Are antiviruses unimportant?
- Thread starter Dexter_Morgan31
- Start date
The fact that it is “behavioural” doesn’t have anything to do with the way it operates. It needs internet because some machine learning models are impossible to run on your machine, they would take days, weeks, months.
If you don’t understand the principles of protection, you should abstain from doing everything that you do.
They work the same way. One works with behaviour extracted through partial emulation, the other one works with behavioural features observed at runtime.
Also, try consolidating your replies in one post.
Don’t rush to reply, read and understand first.
I've got a bit of time tonight, so I'll install Kaspersky and test it.
(I'll do the same with Bitdefender because I want to see it too).
I also tested it with system watcher, internet was open and ksn was also connected but it did not block. But it's not recorded, if you want me to test sample with all modules and open internet, i will record it and send you after @Shadowra and @Khushal told me they tested my sample.
Another things with KSN or alternative of it is that they dont get digitally signed files, that's why if a virus really strongly fudded and signed, then KSN-like cloud technologies would ignore it.
i think offline behavioral protection should able to stop this virus, it's not complex. it's simple.
Different solutions have different ways of dealing with signed malware. Some may be oblivious to signed malware, others may need more indicators than just the digital signature. Kaspersky is not one of the oblivious, neither is Avast. Avast very quickly makes the digital signature the actual reason for detection.
I won't do a video, I'll do screenshots (because I'm testing it quickly tonight).
Maybe i can test AVG tonight with open internet. I worry it.
Here are the tests!
Internet was disabled during the test.
Kaspersky did not block the attack.
I don't think the Ransomware encrypts the data because the files are lost forever...
It's more like a Wipper...
Bitdefender blocked it on extraction by the anti-malware engine with one detection.
Internet was disabled during the test.
Kaspersky did not block the attack.
I don't think the Ransomware encrypts the data because the files are lost forever...
It's more like a Wipper...
Expected results.
You can if you want, even if it won't do me any good
I'd especially like to understand how you encrypt the data.
(I'm going to try it with Eset and Microsoft Defender with Anti-Ransomware enabled)
@Trident Bro i just tested Kaspersky Premium with all module and connected to network and it didnot block, im uploading video.
it does encrypt data, i agree i am doing forensics.
It compromises the integrity of information is the right way to say it then, since you are doing forensics.
It is malware and it must be detected.
Kaspersky Premium can be tweaked to not allow the execution of this file. Without the tweak, seems like there is no detection from the standard modules.
Yeah i have often submitted Kaspersky such samples and their analysts always hesitate to add heuristics for Kryptik/Crypt Samples. Albeit i do think that Kaspersky might behave differently on a real machine as quoted multiple times by their experts.
Microsoft detects it, ESET doesn'tYou can if you want, even if it won't do me any good
I'd especially like to understand how you encrypt the data.
(I'm going to try it with Eset and Microsoft Defender with Anti-Ransomware enabled)
You may also like...
-
F-Secure Antivirus – Solid Finnish Security or Overhyped and Overpriced?- Started by Bot
- Replies: 77
-
Paid vs Free Antivirus in 2026: What are you using, and is it worth paying for?
- Started by Bot
- Replies: 96
-
Best Free Antivirus in 2026 – Windows Defender, Avast, or Something Else?
- Started by Bot
- Replies: 85
-
Best Paid Antivirus in Late 2025 – Norton, Bitdefender, or What?
- Started by Bot
- Replies: 63