Comments on KAV Personal Pro 5

I just trialled KAV 5 Personal Pro 5.0.372 and would like to offer some of my comments from a user that likes protection, but absolutely hates having to bypass problems due to bad design, bad software engineering or insufficient testing.

I installed KAV 5 Personal Pro as on-demand only (this is what I wanted to test), disabling iStreams and Real-time protection during install. Disabling iStreams does not add ADS tags to files (i.e. bypassing the initial fragmentation increase issue people have talked about here and elsewhere).

After a restart I tried starting KAV.

It started up nice, but closed itself after c. 10 seconds.

I tried starting again, again it closed itself.

I went to look for an answer in the volunteer based Kaspersky forum (forum.kaspersky.com). Could not find one via browsing & using the search.

Running a very tight system I wanted to make sure it was not due to malware.

I scanned my system (full scan with Ewido, TDS3, NOD32, Bitdefender, AntiVir, Panda, eScan/KAV, a2, Counterspy, Spybot S&D, CWShredder and also took a look at running drivers, startup utilities and NTFS alt streams, run the latest rootkit revealer).

Nothing found.

At this point I was fairly secure it's an incompatibility issue and not an infection (esp. when the only software for the past week installed my system has been KAV + firefox 1.05).

I disable Process Guard driver, TaskInfo drivers and other kernel level non-plug and play drivers and restart.

Same problem. KAV quits itself.

Ok, I proceed into configuring KAV during the 10 second time frame it stays up.

I disable all real-time protections (files, internet, mail, macros, scripts, network).

This takes some fast clicking, but I'm able to make the settings stick.

KAV still crashes itself.

I proceed to deleted the databases and manually re-downloading them.

Bingo! Now KAV stays up, and does not quit itself.

So, it appears KAV databases were corrupt and due to this, it silently quit itself, without any error, any notification or without trying to update itself.

Quite moronic design, imho.

Ok, time to hit Kaspersky forums to see what configurations I should use.

Upon doing so, I'm hit with a barrage of problem reports:

- Kav crashes on install
- Kav fails to uninstall (esp. if Symantec antivirus has been on the machine earlier)
- Kav crashes system
- Kav causes BSOD
- Kav fails to upgrade program component to a new version
- Kav denies network access when used with Sygate
- Kav double the number of Program Files links and processes by itself
- Kav quits itself without a warning
- Kav disables itself without a warning, leaving the system unprotected
- Kav loses it's own key file (disabling itself again)
- Kav failes to update the defs
- Extended databases fail to be downloaded
- Kav causes DDOS warning with various p2p software with default settings
- Kav phone support does not answer
- Kav fails to detect multiple locations of the same file via it's exclusion setting
- Kav smtp mail scanner fails to work (sometimes works, sometimes doesn't)
- Kav fails to uninstall itself

Regardless of the programs stellar itw recognition rate and def update speed, I think I speak for the majority of computer users when I say: stay away from this product, unless you are an advanced user, feel very lucky, have lots of time & energy to tinker with it's settings and bybass it's bugs and idiosyncracies.

What's even more disconcerting is that many of the findings for bugs/bad design/incompatibilies came from apparently advanced users (more so than the average joe).

However, in many cases the "fix" was what the user had found out the hard way: do a tedious manual routine that bypasses the issue (does not fix it), instead of the developer acknowledging the issue, giving it a ticket and promising to fix it.

It's not only that some of the issues in the program are quite old (being that they've been unfixed for long), but that new serious issues seem to pop up with even minor upgrades 5.0.xxx series.

This is to me a serious indicator of flawed regression testing, bad software engineering and non-existent compatibility testing for a software as crucial as this.

AV software should not be disabling itself without a warning, failing to install defs or corrupting it's own databases / license key. It should stay functional, up-to-date and functioning AND warn of all oddities/problems.

As an example, compare this with the issues you see about NOD32 (or take another "bigger" AV utility). The problems with NOD32 seem extremely minor compared to issues with KAV 5. NOD32 is just one example, I could take many other examples.

To be honest, I haven't seen such a buggy piece of security software in ages (not since Outpost Pro 1.0 anyway).

And while I'm sure to get some advanced users calling me "n00b idiot, learn to use it!", I offer this as a warning to those with less time/skill on their hands: tread carefully, KAV is not a walk in the park. If you want an av solution that "just works", look elsewhere.

Perhaps some of the programs that use KAV defs, but with a more thoroughly tested main application and less issues in it.

My two cents worth.

Best regards,
Halcyon

PS I think it's good that KAV doesn't get a lot of coverage in mainstream computer publications. With software quality at this level, they'd get absolutely butchered in any major computer publication catering for the big public (and not to the 10% minority of advanced computer users). It may scan well, but getting it to even install, not to mention, scan, update and stay activated can be a hell of a hassle.

 

Nothing new here. Most Security forum reports discuss the problems of a particular program rather than how good it is. Look at any AV forum. A lot of the problems that you see over at the KAV forums are due to enabling IDS protection and/or an incomplete uninstall of a previous AV, particularly Norton.

I cannot judge the PRO version very well, but I have had no problems at all with the Personal edition or with versions of KAV going back to AVP 3.0!

Seems a little harsh.There are so many software/hardware configurations out there that there are bound to be conflicts on some computers.

It can be "set and forget" for newbies as I have just installed KAV5 on my son's laptop with no problems so far. In fact one of the reasons I chose KAV for his machine was it's ease of use and stability. I have experience of using a lot of AV software and IMO, KAV 5 was the one which would suit him and his machine the best.

I am sorry that the KAV experience was not a good one for you. But for many more other users, KAV in all versions has been no problem at all.

I hope your next AV trial is more successful.

 

Is there no end to how low some dedicated Nod-user's will go.

Just for the record, i have used Kaspersky for four years (since Kav 2/3) and have never had any major issue's like the ones you describe, well actually Kav 4 was slow, but thats another matter, running 5.0.372 Pro (with iStreams) without issue's ATM btw.

I have installed Kaspersky on more than 50 pc's (including my circle of friends & family) probably closer to 100, but i stopped counting, the only 2 major issues ever was an uninstall of an older version of Kav and that was fixed with the Kav removal-tool and a problem with the signatures when Kaspersky changed the structure of them.
When i install it on other users pc's they always note two things, one is how simple it is to operate compared to others they have used and almost always that they were amazed to learn that they didn't even notice the scheduled scan had run when they were using the pc without noticing this.

Does that mean that there is no problems with Kav or Nod for that matter (had a bad unstall with Nod when i used it btw ), no of course not, but to go the Kav forum and writing down the titles of threads to "prove" that warning about Kaspersky is apparently necessary, because it's so buggy that you just had to warn everybody, is simply lame.

Now to your install, why did you install Kaspersky on a system with another AV on it? if you had followed the AV section Wilders even just a little bit (i see you joined in 2003) you would have noticed that installing Kav (and some other AV's) is more or less a no go, even with the real-time protection disabled, unless of course you wanted it to fail.
You should have posted at the Kaspersky forum, we would have been glad to help and told you to either uninstall Nod while trying Kav or simply to not try Kaspersky btw.

As for your:

How do you come to this conclusion?, have you personally gone through every post at the Nod forum and the ones at the Kav forum and compared them to Norton, McAfee and Trend-Micro issue's, or are you simply taking what suits your purpose with this post?

Kaspersky is tested quite often in magazines and does not get "absolutely butchered", they get good reviews in fact, but then again they don't use the tried and tested methods i'm sure you use, maybe you could help them.

I'm like Blackcat also sorry your trial didn't went well, even though it's pretty clear why not, and wish you all the best with Nod, it's a nice AV.

 

Hi halcyon,

Blackcat and Don Pelotas have voiced most of my opinions regarding your post allready. All I can add is: sorry to see you make an error in judgement posting this.
(BTW I have a license for KAV and for NOD32, so I'm familiar with both )

 

To all: If you wish to discuss the programs, fine. But please keep comments of a personal nature out of the discussion.

As a current user of both NOD32 and KAV 5.0 WS on multiple machines, I can state that KAV is an excellent program and it is suited for users ranging from novice to expert. In my experience, it does not have any greater incompatibility than any other AV.

As with many programs now, it does possess kernel level self-protection which can create some issues with other like-minded programs. In my experience, the version 5.0 level is more sensitive to the presence of other installed AV's, and possibility other programs with realtime protective components, although I haven't run into any complications in this regard since I don't run many realtime security measures. As I mentioned here long ago (so long that I'm not about to dig up those posts) when KAV 5.0 appeared, I had been running KAV as an on-demand only AV with NOD32 realtime. At the 5.0 version level, this configuration was certainly not as gracefully coexistent with other AV's as was the 4.5 version level. However, for the vast majority of users this is simply a non-issue, they don't generally have multiple AV's installed. As it is, I only have one AV installed per partition currently.

halcyon obviously has had some real issues in this case, but that does not necessarily translate to other users. My experience is that any user going with a purely default installation will have no problems with KAV. Once can tweak if desired, but it is not required to obtain excellent protection.

Despite halcyon's experience, KAV is still a very highly recommended program in my view.

Blue

 

Quite the contrary, at least in the UK.

Most of the mainstream Magazines here, including Computer Buyer, Computer Active, What laptop, Computer Shopper, PC Answers, have all had very favorable reports on KAV 5 in the last 12 months or so. And in fact in most of these publications, KAV was awarded the "Best Buy" award.

The only main criticism of KAV in these "big public" magazines was it's relative high price compared to the opposition!

 

KAV's a good AV. Had no problems when I fiddled with it on a couple of test machines. My experience has been that issues arise when the "new" AV finds something to fight with on the new computer it's on. Mangled defs are not too unusual, either. It happens.

 

I am running KAV Personal Pro and no problems what so ever here. Regular updates and a nice feeling knowing that the detection rate is over 99%. Runs smoothly on my system. I've thrown loads of different applications at KAV and it just rides through them. I wouldn't swap it for anything. Just wait till KAV 6 is out. Now that will be great too.

 

Hi halcyon,

A couple of comments:

1) KAV has been my choice for my friends for quite some time now. It does its primary task extremely well - that is, it keeps malware (of all types) off the machine, which is the most important thing for novice and experienced users alike. There is nothing more incovenient (or devastating) for a novice user than to be faced with unremovable malware. So in this respects, I believe KAV is in a league of its own.

2) Usually problems with KAV can be traced back to the installation. Sometimes it is the users fault for not reading and listening to instructions. But it is often also the fault of the KAV install procedures which I believe are very lacking. For example, on the Kaspersky forum Don has written some very important guidelines for turning off IDS during the install in case a firewall is already on the workstation. These instructions should be in full view during the install process so that all users would have to read it and make the appropriate decision. Instead the wrong the decision is the default . This is terrible. In this respect I agree with you. KAV desperately needs some installation as well as operational usability upgrades - from the perspective of an average new user.

3) Actually, given the amount of users, I find that the type and number of problems being reported are quite few in number. My guess is that many users, such as myself, stay with prior versions for a long time before upgrading because prior versions are still very reliable and have the same extremely strong detection capabilities. For example, version 4.5, which is rock solid, has the same scan/detection engine and database as the current version. This, is really quite good for users, since they are not forced to upgrade to new versions (or even know about new versions), since their older versions are still extremely competent. In this respect, the KAV engineering philosophy is quite excellent.

I can certainly understand your frustration, if the install went bad. You are not alone. I hope that Kaspersky Labs takes the end-user usability question as seriously as they take their scan/detection engineering. I think everyone would benefit if they did.

Cya around - and thanks for sharing your views,
Rich

 

Nice balanced post, Rich.

As for the install, i can only agree and have put these recommendations forward to the developers last week:

1. The "Operate according to recommended settings" should be removed completely and the networkprotection should default be disabled.

http://img157.imageshack.us/img157/1415/k47hg.jpg

2. This window should replace it:
http://img157.imageshack.us/img157/6915/k58gf.jpg

But with a text stating that if you use a softwarefirewall you should leave it disabled unless you use Kaspersky's own which works fine with it.

3. Also the yellow exclamation is confusing to some:

http://img172.imageshack.us/img172/1586/8691sr.png


I have recommended that this stays green, even if the IDS is disabled. Whether they will implement all of this (or any) in the next update/maintenance pack remains to be seen, but i'm hopeful.

 

To BlueZannetti: I have edited my opening remark, as i had no intension of starting any flamewar of any kind.

 

Hi Don,

Your recommendation is right on. Kaspersky Labs would save itself lots of problems if they incorporate your recommendation into their product as soon as possible. It is probably the single biggest issue with the user interface at this time and it is quite easily remedied. I hope they listen to your recommendation.

And, as always, your assistance here and on Kaspersky's forums is greatly appreciated. It has saved me from lots of problems - and saved me lots of time. So thanks!!

Cya around,
Rich

 

You're most welcome, Rich.

 

Users of NOD have BlackSpear as their forum guide and mentor to solve any problems.

KAV users, fortunately have Don, who does a similar task over on their forum.

IMO, he and a number of fellow helpers on the KAV forum have converted a lot of potential buys into definites for Kaspersky.

This has been a godsend to Kaspersky as apart from the poor default settings, the main criticism of KAV lately has been the poor support from the main Russian site.

Take a bow, Don

 

The barrage of problem reports that you saw at the kav forums could (and does) apply to any and most AVs.Antivir for example will not run on my 98 machine but just gives fatal exceptions.Theres a multitude of reasons why this could be so ,drivers ,conflict with another programe etc.Im not going to slag antivir off though just because it doesnt work with my setup.I have a liscence for nod and a few other well known avs and ats ,and have used them all ,over the last few years.I m now using kav and personally believe its the best.Its the first av that i feel safe using without an additional AT scanner and a realtime ad/spyware scanner running realtime too ,which saves resources.To advise people to stay away from kav unless one is an advanced user ,is also a bit harsh.Actually kav 5 is one of the simplest avs ive ever setup.In fact the multitude of settings that can be tweaked within nod is far more complex than kav (though blackspears hard work in extra settings thread has made the task much easier).If an av doesnt work for you,just move on and find one that best suits your setup and expectations...i did and kav is the result.
ellison

 

any chance u can tell the devs that it also stay green if u use custom settings? it should only have a green and red for enabled and disabled. its less confusing that way.

 

I had recommended that to KL during the initial KAV WS 5.0 beta. Hopefully they're listening now, because it is confusing to anyone using customized settings and they are not always less secure then the recommended ones.

Blue

 

Would be nice to have a single "disable startup scan" check box.

 

I doubt whether Kaspersky will spend time implementing this in KAV 5 as a new version is on the horizon. However, I could be pleasantly surprised

But this feature is present in the KAV/KIS 2006 pre-beta's and therefore should be in the gold release.

 

I don't think it's right to "bash" a product because of a single installation that had an issue. I have installed KAV Personal and Pro on hundreds of machines and have only had 2 issues, they were both with Personal 5, the initial release of it and were high CPU usage issues. I'm sorry that you had such a bad experience as well, but it's one experience and it's impossible to judge a product from that.

It reminds me of XP SP2, a lot of users complained (and still complain) that it sucks and crashes their computers. I have install SP2 on more computers than I can count and have never had a single issue with it.

When people have issues such as this I have usually traced it back to a poorly written program that conflicts with the newly installed program (KAV being the newly installed one here). I have seen numerous programs and drivers over the years that are very poorly written that have caused these types of issues and when I encounter a bad install of a good program I find that one of these "bad" programs or drivers was already installed.

 

Thanks for all the comments. I was expecting these.

However, I resent being called NOD32 advocate.

If that's your only argument, then you're in my kill file.

Those of you who know some of my postings, know that I'm hard when needed. I also consider TDS-3 to be really bad in many respects, regardless of it's rave reviews and stellar trojan detection performance. It just fails on so many regards (which I've outlined elsewhere, no need to repeat them here) and the developer fails to acknowledge these, that I have stopped using it altogether myself.

The same applies to my stance on Outpost Pro.

I have also seriously criticised NOD-32 on a couple of occasions (with a proper cause), but fortunately fixes to these issues have been implemented.

I could list my criticism about dozens of other non-security related software as well, but that's not at discussion here and I think you get the point I'm after.

Personally, I use the tool that is most appropriate for the task at hand for the person doing the job. This is of course dependent on the user. I don't believe in single universal tools for everyone (I wouldn't be worth my salt as a HCI professional, if I did).

However, based on the performance criteria of KAV5 Ppro, I don't recommend KAV5 Personal PRO (esp. Pro) at all to the novice user.

Security software is not very useful, if it breaks down by itself, stop protecting and does not notify the user.

The world class detection rate is completely theoretical when this happens.

If a vendor does not understand this, I think it is seriously misguided about how a security software should work.

If you actually went and looked at the threads in the KAV forums, you'd understand that many of the issues are DESIGN (as in intentional) and compatibility (as in not working properly with other software) issues.

These are not "stupid user error" or "wrong installation" errors.

Also, as an advocate of usable software, I do remind all of us of the simple fact of life:

The minute a program needs to be tagged with a lot of add-on instructions, warnings, bypasses and workaround OR when it's ability to function properly must be blamed on the "stupid user", it is a good time to ask whether the software is good for that particular user.

In this respect I still stick to my judgement and I don't think the arguments from advanced users deters my stand at all.

Still, I do appreciate the comments and I posted this here mainly for the benefit of AV/security software beginners, who happen to stumble upon KAV and think it is the only right solution to everybody.

This is my end to this discussion. I have voiced my opinion and I'm happy I did

friendly regards,
halcyon

PS I don't think any of you that have done hundreds of installations, qualify as a beginner. I don't think myself as a beginner either, nor the hundreds of users having serious issues, for which there only exists a tedious manual workaround

 

KAV is an excellent product - at least, the latest version of KAV Pro v5 is. The latest version of KAV pro v5 is VERY slick and light.

It is an excellent product, and I eagerly await the release version of KAV 2006. I *might* just buy it after my current NOD license ends (and thats in 2007 for the record )

 

Hi Halcyon,

I think that Kaspersky Labs can be seriously taken to task for being "obstinate" sometimes in their end-user design and support. I think a model for very clean design (where interface instructions are obvious and make sense) is Ewido. Nothing hidden. Everything cleanly displayed and in logical places. I am surprised that other vendors don't look at clean interface designs and just re-use them. "Not made here", often gets in the way of end-user needs. And that is often a criticism that can be directed at most software companies.

With that said, KAV has been so bullet-proof in my experiences, and this, for me, trumps all. My family, friends, associates who I have recommended this product to, and use it, have been completely free of very destructive and malicious infections because of KAV's extraordinary scan/detection capabilities. However, I do understand your concerns that KAV has "shut down" without warning and alerts - and of course, should this arise, a user is without any protection. So it would be very interesting to hear 1) under what circumstances this has occurred, 2) what was Kaspersky's Lab response 3) was the problem ever resolved or is it a chronic issue?

I think every product can be improved, and only by discussing these issues and understanding them, can users and vendors make appropriate decisions and take appropriate actions. I certainly would like to hear more about this particular issue. Thanks.

Rich

 

bring back kav lite