WolfgangOne

Fantastic, thank you. I'm sure I absently removed it sometime recently to save screen space. Probably never would have thought to try that.

Nobody else? I'm the only one whose ESMC is intent on making them sad?

I'm not sure what's changed / what I've done to it, but I can't seem to select the whole list of threats and select 'mark as resolved.' I used to scroll through the list, looking for anything that wasn't sufficiently handled, and check all the rest and 'mark as resolved'. I can't do that from that screen anymore, though, for some reason. If I go to either the threat details or the computer details, I can mark the threat as resolved. But, having just had to go through this about 300 times, that seems not okay. Did I change a setting that I can't find somewhere? Did this get updated somehow in the latest version? Am I just being dumb somehow?

Ah, good to know that you're already on it. I'll be patient. ^^

I found an inconclusive, seemingly unresolved thread from 2015 with an unhelpful title ( https://forum.eset.com/topic/4527-strange-behavior-in-era-6/), but otherwise don't see any mention of "Last scan time" in the forums here. I seem to be seeing the same issue in my ERA 6.4.295.0 / 6.4.266.0. Virtually all of my computer show a "last scan time" of something quite out of date when you go to Computer -> Details, as in the first image. It shows Aug 9th. However, this computer, my computer, is shown in the report (Last scan report -> click on <1day -> Details) as having been scanned <1 day ago, which it has, as seen in the second image, with a 13:47 today. It seems that the Computer -> Details is simply not displaying the information properly. I'm unsure if it is related to anything else, like the original poster's issues with the threat counts (which are infuriating and seem to require that I manually mute them to deal with them, regardless of other instructions to scan the computer etc), but nonetheless, it's not displaying properly.

Hm. I thought you were onto something there, but in the attached report screenshot, the last five items from today (9/22/2016) are are all five in the affected computer's quarantine, as pictured. That said, it's interesting that the different types have different actions; the two Win32/NetTool.Portscan.c were "deleted" and the "a variant of Win32/VBObfus" were "cleaned by deleting". I set this computer to "normal cleaning" instead of "strict", fired up FreeFileSync again to get it to try and copy the infected files. The Portscan files, when detected, brought up the screen asking what action to take, the options being "Clean" and "No action". I said clean. The other three files did not display an option, but did show the notice that they'd been "cleaned by deleting". However, this time, all five files show on the report as "cleaned by deleting." All five were added to the Quarantine (the count increased). Normal cleaning is described as "In this mode, the program will attempt to automatically clean or delete infected files. If no action can be performed and user is logged in, an alert window with a list of available actions may be displayed. An alert window will also be displayed if the action fails." Strict cleaning is described as "In this mode, the program will attempt to automatically clean or delete all infected files without user intervention. System files are the only exception; if they cannot be cleaned and a user is logged in, alert window with a list of available actions will be displayed." I'm not sure what, exactly, is meant by "If no action can be performed..." since it obviously can perform the action, but how this seems to possibly work out is that "deleted" means it cleaned something optional. Something that would have given the user a choice, if it had been set to offer one. Basically, condition yellow strict cleaning = "deleted", condition red strict cleaning = "cleaned by deleting". I don't know, I'm probably obsessing. I have a lot of complaints about reports in general in ERA, and this is just one of they many mysteries I'd like resolved. But if there's really no practical difference between the two as appears to be the case, I'd really prefer if they were both were just renamed "deleted", just for the sake of making things simpler. It almost strikes me as just something missed in coding, i.e., they changed the wording in the past and missed one of the references. Either way, I'd really appreciate an Eset programmer's input or the like.

I agree with pretty much all of the suggestions in the thread. Something additional that's been bothering me is the inability to sort/filter by all columns available on a report. That is, as far as I have been able to determine, there is no way to create a report of say, just trojans and worms (excluding PUPs, for instance). Even though you can *display* that information in a report as "Active threats . Threat Type", that is not available for selection under Filter, as far as I have been able to determine. Any field that can be displayed on the report should be available for selection for sorting or filtering. As it stands, we can't be notified of "serious" threats without also being notified of every penny-ante PUP detected. Another thought, it also might be a good idea to have ERA escalate the "threat" from yellow to red after it's deleted the same threat in the same file a few times in a row (which would seemingly indicate a situation that merits investigation, at the very least).

Exactly as the title says. In the Threats section of ERA, under the Action column, some items show "deleted" and others show "cleaned by deleting." I'm curious to know if there is a functional difference, and if not, I'd like to suggest changing them to all be the same.