Cloud-based protection

ESET LiveGrid® (built on the ESET ThreatSense.Net advanced early warning system) utilizes data that ESET users have submitted worldwide and sends it to the ESET Research Lab. By providing suspicious samples and metadata from the wild, ESET LiveGrid® enables us to react immediately to needs of our customers and keep ESET responsive to the latest threats. Read more about ESET LiveGrid® in the glossary.

A user can check the reputation of running processes and files directly from the program's interface or contextual menu with additional information available from ESET LiveGrid®. There are two options:

1.You can choose not to enable ESET LiveGrid®. You will not lose any functionality in the software, but in some cases, ESET NOD32 Antivirus may respond faster to new threats than detection engine update when ESET Live Grid is enabled.

2.You can configure ESET LiveGrid® to submit anonymous information about new threats and where the new threatening code is contained. This file can be sent to ESET for detailed analysis. Studying these threats will help ESET update its threat detection capabilities.

ESET LiveGrid® will collect information about your computer related to newly-detected threats. This information may include a sample or copy of the file in which the threat appeared, the path to that file, the filename, the date and time, the process by which the threat appeared on your computer and information about your computer‘s operating system.

By default, ESET NOD32 Antivirus is configured to submit suspicious files for detailed analysis to the ESET Virus Lab. Files with certain extensions such as .doc or .xls are always excluded. You can also add other extensions if there are particular files that you or your organization want to avoid sending.

The ESET LiveGrid® reputation system provides cloud-based whitelisting and blacklisting. To access settings for ESET LiveGrid®, press F5 to enter Advanced setup and expand Detection Engine > Cloud-based Protection.

Enable ESET LiveGrid® reputation system (recommended) – The ESET LiveGrid® reputation system improves the efficiency of ESET anti-malware solutions by comparing scanned files to a database of whitelisted and blacklisted items in the cloud.

Enable ESET LiveGrid® feedback system – Data will be sent to the ESET Research Lab for further analysis.

Submit crash reports and diagnostics data – Submit data such as crash reports, modules memory dumps.

Submit anonymous statistics – Allow ESET to collect information about newly detected threats such as the threat name, date and time of detection, detection method and associated metadata, product version, and configuration including information about your system.

Contact email (optional) – Your contact email can be included with any suspicious files and may be used to contact you if further information is required for analysis. Please note that you will not receive a response from ESET unless more information is needed.

Submission of samples

Submit infected samples – This will submit all infected samples to ESET for analysis and to improve future detection. The following options are available:

All infected samples

All samples except documents

Do not submit

Submit suspicious samples

Executables Includes files like .exe, .dll, .sys.

Archives Includes filetypes like .zip, .rar, .7z, .arch, .arj, .bzip, .gzip, .ace, .arc, .cab.

Scripts Includes filetypes like .bat, .cmd, .hta, .js, .vbs, .ps1.

Other –  Includes filetypes like .jar, .reg, .msi, .sfw, .lnk.

Possible Spam emails – This will allow sending possible spam parts or whole possible spam emails with attachment to ESET for further analysis. Enabling this option improve Global detection of spam including improvements to future spam detection for you.

Documents – Include Microsoft Office documents or PDFs with active content.

Exclusions – The Exclusion filter allows you to exclude certain files/folders from submission (for example, it may be useful to exclude files that may carry confidential information, such as documents or spreadsheets). The files listed will never be sent to ESET labs for analysis, even if they contain suspicious code. The most common file types are excluded by default (.doc, etc.). You can add to the list of excluded files if desired.

If you have used ESET LiveGrid® before and have disabled it, there may still be data packages to send. Even after deactivating, such packages will be sent to ESET. Once all current information is sent, no further packages will be created.

note

Note

Our ESET LiveGrid® servers are located in Bratislava, Vienna and Sand Diego, however, those are only the servers, that are responding to requests from the clients. The actual processing of samples submitted is happening only in Bratislava, Slovakia.