Kaspersky Security Cloud Test
- Thread starter kylprq
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
- Dec 23, 2014
- 8,114
There does not exist a commercial AV, available for ordinary people, which could have significantly better detection of never seen malware, than Kaspersky with tweaked Application Control. Sadly, Kaspersky Security Cloud (free version) has disabled Application Control.
The available solutions are based on similar techniques, used in Kaspersky (AI, Machine Learning, Cloud Sandbox, Big Data Analytics, HIPS, Exploit Prevention, and many more).
Most AVs have also special teams of experts (like Kaspersky Lab's GReAT) for discovering and analyzing cyber threats.
The above techniques can help to detect the malware. But, AV has to be also usable. So, it cannot apply very aggressive techniques, because of false positives.
All of this is similar to the Human Immune System. It can kill most patogens, but should not be too aggressive because of allergy issues. Some never seen viruses (or virus mutations) can be still dangerous to people.
Post edited/corrected thanks to harlan4096.
Last edited:
- Apr 28, 2015
- 8,654
Kaspersky Security Cloud has also Application Control (in paid version), it's the free version the one that has it disabled 
- Dec 23, 2014
- 8,114
Thanks for the correction. I edited my post, and added this information.Kaspersky Security Cloud has also Application Control (in paid version), it's the free version the one that has it disabled
- Aug 4, 2016
- 1,465
For me it reiterates the most important anti-malware system there is: C:\ images & backups of every file you wouldn’t want to lose in a location other than a PC or on your network - I use external hard drives & I have four, maybe paranoid but I have an awful lot to lose on my PC's - 1 is better than nothing, ransomware then becomes a inconvenience rather than a tragedy, also hard drive failure can give exactly the same consequences as ransom.
Thank you, I really appreciate your thorough discussion of this - and I agree about the problems of false positives taking resources and creating problems...
I know it has been discussed before, but I guess the best guides for the optimal config of Kaspersky are in the Kasersky section under Anti-Virus?
- Dec 23, 2014
- 8,114
I think that harlan4096 is the right person to ask questions about Kaspersky configuration.
- Apr 28, 2015
- 8,654
@dabluez98: if You do a research in Kaspersky section, You will find different posts/threads where Kaspersky configs are discussed
What do You consider with optimal? strong security? performance? a mid term of both?
What do You consider with optimal? strong security? performance? a mid term of both?
I would say a mid point of both because i think i do have a backup of the most essential files, though not the 'lesser' essentials --> So, my life would not be over in case of a bad event. But yes mid point being pretty good security and good performance. So I'll look in the Kaspersky section then? I have Kaspersky anti-virus sub by the way, not internet security or total version. i don't really see a need for those, at least thus far, and in the future even.
RoxasDev
Level 1
- Jul 1, 2017
- 18
- Apr 1, 2017
- 1,760
@RoxasDev
you little devil how? what's wrong with trusted app mode? a Vulnerability? or what?buggy by design?
you little devil
how? what's wrong with trusted app mode? a Vulnerability? or what?buggy by design?
RoxasDev
Level 1
- Jul 1, 2017
- 18
@RoxasDev
you little devil
I would say a "flaw" in the Trusted Application module.
I have it bypassed by certificate injection in my LaunchMe dropper & on my ransomware Kyrox and Kaspersky authorizes the launch.
I will contact Kaspersky to show them and possibly help them fix this
- Apr 1, 2017
- 1,760
Thank you.
you are very helpful. keep up the good work : ) I will never pay for any av.imo ppl should pirate these kinds of software cuz they can't protect well
noob question sorry. what does that mean? you added a cert to windows trusted root certificates?? is it true? the only tool that alerts for such modification is 360 ts hips.
you are very helpful. keep up the good work : ) I will never pay for any av.imo ppl should pirate these kinds of software cuz they can't protect well
RoxasDev
Level 1
- Jul 1, 2017
- 18
No, the antivirus does not trust Windows store usually him, COMODO for example does not trust Windows certificate stores because too dangerous, anyone or any program can add its signature as a valid signature.
I recovered and injected a signature of confidence as for example the signature of Avira and I injected it on my dropper and my ransomwar and Kaspersky authorizes the launch. ^^
- Apr 1, 2017
- 1,760
Is there another av that would've caught this?
I guess if u added the folder to protected mode in maspersky that would have precented?
I guess if u added the folder to protected mode in maspersky that would have precented?
- Oct 8, 2018
- 127
Kaspersky Total Security 2019 with Trusted Application Mode Enabled Bypassed
your test all avs bypassed. NO USE ANTIVIRUS IN INTERACTIVE MODE
- Apr 28, 2015
- 8,654
Again, as I said before with Scorpion 3.1 test, probably disabling: Trusting digitally signed application setting in Application Control, would stop the attack, also if We tweak Unknown Applications to UnTrusted, would be enough. We all know that Kaspersky default settings can be weak against some types of attacks.
Kaspersky Total Security 2019 with Trusted Application Mode Enabled Bypassed
try against this settings
RoxasDev
Level 1
- Jul 1, 2017
- 18
The interactive mode of Kaspersky just asks for the advice to the user nothing more does not indicate in any case if the file is malicious or not, and most of the people who own Kaspersky is not in interactive mode.
Similar threads
