ESET Online Help

Search English
Select the topic

Results of analysis

After a file is analyzed, ESET cloud sends it to ESET management console (or ESET Cloud Office Security), where the status of the analyzed file is changed from Unknown to one of the statuses listed below. Information about the file and short results of the analysis can be viewed in the File details window.

ESET Cloud Office Security users can find the list of submitted files and their results in Logs.

status

File parameters

Description

Computer

Name of the computer that submitted the file.

User

User on the source computer that submitted the file. In some cases, this can be a system user.

Reason

Reason for submission (Automatic, Manual).

Sent to

Part of the ESET cloud that received the file.

Hash

SHA-1 and SHA-256 hash of the submitted file.

Filename

Filename and its full path in the submitter's file system.

Size

Size of the file.

Category

Category (file type) of the file. Category is used in submission configuration.

Each sample has two key parameters: State and Status.

State expresses the file's present station in the analysis workflow.

State

Description

Sent to LiveGrid(R)

File was sent to the ESET cloud, but the result will not be available.

Sent to ESET LiveGuard

File was sent to the ESET cloud for ESET LiveGuard Advanced analysis.

Analyzingprogress_icon

The analysis is in progress.

Finishedanalyzed_icon

The file was successfully analyzed.

Re-analyzing

The prior result is available, but the file is undergoing analysis again.

Status expresses the result of the behavioral analysis or the absence of a result.

Icon

Status

Score

Description

pending_icon

Unknown

 

The file was not analyzed.

result_1

Clean

1 - 74

No detection engine identifies the sample as malicious.

result_2

 

result_3

Suspicious

Highly suspicious

75 - 89

90 - 99

Detection engine has evaluated the file behavior as suspicious but not as clearly malicious.

result_4

Malicious

100

File behavior is considered malicious.

Recommendations for users with suspicious samples

If your file is evaluated as suspicious or highly suspicious, you should consider the following:

if your license allows it, inspect the behavioral report for details on the file's activities.

inspect the source of the file (where did the file come from), do you trust it?

upload the file to an external virus analysis tool, for example, VirusTotal.

if you consider your organization to be at a high risk of attack, set the Detection threshold to Suspicious.