Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Kaspersky system watcher VS 56 ransomware
Message
<blockquote data-quote="SeriousHoax" data-source="post: 923037" data-attributes="member: 78686"><p>I believe System watcher didn't contact the cloud in this test. When all components are turned off and KSN is opted out it doesn't connect cloud database. Besides, if you check the notifications they were detected by application behavior and PDM detections. These are not cloud based. Another thing is one/two ransomware here was able to encrypt some files before Kaspersky could react (though the original file was intact). If Kaspersky had contacted the cloud I don't think this would have happened because the ransomware is already known and would've been stopped right away. </p><p>I myself previously tested Kaspersky with my Ethernet cable plugged off then restarted the system to make sure only System Watcher is tested without internet and local cache. It produced a similar result. Though I only tested 6-7 ransomware. So I believe Kaspersky's System watcher is capable of producing this type of result against ransomware. Also, I don't see why Kaspersky would keep a local cache of old ransomwares as it already must have local signatures for it. It doesn't make any sense for them to do that.</p><p>But one thing should be added that is, these are old samples so Kaspersky probably already updated System Watcher to make sure it is able to detect these ransomwares. If that's the case then even this should be applauded because not everyone does that.</p></blockquote><p></p>
[QUOTE="SeriousHoax, post: 923037, member: 78686"] I believe System watcher didn't contact the cloud in this test. When all components are turned off and KSN is opted out it doesn't connect cloud database. Besides, if you check the notifications they were detected by application behavior and PDM detections. These are not cloud based. Another thing is one/two ransomware here was able to encrypt some files before Kaspersky could react (though the original file was intact). If Kaspersky had contacted the cloud I don't think this would have happened because the ransomware is already known and would've been stopped right away. I myself previously tested Kaspersky with my Ethernet cable plugged off then restarted the system to make sure only System Watcher is tested without internet and local cache. It produced a similar result. Though I only tested 6-7 ransomware. So I believe Kaspersky's System watcher is capable of producing this type of result against ransomware. Also, I don't see why Kaspersky would keep a local cache of old ransomwares as it already must have local signatures for it. It doesn't make any sense for them to do that. But one thing should be added that is, these are old samples so Kaspersky probably already updated System Watcher to make sure it is able to detect these ransomwares. If that's the case then even this should be applauded because not everyone does that. [/QUOTE]
Insert quotes…
Verification
Post reply
Top