kaspersky proactive defense - effective?

I have the same view as ffredom01 and larry. I already stated that in very clear lang. at the KL forum.
But the reply from the moderator was so indifferent, that I just couldn't say or do anything. That just made it worse...

 

Have you tried F-Secure Internet Security 2009 ??
From what I heard, it has the best HIPS on the scene. Plus its certified by MS....

Also saying that KIS 2009 has advanced HIPS and keylogger detection functionality, without mentioning anywhere in the official site/documentation about the partial implementation on Vista is also "Good Saying .... without knowing the facts..."
If thats OK, then KL must bear the brunt of this too

 

I can understand your concerns and I will have a word with someone at KL, perhaps there can be some sort of extra information for users.

 

There are numerous malwares in the wild, that are specifically designed to bypass all the protection layers of KIS 2009. I was once infected with IRC bot Worm. It ran as a C:\Windows\service.exe.

I must admit that although Kaspersky PDM detected it, the Worm blocked Kaspersky from deleting it. In fact it crashed KIS 2009 module.

Another incident took place when a Trojan terminated GUI modules of KIS 2009.

Although I've send the samples to the labs for analysis the virus analysts say that the files (rather worms and trojans) are clean.

 

So what exactly are the limitation of KIS on Vista? Is there a large missing feature set?

 

Low Restricted rules editing in Windows Vista(screenshot by Vijayind): http://photoserver.ws/files/d1hm57xapewm8jt65ip5.jpg
Low Restricted rules editing in Windows Xp (screenshot by me) http://photoserver.ws/files/scmmpsq3mysqylfnvht0.png

Missing features of Vista are highlighted in red int he second screenshot.

 

Just to point out, this is not purely a Kaspersky issue. There are features in NIS2009, for example, that are not available for Vista 64, and not readily apparent unless you search their forums for it. I'm sure there are similar differences between Vista 32 and XP.

Should they be more up-front? Absolutely. But I think its more of an industry practice than something Kaspersky is doing alone.

 

I agree they should be more upfront.
Since NIS 2009 SONAR is based of NAB. I guessing it works on Vista 32-bit. But still only way to know is test it...

 

Thanks for the screens.

 

I don,t think SONAR is based upon NAB. As I remember it,s a separate technology acquired by symantec.

 

Please see info here:
https://www.wilderssecurity.com/showpost.php?p=1297904&postcount=220

As per that most of NAB has been included into NIS 2009.

 

It shows NAB included into NIS. And seems SONAR also includede but they did not said that NAB added into SONAR. Both are separate though both are integrated into NIS.

 

Unfortunately, the NIS 2009 beta forum with the complete thread has been removed, so the ambiguity.

As of now, Symantec recommends you to un-install NAB prior to installing NIS 2009. Since both serve almost the same function.

See this post by Dave Cole of Symantec. And the whole thread for the info:
http://community.norton.com/norton/board/message?board.id=nis_feedback&message.id=7486#M7486

EDIT: Sorry, Ronjor. Last post I promise on NAB & NIS 2009. Aigle, please PM me your reply.

 

Question: kaspersky proactive defense - effective?

Answer: Nope.

 

Bit rich coming from you....

got any substance to back that up or just stirring the pot?

 

Thanks for all the replys - I guess it's not that big a deal in the end, as all security apps have their shortcomings. I was just hoping that the pdm would help me prevent infection, which it didn't and as a result a major infection grabbed hold of my snapshot. I did the right thing by having other layers of security to protect me in case that one failed, and in this case it was fdisr that caught my fall when kaspersky didn't.

I do respect kaspersky and will be keeping the antivirus installed for it's on-demand scanning engine

 

Nothing more to say ATM.