KIS- my first trial day

I downloaded the trial version of KIS today, installed it and activated as trial version. I was not able to update it as my dial up is down at the moment. Will do later.

First I will say it has a nice GUI with great treanparent alerts. I did felt a bit slow down on my system with some decrease in launch of some applications however it was quite tolerable( I wish if they improve it in this regard). I was not able to surf with it due to poor service from my ISP during night tiome but I went on few sites and did not notice any drag in surfing speed as reported by some. I even enabled all options( three AV) enabled. However it was funny when I went to Yahoo.com and it gave me phishing alert about this site.I think update will settle this false positive.

I made two snapshots in RollBackRx, Basic settings( default) and Advanced settings( all option enabled esp for ProActive Defence and Avs set on recommended settings).
I tried it against following malware

1- Trojan simulator( not a malware exactly- just a benign simulator).
2- WinFixer 2006
3- SpyAxe( SpyWareAxe)
4- UnSpyPC
5- Marine free screen saver( it install at least 4 adwares/ spywares namely Newdotnet, Webhancer- probably multiple files/ signatures, WhenU SaveNow and RelevantA and may be more but I am not aware- like WhenU Crunch GameBar)

Here are my gross feelings.

KIS BASIC SETTINGS( It activates only two modules of Proactive Defence- total are 4 in no.) with default settings.

Copied and pasted folder containing these malware from a CD- done with no alert by KIS

Manual scan of folder by KIS did not detect any thing in first four files( TS, WD, SpyAxe, UnSpyPC). However detected and removed following adware in screen saver file- Newdotnet, Webhancer multiple files, WhenU SaveNow, RelevantA).

Ran trojan simulator, it successfully installed and uninstalled itself with no pop up from KIS( pls note that I relied on the message given by its installer, and I did not checked the regitry but it is expected as in basic proactive defence mode Registry protection is disabled).

Ran insatller of WinFixer - it successfully installed itself, added itself in windows start up registry, was able to load on windows start up on next boot. It also tried to ran a scan on its own( that I aborted), and tried to connect to internet( that failed as I was offline- that may be the reason that AntiHaker did not gave any pop up for this). During all this no pop up or interference from KIS. Manual scan of WinFixer folder in programme files- bo malware detected.

Ran insatller of SpyAxe - it successfully installed itself, added itself in windows start up registry, was able to load on windows start up on next boot.It also tried to ran a scan on the end of installation with the scan option enabled by default on end of installation, so this scan was not on its own.( I aborted the scan) During all this no pop up or interference from KIS. Manual scan of its folder in programme files- no malware detected.

Ran insatller of UnSpyPc - it successfully installed itself, added itself in windows start up registry, was able to load on windows start up on next boot. It also ran a scan on pressing the scan button and then I aborted the sacn. During all this no pop up or interference from KIS. Manual scan of its folder in programme files- no malware detected.

Ran installer of Marine free screen saver- KIS detected the above mentioned aswares and deleted them and screensaver was failed to install itself all together.


KIS ADVANCED SETTINGS( all 4 proactive modules enabled) and AV settings as recommended

Copied and pasted folder containing these malware from a CD- done with no alert by KIS

Manual scan of folder by KIS did not detect any thing in first four files( TS, WD, SpyAxe, UnSpyPC). However it detected and removed following adware in screen saver file- Newdotnet, Webhancer multiple files, WhenU SaveNow, RelevantA).

Ran trojan simulator installer- KIS allerted registry acess by TS and told that it is adding a key in windows start up and blocking this disabled install of TS but there was no way to know whether this behaviour is from a malware or a legitimate appliance- so it is all user dependant as I understand it.

Ran insatller of WinFixer - KIS allerted registry acess by WF and told that it is adding a key in windows start up and blocking this disabled the entry of this key in widows start up and WF was not able to run on windows start up on next boot up but again there was no way to know whether this behaviour is from a malware or a legitimate appliance. However note that WF was able to install it successfully inspite of this. It also tried to ran a scan on its own( that I aborted) and during all this no pop up or interference from KIS. Manual scan of WinFixer folder in programme files- no malware detected.

Ran insatller of SpyAxe - KIS allerted registry acess by it and told that it is adding a key in windows start up and blocking this disabled the entry of this key in widows start up and WF was not able to run on windows start up on next boot up but again it was user dependant totally. Also here ApyAxe was able to install it successfully inspite of this. It also tried to ran a scan on the end of installation with the scan option enabled by default on end of installation, so this scan was not on its own.( I aborted the scan) During all this no pop up or interference from KIS. Manual scan of its folder in programme files- no malware detected.

Ran insatller of UnSpyPC - KIS allerted registry acess by it and told that it is adding a key in windows start up and blocking this disabled the entry of this key in widows start up and UnSpyPC was not able to run on windows start up on next boot up( also user dependant- but it was expected to me now). Also here UnSpyPC was able to install it partially( as there was an error message from its installer). It also tried to ran a scan on clicking the scan button, I aborted the scan and during all this no pop up or interference from KIS. Manual scan of its folder in programme files- no malware detected

Ran installer of Marine free screen saver- KIS detected andd removed adwares as above with no installation of screensaver.

I did not check how KIS will behave when I go to download sites of these malware- may try later. Anbosy want to try all this, Pls PM me, I can give the links.

That,s all my playing with it. I am too tired now after hours of play after duty. Time to go to bed. Just I will say these are not tests but a bit play around. I did not checked manually how successful was the spaywrae installation, just relied on their loadind and running/ scanning etc. Also it,s out of my scope. IBK claimed more than 99%( not sure about figure) with KIS Proactive Defence so I could not stop myself from all this mess. But I guess any HIPS like AppDefend plus RegDefend, PG, OA can do the same hob. However KIS has made it more user friendly and easier with less pop ups. One does not need a separate HIPS to add with his AV or security suite. Only issue now is a little slow down on system( ? and web surfing as well as experienced by some). If ever I buy a security suite, KIS would be my choice however provided system slow down issue is resolved- I really hate a slow OS. Let,s see when they improve their heuristics as well.
BTW when NOD is going to add a HIPS functionality as a suite?

( I apologize for any mistakes beforehand- I am sure IBK will bring out my mistakes but I can,t do more than this). Let me know ur views. Thanks.

 

Hello

Are you then saying KIS is not good in your eyes?

Con

 

Don,t trust my eyes as I don,t ( I mean in choosing ur PC security). What I felt, I just posted it.
BTW, I like it but still can,t digest blocking of more than 90 plus % malware as I did not get it myself- may be my settings rae not correct.

 

Summary:

He is saying he liked it, but has slowdown issues, and HTTP issues. Which have been commonly reported by many - myself included. I am used to zero-drag apps, and found KAV6 to be too heavy still.

Otherwise, it appears he liked it, but has issues preventing a purchase.

 

Wow! Still too heavy? It is light in my system even KIS running all modules. The running exe's are still lower in memory than Nod32 although if you are talking about virtual memory and peak memory usage etc. then maybe you are right and depends on your setup, but it is a great imporvement than KAV 5.

dja2k

 

i agree with aigle and sds909. the latest is KAV is good and all but it still cant approach nod32's level of lightness at max settings. even recommended settings arent much faster.

 

Can someone define "drag", because I use KAV6 (recommended settings) on an athlon XP3200 and DrWeb on an Athlon 64 (939) 3200 and cannot see any noticeable difference in "drag" between the two systems.
Both are very fast with apps opening and working. I will concede a bit of a slowdown with the HTTP scanner but it is only certain sites if I have cleared my cache file. Even then, the delay is minimal.
I am not a gamer so I cannot comment on the effects either has on gaming apps. If gaming is what this is about, then stick to NOD32 and state that it effects you in that way. It has always amazed me that about the different effects apps have on different systems but I know they do.

 

there is no universal definition for "drag" or "slowdown" on a computer because some people are less likely to perceive any differences whereas others are more sensitive.

a while back, i posted a thread regarding AV resource usage, but unfortunately my AV choice will continue to be limited. (btw in mentioned my athlon xp 2000 in that thread, but my athlon 64 3200 isnt much faster with KAV) maybe someday ill be able to afford a comp with a dual-core proc and couple of sata drives in raid 0 or something. then and only then, i hope kav runs well.

 

Honyak,

It's not a quantitative definition, but when I have Firefox running (typically 12 or so tabs open on multiple sites) and am jumping between FF and other applications (say MS Office), I will occasionally run into what, from the keyboard, seems to be a system stall.

Generally the system is not loaded with extensive download activity at these times although page refreshes may be in progress. It is most obvious on a launch of a new application or context switch to an already running application. It is not a constant thing, it occurs perhaps a couple of times in a multi-hour session. It's not a huge issue, the system vectors off into the ozone for 10-15 seconds and then all is well, but it can be an annoyance. The system is a 2.8 GHz P4 with 1GB RAM and a pair of 250 GB drives - not an overly lean setup.

Blue

 

If you check the FAQ's on the Kaspersky site, I know for certain that Trojan Simulator and SpyAxe are not in the definition files. Since Trojan Simulator is not a true trojan and developed by an AT company, they have decided it was not to be identified. SpyAxe is more controversial - they pick up the actual trojan downloader but the program itself is 'legal' so that part is not detected.

http://www.kaspersky.com/faq?qid=176828072

 

Thanks Blue, I have experienced what you are talking about with the keyboard so I understand. I can't recall when I have ever had that many tabs in firefox open and running apps, but I get a pretty good picture of what you are describing.

Regards

 

Infact the so calld drag on the system is just a subjective thing that can vary from person to person and system to system. I tried KIS in XP Home SP 2 On Toshiba satellite M 70( 1.7, 512, 40 GB SATA).

 

Thanks. It rather seems to be a legal issue that might have forced them to this.
BTW, I wonder what about winfixer and UNSpyPc, they were able to install themselves.

 

It appears they can identify winfixer with an on-demand scan and it lables it as 'not-a-virus' but leaves it to the user what to do with it:
http://www.viruslist.com/en/find?search_mode=full&words=winfixer&x=22&y=4

I have no idea about UNSpyPc.

The reason you may not have detected this - did you enable "spyware, adware,dialers" and "Potentially dangerous software: remote access utilties, prank programs, jokes" which are under Settings-> Protection.

 

These were my settings, even ondemand scans are pretty silent and it seems that KIS is weaker in adware/ spyware detection. WinFixer is detected and renoved by most of scanners like spysweeper, spyware doctor, superantispyware, etc. Spysweeper even stops access to its download site by default.
SpyAxe and UnSpyPc is alos detected by all of them.
Even Antivir free edition detects WinFixer and sometimes SpyAxe.

 

That's all fine and dandy but did you check the Settings-> Protection tab to ensure you are looking for spyware? Those two settings I mentioned earlier may not be enabled by default and wil be important for the file av (on-demand) scan.

 

Hi u are missing something. I used KIS not KAV.

 

No, I didn't miss that - I just have KAV installed right now and both have the same AV protection module. I take it you had enabled those two on your KIS install and it still didn't find WinFixer with an on-demand scan even though Kaspersky lists it in their database. You should submit it to Kaspersky explaining your settings and findings and see how they respond.

Good luck with your testing.

 

KIS6 is very heavy, the people who say its light I wonder what they are comparing against.

It caches every file the file scanner scans thus making available memory plummet over time, this is particurly bad on large files and archives.

The scan archives setting dont work so it always scans archives even if you dont want it to.

The anti hacker on my system with stealth enabled and intrusion detection enabled adds noticeable latency and degrades speed, it also makes lan traffic consume a lot of extra cpu.