Kaspersky reliable?

Can we please get back to the reason for this thread?

I would endorse what Saraceno says. Have been running KIS since version 6 through to the latest 2009 with little or no issues. I am also a Gold Beta Tester...so I am nailing my colours to the mast here.

But I would say that if you want a good perspective of the product then you should log onto the Kaspersky Lab Forum:

(http://forum.kaspersky.com/index.php?showforum=4)

and check out what is being said there as it reflects the position of current users (not disrespect to Wilders but the KL Forum is dedicated and therefore likely to be somewhat more represntative, etc., IMHO)

I would close on a personal note by saying that my base line loyalty is to quality and I will go with what I consider best or one of the best. I was a NIS user for many years until NIS2006 became unusable, IMHO...and therefore I switched. I note that NIS2009 is getting excellent reviews, IMHO on a par with KIS, but am content to stay with KIS.

Hope that this help?

 

It's not as rosy as that.

Although I'm not familiar with the latest versions, Kaspersky used to cause a relatively high % of false positives. Certainly more than the average AV.

And if you don't want to use the default settings, you can get some interesting surprises

 

Try turning heuristics on maximum, it can yield some interesting discoveries I ended up using medium heuristcs in Full Scan, safer that way.

 

To all,

This discussion became sidetracked and a number of posts related to that have been removed.

Let's keep the comments focused on the original question and not various members posting here.

Blue

 

A good point indeed but the same as one would find if one set any heuristics emulator/functionality, in any product that has this feature, to 'High'.

I personally tried this and whilst I found it to be the case in KIS2009 I did not find the no. of FPs to be very high, and they were easily weeded out and notified to the Kaspersky Lab for review.

I personally have Heuristics set to Medium, and that in combination with the other features of KIS, ie, PDM, HIPS, Application White List, etc., seems to do the job for me.

 

Thank you.

 

Kaspersky has good detection history and continues to enjoy high detection in my own dirty tests and also of many neutral labs ( see AV-Test & AV-Comparative).
In Kaspersky 2009, they have introduced a proactive/HIPS module which further increases protection against 0-day threats.

But there are some chinks in the armor.
1) Proactive/HIPS module will trust signed apps by default. This may allow certain adware/rogueware for which signature may not have been written to pass through.
2) Proactive/HIPS protection is present only in XP ( and earlier windows versions). In Windows Vista, the protection is dilute to almost zero.

So IMO, use Kaspersky and have a on-demand AV/AS, for any exigency. I use and recommend, SuperAntiSpyware.
If you are using Vista, do use some HIPS tool like Mamutu,Zemana or DefenseWall for complete security, till KL resolves the issue of their HIPS drivers.

 

Sorry, but a one word post of "nope" counts as flamebait to me...what were you hoping to achieve with that apart from getting some emotional responses?

If you wanted to give your reasons you should have done so in the original reply so then we could see why you think that instead of assuming you are stirring for no reason. Now it looks like you are giving reasons only because someone questioned your original intentions.

1. Kaspersky doesn't have a poor detection of spyware....a lot of which falls under "other programs" or "riskware" category which is off by default. With it enabled, Kaspersky detects the works (obviously not all, but a quick email with a sample and it is detected......Kaspersky also have tech support and a forum for helping customers with infected machines and getting them cleaned up with a little input from the user.

2. iSwift does not scan on network drives.

3. This may happen very rarely (and it happens to other vendors too, I can give a few examples where neosploit scripts came back clean from vendor X and Y while Z and others added it) due to human/auto analysis error. If you reply to the original response with a clear description of why the "clean" verdict is wrong instead of just virustotal links, then it will be reanalysed and added quickly.

4. So the fact that heuristics are enabled in WebAV, and MailAV and scanning your mail, IM traffic and web surfing (the main point of infection- email and web and IM) doesn't matter and doesn't count as realtime to you does it? ....also the fact that HIPS does a deep heuristic analysis when you launch an executable for the first time?

It might cause a slowdown if you are using a pentium 3 with 64mb of ram, but any decent pc will not notice a significant blow from having heuristics on the fileav realtime protection, although this is not needed for the reasons I mentioned above.

 

1. There is a blacklist of digital certificates that is updated frequently, and not all digital certificates are trusted by default. Hence there is no "chink" there

2. Incorrect. Proactive defense/HIPS has a fully funcitonal set of features in Vista, but less compared to XP due to API limitations set out by Microsoft. If you care to test HIPS on a Vista system you will see that it is perfectly capable of dealing with malware. Do not base judgements on leaktests or hearsay

 

Hmmm.... Isn't HIPS/Proactive protection supposed to be to fight against 0-day threats ?? 0-day as per my knowledge means a threat for which signature/counter-action is yet to be made. In such a case, how will Kaspersky protect ?
It has the same fatal flaw as other products working on the whitelist/blacklist principle. Where any unlisted threat is free to infect, till its detection and addition.

Wow, Baz. Thats what I like about you and other ppl from KL in general. Be it here or in KL forums. You never admit your fault, you still what people to believe the world is flat.

Do not base on leak tests !! You gotta be kidding me. If you can't detect and protect against test apps, how is it that you will protect against real threats
The Zemana tests both signed and unsigned versions fail on Vista with KIS 2009, now how do you suppose KIS 2009 can actually protect against loggers ??

I also tested many commercial keyloggers, before making this statement. Here is the one:


( To protect the thousands of KIS 2009 users on Vista, I have hidden the actual name and details of the keylogger used. )

KIS 2009 by default added the logger in "Low Restricted" group. But still it worked. So I moved it to "Highly Restricted", still nothing !!

Yet I am sure, you still believe that KIS 2009 actually has a working HIPS ... So let me ask you.

Everytime you seem to ask other to prove and never accept undeniable proof given. If KIS 2009 actually works on Vista, prove it...
Show me KIS 2009 successfully thwarting loggers and 0-day threats on Vista. Let the experts at Wilders and other forums decide reality. Stop the Bull **** !!
Stop being a "bully" and rather have the courage to admit your faults and overcome them. It will give you more respect and loyal users, I promise.

 

Exactly because those leak tests are no real threat...

Already been debated here; it's whitelisted. You need to test with real malware as said before...

 

No real threat !! It logs my keystrokes, captures my screen. Thats sooo normal.

If you look in depth, in the conversation. It seems, the automatic whitelist, is for signed apps. Since Zemana tests are signed, they where automatically whitelisted.
Hence usage of unsigned test in XP, will trigger prompt for KIS 2009.
See this post in same thread.

 

Nice to misquote something out of context and restart your rants. The reply was about the leak tests, damn it! Learn to debate in a civilized way or keep your trap shut.

 

Ok, I have no shame in admitting my mistake.

If you see my actual post I was talking of leak and logger tests in conjuction. So I assumed, you also meant the same collectively.

Civilized .... What did I do so uncivil ? I never uttered profanity or curse. Why is sarcasm so bad. Unfortunately, I always add a tad of sarcasm to get my point across, so you will probably see more of that from my "trap" ( Yeah, thats civil ). Its all figurative, not literal. So try to take it , in your stride. I don't mean it in the perspective, you seem to assume.

 

Folks.

Let's tone down the gratuitous rhetoric. It really doesn't advance either side of the debate.

Blue

 

vijayind, no disrespect, but to address the original poster, Kaspersky for an 'all-round' package is pretty damn good.

The commercial keylogger you refer to, don't know which one it is, it might also go unnoticed by programs such as ThreatFire, Mamutu, or by all the other AVs. If it is picked-up by all the other programs, then fair enough, Kaspersky has some work to do.

Rather than an experienced user like yourself that is testing commercial keyloggers, and intentionally installing keyloggers, is quite different to the regular user experiencing a drive-by download.

IMO, I still maintain, for a regular user, surfing the internet, the likelihood of a drive-by keylogger transferring from a site then self-installing itself without Kaspersky giving alerts, would be as rare as hen's teeth.

It might have some improvements, but I believe there are plenty of products out there that wish they could say they have 'a few improvements to go', but instead are looking at a complete product overhaul.

 

Kaspersky is reliable, but I sent some samples have more than 4 to 5 days and I received no reply yet. The signatures were not added too.
Probably it's a temporary problem because usually they reply in some hours.

 

I see that your main feedback about avs is about sample-sending
Sometimes they reply slowly, or don't at all, in some cases I waited for weeks and no reply...but then I sent the sample again, and I got a reply.

 

Yes, Kaspersky is reliable, but I decided to put the firewall/HIPS in Interactive Mode. That way I can get advice but make my own decision. I decided to return my NIS 2009 license and stick with KIS.

 

It is reliable, the HIPS may have some bugs(for instance with some programs it gives tons of keylogger alerts by an 'unknown' application that won't go away until you turn off the PC), but it's powerful overall.

 

Are you running SSM by any chance?

The protection offered by the PDM in KAV 8 is appreciably weaker than that of KAV 7 and 6; a lot of the action has been hived off to KIS. Actually I think it has been dumbed down to make it more user friendly for the less experienced.

 

No, it did like that with IceSword and PowerDVD(strangely this last one was fixed if I unchecked "don't monitor application activity" for another program called Launchy
Ah, yes, also with MBAM, it said that the boot sector or something had been changed, got away after a restart)
I think that the developers have concentrated more on the HIPS.

 

No offense taken, Sir. I agree, its pretty good. I said so, in my first post on this thread. But a neutral commentator, should also highlight the cons also (if any). Which I did, its up the individual if they feel its a sizable drawback for him/her.

I had mixed results with commercial keyloggers. Zemana missed few ( I have sent them a report). Mamutu warned for many in normal mode, but for all in paranoid mode. Comodo Defense+ was the best, it detected everything and gave warning at every step of installation, execution and logging.

Well, by using commercial keyloggers I want to check the HIPS/Proactive behavior of the product.
Average Joe can meet with a 0-day malware, then the HIPS should kick in. If it fails for most/all commercial keyloggers its logical to conclude that the HIPS may not be able to provide good protection.
Same with KIS 2009, a regular user if confronted with 0-day malware will be unprotected, IMO as per the tests.

I agree, but my main grievance here is the fact the KL doesn't display this info in its advertising and also takes a bullish approach in face of evidence.

I am still a KIS 2009 user. And with all probability I shall continue to use KL products. But for the fact, I am not a fanboy and I don't want to give biased opinions. Since none have been given to me, here on the forum.

 

Let me guess, that on XP. Right ?
On Vista, I yearn to see even such a sight.

 

the only thing that i hate on kaspersky!! it hips when it put a malware that have a signature into low resricted group i dont know but i think if they also make it by behavior it will be good!!!

also that i have found the hips so weak against some variants like trojans-downladers that created it self into the tmp so i wish it will improve in the 2010 ver maybe