Jump to content

LiveGuard Question


Recommended Posts

  • ESET Insiders

This morning I received a popup saying that a file was being analyzed and was blocked until it was checked by LiveGuard.  A short while later I received another pop-up that the file was safe.

My question is, how do I see what file was analyzed and was blocked?  If I go to "Sent Files" logs nothing appears.

Time;Component;Event;User
8/17/2022 8:59:27 AM;ESET Kernel;ESET LiveGuard is analyzing the file to ensure it's safe to use. We will notify you in a few minutes.Unblock the file (not recommended)Change setup;DESKTOP-CR8F50R\User
8/17/2022 8:59:27 AM;ESET Kernel;ESET LiveGuard has analyzed a file. It is safe to use.;DESKTOP-CR8F50R\User

I am running the latest ESSP and Windows 11 21H2 and is fully patched.

Thanks.

Link to comment
Share on other sites

  • ESET Insiders
3 hours ago, itman said:

Verify the following highlighted setting is enabled in Eset GUI:

Eset_Sent.thumb.png.118585ac40fdb140da1fff1579950548.png

Also verify that Eset logging verbosity level is set to Informative:

Eset_Informative.thumb.png.b6581af6814c13dfe13e753bd030c80a.png

Will need to double check when I get home.  Thank you!

Link to comment
Share on other sites

  • Administrators

Sent files are logged in the Sent files log by default, you don't need to enable logging.

image.png

To find out if a particular file was actually sent out and analyzed (a verdict could be known without analyzing the file), please provide logs collected with ESET Log Collector as well the name of the file.

Link to comment
Share on other sites

  • ESET Insiders
5 hours ago, Marcos said:

Sent files are logged in the Sent files log by default, you don't need to enable logging.

image.png

To find out if a particular file was actually sent out and analyzed (a verdict could be known without analyzing the file), please provide logs collected with ESET Log Collector as well the name of the file.

That is what I thought.  When I checked this morning, nothing appeared in sent files.  I will run the Log Collector to see.

EDIT:  Sent you a PM with the logs @Marcos

Edited by Trooper
Link to comment
Share on other sites

44 minutes ago, New_Style_xd said:

Guys, the following situation happened to me:
A file was detected by LiveGuard as shown in the image below:

image.thumb.png.f1782dee83d93a9137083d1180cbc802.png

So far there has been no verdict. How do I know if it's safe or not?
I don't know if it's infected or not?

This keeps coming up in the forum; over and over again.

If the file is deemed safe by LiveGuard, you will not get an Eset safe popup notification and the file will be silently unblocked.

The only time you will receive an Eset safe popup notification is if you attempted to access the file while it was in a LiveGuard blocked state.

Edited by itman
Link to comment
Share on other sites

15 minutes ago, itman said:

This keeps coming up in the forum; over and over again.

If the file is deemed safe by LiveGuard, you will not get an Eset safe popup notification and the file will be silently unblocked.

The only time you will receive an Eset safe popup notification is if you attempted to access the file while it was in a LiveGuard blocked state.

Thanks for the explanation, because this doubt has been happening for a long time, because before ESET reported a verdict for the file even if it was safe or not. I preferred at the time when He showed the message that the file is SAFE.
Do you know if there is an option in the settings to activate this message stating that it is safe?
I don't know if many agree with me, it would be much clearer and more satisfying for ESET to inform with a message that it is SAFE OR BLOCKED, this gives more security for the user to know.

Link to comment
Share on other sites

1 hour ago, New_Style_xd said:

I don't know if many agree with me, it would be much clearer and more satisfying for ESET to inform with a message that it is SAFE OR BLOCKED, this gives more security for the user to know.

I already commented on this here: https://forum.eset.com/topic/33302-liveguard-can-automatically-block-a-suspicious-file-but-cannot-upload-it-to-the-cloud/?do=findComment&comment=155033 .

Also for many LiveGuard submissions, you won't even know it was submitted unless you were constantly monitoring Eset Event log entries for it. As such, I guess the fact that a safe verdict desktop alert is not displayed is logical. The only time you will see an Eset popup notification is if the file is also submitted to Eset VirusLab for additional review and that setting is enabled in Eset Event settings.

Link to comment
Share on other sites

1 hour ago, itman said:

I already commented on this here: https://forum.eset.com/topic/33302-liveguard-can-automatically-block-a-suspicious-file-but-cannot-upload-it-to-the-cloud/?do=findComment&comment=155033 .

Also for many LiveGuard submissions, you won't even know it was submitted unless you were constantly monitoring Eset Event log entries for it. As such, I guess the fact that a safe verdict desktop alert is not displayed is logical. The only time you will see an Eset popup notification is if the file is also submitted to Eset VirusLab for additional review and that setting is enabled in Eset Event settings.

From what I've seen, the forum moderators or ESET team didn't give a feedback if they were going to do this?
Will we have to put this high value suggestion for users in a new Topic?

Link to comment
Share on other sites

  • Administrators
3 hours ago, New_Style_xd said:

From what I've seen, the forum moderators or ESET team didn't give a feedback if they were going to do this?
Will we have to put this high value suggestion for users in a new Topic?

You can provide your feedback via your local ESET distributor who will then pass it to the appropriate ESET staff.

Link to comment
Share on other sites

  • Administrators
2 hours ago, rizks said:

I have question do eset also block malwares as well.

ESET detects and blocks any type of threat, from scam, phishing through viruses, trojans, rootkits to advanced threats such as fileless malware, UEFI malware, etc.

Link to comment
Share on other sites

  • Administrators
7 hours ago, New_Style_xd said:

Thanks for the explanation, because this doubt has been happening for a long time, because before ESET reported a verdict for the file even if it was safe or not. I preferred at the time when He showed the message that the file is SAFE.

A verdict is displayed if you attempt to run a file submitted to LiveGuard.

Link to comment
Share on other sites

  • Administrators
26 minutes ago, New_Style_xd said:

Good Morning! Could someone tell me where the Feedback option is in the ESET product?

It can be found here:

image.png

image.png

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...