a Live Grid without network?

Discussion in 'ESET Smart Security' started by Galaxykiss, Sep 13, 2011.

Thread Status:
Not open for further replies.
  1. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I'm glad to use v5 at this moment.

    I tried to start a smart scan with the Live Grid in the TS.net engine seting. but I found there's no reading in my network connection.

    the wifi light of my laptop won't twinkle in the scaning process. indeed, when I surf internent, it will twinkle.

    How can the live grid help without using network?

    thank you.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,411
    V5 doesn't initiate a connection automatically. Simply establish an Internet connection and try to populate ESET Live Grid information about running processes, that should work fine.
     
  3. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    So, the Live Grid can't boost the detection rate so far, right?

    Edit: sorry, I edited your post in error.
     
    Last edited by a moderator: Sep 13, 2011
  4. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    not sure in what moment the local cache is populated with info about whitelisted files and when this whitelist is used.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,411
    I, for one, have no clue as to based on what a file should be flagged by ESET Live Grid as malicious. Weak reputation is far too little to tell that a file is malware. Of course, ESET uses information from Live Grid to improve protection and react quickly to new threats.
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,411
    V5 communicates with cloud servers in certain intervals so this is when the local database gets populated bit by bit.
     
  7. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    The cache is frequently built by the servers then? And no by file scanning?
     
  8. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    the file with weak reputation should not be determine as malware directly. but I believe there are not many people will do the progress check frequently. but they will scan file frequently.
     
  9. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    and virus signature updates will happen frequently, which is where detection resides.
     
  10. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I think Live Grid in scanning files helps more than submiting sample. the signature update can benefit from it.
     
  11. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,411
    Heuristics / signatures benefit from the Live Grid data, that's true.
     
  12. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    can you please explain how does it work?

    does live grid upload file from the user's processes?
     
  13. 4L3X

    4L3X Registered Member

    Joined:
    Sep 13, 2006
    Posts:
    47
    At a guess it would take a look at the MD5 for the file and compare it with a safelist on the server as this would be the only fast way of doing this. And if its unpopular or unranked then its flagged as possibly being suspicious. I use firefox 7 and thats ranked as suspicious because its not common and i guess the more times its seen by the servers then it will shortly not be showing that angry red colour :)
     
  14. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    I think the information needed for reputation is automatically sent when a program is launched.
    ...or possibly only when you open the cloud window in the Tools section :(
     
    Last edited: Sep 13, 2011
  15. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Will the reputation speed up the discovering of ITW threats?
     
  16. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Seems to be the LiveGrid is really helping: the latest on-demand comparative show only 3 false positives for ESET.
    Thanks.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.