Is CyberCapture still limited to analyse unknown files downloaded from the web?

[REDACTED]

I read another thread related to CyberCapture where it was mentioned by an Avast Staff member that it was planned to process all new undetected files

One of the users also reported in that thread that a local file already saved in his pc was picked up and analyzed by CyberCapture

I am therefore curious to know if  the plan is still in the works or if it now analyses unknown files, regardless of their source

[Eddy]

https://blog.avast.com/cybercapture-protection-against-zero-second-attacks

[REDACTED]

It doesn't answer my query and besides, the blog was posted before the Avast staff members  discussed the limitation of CyberCapture in that thread

Link to the other thread is https://forum.avast.com/index.php?topic=187679.0 just in case

[Eddy]

There are more blogs about it, go read them if you wish.

[TrueIndian]

One of the users also reported in that thread that a local file already saved in his pc was picked up and analyzed by CyberCapture

Not possible either the file was downloaded before in presence of avast or the file was downloaded by another local process which in turn triggered cybercapture.

Its been made clear number of times in different threads.Please use the search function.Milos is avast's malware analyst (I have a lot of respect for their work):
https://forum.avast.com/index.php?topic=187679.msg1320207#msg1320207

You can take his word for it.

[REDACTED]

Not possible either the file was downloaded before in presence of avast or the file was downloaded by another local process which in turn triggered cybercapture.

Its been made clear number of times in different threads.Please use the search function.Milos is avast's malware analyst (I have a lot of respect for their work):
https://forum.avast.com/index.php?topic=187679.msg1320207#msg1320207

You can take his word for it.

It is because I respect what Milos wrote, I am asking this question. If you read Milos's reply to RejZoR at https://forum.avast.com/index.php?topic=187679.150,  you will see what I mean

If you read Vlk's post at https://forum.avast.com/index.php?topic=187679.15, even he writes  that they totally plan to extend its scope in the upcoming weeks and months

[REDACTED]

I just want to know if that scope that they were referring to, has been extended or if it's still in the pipeline

[REDACTED]

There are more blogs about it, go read them if you wish.

Is this the way to respond to someone asking a question?

[TrueIndian]

I just want to know if that scope that they were referring to, has been extended or if it's still in the pipeline

Its not done yet because AVG users are also now to be taken care of there is a load on backend and is still being worked on.If they were to be extended to other vectors,there would be a announcement.

And as per your referral to rejzor's thread:

Hello RejZoR,
we see that there is a http source: hxtp://www.crystalsecurity.eu/updates/crystal_security._xe and from the date we saw this sha256 for the first time, it looks that your file was updated recently.

Milos

It's possible I've re-downloaded a modified EXE to generate the has. But at the time I've got CyberCapture dialog, it was a 100% local file, because it was already on the disk when I installed avast!. Meaning avast! could only see it as local file.

https://forum.avast.com/index.php?topic=187679.135

[REDACTED]

Its not done yet because AVG users are also now to be taken care of there is a load on backend and is still being worked on.If they were to be extended to other vectors,there would be a announcement.

Okay, that's all I wanted to know

[REDACTED]

And as per your referral to rejzor's thread:

Hello RejZoR,
we see that there is a http source: hxtp://www.crystalsecurity.eu/updates/crystal_security._xe and from the date we saw this sha256 for the first time, it looks that your file was updated recently.

Milos

It's possible I've re-downloaded a modified EXE to generate the has. But at the time I've got CyberCapture dialog, it was a 100% local file, because it was already on the disk when I installed avast!. Meaning avast! could only see it as local file.

https://forum.avast.com/index.php?topic=187679.135

If you later read Milos's reply numbered 151, he says that it's planned to process all the undetected files

It's statements like that, that made me ask if the work was still in process                     

[TrueIndian]

No its not the very fact there has been no announcement indicates its still work in progress.Also some of us over here are constantly in touch with avast team and we always ask some of these common questions often so from that I know its not.

[RejZoR]

Haven't seen a CC popup for ages. And I've downloaded quite some questionable files that should have triggered it...