|
|
|
|
Concerning to:
- Kaspersky Internet Security 2010
- Kaspersky Anti-Virus 2010
With rapid development of information technologies and further spread of the Internet into masses number of threats, to which computer users are subjected to, grows proportionally. The former mechanisms of replenishing databases of malicious objects do not allow to timely prevent such threats, that is why new methods to provide security are needed. One of such methods is Kaspersky Security Network (KSN), whose aim is to decrease the time necessary to detect and block new types of threats. This system collects the information about files run on the user's computer and thus traces presence of malicious objects and their distribution channels.
In product version (unlike version 2009) you can send unknown files or their parts to Kaspersky Lab servers within the framework of Kaspersky Security Network (KSN). It allows to block malicious objects directly from the moment they are detected by Kaspersky Lab experts.
The following and similar cases received from users of version 2009 and statistically processed caused the technology implementing:
- Growth of the file popularity within a short period of time. Popularity growth is typical for common, frequently updated applications (browsers, IM-clients, e.g. ICQ, Skype and etc.); as a result of such application popularity a lot of requests about the application activity status (up to 1 million and more) come to Kaspersky Lab from the users' computers within a short time period (3-5- days). Based on this information a verdict is made if the file is dangerous or not. Since such files do not normally have a digital signature, Kaspersky Anti-Virus 2010/Kaspersky Internet Security 2010 automatically places them into a restricted group thus causing inconveniences to users. The possibility to get and to analyze such files by Kaspersky Lab experts on the early stage of their spread allows to timely add such files to lists of trusted applications. As a result the corresponding components of products 2010 will be able to identify such applications more precisely without causing any difficulties to the user.
- Virus containers. The situation is typical for unknown files which contain known viruses. Results of statistics received from the users reflected the following behavior scenario: first an unknown application is launched, next in a short period of time several known applications are run which are detected as viruses. As a result the feature to detect an unknown file during the first detected attempts to run itself has been added to Kaspersky Lab 2010 products thus allowing to add a virus to the databases without false alarms.
- Activity analysis. Several technologies which allow to detect and to analyze launched applications (malicious activity, parts of malicious code and etc.) have been added to Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010. Using the technology of transferring files from users' computers will allow to increase analysis precision and timely add malicious objects to the corresponding databases.
How the technology works once a new version of a popular application is released:
When a new version is released, users download and install the program distributive. From the computers of the first users, with product 2010 version installed and KSN enabled (i.e. active), the statistics of the application activity is sent to Kaspersky Lab servers. Based on the received information the corresponding verdict is assigned to the file: dangerous - not dangerous. When other users run the same distributive on their computers Kaspersky Lab 2010 product gets the verdict: dangerous - not dangerous from Kaspersky Lab servers and sends the program file either entirely or partially to Kaspersky Lab. Upon the file receipt analysts make a decision to which databases the file should be added.
|
| |
Sometimes after removal of third-party anti-virus software with the standard means and the computer restart some records may still remain in the system registry and prevent a Kaspersky Lab product from installation.
Before the files are copied onto a hard disk the Setup Wizard scans the disk for software incompatible with Kaspersky Lab applications. Records in the system registry are recognized by the Setup Wizard as fully installed third-party software, even though the product was removed and is no longer installed on the PC. As a result Kaspersky Lab Setup Wizard asks to delete the detected incompatible software manually and terminates the installation process.
To manually remove a third-party product, use the corresponding removal tool.
- Tool to remove Norton products
- Tool to remove McAfee products
- Tools to remove TrendMicro products:
- for 32-bit systems
- for 64-bit systems
- Tools to remove BitDefender products:
- for 32-bit systems
- for 64-bit systems
- Tool to remove Avast products
- Tool to remove F-Secure products
- Tools to remove AVG products
- for 32-bit systems
- for 64-bit systems
|
| |
To check the efficiency of your Kaspersky Internet Security 2010, do the following:
- Make sure that Kaspersky Internet Security Real-Time Protection is enabled
- Download eicar.com test virus from the Kaspersky Lab server (What is a test virus eicar? How can I use it? Where can I get it to check Kaspersky Anti-Virus efficiency?) and try to save it in any folder on a hard drive of your computer. Kaspersky Internet Security 2010 will detect eicar.com and prevent the file from saving on a hard drive (on the image given above the warning window is displayed)
|
|
|
