kaspersky proactive defense - effective?

I am running kaspersky antivirus 2009, realtime protection disabled, the only protection module I run realtime is the proactive defense, which is not h.i.p.s. but rather like a behavior analyzer geared towards detection of malicious behavior.

The other day I got infected with a myriad of viruses due to installing a program with an infected .exe, it had micro antivirus 2009, as well as about 35 different trojans bound to it. mwbam couldn't clean it, I finally cleaned it by booting into another snapshot and running superantispyware, but the viruses busted some system components in the snapshot, and I wound up sinking it and restoring from an archive.

Entire point being,though I didn't have kaspersky's realtime file monitor enabled, shouldn'tve it's proactive defense have detected and possibly stopped this infection?

Thoughts?

 

Do you have pdm set to auto or manual?

 

lee, the proactive defense module was realtime.

 

It has a lot of coverage, though sometimes it will place something like a rogue AV in "low restricted" instead of untrusted. I prefer Comodo's defense+, or Zemana, or System Safety Monitor.

 

the proactive defence is good but its not detect everything!!!

i advice you to enable the Hips its give such a great result on detecting malware more than PDM

 

good result even with rogue AV s

http://www.filedropper.com/1_144

 

you guys say it's good? my system got hit with 40 trojans and it didn't detect anything

 

The original PDM that came out with the v6 line of products did extremely well in a standalone test done by av-comparatives in 2006. This module has been much improved since, but as has already been said, there is the HIPS module now as well in the 2009 line.

 

The HIPS module doesn't work in Vista. We have ppl at Kaspersky finally admitting the same.
So are you using Vista ? Maybe their implementation of PDM for Vista is also partial.

 

kav 2009 doesnt have the application filtering module that kis does.
for a real test download and test kis

 

The HIPS function is actually the one which catches most of the uknown threats.

 

I did not realize that the KIS HIPS module doesn't work in Vista. Where is that discussed?

 

It actually does work, but many features are missing.

PS:Start reading from here till the end: http://forum.kaspersky.com/index.php?showtopic=81906&view=findpost&p=746368

 

Thanks for that link. It seems like KL should specify in their marketing that there is limited functionality in the HIPS module with Vista.

I am also using DefenseWall, so it isn't much of an issue for me other than honesty from KL.

 

Thanks for the info.This kind of sucks.I'm dissapointed becouse they don't write this on their product description.
Hope it's only keylogger protection and not the entire module?I have KIS 2009 on xp pro work computer and i know that all works good there.

 

HIPS does work in Vista.... except because of limitations by Microsoft certain funcitons cannot be implemented as they would like to. You can implement a full HIPS on vista, but then say goodbye to your Microsoft certification...which is a big trade off for a consumer and business product.

 

I can replace Kaspersky I can't replace my OS, I suggest that Kaspersky get their act together & get it to work correctly. Other companies seem to be able to do so with out 'blaming' an operating system , I give Kaspersky a grade of F for no disclosure but when is that new?

 

Can you see any of these apps with a full HIPS under windows vista who have MS logo certification for vista?

I certainly can't after checking out most of the names that are being thrown around. (apologies if I am wrong)

Microsoft have forbidden developers from doing certain things and only given limited API's to implement HIPS functionality- sure, KL can do what they like but then Microsoft will withdraw their certification and it will be going against the operating system manufacturers instructions. They (Microsoft) don't block it, but they have said no to certain things that security vendors need to do in order to implement such a system.

It's all good saying "get your act together" without knowing the facts.....

 

The fact that KL has opted for MS certification rather than fully implement HIPS in VISTA in not the issue, in my opinion. What bothers me is that I thought there was additional HIPS protection as stated in their marketing material. I should not have to find out that it does not apply to PC's running Vista by searching in forums. It should be clearly spelled out by KL. This lack of detail from KL does not exactly build trust.

 

Hence why only 10% of the windows market is using Windows Vista. and 90% of that is forced with sales of vista on prebuilts.

I have 1 computer on vista and its because the driver support for the XP version is not there the other computers will stay XP until the next OS comes out or Microsoft gets its crap together. Microsoft can make all the rules they want. but in the end its the Virus writers that will get the best of them.

Kaspersky is NOT the ONLY one suffering.

 

hopfully vista service pack 2 and windows 7 willl be better.

 

Same old Microsoft I guess.. Release a OS and 4 years later It may work correctly.

 

yup XD.
i heard windows xp used to be a mess. ive only used it since service pack 2 and that genrally works well.

 

yup XD.
i heard windows xp used to be a mess. ive only used it since service pack 2 and that genrally works well.
btw never compare microsoft to apple because apple has a much easier job due to the small amount of systems their os needs to work on.