Most Valued Members SCR 195 Posted October 29, 2017 Most Valued Members Share Posted October 29, 2017 Thanks for the fix and updated information. Link to comment Share on other sites More sharing options...
Neutral 2 Posted October 29, 2017 Share Posted October 29, 2017 (edited) I have had the same problem since the update to version 11.0.144.0. After reading that the problem is fixed I have just reenabled 'LiveGrid'. I will report if the problem reappears. By the way when you disable 'LiveGrid' you get a nasty red message. This message can be suppressed via advanced settings - user interface - application statuses. Edited October 29, 2017 by Neutral Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted October 29, 2017 Administrators Share Posted October 29, 2017 6 minutes ago, Neutral said: By the way when you disable 'LiveGrid' you get a nasty red message. This message can be suppressed via advanced settings - user interface - application statuses. That is a correct behavior. Disabling LiveGrid completely (ie. even simple asking ESET's server about hashes) has substantial adverse effect on detection and cleaning and therefore it's signalized by a red protection status. Link to comment Share on other sites More sharing options...
Neutral 2 Posted October 29, 2017 Share Posted October 29, 2017 (edited) 33 minutes ago, Marcos said: That is a correct behavior. Disabling LiveGrid completely (ie. even simple asking ESET's server about hashes) has substantial adverse effect on detection and cleaning and therefore it's signalized by a red protection status. I seem to remember that I had disabled 'LiveGrid' in the previous version and didn't get this red warning. I also seem to remember to not have checked 'Enable LiveGrid' when installing the update to version 11.0.144.0. Note that I use the word 'seem' because I'm not 100% sure and can't check it anymore. Is showing a red message when 'LiveGrid' is disabled new in version 11.0.144.0? Edited October 29, 2017 by Neutral Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted October 29, 2017 Administrators Share Posted October 29, 2017 15 minutes ago, Neutral said: I seem to remember that I had disabled 'LiveGrid' in the previous version and didn't get this red warning. Older versions didn't check if LiveGrid works or not. Quote I also seem to remember to not have checked 'Enable LiveGrid' when installing the update to version 11.0.144.0. During install, you can choose whether you want to submit suspicious files and statistics to ESET. It's not possible to disable LiveGrid during install. It's one of the main protection features that enables ESET to quickly respond to new malware and provide users with maximum protection. Disabling LiveGrid completely (ie. checking hashes against LiveGrid servers) will substantially deteriorate protection and cleaning capabilities. Link to comment Share on other sites More sharing options...
razorfancy 9 Posted October 29, 2017 Share Posted October 29, 2017 17 minutes ago, Neutral said: I seem to remember that I had disabled 'LiveGrid' in the previous version and didn't get this red warning. I also seem to remember to not have checked 'Enable LiveGrid' when installing the update to version 11.0.144.0. Note that I use the word 'seem' because I'm not 100% sure and can't check it anymore. Is showing a red message when 'LiveGrid' is disabled new in version 11.0.144.0? You dont need to disable LiveGrid for not having the Live Grid not accessible message you can disable that message by going to: Advanced Configuration -> User Interface -> Application Status (Edit) -> General -> Eset Live Grid not accessible (Turn it Off) Link to comment Share on other sites More sharing options...
itman 1,746 Posted October 29, 2017 Share Posted October 29, 2017 (edited) 19 minutes ago, Marcos said: During install, you can choose whether you want to submit suspicious files The question is if this option is disabled, does it adversely effect LiveGrid's rep scanning of an unknown process using Eset's cloud scanners? Edited October 29, 2017 by itman Link to comment Share on other sites More sharing options...
Neutral 2 Posted October 29, 2017 Share Posted October 29, 2017 10 minutes ago, Marcos said: Older versions didn't check if LiveGrid works or not. During install, you can choose whether you want to submit suspicious files and statistics to ESET. It's not possible to disable LiveGrid during install. It's one of the main protection features that enables ESET to quickly respond to new malware and provide users with maximum protection. Disabling LiveGrid completely (ie. checking hashes against LiveGrid servers) will substantially deteriorate protection and cleaning capabilities. That explains my confusion. I just checked the install-process via YouTube and reread the option which says: 'Enable ESET LiveGrid feedback system (recommended)'. I now understand that this question only has to do with the feedback and not with shutting down 'LiveGrid' altogether. So I must have had 'LiveGrid' active in previous versions. I understand that the 'LiveGrid' provides better protection and will leave it on. Link to comment Share on other sites More sharing options...
Neutral 2 Posted October 29, 2017 Share Posted October 29, 2017 9 minutes ago, razorfancy said: You dont need to disable LiveGrid for not having the Live Grid not accessible message you can disable that message by going to: Advanced Configuration -> User Interface -> Application Status (Edit) -> General -> Eset Live Grid not accessible (Turn it Off) Yes, I already found that out this morning. It's especially nice when I'm using VPN and the internet is unreachable. Link to comment Share on other sites More sharing options...
Neutral 2 Posted October 29, 2017 Share Posted October 29, 2017 7 minutes ago, itman said: The question is if this option is disabled does it adversely effect LiveGrid's rep scanning of an unknown process using Eset's cloud scanners? I think it will when you're using a process that's not widely used and poses a yet unknown threat. But if you use 'mainstream software' I don't think it will have a substantial adverse effect. Link to comment Share on other sites More sharing options...
itman 1,746 Posted October 29, 2017 Share Posted October 29, 2017 1 hour ago, Neutral said: I think it will when you're using a process that's not widely used and poses a yet unknown threat. But if you use 'mainstream software' I don't think it will have a substantial adverse effect. Per Eset's help on the subject if the option is not enabled, Eset will not submit the file for detailed analysis on their servers. However it appears based on my testing that this is being done independent of any current process execution. In other words, the process is not sandboxed and suspended until a response is received from the Eset's servers on whether the process is malicious or not. If this was true, you would notice a lag in process startup that I have never observed. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted October 29, 2017 Administrators Share Posted October 29, 2017 58 minutes ago, itman said: In other words, the process is not sandboxed and suspended until a response is received from the Eset's servers on whether the process is malicious or not. If this was true, you would notice a lag in process startup that I have never observed. It would not be possible to temporarily suspend processes as it takes minutes to get results from replicators. With submission of files disabled, it can happen that a malware will be detected only in memory after execution by AMS but since no actual files will be submitted to ESET, we won't be able to add regular detection applicable by all scanners. Normally that should not happen as someone else would encounter and submit the new malware but in case of a targeted attack we would not get the malware. Link to comment Share on other sites More sharing options...
Parker Kincaid 0 Posted October 29, 2017 Share Posted October 29, 2017 (edited) 10 hours ago, Marcos said: You could not experience this message earlier as the notification about communication issues with LiveGrid servers was first added in v10.1. I've reached out to developers to confirm or deny that there have been some issues with LiveGrid servers earlier today. Fair enough about not seeing the notification prior to v10.1. I've been using ESET products since prior to v5. Nonetheless, the v10.1 release was somewhere around April 2017 giving us approximately 6 months between then and now. I've never seen the notification concerning loss of accessibility to the LiveGrid servers so when it suddenly happened it definitely caught my attention. Upon visiting the forums I found that I wasn't alone in having an issue. I did see that something was being done to rectify the situation in another post and as of Sunday afternoon I haven't experienced the issue again... thus far. Thank you for passing along the concerns. Edited October 29, 2017 by Parker Kincaid Link to comment Share on other sites More sharing options...
itman 1,746 Posted October 29, 2017 Share Posted October 29, 2017 (edited) 1 hour ago, Marcos said: It would not be possible to temporarily suspend processes as it takes minutes to get results from replicators. Agreed. What is currently missing from Eset is a behavior component. AMS will detect deviant activity against a given process. What Eset lacks is the ability to monitor unknown suspicious process activities. Better said, AMS is reactive technology versus behavior monitor which is proactive technology. The behavior monitoring I am referring to is not statistically deviation from norm methods employed by the next gen/AI solutions but rather known activities such as unknown process is trying to modify the memory of another process, modify registry settings, and the like. It is a given that these activities will require user intervention in the form of allow/deny decisions and very well could be benign activity. I am also aware of AMTSO guidelines on any user decision making on such activities which I personally don't agree with. I would support a default deny action against such activities which of course, would raise Eset's false positive scoring in the AV Lab tests. Edited October 29, 2017 by itman Link to comment Share on other sites More sharing options...
Corso 1 Posted October 29, 2017 Author Share Posted October 29, 2017 8 hours ago, Marcos said: I've got information that LiveGrid servers should be up and running now alright. Thank for the info. I thought maybe it was my network/ISP that had some strange problem. Link to comment Share on other sites More sharing options...
Neutral 2 Posted October 29, 2017 Share Posted October 29, 2017 (edited) 19 hours ago, Marcos said: I've got information that LiveGrid servers should be up and running now alright. I haven't seen the warning that the LiveGrid-servers are unreachable or unaccessible since the message above. Can you tell if the warnings are only related to the new version 11.0.144.0 or could it have happened in previous versions too? Edited October 30, 2017 by Neutral Reworded the first sentence. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted October 29, 2017 Administrators Share Posted October 29, 2017 Just now, Neutral said: Can you tell if the warnings are only related to the new version 11.0.144.0 or could it have happened in previous versions too? V10.1 also had these notifications. Older versions didn't notify the user even if LiveGrid didn't work. Link to comment Share on other sites More sharing options...
Neutral 2 Posted October 29, 2017 Share Posted October 29, 2017 Just now, Marcos said: V10.1 also had these notifications. Older versions didn't notify the user even if LiveGrid didn't work. Let me rephrase: "Is the exact reason for the warnings appearing since version 11.0.144.0 known?" Are the warnings caused by the new version 11.0.144.0? Link to comment Share on other sites More sharing options...
Most Valued Members SCR 195 Posted October 30, 2017 Most Valued Members Share Posted October 30, 2017 12 hours ago, Neutral said: Let me rephrase: "Is the exact reason for the warnings appearing since version 11.0.144.0 known?" Are the warnings caused by the new version 11.0.144.0? Yes, the reason for the warning was a server issue, now resolved. No, it was not caused by version 11.0.144.0. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,259 Posted October 30, 2017 Administrators Share Posted October 30, 2017 3 minutes ago, SCR said: Yes, the reason for the warning was a server issue, now resolved. No, it was not caused by version 11.0.144.0. Right. It was not caused by v11, it was an issue on LiveGrid servers. However, only newer versions (v10 and v11) notify the user if there's a problem with LiveGrid. Link to comment Share on other sites More sharing options...
Neutral 2 Posted October 30, 2017 Share Posted October 30, 2017 Thank you for the fast and accurate responses. On other forums you may have to wait for a long time before getting an answer if any. Link to comment Share on other sites More sharing options...
jamess3973 1 Posted November 2, 2017 Share Posted November 2, 2017 Back to square one, after a few days without any interruption. This is few minutes ago, and is still the same. Link to comment Share on other sites More sharing options...
persian-boy 22 Posted November 2, 2017 Share Posted November 2, 2017 (edited) Yesterday I got this problem but only for 10 minutes Anyway, the live Gird is not that useful for novice users because it will not make a decision even when knows a file is risky... Edited November 2, 2017 by persian-boy Link to comment Share on other sites More sharing options...
Corso 1 Posted November 2, 2017 Author Share Posted November 2, 2017 It's back here too. I get the notification from time to time, and it's annoying. I've disabled the notification now to see if that helps. Maybe have to go back to v10 till this is fixed. Link to comment Share on other sites More sharing options...
itman 1,746 Posted November 2, 2017 Share Posted November 2, 2017 Appears to me there are certain type of network setups that seem to be triggering this alert. For example, my network connection went down the other day w/o reason. A few minutes later, it reestablished itself; most likely a "glitch" with my DSL Ethernet based router. It has happened before. However when the connection was down, not "a peep" from LiveGrid about a connection issue. Wonder if this issue is related to Wi-Fi based connections? Perhaps people should start posting what type of router connection they are using; Ethernet or Wi-Fi. Link to comment Share on other sites More sharing options...
Recommended Posts