Kaspersky Internet Security 2011 in "real world"-test

http://www.pcwelt.de/start/sicherhe...ky-internet-security-2011-im-real-world-test/

And another test:

http://www.chip.de/news/Kaspersky-Sicherheitsprodukte-2011-im-ersten-Test_42880518.html

Text in German.

 

Short summary of the results:

- 4.685 samples from May 2010, were all detected both on-demand and on-acces;
- 445.775 malware samples, detection rate of 99,45%;
- 200.000 clean samples, 0 false positives;
- tried to acces 25 malicious websites, 23 were blocked;
- tried to install KIS2011 on a by 25 items infected machine, 23 were removed after installing KIS2011, althought after the restart some registry keys and HOST items were broken;
- tested KIS against in total 25 active and inactive rootkits, all were detected;
- test performed by AV-Test.org.

I think that are excellent results.

 

Yes, best results imaginable, and AV-Test is a reputable testing organization.

 

Excellent indeed ! Especially impressed with it's rootkit detection and disinfection capabilities.
0 FPs with a 99+% detection rate too.

 

yeah, impressive results.

 

As someone struggling a bit with the bugs still evident in the 2011 products its good to see that this fairly comprehensive test shows the product still does the important stuff very well indeed. Roll-on CF1 when the user experience will hopefully match the protection levels.

Cheers

 

Must...stop...myself...from...dishing..out...the....money....

 

I see trjam already changed his security setup again xD. Do you really have licenses for all programs or what?

 

Impressive Result...But does anybody tested it against latest TDL3 rootkits ? Is it able to detect it and clean it completely?

Trjam is really a fanboy of each AV who did excellent in Test Reviews...Its nothing new.

 

Welcome back

 

Me too. Let them all perform well

 

Very impressive. Has KL changed the av-engine? As far as I know it uses the same av engine of v2010, and till v2010, the detection has never reached 99%.
Kudos to KL...

Edit: Their page for 2011 products advertise only for feature improvements like GeoSecurity, Improved sandbox etc. But never states about av enhancements.

 

It doesn't state anything about what type of rootkits were used, which is ofcourse quite a shame. But as far as I know there are very few apps which can remove the latest TDSS/Alureon rootkit, only Hitman Pro, and some specific programs to remove that rootkit, as far as I know GMER can't handle it for example.

 

It would have been excellent if he would care to share his insights into each product he tests and the reason why he switches. Probably there is some kind of 'Quest for Perfection' at play here, which is nearly impossible to achieve in the present state of digital security. But still, would love to hear his thoughts.

 

It's able to detect (pretty much) all variants (tested a ~dozen samples, versions varying from dec 09 to may '10), currently removes all except there are issues with April edition of TDL3+.

(tested in a VM, so results may vary in real world)

 

Then we'll be fanboy of all of them...

 

I am sure he only changes his signature...and display pic and not his AV.

 

Have you tested it yourself or you are talking about the test review?

 

You are absolutely right, only Hitman Pro and few other application (Personally Don't Know) are able to remove the latest version of TDL3...That's why i have asked that whether they have tested KIS 2011 against the latest threat of TDL3 or not. Even i have saw that many AV's are not able to find out TrojanSpyEye, which is also using stealthy techniques to evade the detection capability of many AV's...

 

As far as I know KIS 2011 detects pretty much all variants of TDSS and is able to remove most of them.

I've also tested KIS 2011 against many versions of TDSS in a VM.

Also the results are impressive. I wonder if they tested KIS 2011 in Automatic mode or in Interactive Mode (where its HIPS asks the user instead of deciding automatically what to allow and what to block).

 

Myself

The changelog usually doesn't show tweaks and changes to existing engine features.
For ex. in 2010 the Automatic rootkit scan is able to detect rootkits/malware which other scan tasks (quick/full) weren't able to, even if set to max settings. In 2011 the technology behind Auto rootkit scan has been ported over to other scans. (at least it's able to detect what 2010 quick/full scan missed)

 

well if I didnt have licences how could I use them.

 

Wrong. 2 computers have FD-ISR with a total of 10 snapshots each. That is 20 different setups. I currently test 14 products. So the avatar changes with the snapshot used.

 

TBH I've paid little attention to KIS over the last year or 2.However,although this is just one test,I've seen enough here to pique my interest again.

I'd be interested to read a detailed appraisal of the various improvements for this year.

 

with as often as people say it's really heavy, in my experience with client and friends' machines, it's not at all. several people i know have been using kis2010 and now kis2011 on limited-spec netbooks with nary a problem. it's a much better polished product than previous versions (2009 and earlier) imo. the firewall is smart, proactive stuff works really well, its detections are good and it's a mostly hands-off product that doesn't bug users with prompts that can't be disabled.

also their updater applications is badass if you have a fileserver and multiple KAV/KIS clients on a network...it aggregates the updates and you just configure the clients to update from that location in addition to the main kaspersky servers. updating AV defs at wireline speed is awesome.

i'd probably switch to it myself if kaspersky offered a site license.