I was reading an article about rootkits and saw that the German research group "AV-TEST" recently gave good marks to Kaspersky Internet Security 7 with it coming in second only to BitDefender Internet Security 2008 (congrats) as a suite, in their ability to stop the install, detect and finally remove rootkits.
While this is great news for home users of version 7, where does that leave business users protecting their servers and workstations. We are using 6.0.3.837 across our network. What kind of rootkit protection is in this version of the software? It seems they conducted their tests on Wndows XP SP2, what about your software on Vista SP1or XP running SP3?
PDF version here...
http://www.av-test.org/down/papers/2008-04_vb_rootkits.pdf
Thanks
Product Version Detection of Detection of Detection of Removal of Removal of Removal of
inactive samples actively running malware hidden inactive samples actively running malware hidden
rootkits by rootkits rootkits by rootkits
Reference (max) -> 30 30 30 27 30 30
INTERNET SECURITY SUITES
Avira AntiVir Premium Security Suite 7.06.00.168 28 29 30 25 7 7
BitDefender Internet Security 2008 11.0.13 30 28 29 27 23 27
Bullguard Internet Security Suite 7.0.0.27 30 7 10 27 4 0
G DATA InternetSecurity 2008 18.0.7227.533 30 9 4 27 7 0
Kaspersky Internet Security 7.0 7.0.0.119 28 24 28 25 22 25
Kaspersky Personal Security Suite V 6.0.2.621 28 21 27 25 19 17
Norton Internet Security 2008 15.0.0.60 25 18 25 25 18 25
Full Version: Rootkit Detection with the Small Business Products
Hello,
KAV WKS 6.0.3.837 has got a Proactive Defense module which can help to detect hidden processes as well as KIS7.
More details are available on this FAQ.
I'm not sure but I think that the engine is the same that the one in KIS, except the fact that KIS has a special task to detect rootkit.
KAV WKS 6.0.3.837 has got a Proactive Defense module which can help to detect hidden processes as well as KIS7.
More details are available on this FAQ.
I'm not sure but I think that the engine is the same that the one in KIS, except the fact that KIS has a special task to detect rootkit.
Hi,
since i've just finished to remove a couple of rootkits (kernel mode) on my colleague's home computer (protected with KAV for Workstation 6.0.3.837), i can say that:
1) PDM6 is a good "tool" to detect rootkit installation but KAV6 is not so reliable when trying to disinfect an existing hidden driver (several of my resellers reported me about this behaviour)
2) Version 7 architecture, on the other hand, has a better removal approach and some of most widely spread rootkits can be removed easily.
Again, this is only my humble opinion...
M.
since i've just finished to remove a couple of rootkits (kernel mode) on my colleague's home computer (protected with KAV for Workstation 6.0.3.837), i can say that:
1) PDM6 is a good "tool" to detect rootkit installation but KAV6 is not so reliable when trying to disinfect an existing hidden driver (several of my resellers reported me about this behaviour)
2) Version 7 architecture, on the other hand, has a better removal approach and some of most widely spread rootkits can be removed easily.
Again, this is only my humble opinion...
M.
New business line products will be based on v8 core.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.