Author Topic: CyberCapture  (Read 132757 times)

0 Members and 1 Guest are viewing this topic.

Offline Rednose

  • Pirate Party Member
  • Avast Überevangelist
  • Massive Poster
  • *****
  • Posts: 3739
  • Bits of Freedom : https://www.bof.nl
    • Nederlandstalig Avast! forum
Re: CyberCapture
« Reply #255 on: September 28, 2016, 01:24:16 AM »
Yes David,

But what if you don't want to wait for the verdict from CyberCapture, and just want run the executable immediately ?

@Vlk I have one more idea. Currently, when CyberCapture locks the file into custody, you can opt to run it without waiting for verdict. You could add "Run in Sandbox" as an option for Pro, Internet Security and Premier editions since they already employ sandbox tech. This way users can run the suspicious stuff risk free in an isolated environment (if the app will work in it of course since not all do) even before they get definitive answer from CyberCapture servers. This way you add additional layer of security when users decide to run it anyway.

Thanks, that sounds like something that could be implemented very easily.

Vlk

My suggestion only goes a little further than RejZoR's.

Greetz, Red.
« Last Edit: September 28, 2016, 01:36:23 AM by Rednose »
OS: Win 10 / iOS 17 / Debian 12 / Tails 5
Real Time: Avast Premium Security
On Demand: Malwarebytes
VPN: NordVPN ( NordLynx ) with Threat Protection ( Lite )

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1908
Re: CyberCapture
« Reply #256 on: November 15, 2016, 03:59:50 AM »
It is bad very bad.avast CyberCapture is failed once again. :-[
Did not block any thing.New EXE files are not blocked as well as the .scr file.
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1908
Re: CyberCapture
« Reply #257 on: November 15, 2016, 04:02:56 AM »
More failed results. :(
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline NON

  • Japanese User
  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5477
  • Whatever will be, will be.
Re: CyberCapture
« Reply #258 on: November 15, 2016, 11:56:34 AM »
@Be Secure
These are DeepScreen, not CyberCapture.
If these exe files meet the criteria of CC and failed to start it, then it may be a bug. But IMHO it is another thing than CC's capability.

ALso, you may know this message from Vlk:

(snip)
The combined engine is not yet present in the beta you're testing, but it WILL be till the end of the year (i.e. in the next ~6 weeks). After that happens, I would like to ask everyone to do a retest and see how we're coping... Until then, please let's discuss the non-detection features of the new Avast.
(snip)
« Last Edit: November 15, 2016, 11:58:40 AM by NON »
Desktop: Win10 Pro 22H2 64bit / Core i5-7400 3.0GHz / 32GB RAM / Avast 23 Premium Beta(Icarus) / Comodo Firewall
Notebook: Win10 Pro 22H2 64bit / Core i5-3340M 2.7GHz / 12GB RAM / Avast 23 Free / Windows Firewall Control
Server: Win11 Pro 23H2 64bit / Core i3-4010U 1.7GHz / 12GB RAM / Avast One 23 Essential

Avast の設定について解説しています。よろしければご覧ください。

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9406
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: CyberCapture
« Reply #259 on: November 15, 2016, 12:12:00 PM »
To me it seems like CyberCapture doesn't even work consistently and invokes DeepScreen instead...
Visit my webpage Angry Sheep Blog

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1908
Re: CyberCapture
« Reply #260 on: November 15, 2016, 12:34:20 PM »
Quote
The combined engine is not yet present in the beta you're testing, but it WILL be till the end of the year (i.e. in the next ~6 weeks). After that happens, I would like to ask everyone to do a retest and see how we're coping... Until then, please let's discuss the non-detection features of the new Avast.
But i am not runing new beta avast at all.Yes they meet all the criteria of CC and failed to start it.
I don't think there is a bug.It is not working as it should.Whole CC is break.Files(Samples) are downloaded from Internet.
« Last Edit: November 15, 2016, 12:53:01 PM by Be Secure »
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Alikhan

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2220
Re: CyberCapture
« Reply #261 on: November 15, 2016, 08:54:44 PM »
This isn't looking positive anymore.

Most of the time CyberCapture isn't even triggered and DeepScreen doesn't really detect anything.
Windows 10 Home 64-bit • Avast Free (latest stable version) •  Malwarebytes 4 Premium (On-Demand) • Windows Firewall Control • Google Chrome • LastPass • CCleaner • O&O ShutUp10 •

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9406
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: CyberCapture
« Reply #262 on: November 15, 2016, 09:34:48 PM »
@Be Secure
These are DeepScreen, not CyberCapture.
If these exe files meet the criteria of CC and failed to start it, then it may be a bug. But IMHO it is another thing than CC's capability.

ALso, you may know this message from Vlk:

(snip)
The combined engine is not yet present in the beta you're testing, but it WILL be till the end of the year (i.e. in the next ~6 weeks). After that happens, I would like to ask everyone to do a retest and see how we're coping... Until then, please let's discuss the non-detection features of the new Avast.
(snip)

Does this mean current stable avast! version will receive combined engine as well? Or only the new 2017 version?
Visit my webpage Angry Sheep Blog

Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2293
Re: CyberCapture
« Reply #263 on: November 16, 2016, 08:06:34 AM »
Hello Be Secure,
please post sha256s or VT links of non-detected samples with date and time of test and we can investigate why they did not went to CyberCapture or why they were not detected.

Thanks,
Milos

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1908
Re: CyberCapture
« Reply #264 on: November 16, 2016, 10:08:24 AM »
Thanks and sorry but it is now blocked by avast  and i have no sha256s or VT links(Test time report).Date and time of test-Yesterday at 03:20:50 AM.
via static scan it is now blocked all.
« Last Edit: November 16, 2016, 10:18:42 AM by Be Secure »
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2293
Re: CyberCapture
« Reply #265 on: November 16, 2016, 10:22:03 AM »
Hello,
do you still have the samples?

Milos

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1908
Re: CyberCapture
« Reply #266 on: November 16, 2016, 11:41:32 AM »
Hello,
do you still have the samples?

Milos
Yes.But why?
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2293
Re: CyberCapture
« Reply #267 on: November 16, 2016, 11:48:09 AM »
Hello,
do you still have the samples?

Milos
Yes.But why?
To compute sha256s from the samples.

Milos


Offline Milos

  • Avast team
  • Super Poster
  • *
  • Posts: 2293
Re: CyberCapture
« Reply #269 on: November 16, 2016, 12:31:15 PM »
Thanks for the VT links.

Milos