My Kaspersky phase

By Larry Seltzer  |  Posted 2006-06-27 Print this article Print

I moved that particular computer over to Kaspersky Antivirus. As I said, Ive had problems, but I may have worked around them. When I set it up initially I turned on the "proactive defense" feature, which causes KAV to monitor programs with far greater scrutiny than by default. Leaving this feature on slowed file saves, especially to the network, to such a degree I might as well have written the files in longhand.

I also have to say that KAV has needed a lot of tweaking of settings before Ive begun to feel comfortable, but Im getting there. Ive noticed no overt conflicts with programs I run and nobody updates signatures faster than Kaspersky.

Of course, this means they cant spend a lot of time testing the updates. In fact, I got a false positive the other day on my (coincidentally Kaspersky-based) gateway security box. I also switch gateway security boxes frequently and the current one, a ZyXEL ZyWALL 5, about which I will write more soon, has a very small definition set of only 800. But one of those definitions is for the eicar test file, the semi-official anti-virus test.

Is Microsoft a security pariah or trendsetter? Click here to read more.

A friend sent me a large document that had the eicar test in the middle of it. The file was blocked, even though the eicar test is only supposed to trigger in specific circumstances: The file cant be larger than 128 bytes. There have been cases where virus authors have used the eicar test before their own code, hoping the user would see "eicar" and think the file was innocuous. The file I got was many hundreds of kilobytes. The friend and I reported it to Kaspersky, who removed the eicar signature, which is just as well: On a box with only 800 definitions, its silly to waste even 68 bytes on a test.

So I may have gotten Kaspersky on the desktop to the point where I dont hate it anymore, but give it time. I also once ran a BitDefender system on which the hardware died so I dont run it anymore. BitDefender itself was relatively inoffensive, although it did raise some displays that I didnt want and couldnt figure out how to turn off.

And then theres McAfee. I had a McAfee-based gateway device for some time and I have to say the anti-virus software on it ran very well. Alas, it was a Servgate box and Servgate is pushing up daisies these days. My luck with it was better than with McAfee desktop anti-virus, which I found to be intrusive and slowed the system noticeably. And they have had their own false-positive problems.

Yup its true, they all stink. Well, mostly. Ive still got high hopes for KAV, mostly because I hear good things about it from people I respect. We have to find something were comfortable with; as Oscar Wilde might have said, the only thing in the world worse than running anti-virus software is not running anti-virus software.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. More from Larry Seltzer Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel