Following the release of a new antivirus package Kaspersky Pure, Kaspersky Labs decided to update the whole traditional line-up of their products for home users having developed Kaspersky Antivirus 2011 and Kaspersky Internet Security 2011. We decided to find out what changes have taken place in the new version of Internet Security and thus here is a review devoted to the comparison of two versions of the antivirus product for secure work in the internet.
The transition from KIS 2009 to its 2010 version was not related to any changes in the requirements regarding the CPU and RAM of the PC or the notebook. However, the transition to Kaspersky Internet Security 2011 demands a slight increase in the available resources with use the Microsoft Windows Vista operating system and a considerable change of hardware parameters for the Windows XP users. System requirements for Windows 7 haven’t been changed. We decided to gather the main minimal hardware and software PC requirements in the unified table for different Windows OS’s and also specified the size of the distributive.
The increase in the size of the distributive for KIS 2011 was caused not only by the change on the graphical interface but also by the alteration of the program core itself oriented at the work with modern operation systems.
As any modern antivirus complex, before installing Kaspersky Internet Security 2011 demands to delete all competitors’ antivirus modules. The packet is installed wholly on default.
Upon completion of the installation process, the program will enquire if you want to replace the standard Windows firewall with KIS.
Now you will see a separate beautiful control element (gadget) on your desktop. But this will only happen in Windows 7 using the abilities of the operating system. A Windows XP user will only see a newly designed old interface. The red ball will change its color to green as soon as all problems are eliminated, be it detected viruses or activation absence.
To work with the program activation is required which as well as in KIS 2010 should be performed in the very region where the software was bought. Besides, one has to keep in mind that now activation is only possible with the help of an activation code while you are connected to the global network.
If you have to activate the program on computers which aren’t connected to the internet, you’ll have to address to the manufacturer’s technical support which offers the following activation procedure.
With your activation code on the activation site receive an archive with a key file:
- Save the key file (it will be sent to your e-mail as an archive. First extract it) on the disc C:\ root
- Press the Start button in the lower left-hand corner of the screen -> click “Run - > in the window, type “cmd” command and press “OK” -> a command prompt window will open
- Open the C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ folder -> find the avp.com file, select it with your mouse and drag and drop it right in the command prompt window -> the full path to the avp.com file will appear in the command line
- in the same line press space and add an addkey C:\ (the key file name) command
It’s also worth noting that on the computers without an internet connection we sometimes came across temporary problems with updating from a local folder when the antivirus couldn’t see the specified updates source.
In the Kaspersky Internet Security 2011 and Kaspersky Antivirus 2011 activation system, there is a new possibility of a quick transition between the products which consists in the following: when you activate KIS 2011 with this or that key, only the functions matching the key become available, while the protection possibilities of Kaspersky Antivirus 2011 may be upgraded to Kaspersky Internet Security 2011. However, it’s worth saying that license downgrade from KIS2011 to KAV2011 is only possible through paying the full price for the Antivirus because any downgrade discounts seem to be unavailable.
Traditionally, the users are offered a month-long trial period when Kaspersky Internet Security is fully functional.
To migrate from KAV2009/KIS2009 and KAV2010/KIS2010 to the corresponding 2011 products you don’t have to buy any additional licenses. It’s sufficient to activate the antivirus product with the received earlier activation code in the case when the activation information was lost when the previous version was being uninstalled. Being uninstalled the program allows retaining anti-spam bases, activation and some other parameters.
When the article was being written, the prices for KIS 2009/2010/2011 for protection/license prolongation for one, three or more PCs were the following (in US dollars):
By the way, the pricing policy is strange, because for 6 year protection it’s cheaper to prolong your license 3 times for 2 years than to buy 2 times for 3 years and for protecting 10 PCs for a year it’s better to take 5 PCs for a year and prolong another 5 PCs for a year than to take 10 PCs at once.
When the article was almost complete, a new version of the antivirus package – 220.127.116.116 – appeared on the manufacturer’s site. The upgrade to this version was successful but further on problems showed up. For instance, the sanctum sanctorum of the updates sources – Kaspersky Lab update servers – disappeared from the list. The problem gets solved only after full removal of the product and its further re-installation. The Kaspersky Lab made corrections of the existing product and the version available for downloading at the present moment is free from the detected problems.
To conclude this section, we would like to point out that after their removal KIS 2010 and KIS 2011 leave some (trails in the registry with the names containing “kaspersky” and “KAV”, which may require using special utilities for registry clean-up before installing any antivirus software from other manufacturers.
For testing we used the latest versions of the antivirus products KIS 2010 (18.104.22.1686) and KIS 2011 (22.214.171.1240) run on Windows 7 (x32 and x64) and Windows XP (x32 and x64) operating systems. As a hardware platform for testing the performance we chose several equal PCs with the characteristic presented below. We installed the required operating systems and antivirus software on them.
For our tests we made three different file collections of 1 Gbyte with the names distribs, office files and other.
In the distribs collection there are different setup files, that is installers themselves and archives with installers and accompanying files. Altogether there’re 171 folders and 696 files in this collection.
Office files contain 782 files of Microsoft Office, Acrobat Reader, JPG, Corel Graphics and other formats, arranged in 56 folders.
Files which didn’t get into either of the previous groups and containing photos, text documents of other than office formats, clips, etc. were put into the Other group. Altogether there’re 149 files in 12 folders.
Beside these three groups we created another collection containing files of all previous types. They were placed only on a flash card because on such drives users transport and store all kinds of data. As an external data storage device we used Flash Drive Silicon LuxMini 720. There we put 4.84 Gbyte of data in 2081 files arranged in 286 folders.
First we tested the memory flash card itself to measure the access speed to the drive. For this purpose we used Intel IOmeter (version 2006.07.27).
Testing the memory flash card included 56 measurements in the course of which the key characteristics to the process of data transfer were changed. These characteristics are the size of the data block to transfer and the percentage ratio of sequential and random access in the transfer process. For example, the size of the block was changed from 512 bytes to 4 Mbytes doubling with every step.
Each measurement was held first with 100% sequential data transfer and then with 100% random transfer.
Now let’s move on to measuring the time it takes the antivirus to check various file collections. In the table below you can see the time it took to check each of file collections by both antivirus versions.
For some reason, after deleting an infected autorun.inf file from the flash card the antivirus product demands to reboot the system. This is still a mystery for us.
Both versions of the program launch two processes in the system: one under user account and another – under SYSTEM. The resource intensity is defined by the memory taken by the program in Mbytes and in the percent of the CPU performance.
As these values were constantly changing, only the minimum and maximum values are stated in the table.
In x64 operating systems Kaspersky antivirus works in the 32-bit mode, which is displayed in the task manager.
In Kaspersky Internet Security 2011 a geo-filter has been implemented. It allows permitting or prohibiting access to web-sites on the grounds of their belonging to different regional domains with different infection risk.
A domain is considered to be prohibited in the following cases:
access to this domain was prohibited by the user in the settings of the web-antivirus
the previous access to a website from this region was prohibited by the user
When the geo-filter detects a try to open a website from a prohibited domain, an alert window will appear in the browser.
After the access to the website has been blocked the user may perform one of the following actions:
go to the previous page
open the web-resource – load the website from the prohibited domain
open the geo-filter settings – open the geo-filter tab of the web-antivirus settings window
So basically, the access to the sites is not prohibited, only an alert of the site belonging to a problem region is displayed.
Naturally, we decided not only to determine the scanning speed, but also its quality. While scanning, KIS 2011 detected and deleted all malware present on the test computer (including a virus for Windows 98). The only problems occurred with viruses created on our own which were sometimes overlooked by the product. So, one of the main advantages of the product – the virus removal system – has remained intact. The scripts allow deleting all consequences and trails of the virus attack in the system (“system recovery wizard”). There was no problem with the WinLock type of viruses, either. First of all, KIS 2011 informed that the site we were about to receive WinLock from was fishing and potentially dangerous. Still, we manually allowed access to the site; Kaspersky scanned the downloaded module, detected and removed a virus in it. False alarms were mainly related to key generating programs (keygen). Also KIS 2011 seems to estimate the remaining scanning time more realistically that its predecessor.
In KIS 2011 parental control has been substantially enhanced. It is intended to restrict the use of computer and internet by children.
Below you can see the features of the new parental control module.
Limit the time the child uses the computer
Prohibit or allow access to certain programs on the computer
Prohibit or allow access to certain sites
Control the child’s communication in IM-clients (ICQ, MSN) and in social networks. For instance, it’s possible to make a black list of contacts communication with which will be restricted or banned or to record the conversations, etc.
Control file downloads, i.e. to prohibit downloading certain file types
Control sending personal information, for example, it’s possible to ban sending confidential data like home address, telephone number, etc. The list of personal data the child won’t be allowed to send is to be named in the module settings
However, there are several disadvantages in the module. Among them is a big number of false alarms (blockings) on quite innocuous sites containing legal or even official information. For example, the official site of the Saratov region is recognized as an internet shop. On the contrary, some sites whose contents are dubious are not blocked at all. The Kaspersky Lab forum is constantly working on improving the quality of the parental control base. Also setting the level of site heuristic analysis present in KIS 2010 is unavailable. Though detecting web-sites is not quite successful, KIS 2011 does very good work with fishing links in the ICQ inserting the “Kaspersky Anti-Virus: forbidden incoming black link” phrase instead of the incoming message.
Kaspersky Internet Security 2011 allows recording an “Emergency Recovery Disc” not only to a CD\DVD disc but also to a USB-drive, which certainly is an advantage.
Also one can’t help mentioning the disappearance from the KIS 2011 version of the network packets analysis service of which we’ve already spoken on our pages.
Now let’s summarize the results of our brief comparison.
On the whole we were quite happy with the product we tested, though some minor drawbacks are still present.
The advantages of Kaspersky Internet Security 2011 in comparison with the previous version are listed below.
The increase in the scanning speed of certain collections of files in certain operating systems
The addition of new antivirus modules as the geo-filter
The possibility of recording an emergency recovery disc on a flash card
The possibility of quick transition between the licenses of the Antivirus and Internet Security
However, there are disadvantages either inherited from the previous versions or newly acquired ones.
The removal of the network packets analysis module
Safe run doesn’t work at all or works with some limitations on x64 operating systems
There is some trail of the antivirus package after its removal
The inability to fully ban access to regional domains in the geo-filter
The increase in system requirements
The decrease of scanning time of certain file collections in certain operating systems
It’s also worth noting that the functions of the safe virtual environment folder (Sandbox) and the ones of the folder present in Windows 7 for launching programs in a restricted environment are practically identical.
We would recommend updating Kaspersky Internet Security to 2011 version those who have already upgraded their PC hardware platform and installed Microsoft Windows 7.