- May 3, 2015
- 1,739
I think ZoneAlarm Nextgen would be the ideal software for the OP's purpose. It's basically a behavior analysis software that run simulations of software before they run with some Ai thrown in and Sophos signatures as well.
Are antiviruses unimportant?
- Thread starter Dr. Wells
- Start date
- Aug 27, 2024
- 38
What's MP? I can send you from Discord, Instagram. And i want you to close network after update antivirus because Kaspersky can send it to KSN and add its database (normally, no problem at this but while testing, it can give result false, after test, u can open network to allow kaspersky send file KSN.)Send me your sample in mp if it's FUD with which antivirus you want to see and I'll take a look at it on Sunday
(Not available Saturday)
- Feb 7, 2023
- 2,351
The anti-ransomware makes periodic backups as well of what looks like user files. It is done every hour, file size up to 25MB and maximum repository (compressed, encrypted, only accessible to Check Point -signed processes) 1GB. Upon ransomware, it restores from there.
- May 3, 2015
- 1,739
You're really tempting me. You want me to throw the US$5 I paid for Norton in the trash
- Sep 2, 2021
- 2,582
- May 10, 2019
- 2,289
No no need. You can give it to me and I'll throw it in my trashYou're really tempting me. You want me to throw the US$5 I paid for Norton in the trash
Khushal
Level 2
- Apr 4, 2024
- 70
Not too surprised with Kaspersky drinking tea on an obfuscated sample, since it's Kryptik/Crypt protection has always been unsatisfactory in my own tests. Still i would like to have a look at the sample and would not test it with internet enabled.
- Aug 27, 2024
- 38
- Aug 27, 2024
- 38
Khushal
Level 2
- Apr 4, 2024
- 70
- Aug 27, 2024
- 38
Come private message and, close internet before extracting virus, dont forget update antivirus before close internet.
- Feb 7, 2023
- 2,351
Without internet your test is not accurate, as a lot of solutions need internet connection. I don’t understand what is the point of these weird and half-baked tests. What exactly are you trying to prove?
Norton needs connection to access up-to-fate machine learning for SDS and SONAR. Others, like McAfee and Webroot don’t function without a connection at all. Avast and Kaspersky need connection to access enhanced detection.
Khushal
Level 2
- Apr 4, 2024
- 70
- Aug 27, 2024
- 38
Norton dont matter so much with/without internet. If i open internet the test would be invalid because of KSN. Yes, KSN good but that test just shows offline results. Also, If behavioral protection dont work without internet, then why it's behavioral protection?
- Feb 7, 2023
- 2,351
It does matter because without Internet it can’t use its reputation heuristic, which takes into account the file origin, age and prevalence. The machine learning is constrained too. There is a lot that is only in the cloud, updating doesn’t download all the models and threat information.
- Aug 27, 2024
- 38
You may be right but i dont thought it does matter so much exclude kaspersky if i open internet, Also, Kaspersky cant block while others can block.
- Feb 7, 2023
- 2,351
But it’s not only Kaspersky, Trend Micro, Norton, McAfee, Avast, Webroot and many others need their cloud either partially or fully.
You are disabling the antivirus in some tests and just testing the behavioural blocker. But then you are also going ahead and disconnecting the behavioural blocker from its machine learning backend, leaving it with a small number of local behavioural profiles.
So again, what’s the point of all that? You can turn off telemetry to protect your sample. But disconnecting the AV is absurd.
- Aug 27, 2024
- 38
We can say Kaspersky's heuristic detection weaker than Norton and Bitdefender.
- Aug 27, 2024
- 38
If behavioral need internet, why it's behavioral protecton?
Similar threads
