Jump to content

Recommended Posts

Posted

I noticed this under events this file was sent to Eset virus lab for analysis.  I don't remember clicking on anything to submit for analysis. How can I find out what file it was?  Do I have a virus?

  • Administrators
Posted
4 hours ago, Purpleroses said:

I noticed this under events this file was sent to Eset virus lab for analysis.  I don't remember clicking on anything to submit for analysis. How can I find out what file it was?  Do I have a virus?

ESET merely found a suspicious file that it considered worth submitting for further analysis. It doesn't mean the file was necessarily malicious.

Posted

How did they find the suspicious file and do they send it automatically to virus lab with out my permission?  Is that file still on my computer?  So they just send it to virus lab and I know that I did not send anything myself.

  • Administrators
Posted

It's not without your permisson if you have the LiveGrid feedback system and sample submission enabled.

  • Most Valued Members
Posted

for example:
you can download the VLC Media Player from it's website, a completely legitimate and safe app/file.
but since the file is brand new and was released last week, ESET LiveGrid system doesn't recognize it because not many users have it on their systems and sends it to the Eset Lab so the team can test it.
when they see that it's safe, they will ignore it.
(the above is just a rough example of how it works)


as Marcos said once you enable the LiveGrid feedback option it will send samples and suspicious files for testing.
 

Untitled.thumb.png.c10dd5573118618df2c93e8e6ea44eee.png

Posted

I do have LiveGrid enabled and LiveGrid Feeback enabled. Now with automatic submission of detected samples can I set that to do not submit or leave at all samples  except documents?

  • Most Valued Members
Posted

I should note that when the files are submitted they will be anonymised so nothing is linked to a user and nothing personally identifiable is sent.

It's one of those things that as a user you need to decide if the pros outweigh the cons. I recommend it myself as it means newer malware gets detect quickly

  • Administrators
Posted

The LiveGrid Feedback system partly affects protection, detection and cleaning capabilities, including the Ransomware shield. There may be malware which would be undetected with the LG Feedback disabled but detected when enabled.

Posted

I will leave it the way it is.  But Now with automatic submission of detected samples can I set that to do not submit or leave at all samples  except documents?

  • Most Valued Members
Posted (edited)

the default "all samples except documents" should be ok. personally i selected "all detected samples", it's up to you.
i wouldn't recommend to disable the option and never submit detected samples as this will make it harder for the company to detect new malware and improve it's detection modules.

Edited by shocked
Posted (edited)

How do you know what file was sent all I see is numbers and letters of the file?  Will they tell you if it was malware file?  Are they taking this from the LliveGrid running processes section?

Edited by Purpleroses
  • Administrators
Posted

If a file is suitable for submission is evaluated when the file is scanned. In case it's malware detection will be added and the file will become detected within a couple of minutes.

Posted

Thank you for all the help.  So are they looking at the running processes in LiveGrid to determine when to send a file to Eset virus lab?

  • Administrators
Posted
34 minutes ago, Purpleroses said:

Thank you for all the help.  So are they looking at the running processes in LiveGrid to determine when to send a file to Eset virus lab?

Maybe partly but it's mainly scanners that scan files and ekrn decides which are suitable to be sent.

  • Administrators
Posted

Real-time scanner, on-demand scanner, startup scanner, Web access & Email scanner, etc.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...