Jump to content

Recommended Posts

I noticed this under events this file was sent to Eset virus lab for analysis.  I don't remember clicking on anything to submit for analysis. How can I find out what file it was?  Do I have a virus?

Link to comment
Share on other sites

  • Administrators
4 hours ago, Purpleroses said:

I noticed this under events this file was sent to Eset virus lab for analysis.  I don't remember clicking on anything to submit for analysis. How can I find out what file it was?  Do I have a virus?

ESET merely found a suspicious file that it considered worth submitting for further analysis. It doesn't mean the file was necessarily malicious.

Link to comment
Share on other sites

How did they find the suspicious file and do they send it automatically to virus lab with out my permission?  Is that file still on my computer?  So they just send it to virus lab and I know that I did not send anything myself.

Link to comment
Share on other sites

  • Administrators

It's not without your permisson if you have the LiveGrid feedback system and sample submission enabled.

Link to comment
Share on other sites

  • Most Valued Members

for example:
you can download the VLC Media Player from it's website, a completely legitimate and safe app/file.
but since the file is brand new and was released last week, ESET LiveGrid system doesn't recognize it because not many users have it on their systems and sends it to the Eset Lab so the team can test it.
when they see that it's safe, they will ignore it.
(the above is just a rough example of how it works)


as Marcos said once you enable the LiveGrid feedback option it will send samples and suspicious files for testing.
 

Untitled.thumb.png.c10dd5573118618df2c93e8e6ea44eee.png

Link to comment
Share on other sites

I do have LiveGrid enabled and LiveGrid Feeback enabled. Now with automatic submission of detected samples can I set that to do not submit or leave at all samples  except documents?

Link to comment
Share on other sites

  • Most Valued Members

I should note that when the files are submitted they will be anonymised so nothing is linked to a user and nothing personally identifiable is sent.

It's one of those things that as a user you need to decide if the pros outweigh the cons. I recommend it myself as it means newer malware gets detect quickly

Link to comment
Share on other sites

  • Administrators

The LiveGrid Feedback system partly affects protection, detection and cleaning capabilities, including the Ransomware shield. There may be malware which would be undetected with the LG Feedback disabled but detected when enabled.

Link to comment
Share on other sites

I will leave it the way it is.  But Now with automatic submission of detected samples can I set that to do not submit or leave at all samples  except documents?

Link to comment
Share on other sites

  • Most Valued Members

the default "all samples except documents" should be ok. personally i selected "all detected samples", it's up to you.
i wouldn't recommend to disable the option and never submit detected samples as this will make it harder for the company to detect new malware and improve it's detection modules.

Edited by shocked
Link to comment
Share on other sites

How do you know what file was sent all I see is numbers and letters of the file?  Will they tell you if it was malware file?  Are they taking this from the LliveGrid running processes section?

Edited by Purpleroses
Link to comment
Share on other sites

  • Administrators

If a file is suitable for submission is evaluated when the file is scanned. In case it's malware detection will be added and the file will become detected within a couple of minutes.

Link to comment
Share on other sites

  • Administrators
34 minutes ago, Purpleroses said:

Thank you for all the help.  So are they looking at the running processes in LiveGrid to determine when to send a file to Eset virus lab?

Maybe partly but it's mainly scanners that scan files and ekrn decides which are suitable to be sent.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...