Jump to content

AZ Tech

Members
  • Posts

    34
  • Joined

  • Last visited

About AZ Tech

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Egypt
  1. I know this, I guess the notification "File still in analysis" screenshot #2 and, looking at the chronological order, it shows when the waiting period specified in the settings has elapsed which in my case was the default 5 minutes, regardless of whether the file was sent for analysis or The sending or analysis process... “ in the event that a notice appears that the file has been sent before this notice appears ” ...is in progress, what matter here that the period has elapsed and the results of the analysis have not been received, "whatever the reason is."
  2. Yes, I did . For example this is a new sample, I did not even try to run it, and as shown in the screenshot it is actually blocked, so if the user tries to run the file , only then eset will show a notification saying " File blocked due to analysis "
  3. Until I receive official information from eset saying that the analysis began before a notification appears that the file has been sent, "Screenshot No. 3", I am of the opinion that the analysis did not start until after that, which took approximately 4 minutes. Practically the blocking starts from the moment the file is extracted if it was downloaded in the form of a zip file, and therefore when you try to run it, it does not work from the ground up and therefore does not perform any process execution , At least that's what I know so far !
  4. I'm not talking about the period from 5:17 "screenshot #3" to 5:21 "screenshot #4" which is a normal period for file analysis. What I'm talking about is the time taken by LiveGuard from the moment the file is run/extracted "Screenshot 1" until it is sent "Screenshot 3", which is a very long time compared to the time required to upload a 98.6 kb When the message appeared in Screenshot #2, the file had not yet been sent, and therefore no file analysis had actually started.
  5. Hi Marcos, I have a delay issue with LiveGuard , up to 15 minutes and maybe more from the moment any file is run / extract . I only noticed this problem since yesterday, I have collected logs and I will send them to you . Also, I checked the Internet connection and speed, because at first I thought it was a problem with the uploading speed .
  6. Of course, I will do this in case I find undetected samples, especially since I am very satisfied with my experience in informing you about some suspicious sites, this really makes me very satisfied . Sorry, I may not have made my point very well, what I mean is that LiveGuard reports need to be more detailed. I know LiveGuard is geared towards the home user who may not have the ability to understand complex reports but why deprive someone who wants that feature? Also, as I told you before in a separate post, the ability to send files to LiveGuard should only be added when trying to run it because the current sending mode in real time when extracting zip files or when starting to download executable files from the Internet is very annoying, at least it can be made It is optional for the user, the default settings should be as they are now because they are useful for inexperienced users with the option to not send any files to LiveGuard unless you try to run it.
  7. 5). Not infected in the literal sense because most of the tests are done on a virtual machine, but I found some "not many" samples that were not detected by eset, and were detected by behavioral detection of another antivirus, of course that was before releasing LiveGuard . and to be fair, under conditions of normal home user use and no intentional search for new malware samples this would not have happened. 8). I already have ESET Smart Security Premium , But I miss the "File Shredder" feature, because it makes no sense to provide the ability to encrypt the data and not provide the Possibility to delete the original data securely !! LiveGuard also need improvement, I agree with @itman . 9). Advanced Behavioral Detection System with Ransomware Remediation and rolls back the changes made by malicious applications.
  8. I don't know exactly what is happening, but when I clicked on the download link after I posted it here this is what happened !! Note: Downloaded via IDM Download location is Desktop
  9. I was downloading the VirtualBox update through the link that appears in the VirtualBox UI, when the software notified me that an update was available. Link : https://download.virtualbox.org/virtualbox/6.1.28/VirtualBox-6.1.28-147628-Win.exe
  10. But what is the point of sending cache files , as they are non-executable files and also downloads that have not yet completed, for example, if the file is malicious in the end, will eset determine this through the cache files or does it need to send the files after completing the download in order to Can it run in a sandbox and thus analyze the behavior of the program?
  11. Hi Marcos, Now LiveGuard is working fine, the problem was importing settings from a previous version. Now the problem is that LiveGuard uploads everything I download even before the download is complete it even sends browser cache files related to the download !! How can I solve this problem I want to use LiveGuard but only when I try to run a new file because the current situation is very annoying.
  12. Thanks for the clarification guys . yeah i think 😅
  13. Hi Marcos, First of all, thank you very much for responding to reports of suspicious sites and improving the blocking of redirectors, a really great job. I have a question related to LiveGuard, are " sfx exe " files a target for LiveGuard? For example, if I download a new sfx exe file from the Internet, when I run it, will it be sent directly to LiveGuard, or do I have to unpack / extract the files inside? And please, can you clarify the file formats that are excluded from sending to LiveGuard ? ... For example, when I download Word or Excel files, will they be sent, or is LiveGuard limited to executable files only ?
  14. I agree with that I totally agree with you and I think the LiveGuard reports need to be more detailed. Also, an option should be added that allows the user to send the file directly to LiveGuard, and to avoid sending many files that are already known, the software can do a quick verification of the files before sending them at the request of the user, and notify him of this if the file was sent or not sent with an explanation Reason .
×
×
  • Create New...