always a risk with using a single provider.

    Having said that, if I didn't have the issues with objectIDs I'd be using KIS myself and KIS alone; My wife does that presently (although I threw on AntiBot since I had the license).
     
  4. larryb52

    larryb52 Registered Member

    Joined:
    Feb 16, 2006
    Posts:
    1,126
    I have it installed presently & run just it only , I'm happy with it & feel secure, I do a spyware scan but that's it...
     
  5. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    Its kind of tough to answer your question about whether other stuff is needed. Kaspersky is top draw in detection although some users run into a problem with chkdisk and the extended file attributes.
     
  6. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    I don't know about 'failsafe', according to AVComparatives KAV's Heuristics finds about 40% of new stuff - so what about the other 60%?
    KAV's PDM does overlap with the behaviour blocking of Threatfire, but it lacks the true execution control of SSM. Since execution control can prevent malware files from ever running, I would say it is well worth having in addition to KAV. There are several progs that provide this.
     
  7. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    I agree with TopperID on this point and run KIS 7.0 with ProSecurity 1.40 to cover that angle. It is an equivalent to SSM and as TopperID says there are a number of such applications, each with its own following, and each broadly as good as the others.:D

    BTW, a periodic on-demand scan with an anit malware application also helps makre as sure as possible that you are safe. I personally use Spyware Terminator (which is free) but there are also a lot of other equally good (or some would say better) such applications that one could chose from.;)
     
  8. starfish_001

    starfish_001 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    1,041
    Look at keylogger protection as well .... not very complete compared to PS ... etc
     
  9. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    For the majority of (non-paranoid) users, Kaspersky with ProactiveDefense enabled (with everything checked) is sufficient protection because its armored with its signatures, ProactiveDefense (and heuristics).

    In my experience, verryyyy few malware get through all of them. Also, with a kaspersky's integrated firewall, if on the odd chance something does get through, you'll most likely notice it eg, downloaders, keyloggers, spyware etc because of Kaspersky's strength as shown in leaktests.

    There's also a large overlap with what Kaspersky's ProactiveDefense and other HIPS do and personally, I dont use any protection other than Kaspersky (KIS) because its sufficient for me.
     
  10. mrm3601

    mrm3601 Registered Member

    Joined:
    Oct 23, 2007
    Posts:
    66
    Thank you for all of your responses.


    (mrm1233)
     
  11. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Um, Err, you can still be much more secure than using KIS with heaps less resource usage and much faster browsing as there's no need to scan all web pages visited.

    See my siggy which has a coupla entries, unlike a coupla billion siggys like an AV needs these days!

    And you won't have to worry about getting explorer quarantined like Kav happened to do through a false positive.
     
  12. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    I for one do not worry about "...getting explorer quarantined like Kav happened to do through a false positive" as KIS seems to have extraodinarily few FPs and eben when they do have the occassional one the Lab sorts it out in usually no more than a couple of hours...which is neither here nor there. But the point that Franklin makes is IMHO a good one and what he is promoting is a valid alternative. In the end it is a case of 'you pay your money and make your choice' but I for one will be sticking with KIS as my principal line of defense.:D
     
  13. xpsunny

    xpsunny Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    163
    Kaspersky is not excellent at detecting unknown malware, see it for yourseft at AV-Comparatives. I recommend you to install another security app which can coexist with Kaspersky.....:)
     
  14. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    AV-Comparatives only checks detection... Kaspersky's also got a behavior-blocker (Proactive Defense) which AV-Comparatives's test results do not take into account because it comes into play only when the malware is executed.

    Most the undetected malware with still get caught via Kaspersky's ProactiveDefense (an additional layer of security, similar to HIPS... BehaviourBlocker).

    Have a read at AV-Comparatives "Kaspersky Anti-Virus 6.0 test" press release (June 2006)
     
  15. mrm3601

    mrm3601 Registered Member

    Joined:
    Oct 23, 2007
    Posts:
    66

    Is there a possibility of conflict between Kasperky's PDM and singular HIPS applications?

    Thank you.
     
  16. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    Generally not, but you need to try them on your system and see.

    Some of the progs mentioned, such as ProSecurity and SSM tend to be complex and have a, probably, unnecessary layer of additional coverage if you are running the KAV PDM. But pure HIPS such as these do not have the behaviour blocking feature that might (I say might) conflict with KAV's Application Activity Analyzer.

    If all you want is simple execution protection, and are not on Vista, Process Guard free is still valid and easy to operate (if you can still get a copy that is). Otherwise, if you preferred running an AS program instead, CounterSpy offers good basic execution protection - though it is not enabled by default in case pop-ups scare the user! (Although a white list plus remembering user response reduce this to a minimum). Actually, adding a few potentially dangerous progs to KAV's Application Integrity Control, and setting them to 'Prompt' when they execute, together with CounterSpy's blocking of all unknown files, would give complete execution control comparable to HIPS progs. The two apps would complement each other.
    You only need to look at the malware section of the KAV forum to see that things do get through and KAV users do get infected (OK maybe it is their own fault to some extent).
    It's too late by the time you receive leaktest type pop-ups, you are already infected. If you had execution control you could stop many of these infections before they even start.
     
  17. plantextract

    plantextract Registered Member

    Joined:
    Feb 13, 2007
    Posts:
    392
    well if you look at that section you can also see that most are users who gave up their previous av when they became infected and moved to kav which didn't manage to remove everything.
    The proactive defense is a means for prevention, not for removal.
     
  18. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    that might be true, but kaspersky is one of the better removal AV's available.
     
  19. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    The big advantage of KIS is its custom installation option.
    Currently I have only Virus Scan and File Anti-Virus installed and Online Armor as HIPS + Firewall.

    If you install everything from KIS but without Proactive Defense, there is nearly no limitation in using seperate HIPS apps.
    I have been running (one after another ;) ) ThreatFire, ProSecurity, WinPatrol, EQSecure, a-squared Anti-Malware without any conflicts with KIS.

    My favourite setting is KIS (without Proactive Defense) and EQSecure.
    KIS offers prodection and EQSecure offers control.

    Cheers
     
  20. ankupan

    ankupan Registered Member

    Joined:
    Oct 4, 2004
    Posts:
    436
    Hi,

    I have installed KIS 7 on my business laptop and it is working excellent.

    I have tried many suite like NIS, BIS, TMIS, but KIS is more safer and good enough with speed and performance too.
     
  21. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    i prefer the simple days, which some people have forgotten.

    new pc, pre-installed antivirus = happy

    used pc, recommended antivirus = happy

    when i read about all these different kinds of security applications, it just baffles me that A. people believe they need all this B. people have the money to waste on all these applications.

    only lately ive added prevx to my antivirus setup, but in all honestly i could delete either one and still live a happy existence, as in all the years ive been a PC-user, ive only had ONE truly bad infection that was missed, the rest have been caught.

    so, if your using kaspersky, be happy and enjoy it, but dont bore me with constant threads of different solutions/addons to already great products. there are already many threads to read about the different solutions, tomorrow will be nod32: any need for sandboxie? or whatever, this is not a argument against the OP, just a generalization.

    end of rant :)
     
  22. Sjoeii

    Sjoeii Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    1,240
    Location:
    52?18'51.59"N + 4?56'32.13"O
    Kaspersky is really all you need.
    I have been running it for a very long time now. Once in a while I do a second opinion scan. Only cookies are found
     
  23. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    Maybe it would be smarter, if you don't read such threads :shifty:
    Because as long as I don't like Proactive Defense, I feel free to use whatever HIPS/IDS I like and post my experience.
    This is what forums are made for.

    For slogans like "Kaspersky is really all you need." we don't need a forum, a banner would be enough.

    Cheers
     
  24. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Actually i can only agree with it. People brag about layered defences too much.
    Especially those having 5 firewalls, 6 antiviruses, bunch of HIPS programs and 10 anti-spyware tools. C'mon!?
     
  25. King Grub

    King Grub Registered Member

    Joined:
    Sep 12, 2006
    Posts:
    814
    Yeah, you might not be able to do anything with your computer without umpteen pop-ups and a syrupy feeling of slowness... but at least you're protected! :D
     
Loading...
Thread Status:
Not open for further replies.