harlan4096

Moderator
MalwareTips Team
MWT-Tester
Verified
Joined
Apr 28, 2015
Messages
4,232
Operating System
Windows 10
Antivirus
Kaspersky
#1
Kaspersky Free AntiVirus 2019 - September 2018 Report
Due to the small number of samples used in this tests, you should take results with a grain of salt. We encourage you to compare these results with others and take informed decisions on what security products to use.
Total Samples: 126
Total Static Detections: 97 / 126 (76,98%)
Total Dynamic Detections: 24 / 126 (19,04%)
Total Not Detected/Missed: 5 / 126 (3,96%)
Total Detected: 121 / 126 (96,03%)


Total samples pack: 8
Total samples pack been tested: 8
Total final status of the system (clean): 3
Total final status of the system (protec
ted): 4
Total final status of the system (infected): 2
Total final status of the system (encrypted): 0
* Dynamic BB Bonus Test

September
2018

Samples
Pack

Static
Detection

Dynamic
Detection

Total
Detection

Bait Files
Encrypted

2nd Opinion
Scanners

System
Final Status

Thread
Link

03/09/2018​

15​

12 / 15​

2 / 3​

14 / 15​

No

All Clean

Protected

05/09/2018​

1​

1 / 1​

1 / 1*

1 / 1​

No

All Clean

Clean

07/09/2018​

14​

12 / 14​

2 / 2​

14 / 14​

No

All Clean

Clean

10/09/2018​

24​

17 / 24​

7 / 7​

24 / 24​

No

Before Reboot: Infected

After Reboot:​

All Clean

Not Clean

Protected

11/09/2018​

17​

12 / 17​

4 / 5​

16 / 17​

No

Before Reboot: Infected

After Reboot: Infected

Infected

14/09/2018​

18​

13 / 18​

3 / 5​

16 / 18​

No

All Clean

Clean

21/09/2018​

21​

16 / 21​

4 / 5​

20 / 21​

No

All Clean

Protected

27/09/2018​

16​

14 / 16​

1 / 2​

15 / 16​

No

Before Reboot: System Infected

After Reboot: All Clean

Infected

Protected

         
         
         
         
         
         
 
Last edited:

Mahesh Sudula

Level 12
Verified
Joined
Sep 3, 2017
Messages
558
Operating System
Windows 8.1
Antivirus
Doctor Web
#2
Kaspersky Free AntiVirus 2019 - September 2018 Report

Total Samples:
Total Static Detections:
Total Dynamic Detections:
Total Not Detected/Missed:
Total Detected:


Total samples pack:
Total samples pack been tested:
Total final status of the system (clean):
Total final status of the system (protec
ted):
Total final status of the system (infected):
Total final status of the system (encrypted):

September
2018

Samples
Pack

Static
Detection

Dynamic
Detection

Total
Detection

Bait Files
Encrypted

2nd Opinion
Scanners

System
Final Status

Thread
Link

03/09/2018​

15​

12 / 15​

2 / 3​

14 / 15​

No

All Clean

Protected

         
         
         
         
         
         
         
         
         
         
         
         
         
hi harlan,
what is difference b/w Application control and system watcher..
is AC- a sort of ADDS (Depends on rules and block from the LABS) since even if i off it SYS Watcher blocks it and vice versa
 

harlan4096

Moderator
MalwareTips Team
MWT-Tester
Verified
Joined
Apr 28, 2015
Messages
4,232
Operating System
Windows 10
Antivirus
Kaspersky
#4
AC: it's a HIPS. There are 4 trusting groups for applications and others susceptible executables files (dll, scripts, etc.): Trusted, Low Restricted, High Restricted and UnTrusted. In the 1st run, Kaspersky in a combination of Heur and KSN White Listing assign a group for every executable file, those groups will apply trusted or limited rights to that application during its execution. We may also add or assign a group manually for a new application before its 1st execution.

SW: it's the behaviour blocker, includes Anti-Exploit technology and also some roll back features. It share data/info with AC and others protection modules.

KFA2019 / KCloudSFree 2019 don't not have AC...

How to configure applications' rights and protected resources' properties by using Application Control in Kaspersky Internet Security 2015

System Watcher in Kaspersky Total Security 2018
 
Last edited:

Mahesh Sudula

Level 12
Verified
Joined
Sep 3, 2017
Messages
558
Operating System
Windows 8.1
Antivirus
Doctor Web
#5
AC: it's a HIPS. There are 4 trusting groups for applications and others susceptible executables files (dll, scripts, etc.): Trusted, Low Restricted, High Restricted and UnTrusted. In the 1st run, Kaspersky in a combination of Heur and KSN White Listing assign a group for every executable file, those groups will apply trusted or limited rights to that application during its execution. We may also add or assign a group manually for a new application before its 1st execution.

SW: it's the behaviour blocker, includes Anti-Exploit technology and also some roll back features. It share data/info with AC and others protection modules.

KFA2019 / KCloudSFree 2019 don't not have AC...

How to configure applications' rights and protected resources' properties by using Application Control in Kaspersky Internet Security 2015

System Watcher in Kaspersky Total Security 2018
I have seen majority of AC detections to be UDS..Since I tested with Inet -ON
Does AC works offline like SW..?
When online/offline does it work independently (SW a part)
Does it work offline if I disable SW?
The reason I'm asking many Q are AC worked exceptionally well like SW except roll back..Almost a total block out(INET ON)
 

harlan4096

Moderator
MalwareTips Team
MWT-Tester
Verified
Joined
Apr 28, 2015
Messages
4,232
Operating System
Windows 10
Antivirus
Kaspersky
#6
UDS -> Urgent Detection System: Protection From A Cloud — What Is Kaspersky Security Network

Yes, AC works also offline, but of course it can't get info from KSN whitelisting in real time, but still can assign a restriction group for a new application, although it may change when online again :giggle:

Also SW works offline but is also limited, since it can't get info from the cloud and KSN.

So, that's why it is important to tweak the trusting group for unknown applications :)
 

Latest Threads