Kaspersky reliable?

Discussion in 'other anti-virus software' started by truthseeker, Oct 2, 2008.

Thread Status:
Not open for further replies.
  1. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,586
    Location:
    South Wales, UK
    Can we please get back to the reason for this thread?:gack:

    I would endorse what Saraceno says. Have been running KIS since version 6 through to the latest 2009 with little or no issues. I am also a Gold Beta Tester...so I am nailing my colours to the mast here.

    But I would say that if you want a good perspective of the product then you should log onto the Kaspersky Lab Forum:

    (http://forum.kaspersky.com/index.php?showforum=4)

    and check out what is being said there as it reflects the position of current users (not disrespect to Wilders but the KL Forum is dedicated and therefore likely to be somewhat more represntative, etc., IMHO)

    I would close on a personal note by saying that my base line loyalty is to quality and I will go with what I consider best or one of the best. I was a NIS user for many years until NIS2006 became unusable, IMHO...and therefore I switched. I note that NIS2009 is getting excellent reviews, IMHO on a par with KIS, but am content to stay with KIS.

    Hope that this help? :D
     
  2. Fly

    Fly Registered Member

    Joined:
    Nov 1, 2007
    Posts:
    2,201
    It's not as rosy as that.

    Although I'm not familiar with the latest versions, Kaspersky used to cause a relatively high % of false positives. Certainly more than the average AV.

    And if you don't want to use the default settings, you can get some interesting surprises :D
     
  3. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    Try turning heuristics on maximum, it can yield some interesting discoveries :) I ended up using medium heuristcs in Full Scan, safer that way.
     
  4. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    To all,

    This discussion became sidetracked and a number of posts related to that have been removed.

    Let's keep the comments focused on the original question and not various members posting here.

    Blue
     
  5. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,586
    Location:
    South Wales, UK
    A good point indeed but the same as one would find if one set any heuristics emulator/functionality, in any product that has this feature, to 'High'.

    I personally tried this and whilst I found it to be the case in KIS2009 I did not find the no. of FPs to be very high, and they were easily weeded out and notified to the Kaspersky Lab for review.

    I personally have Heuristics set to Medium, and that in combination with the other features of KIS, ie, PDM, HIPS, Application White List, etc., seems to do the job for me.:D
     
  6. xpsunny

    xpsunny Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    163
    Thank you. :)
     
  7. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    Kaspersky has good detection history and continues to enjoy high detection in my own dirty tests and also of many neutral labs ( see AV-Test & AV-Comparative).
    In Kaspersky 2009, they have introduced a proactive/HIPS module which further increases protection against 0-day threats.

    But there are some chinks in the armor.
    1) Proactive/HIPS module will trust signed apps by default. This may allow certain adware/rogueware for which signature may not have been written to pass through.
    2) Proactive/HIPS protection is present only in XP ( and earlier windows versions). In Windows Vista, the protection is dilute to almost zero.

    So IMO, use Kaspersky and have a on-demand AV/AS, for any exigency. I use and recommend, SuperAntiSpyware.
    If you are using Vista, do use some HIPS tool like Mamutu,Zemana or DefenseWall for complete security, till KL resolves the issue of their HIPS drivers.
     
  8. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London

    Sorry, but a one word post of "nope" counts as flamebait to me...what were you hoping to achieve with that apart from getting some emotional responses?

    If you wanted to give your reasons you should have done so in the original reply so then we could see why you think that instead of assuming you are stirring for no reason. Now it looks like you are giving reasons only because someone questioned your original intentions.

    1. Kaspersky doesn't have a poor detection of spyware....a lot of which falls under "other programs" or "riskware" category which is off by default. With it enabled, Kaspersky detects the works (obviously not all, but a quick email with a sample and it is detected......Kaspersky also have tech support and a forum for helping customers with infected machines and getting them cleaned up with a little input from the user.

    2. iSwift does not scan on network drives.

    3. This may happen very rarely (and it happens to other vendors too, I can give a few examples where neosploit scripts came back clean from vendor X and Y while Z and others added it) due to human/auto analysis error. If you reply to the original response with a clear description of why the "clean" verdict is wrong instead of just virustotal links, then it will be reanalysed and added quickly.

    4. So the fact that heuristics are enabled in WebAV, and MailAV and scanning your mail, IM traffic and web surfing (the main point of infection- email and web and IM) doesn't matter and doesn't count as realtime to you does it? ....also the fact that HIPS does a deep heuristic analysis when you launch an executable for the first time? :rolleyes:

    It might cause a slowdown if you are using a pentium 3 with 64mb of ram, but any decent pc will not notice a significant blow from having heuristics on the fileav realtime protection, although this is not needed for the reasons I mentioned above.
     
  9. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London

    1. There is a blacklist of digital certificates that is updated frequently, and not all digital certificates are trusted by default. Hence there is no "chink" there

    2. Incorrect. Proactive defense/HIPS has a fully funcitonal set of features in Vista, but less compared to XP due to API limitations set out by Microsoft. If you care to test HIPS on a Vista system you will see that it is perfectly capable of dealing with malware. Do not base judgements on leaktests or hearsay ;)
     
  10. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    Hmmm.... Isn't HIPS/Proactive protection supposed to be to fight against 0-day threats ?? 0-day as per my knowledge means a threat for which signature/counter-action is yet to be made. In such a case, how will Kaspersky protect ?
    It has the same fatal flaw as other products working on the whitelist/blacklist principle. Where any unlisted threat is free to infect, till its detection and addition.
    Wow, Baz. Thats what I like about you and other ppl from KL in general. Be it here or in KL forums. You never admit your fault, you still what people to believe the world is flat.

    Do not base on leak tests !! You gotta be kidding me. If you can't detect and protect against test apps, how is it that you will protect against real threats :argh:
    The Zemana tests both signed and unsigned versions fail on Vista with KIS 2009, now how do you suppose KIS 2009 can actually protect against loggers ?? o_O

    I also tested many commercial keyloggers, before making this statement. Here is the one:
    KIS-KLG.jpg

    ( To protect the thousands of KIS 2009 users on Vista, I have hidden the actual name and details of the keylogger used. )

    KIS 2009 by default added the logger in "Low Restricted" group. But still it worked. So I moved it to "Highly Restricted", still nothing !!

    Yet I am sure, you still believe that KIS 2009 actually has a working HIPS ... o_O So let me ask you.

    Everytime you seem to ask other to prove and never accept undeniable proof given. If KIS 2009 actually works on Vista, prove it...
    Show me KIS 2009 successfully thwarting loggers and 0-day threats on Vista. Let the experts at Wilders and other forums decide reality. Stop the Bull **** !!
    Stop being a "bully" and rather have the courage to admit your faults and overcome them. It will give you more respect and loyal users, I promise.
     
    Last edited: Oct 4, 2008
  11. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
    Exactly because those leak tests are no real threat...

    Already been debated here; it's whitelisted. You need to test with real malware as said before...
     
  12. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    No real threat !! It logs my keystrokes, captures my screen. Thats sooo normal.

    If you look in depth, in the conversation. It seems, the automatic whitelist, is for signed apps. Since Zemana tests are signed, they where automatically whitelisted.
    Hence usage of unsigned test in XP, will trigger prompt for KIS 2009.
    See this post in same thread.
     
  13. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
    Nice to misquote something out of context and restart your rants. The reply was about the leak tests, damn it! Learn to debate in a civilized way or keep your trap shut. :thumbd: :mad:
     
  14. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    Ok, I have no shame in admitting my mistake.

    If you see my actual post I was talking of leak and logger tests in conjuction. So I assumed, you also meant the same collectively.

    Civilized .... What did I do so uncivil ? I never uttered profanity or curse. Why is sarcasm so bad. Unfortunately, I always add a tad of sarcasm to get my point across, so you will probably see more of that from my "trap" ( Yeah, thats civil ). Its all figurative, not literal. So try to take it , in your stride. I don't mean it in the perspective, you seem to assume.
     
    Last edited: Oct 4, 2008
  15. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Folks.

    Let's tone down the gratuitous rhetoric. It really doesn't advance either side of the debate.

    Blue
     
  16. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    vijayind, no disrespect, but to address the original poster, Kaspersky for an 'all-round' package is pretty damn good.

    The commercial keylogger you refer to, don't know which one it is, it might also go unnoticed by programs such as ThreatFire, Mamutu, or by all the other AVs. If it is picked-up by all the other programs, then fair enough, Kaspersky has some work to do.

    Rather than an experienced user like yourself that is testing commercial keyloggers, and intentionally installing keyloggers, is quite different to the regular user experiencing a drive-by download.

    IMO, I still maintain, for a regular user, surfing the internet, the likelihood of a drive-by keylogger transferring from a site then self-installing itself without Kaspersky giving alerts, would be as rare as hen's teeth.

    It might have some improvements, but I believe there are plenty of products out there that wish they could say they have 'a few improvements to go', but instead are looking at a complete product overhaul.
    :)
     
  17. wildvirus88

    wildvirus88 Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    331
    Kaspersky is reliable, but I sent some samples have more than 4 to 5 days and I received no reply yet. The signatures were not added too.
    Probably it's a temporary problem because usually they reply in some hours.
     
  18. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    I see that your main feedback about avs is about sample-sending:)
    Sometimes they reply slowly, or don't at all, in some cases I waited for weeks and no reply...but then I sent the sample again, and I got a reply.
     
  19. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,166
    Location:
    PA
    Yes, Kaspersky is reliable, but I decided to put the firewall/HIPS in Interactive Mode. That way I can get advice but make my own decision. I decided to return my NIS 2009 license and stick with KIS.
     
  20. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    It is reliable, the HIPS may have some bugs(for instance with some programs it gives tons of keylogger alerts by an 'unknown' application that won't go away until you turn off the PC), but it's powerful overall.
     
  21. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    Are you running SSM by any chance?

    The protection offered by the PDM in KAV 8 is appreciably weaker than that of KAV 7 and 6; a lot of the action has been hived off to KIS. Actually I think it has been dumbed down to make it more user friendly for the less experienced.
     
  22. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    No, it did like that with IceSword and PowerDVD(strangely this last one was fixed if I unchecked "don't monitor application activity" for another program called Launchy:doubt:
    Ah, yes, also with MBAM, it said that the boot sector or something had been changed, got away after a restart)
    I think that the developers have concentrated more on the HIPS.
     
  23. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    No offense taken, Sir. I agree, its pretty good. I said so, in my first post on this thread. But a neutral commentator, should also highlight the cons also (if any). Which I did, its up the individual if they feel its a sizable drawback for him/her.
    I had mixed results with commercial keyloggers. Zemana missed few ( I have sent them a report). Mamutu warned for many in normal mode, but for all in paranoid mode. Comodo Defense+ was the best, it detected everything and gave warning at every step of installation, execution and logging.
    Well, by using commercial keyloggers I want to check the HIPS/Proactive behavior of the product.
    Average Joe can meet with a 0-day malware, then the HIPS should kick in. If it fails for most/all commercial keyloggers its logical to conclude that the HIPS may not be able to provide good protection.
    Same with KIS 2009, a regular user if confronted with 0-day malware will be unprotected, IMO as per the tests.
    I agree, but my main grievance here is the fact the KL doesn't display this info in its advertising and also takes a bullish approach in face of evidence.

    I am still a KIS 2009 user. And with all probability I shall continue to use KL products. But for the fact, I am not a fanboy and I don't want to give biased opinions. Since none have been given to me, here on the forum.
     
  24. vijayind

    vijayind Registered Member

    Joined:
    Aug 9, 2008
    Posts:
    1,413
    Let me guess, that on XP. Right ?
    On Vista, I yearn to see even such a sight.
     
  25. Jin K

    Jin K Registered Member

    Joined:
    Apr 9, 2008
    Posts:
    105
    the only thing that i hate on kaspersky!! it hips when it put a malware that have a signature into low resricted group i dont know but i think if they also make it by behavior it will be good!!!

    also that i have found the hips so weak against some variants like trojans-downladers that created it self into the tmp so i wish it will improve in the 2010 ver maybe
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.