Kaspersky is a Russian computer security firm co-founded by Natalia and Eugene Kaspersky in 1997. It offers a wide range of security products for home and business PCs and includes antivirus, anti-spyware, antispam and firewall protection.
Easy Install, Lengthy Scans
Getting Kaspersky installed and updated on ten of my twelve test systems was a snap. In one case it reported that malware was attempting URL redirection to prevent activation and updates. Kaspersky simply fixed the problem and continued, where other antivirus tools have been defeated. The Kaspersky installer failed on one test system that only functions in Safe Mode. The product installed but would not launch on another test system. A session with Kaspersky's free Virus Removal Tool solved both of those problems.
In some cases, special disinfection interrupted a full scan; after reboot, the full scan resumed where it left off. Full cleanup required multiple sessions and multiple full scans in many cases. One system offered special disinfection for the same threat over and over. After a couple days, a new update allowed the antivirus to complete disinfection of that threat.
A full scan on my standard clean test system took 37 minutes, slightly faster than the current average. Kaspersky avoids rescanning files that have been identified as safe, so a repeat scan took less than two minutes.
Kaspersky Security Network
File and domain reputation tracking through Kaspersky Security Network (KSN) have also been enhanced in the current edition. This online database tracks over half a billion known good objects and almost 70 million dangerous ones. When an unknown file appears on a system participating in KSN, it gets uploaded for analysis automatically. This lets Kaspersky catch zero-day threats, threats too new to have traditional signatures.
Very Good Malware Cleanup
All of that special disinfection and repeated scanning really paid off in my malware removal test. Kaspersky detected 89 percent of the threats. Like Bitdefender, Panda Cloud Antivirus Free Edition 2.0, and a couple others, Kaspersky detected 100 percent of the samples that use rootkit technology. Kaspersky's 9.4 points for rootkit removal is a new top score among products tested with my current malware collection.
Good Malware Blocking
Kaspersky's Web Anti-Virus feature is designed to keep users from accidentally visiting known malware-hosting sites, or sites with a significantly bad reputation in KSN's database. When I tried to download my current malware collection again, the Web Anti-Virus blocked access to over half of the still-functional URLs. Another 38 percent got whacked by the File Anti-Virus at some point during the download process. Overall, Kaspersky blocked download for 92 percent of threats, a fraction better than Bitdefender's 91 percent.
As soon as I opened the folder containing my malware samples, Kaspersky started wiping them out. Here, as in the malware removal test, if it reported riskware I actively chose to remove the threat. Within a few minutes, Kaspersky had eliminated nearly 80 percent of the threats.
I launched those that survived the initial blitz and measured Kaspersky's response. In a couple of cases it allowed the installation but then proposed a "special disinfection." I didn't let it; the point in this test is to prevent infestation, not to allow it and then try to clean up.
As noted, my own hands-on tests are potentially compromised because of the foreknowledge gained by the Kaspersky Security Network during an earlier review. I was pleased to find that the independent labs also register good results for Kaspersky.
ICSA Labs and West Coast Labs both certify Kaspersky's technology for virus detection and removal. Kaspersky is one of a handful of vendors to receive the additional platinum certification from West Coast. It also achieved the VB100 award in all ten of the last ten Windows-based tests by Virus Bulletin.
Austrian lab AV-Comparatives tests static recognition of malware using current signatures and again using outdated signatures. The latter test is meant to evaluate the product's handling of zero-day malware. In both tests, Kaspersky rated ADVANCED+, the highest rating. It also got the top rating in this lab's real-time dynamic protection test.
AV-Comparatives rates antivirus products in three categories: protection, repair, and usability. With six points possible in each category, a product must total at least 11 to earn certification. Kaspersky earned 16.5 points in each of the most recent tests. Only Bitdefender did better, with 17 of 18 possible points.
Impressive Phishing Protection
In addition to blocking malicious websites, Kaspersky's Web Anti-Virus can detect and block fraudulent (phishing) sites, so you don't accidentally give away your security credentials to crooks. It blocks known phishing sites but also analyzes unknowns heuristically to detect signs of phishing. Norton, the consistent antiphishing champion, also uses two different detection methods.
Kaspersky's technique definitely works. In a test with 100 very recent verified phishing sites, its detection rate was just a fraction of a percent better than Norton's. Bitdefender is definitely in the mix, just one percent below Norton's detection rate.
I also compare detection against the SmartScreen Filter built in to Internet Explorer 8. Almost 70 percent of products I've tested recently don't even manage to beat IE's detection rate. Kaspersky beat IE by 22 percent, Bitdefender by 41 percent.
Exploits are hack-attacks that take advantage of security flaws in Windows, your browser, or other common applications. I typically think of exploit protection as a firewall feature, but when I attacked Kaspersky Anti-Virus using the Core IMPACT penetration tool it did a dandy job of defense.
None of the exploits managed to breach security. In part that's due to the fact that the test system is full patched, but Kaspersky's automatic exploit prevention surely helped. Of the 30-odd exploits I tried, it actively blocked almost two-thirds and identified most of them by name. Some might prefer that the security tool just quietly block such threats, but if a website is attacking my system I want to know it!
Conclusion - A Good Choice
Kaspersky's "special disinfection" and multiple scans can take a while to clean up an infested system, but it's worth the wait. It scored well in independent lab tests. Bonus features like phishing protection, exploit prevention, and scanning for insecure settings are just icing on the cake.