a Live Grid without network?

Discussion in 'ESET Smart Security' started by Galaxykiss, Sep 13, 2011.

Thread Status:
Not open for further replies.
  1. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I'm glad to use v5 at this moment.

    I tried to start a smart scan with the Live Grid in the TS.net engine seting. but I found there's no reading in my network connection.

    the wifi light of my laptop won't twinkle in the scaning process. indeed, when I surf internent, it will twinkle.

    How can the live grid help without using network?

    thank you.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    V5 doesn't initiate a connection automatically. Simply establish an Internet connection and try to populate ESET Live Grid information about running processes, that should work fine.
     
  3. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    So, the Live Grid can't boost the detection rate so far, right?

    Edit: sorry, I edited your post in error.
     
    Last edited by a moderator: Sep 13, 2011
  4. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    not sure in what moment the local cache is populated with info about whitelisted files and when this whitelist is used.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I, for one, have no clue as to based on what a file should be flagged by ESET Live Grid as malicious. Weak reputation is far too little to tell that a file is malware. Of course, ESET uses information from Live Grid to improve protection and react quickly to new threats.
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    V5 communicates with cloud servers in certain intervals so this is when the local database gets populated bit by bit.
     
  7. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    The cache is frequently built by the servers then? And no by file scanning?
     
  8. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    the file with weak reputation should not be determine as malware directly. but I believe there are not many people will do the progress check frequently. but they will scan file frequently.
     
  9. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    and virus signature updates will happen frequently, which is where detection resides.
     
  10. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I think Live Grid in scanning files helps more than submiting sample. the signature update can benefit from it.
     
  11. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Heuristics / signatures benefit from the Live Grid data, that's true.
     
  12. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    can you please explain how does it work?

    does live grid upload file from the user's processes?
     
  13. 4L3X

    4L3X Registered Member

    Joined:
    Sep 13, 2006
    Posts:
    40
    At a guess it would take a look at the MD5 for the file and compare it with a safelist on the server as this would be the only fast way of doing this. And if its unpopular or unranked then its flagged as possibly being suspicious. I use firefox 7 and thats ranked as suspicious because its not common and i guess the more times its seen by the servers then it will shortly not be showing that angry red colour :)
     
  14. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    I think the information needed for reputation is automatically sent when a program is launched.
    ...or possibly only when you open the cloud window in the Tools section :(
     
    Last edited: Sep 13, 2011
  15. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Will the reputation speed up the discovering of ITW threats?
     
  16. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Seems to be the LiveGrid is really helping: the latest on-demand comparative show only 3 false positives for ESET.
    Thanks.
     
Thread Status:
Not open for further replies.