Purpleroses 21 Posted June 16, 2021 Posted June 16, 2021 I noticed this under events this file was sent to Eset virus lab for analysis. I don't remember clicking on anything to submit for analysis. How can I find out what file it was? Do I have a virus?
Administrators Marcos 5,458 Posted June 16, 2021 Administrators Posted June 16, 2021 4 hours ago, Purpleroses said: I noticed this under events this file was sent to Eset virus lab for analysis. I don't remember clicking on anything to submit for analysis. How can I find out what file it was? Do I have a virus? ESET merely found a suspicious file that it considered worth submitting for further analysis. It doesn't mean the file was necessarily malicious.
Purpleroses 21 Posted June 16, 2021 Author Posted June 16, 2021 How did they find the suspicious file and do they send it automatically to virus lab with out my permission? Is that file still on my computer? So they just send it to virus lab and I know that I did not send anything myself.
Administrators Marcos 5,458 Posted June 16, 2021 Administrators Posted June 16, 2021 It's not without your permisson if you have the LiveGrid feedback system and sample submission enabled.
Most Valued Members shocked 60 Posted June 16, 2021 Most Valued Members Posted June 16, 2021 for example: you can download the VLC Media Player from it's website, a completely legitimate and safe app/file. but since the file is brand new and was released last week, ESET LiveGrid system doesn't recognize it because not many users have it on their systems and sends it to the Eset Lab so the team can test it. when they see that it's safe, they will ignore it.(the above is just a rough example of how it works) as Marcos said once you enable the LiveGrid feedback option it will send samples and suspicious files for testing.
Purpleroses 21 Posted June 16, 2021 Author Posted June 16, 2021 I do have LiveGrid enabled and LiveGrid Feeback enabled. Now with automatic submission of detected samples can I set that to do not submit or leave at all samples except documents?
Most Valued Members peteyt 396 Posted June 16, 2021 Most Valued Members Posted June 16, 2021 I should note that when the files are submitted they will be anonymised so nothing is linked to a user and nothing personally identifiable is sent. It's one of those things that as a user you need to decide if the pros outweigh the cons. I recommend it myself as it means newer malware gets detect quickly
Purpleroses 21 Posted June 16, 2021 Author Posted June 16, 2021 Do I need the LiveGrid Feedback system enabled?
Administrators Marcos 5,458 Posted June 16, 2021 Administrators Posted June 16, 2021 The LiveGrid Feedback system partly affects protection, detection and cleaning capabilities, including the Ransomware shield. There may be malware which would be undetected with the LG Feedback disabled but detected when enabled.
Purpleroses 21 Posted June 16, 2021 Author Posted June 16, 2021 I will leave it the way it is. But Now with automatic submission of detected samples can I set that to do not submit or leave at all samples except documents?
Most Valued Members shocked 60 Posted June 16, 2021 Most Valued Members Posted June 16, 2021 (edited) the default "all samples except documents" should be ok. personally i selected "all detected samples", it's up to you. i wouldn't recommend to disable the option and never submit detected samples as this will make it harder for the company to detect new malware and improve it's detection modules. Edited June 16, 2021 by shocked
Purpleroses 21 Posted June 16, 2021 Author Posted June 16, 2021 (edited) How do you know what file was sent all I see is numbers and letters of the file? Will they tell you if it was malware file? Are they taking this from the LliveGrid running processes section? Edited June 16, 2021 by Purpleroses
Administrators Marcos 5,458 Posted June 16, 2021 Administrators Posted June 16, 2021 If a file is suitable for submission is evaluated when the file is scanned. In case it's malware detection will be added and the file will become detected within a couple of minutes.
Purpleroses 21 Posted June 16, 2021 Author Posted June 16, 2021 Thank you for all the help. So are they looking at the running processes in LiveGrid to determine when to send a file to Eset virus lab?
Administrators Marcos 5,458 Posted June 16, 2021 Administrators Posted June 16, 2021 34 minutes ago, Purpleroses said: Thank you for all the help. So are they looking at the running processes in LiveGrid to determine when to send a file to Eset virus lab? Maybe partly but it's mainly scanners that scan files and ekrn decides which are suitable to be sent.
Purpleroses 21 Posted June 16, 2021 Author Posted June 16, 2021 Thank you Marco. What scanners are being used?
Administrators Marcos 5,458 Posted June 16, 2021 Administrators Posted June 16, 2021 Real-time scanner, on-demand scanner, startup scanner, Web access & Email scanner, etc.
Recommended Posts