Most likely, the files already on the disk before installing the antivirus are not sent to the cloud sandbox.Do I understand correctly that it doesn't respond to files that are already on the hard drive?
Most likely, the files already on the disk before installing the antivirus are not sent to the cloud sandbox.Do I understand correctly that it doesn't respond to files that are already on the hard drive?
The situation from the tests is that the antivirus is installed on a virtual PC where the malware sample package is already prepared. And also, in my opinion, the case of tests where the malware collection is copied to the PC when AV protection is deactivated, so that it doesn't "catch" the samples right away when copying to the HD.Most likely, the files already on the disk before installing the antivirus are not sent to the cloud sandbox.
The situation from the tests is that the antivirus is installed on a virtual PC where the malware sample package is already prepared. And also, in my opinion, the case of tests where the malware collection is copied to the PC when AV protection is deactivated, so that it doesn't "catch" the samples right away when copying to the HD.
Proactive protection detects only files from the following sources:
•Files downloaded using a supported web browser
•Downloaded from a mail client
•Files extracted from an unencrypted or encrypted archive using one of the supported archive utilities
•Executed and opened files located on a removable device
I understand. My comment was directed at the fact that LiveGuard tracks suspicious files coming in, but not those that are already there. If a malware package gets on the disk without LiveGuard checking it, it will no longer be checked.
It might be worth trying to run the test suite on external media. How would LiveGuard react.That's right, but I think it should scan all the time, especially if the file is modified.
To be seen in the future
•Executed and opened files located on a removable device
Can you point us to the comment section where the tested video was discussed?A new test was carried out by Eset Internet Security 15 for comss. The result is sad. Eset did not respond to the harsh uninstaller, which removed almost the entire system. All programs, folders with files from the desktop, some of the system files, even deleted the taskbar and system settings. Deleted everything ... except EsetEset remained intact and fully functional, but the operating system became almost completely inoperative. This result sparked a heated discussion in the comments. In the comments, I gave a link to the file with Roboman's settings, and one of the users ran the file from the test, which damaged the system, on a virtual machine with Eset Internet Security installed with Roboman's configuration. It all depends on how the user answers the HIPS questions. If there is a ban, then the uninstaller will have problems, and if there is permission, then the system is again inoperable, although the antivirus in this configuration tried to independently block some of the program's actions. This file was sent to the Eset laboratory and they entered it into the databases as a potentially unwanted program. But Eset generally has a problem with such uninstallers. This is not the first test where Eset fails so precisely on this kind of programs that remove everything from the system, including the system itself. Until you send the file to the laboratory, they do not add it to the databases, apparently machine learning does not consider such programs to be malicious.
Test Eset IS 15
You can read the discussion here: Тестирование ESET NOD32 Internet Security 15.0Can you point us to the comment section where the tested video was discussed?