App Review Dr Web Katana Behaviour Blocker Test

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
W

Wave

Thread author
they have most-talented Russian Programmers in their R&D , it would not be hard to do what they want IMO,
Looks like it. How come they can't block dynamic forking then? They can't stop me from marking the Hosts file for removal on reboot and then forcing a BSOD crash from user-mode either.

I already looked at dwsguard32.dll, dwsguard64.dll and dwprot.sys... :D I can see what they can and cannot do

I get it... you like dr.web... what I am posting is my own personal view

What is the problem now...

------
they have most-talented Russian Programmers
btw this isn't even an opinion it's an incorrect statement because Kasperksy is Russian and they have the hyper-visor usage, Dr.Web do not ;) :p

but yes this isn't about Kaspersky so I won't bring it up again. just wanted to point that out
 
Last edited by a moderator:

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
Hi all,

This is a test of Dr. Web KATANA. No signatures, no problem? Well Dr. Web seem to think so, but lets take a look & double check ;)



Thanks for watching, more videos coming soon!

If you're looking to remedy the Windows Defender popups and stop it turning itself on when you're moving malware samples around: Open the start menu, type services.msc, scroll down to Windows Defender, right click on it and click stop, then go into properties and set its startup type to disabled. Hopefully that will solve the issues.

Thanks a lot for the video. :)

Edit: Didn't notice Dani Santos already told you how to do it a different way. Apologies! :oops:
 
Last edited:
5

509322

Thread author
  • Windows Defender on W10 has quite a few bugs
  • Katana does use signatures, although it uses a cloud lookup instead of local signatures (see below from Dr Web website)
* * * * *
Lightning-like — analyses the behaviour of each threat in real time and immediately neutralises harmful scripts and processes that your anti-virus didn’t manage to recognise.

Dr.Web KATANA’s protection is based on non-signature-based search methods, the neutralization of malware, and cloud protection technologies. The product analyses and monitors all system processes and blocks those that exhibit malicious behavior.

To detect malicious actions, Dr.Web KATANA uses information stored by the anti-virus locally (they're talking about algorithms and libraries here, and not signatures) as well as Dr.Web Cloud reputation data which includes:
  • Information about the routines used by programs having malicious intentions;
  • Information about files that are 100% clean;
  • Information about the compromised digital signatures of well-known software developers;
  • Information about digital signatures used by adware and riskware;
  • Protection routines used by specific applications.
* * * * *
  • Katana is not a complete anti-ransom solution; it is going to fail against a lot of ransomware
  • Katana was released as version 1.0 and it remains at version 1.0; it hasn't been updated since its initial release
Submit bug reports... don't forget to send the samples...
 
Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top