KIS users

Discussion in 'other anti-virus software' started by nixie21, Apr 7, 2007.

Thread Status:
Not open for further replies.
  1. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    What other security (if any) apps, do you run with the suite?
     
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    realtime for me is just kis6.0 all modules enabled,MVPS hosts file,nat router and spyware blaster.
    i have a prevx1 license but im saving that for the pc im building for myself soon. i use superantispyware and spysweeper as on demand.
    lodore
     
  3. colorado13

    colorado13 Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    117
    Location:
    Orihuela, Spain
    Realtime Kis 6.0, Prevx, SpywareBlaster and nat router.
    On demand Superantispyware and AVG antispyware.
     
  4. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    just kis is all you need,

    however, id always recommend a NAT firewalled router, this is my best buy to-date.
     
  5. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    How do you use the application integrity control in KIS? I know you need to answer a lot of pop ups, but it will NOT allow firefox to open, it will not even prompt me! I was able to open IE...

    I do have a router firewall, mvps hosts and spyware blaster...
     
  6. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    your setup is fine.
    just add superantispyware for on demand scans e.g. weekly
    www.superantispyware.com
    I answered the pm.
     
  7. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    kis.6.0 spywareblaster with custom blocking list superantispyware.sandboxie.and.powershadow.

    but iam going to take superantispyware off i never get spyware running sandboxie....
     
  8. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    I look at it this way - what is it that KIS/KAV seriously lacks in its PDM defence?

    The answer to that is the all important 'execution' protection in relation to any new executables seeking to start running on your system. At the moment KAV's Application Integrity Control can only guard against execution by known progs, thus a 'drive by download', not recognised by the web or file scanner, can get running before KAV takes action; in some circumstances this could be most unsatisfactory.

    So you can forget all about demand scans from this or that scanner, these aren't going to help you much; what you really need to do is install Process Guard which, together with KAV's PDM, will give you a formidable level of protection. (Unless you are using Vista, in which case PG would not be appropriate).
     
  9. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    What is PG like? Are there a lot of pop ups? resources? thanks...
     
  10. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,300
    Location:
    South Wales, UK
    IMHO TopperID is quite correct KIS with PG to cover the only hole that I can see in PDM is a good combination. I understand that Kaspersky may be working on a Process Guard componenet for PDM but this is only hearsay...but it would be good if they really are.

    Again, IMHO the Application Integrity Control componenet of PDM can be a little over the top in terms of popups and the like. I am still to decide whether to run it permanently as it seems to cause spikes in CPU usage.

    The only down side to using PG is that it does not appear to be being developed as its makers seem to have disappeared. SO I am looking for a replacement long term and am currently waiting for the release of Online rmor 2which does have such component, appears to be highly configurable interms of what you can use/not use and seems less technica/more user friendly than SSM or ProSecurity which also both offer Process Termination protection, etc., but also overlap alot with PDM.

    In terms of running PG you set it off initially in Learning Mode so that it learns about your habits, etc. and then you switch Learning Mode off and it will notify you based on process-related activity that is either new or that you have not created a rule for. Very nice and easy to use.

    I also have SpywareBlaster installed and regularly updated. A must IMHO.

    Finally, in terms of on demand scanning/protection I use SuperAntiSpyware (Free) & Spyware Terminator (also free) to carry out antimalware scans, as a back up to KIS/PG.

    Hope that helps?;)
     
  11. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    instead of p.g i would use a anti-executable.
     
  12. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,617
    Location:
    Canada
    Right now I'm using SSM and I have AIC turned off in KIS Proactive Defense. So far I like this setup.:)
     
  13. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,300
    Location:
    South Wales, UK
    Yes, but the question is which one as there are a number of applications that have such a feature. PG is relatively simple to use IMHO; SSM & ProSecurity are not. BUt I would suggest that you trial them all and see what is good for you as they all do the job.
     
  14. theshadow247

    theshadow247 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    323
    Location:
    ontario.canada
    i also have ssm paid installed or i would be using faronics anti-executable...
     
  15. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    Depending on what I do, i may run AVG AS with the Resident Shield on. Besides that, I use SUPERAntiSpyware and Ad-Aware as on-demand scanners. I ditched Spywareblaster some time ago, didn't see much point in using it since I use Firefox with some extensions.
     
  16. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    SSM and ProSecurity are overcomplex and unnecessary for anyone running KIS's PDM. PG is much simpler to get to grips with and is unlikely to be beaten in any case - it'll stop drive-by trojan DLs dead in their tracks; indeed some of the nastier malware specifically checks a machine before running and if it detects PG is on the machine it will abort installation immediately, because it knows it cannot beat PG and does not want to get 'captured alive' and analysed.

    The only thing you do need to remember is to set all progs that can be used to run other progs as 'Permit Once' in PG's Security section, else they could be exploited to run alien executables. This list would include things like:-

    rundll32.exe,
    cmd.exe,
    regsvr32.exe
    ntvdm.exe
    javaw.exe

    Other candidates include regedit.exe and taskmgr.exe, but it would depend on how often you use these; if you don't care for the pop-ups then Registrar Lite and Process Explorer could be used as alternatives. Actually I've made copies of the former two, together with others like cmd.exe, msconfig.exe etc, and renamed them and pasted them to a new location; I'm able to run the copies from shortcuts while the originals are tied up in security! (The copies should not be exploited because the name and file path are not what malware would be looking for).

    You can do the above in KAV's Application Integrity Control also, but you should also set to 'Prompt' a lot of other exploitable progs that you know you don't need regularly, such as tftp.exe, ftp.exe, telnet.exe etc (KAV's AIC has a list of these progs).

    If anyone has disabled KAV's AIC 'cos they are fed up with the pop-ups, I would recommend disabling module loading protection (by setting the Content Modification column to 'Allow') and at least obtaining the benefit of 'Child process' and 'execution' protection. You just need to remember that any prog set to 'Allow' is not being monitored, so to get max protection you need to set as many progs as possible/appropriate to 'Prompt for action'. Of course there are plenty of progs that may be missing from the AIC list that need to be added for proper protection (eg ntvdm.exe, javaw.exe etc, etc).

    With PG things add themselves to the list during the 'learning' phase, so it is easy peasy to use.
     
  17. thehudd

    thehudd Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    56
    KIS, a nat router, and Boclean, just in case. I think that's more than enough.
     
  18. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    Not if you want to stop a zero day exploit it's not.

    What happens if you hit something new? BOClean won't help, nor any demand scanner, because it's unknown malware; and the router won't stop it.

    In that case you'd be relying on KAV's behaviour blocking capabilities, but you'd be in a much better position if you could stop the malware from executing in the first place; that's where PG comes in.

    Why risk having system files corrupted and unprotected areas of the Registry destroyed, when you could prevent this by using proper execution protection?

    OK, I accept that statistically you'd have to be very unlucky to be hit by something new - but it does happen, so why take the risk?
     
  19. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
    Run KIS (with ProactiveDefense's ApplicationActivityAnalyzer + RegistryGuard enabled, no ApplicationIntegrityControl or OfficeGuard)

    Sometimes use Sandboxie when going onto dangerous sites

    No other real-time security software running.
    Use the following free products for On-Demand scans once every few months, but all they've ever detected is tracking cookies because KIS intercepts all the malware... better to be safe than sorry still i say!:
    SuperAntiSpyware
    AVG-AS
     
  20. Sjoeii

    Sjoeii Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    1,240
    Location:
    52?18'51.59"N + 4?56'32.13"O
    Run KIS

    Maybe SuperAntispyware on demand

    KIS is all you need
     
  21. ASM

    ASM Registered Member

    Joined:
    Jan 12, 2005
    Posts:
    164
    Currently, running KIS 6.0.

    With SUPERAntispyware on-demand and Counterspy daily scan when I am asleep.:)
     
  22. Cadoul

    Cadoul Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    76
    Location:
    France
  23. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    nice post cadoul,

    i would never ever ever ..ever used all these security programs together, one should be enough, if its not .. you clearly dont trust it, so you should ditch it anyway.

    also, the cost... sure there are free ones out there, but the best ones are always paid.

    also, the added maintenance of each program and the fact that it exists when not needed on your machine, using ram and cpu usage too.

    just seems all pointless to me, i for one... will not be surprised for any comments about problems if they do this.
     
Loading...
Thread Status:
Not open for further replies.