chockomonkey

Thanks for sharing all that info. I am using the default ESET policy for Endpoint deployments, so it should be doing regular scans. Based on your suggestion I'll look at increasing the strictness of cleaning. I am curious--how do you differentiate between the on-demand scanner and the real-time protection with regards to the warning screens? Lastly, where does Idle-state scanning come into the mix? I had assumed, incorrectly it seems, that the window which had popped up on these workstations was from the idle-state scan.

Ah okay, well thanks for replying anyway. Out of necessity, all instances of this were manually deleted via the window that was on users' screens. Perhaps infections aren't reported to ERA or the logs when they are manually handled...

Thanks for that. So basically ESET pushed out a definition update which added this new scrinject.b threat, and during routine scanning it located various instances of it in cache? That would make sense as to it's sudden appearance. However, why wouldn't this show up in ERA or local logs?

Hi all, I've experienced some atypical behavior from ESET Endpoint Antivirus this morning and I'm looking for some insight. I have received multiple reports from users about an ESET window on their screen when they came into work this morning. One employee took a photo of this window, which I've attached. It reads: Normally ESET Endpoint Antivirus just 'does its thing' in keeping malware, phishing attempts, trojans, and other malicious events under-wraps. I get notifications about its success in my ESET Remote Administrator where I make certain that the infections were properly handled, which, they always have been. However there are certain things about this event that leaves me scratching my head: 1. This is the first time in over a year of using ESET Endpoint Antivirus 6+ that users have ever seen this window or have had their input required. 2. These events do not show up in ESET Remote Administrator. 3. These events do not show up in the local logs on the workstations. Can someone please help me understand why this is?

Thanks for the confirmation. I'll make a task to coincide with my next maintenance window, after which I'll reboot them manually.

First off I'd like to point out that it's odd that there is not a more straight-forward upgrade for incremental versions of your software built in to ERA. If there is, please let me know! For the Endpoint Antivirus product, I followed a help article here which basically said to create a Software Install task, select the new version of EEA, do not select a license, and then select reboot when necessary. This actually worked flawlessly across 19 clients. For EFS this does not seem like a good solution as I do not ever want my servers restarting except when I do it myself after properly shutting down their running services. For now, I'm creating an installer without a license which I plan to try to install over the existing product manually. But in the meantime, what is considered best practice for upgrading ESET File Security for Windows Server? Are there any plans to make this more streamlined? Thanks!

Hey thanks for the reply. It was my bad for not specifying our environment--Win7 Defender is the one in question, and it claims to have real-time protection on.

They seem to work just fine together, but if there's no benefit to be had and I can safely disable Windows Defender, then who wouldn't want the extra performance? I'm just curious what y'all do. Cheers!

So, I think i figured out what i did. This is the package i installed, quite by accident actually: So now my question is: Due to the Core product being behind 2 versions, is it safe to use? Can it be activated? Actually based on this article https://support.eset.com/kb2789/?locale=en_US&viewlocale=en_US, it seems that i should uninstall this and proceed with regular EFSW, which unlike this version can be administered via ERA 6+

Ohh, okay. I see what you mean now, and it does look like it was installed:

Thanks for offering to help, MichalJ-- I'm almost certain my licenses are okay: Here's the Execution history for my Deployment task: I have not tried to activate manually, because the application does not seem to be installed on any of the above machines. All that is installed on each is the ESET shell, which I'm guessing comes with the Agent, which did properly deploy.

I hope the length of this post isn't scaring people away form helping.. I have purchased file security, but am currently unable to use it because ERA will not deploy it. Help!

Perhaps I could just use the "Antivirus - Maximum security" policy? Is that fine for a file server that also runs SQL Server and Quickbooks server?

Yea I really really wish I'd tested it more thoroughly before rolling it all out since I definitely would have preferred to stay on 5. I agree with you--while I can understand their move to the web console for larger distributed applications, for a small business like the one at which I work, its entirely unnecessary and i find myself realizing just how limited web consoles are. Everything from the time to display data to the lack of right-click context menus.. it's just all so clunky.

Is there a better way to activate these across the board? Certainly you don't expect users to click through every single section to enable the policies for a default policy application?