- Content source
- https://www.youtube.com/watch?v=24dfe8q7Aq4
Basically an advertisement for Kaspersky
Kaspersky vs infected system in 2025
- Thread starter Khushal
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Stupid MS must have made a stupid api to allow things to be placed into Defender's Exclusions. Can anyone check?
Video would have made more sense if it showed how malware got in there in the first place. But that would be asking too much from a PCSC video.
Good point, as even though @3:14 he says, "so how did we get infected?" he never mentions that source, or for our sakes, a possible source to be aware of, but only goes through the infection on the PC itself.
Absolutely. We can understand it's a paid promotion, but not showing how the system was infected with a malware which has a detection signature by WD is highly unprofessional and unethical.
+1 I watched the entire video, and at the end, TPSC talks about Kaspersky. I thought it would be something new. Regarding MD on the issue of deleting folders, this is nothing new.
First BD now Kaspersky and before that Comodo. Oh how the mighty have fallen. But, a lesson for us all that complacency is the biggest security threat and that past performance benchmarks are not a reliable indicator for future results.
Indeed it is more difficult for malware to add exclusions for K than MD, but to make a fair comparison, Leo has to run the malware "as admin" two times on clean PC, one time with MD, and one time with K, and to find if it is able to create exclusions for K as with MD.
The only time I got an exclusion in MD was with a cmd for office activation, which is totally safe, and currently there is a better, alternative cmd which do the job without adding files or creating exclusions.
If you finely selecting what you "run as admin", you may not need AV at all.
One good practice for MD is to check your exclusions folder everyday once.
The only time I got an exclusion in MD was with a cmd for office activation, which is totally safe, and currently there is a better, alternative cmd which do the job without adding files or creating exclusions.
If you finely selecting what you "run as admin", you may not need AV at all.
One good practice for MD is to check your exclusions folder everyday once.
I haven't watched TPSC videos for a long time because they are very misleading. In fact! But I don't want to get into that because it has been discussed countless times.
However, I have been using Kaspersky since 2004. I have tried many other products, but I always come back to this one. Not by accident. Kaspersky is renowned for its ability to clean infected environments. Obviously, the video is an advertisement, but this cannot be denied about Kaspersky.
Nevertheless, the video does not depict a natural state.
However, I have been using Kaspersky since 2004. I have tried many other products, but I always come back to this one. Not by accident. Kaspersky is renowned for its ability to clean infected environments. Obviously, the video is an advertisement, but this cannot be denied about Kaspersky.
Nevertheless, the video does not depict a natural state.
Not that I am justifying Kas, but the US ban means a good consumer base is lost so they have no other option than these illogical ads.
Didn't he used to work for Emsisoft or am I losing it? Bit OTT & I wont bother looking at his videos again.
Last edited:
Regarding Defender's exclusion issue, I would put the blame 100% on Microsoft since when you install Windows on your machine, the account that is created is an admin account. So Microsoft's logic of “it's not a security issue because anything can be done on an admin account” is very irresponsible IMO.
But this exclusion adding features can be useful and taken advantage of by many trusted programs. For example, any coding software from JetBrains like PyCharm allows you to whitelist your development folder in Microsoft Defender for better performance and avoid detection. In their installation folder there's a PowerShell file which is used for this purpose.
From what I have seen, the AV that is most proactive at preventing any unknown programs to add anything in MD's exclusion is Bitdefender. It blocks them whenever an attempt is made by anything unknown. One Defender's job is done by another Defender.
But this exclusion adding features can be useful and taken advantage of by many trusted programs. For example, any coding software from JetBrains like PyCharm allows you to whitelist your development folder in Microsoft Defender for better performance and avoid detection. In their installation folder there's a PowerShell file which is used for this purpose.
From what I have seen, the AV that is most proactive at preventing any unknown programs to add anything in MD's exclusion is Bitdefender. It blocks them whenever an attempt is made by anything unknown. One Defender's job is done by another Defender.
Tried SUA before, and it was headache with certain programs such as Windows firewall control.
If using B or any other 3rd party AV, does MD exclusions make a difference?
It won't until someone decide to uninstall the third-party AV and use MD again. I was simply noting that while MD should've been the one to act proactively, it's Bitdefender who's doing it.
I was looking for a method to disable MD exclusions (through GP for example) but I could not find a one.
Here comes "common sense" to play; when I extract 10 MB archive to more than 500 MB folder, I should suspect malicious inflation.
F
ForgottenSeer 114717
I know how the system was "infected", but do not ask me because I'm not gonna tell. Telling educates the bad guys who will use that knowledge.
It's not difficult.
This needs to be revised to:
"showing how the system was infected with a malware is highly unprofessional and unethical."
Researchers don't do it to entertain security software enthusiasts and they don't do it to educate the bad guys.
(Yes. Leo is a researcher.)
All governments should force their citizens into "Paranoia" re-education camps. Until the citizen reaches the level of required cyber-digital device use-online paranoia they will be forced to watch Leo videos in a loop and fed porridge.
Leo is not misleading anyone. He's just not good at creating videos.
All testing. All videos. They all "do not depict a natural state."
Last edited by a moderator:
F
ForgottenSeer 114717
Is it still valid? Inflated files bypassing KVRT?
You may also like...
-
Kaspersky Premium vs McAfee Advanced- Started by Shadowra
- Replies: 87
-
-
AV-TEST Awards 2025: celebrating the very best of IT security products- Started by Parkinsond
- Replies: 22
-
-
Online ads just became the internet's biggest malware machine- Started by Gandalf_The_Grey
- Replies: 4