Kaspersky Internet Security - Views?


I see lots of comment in this NG about how apparently useless personal firewalls are in respect of monitoring outgoing traffic and alerting the user to malware attempts to "phone home" etc. The reason given for this is usually along the lines of "because any malware worth anything would be able to circumvent such checks and communicate out without being detected". Fair enough, I see the logic in that. However, amongst the firewalls discussed I haven't seen anyone comment specifically about Kaspersky Internet Security (KIS6.0). Kaspersky claims to protect its own files (via "Self-Defense")and also monitors all manner of process activity and alerts the user to strange behaviour. Is this getting any nearer to a useful facility? It has seemed very good to me but of course you could argue that either I have no malware on my machine (I am careful despite the fact that this PC is for family use) or I cannot see what any installed malware is doing anyway.

Any comments?

Reply to
Loading thread data ...

I'm home user just like you, and I don't use Kaspersky so my opinions are not very relevant (I think it has a good anti-virus).

This is what I think that I know.

All software solutions, today, use API for operation. Rootkit is hidden from API so Kaspersky is not aware that rootkit exist. So it cannot protect you or itself from rootkit activity.

Process infection. Malware will choose process which already has approval for activities it need. So there will be no strange behaviour. Reading of Kaspersky files/keys can be done by rootikt so Kaspersky wan't detect it.

AFAIK, currently, there is no good solution against rootkits, but I hope that situation is going to change soon.

You can scan your machine with some rootkit revealer. This one seems to be good.

formatting link

Reply to

Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.