'Self Defence' in FSIS?

Simon

Both Kaspersky and Bitdefender have 'self defence' systems built into their products, to stop program files being changed, or components of the products being deactivated by malware or rogue applications.  Does F-Secure have similar protection?

Simon

Does nobody have an answer to this?

etomcat

Hello,

 

> Both Kaspersky and Bitdefender have 'self defence' systems built into their products

 

When a malware enters a computer and manages to activate, the first thing it does is to kill security software processes according to a long list of pre-programmed values. How long, depends on the diligence of Mr. VXer, but I think Flamer had like 443 (!) different IT-security software on its "kill bill". Because of this, self-defence is a gizmo, that does not make much sense, because the security software process will be gone from the memory as soon as malware activates...

 

Therefore, it is best (1) not to allow malware to activate and (2) not to allow exploits to inject code into running processes. This is what F-Secure tries to do with the Aquarius and Hydra scan engines (for 1) and Deepguard for (2). According to test results, F-Secure achieves these aims pretty well.

 

Best regards, Tamas Feher, Hungary.

Simon

Thanks, Tamas, for the explanation.