katbert 3 Posted May 24, 2017 Share Posted May 24, 2017 I'm testing LiveGrid in Eset Endpoint Antivirus 6.5.2094. I use this article: hxxp://support.eset.com/kb5552/?viewlocale=en_US Eset Antivirus successfully block download cloudcar.exe Next, I download this file with disabled http scanning. And Eset don't block running of this file. Which actions Eset can do using reputation data from LiveGrid - only block download attapts or block attempts to run files? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,235 Posted May 24, 2017 Administrators Share Posted May 24, 2017 That is correct. CloudCar is not detected locally, only upon download (it's not blocked by a DNA hash and also it's old). However, actual malware blocked by LiveGrid would also be blocked locally when scanned. Link to comment Share on other sites More sharing options...
itman 1,742 Posted May 24, 2017 Share Posted May 24, 2017 The AMTSO Cloudcar test is a test to valid a security solutions' web filtering capability. The whole purpose of the test is to determine the malware detection effectiveness prior to file being created on the hard disk. Note that Eset's web filtering does not employ LiveGrid as its first detection method but rather uses is signature database to check the download at the network level for a malware match. Link to comment Share on other sites More sharing options...
Recommended Posts