GDI

Done. Thanks!

PM'd

Not sure how to handle this. We have a website that employees use regularly that is always flagged with a "Malicious file HTML/Phishing.Agent.B" detection. When I go to the Virus Total page for the hash, it says "Page not found". When I put the site into Virus Total manually, it says "No security vendors flagged this URL as malicious". Is this a false positive? What could be triggering it?

Thanks for the info. We ran the all in one installer and we are all updated now. Is there a way within the Protect console to see what versions of 3rd party ESET components we have and what the newest versions are? The only way I know of right now is to download the installer and let it tell me if something is out of date. I think since, as you said, some of those 3rd party components have important security patches, it would be good to have an easy way to see if the components are out of date.

EDIT: I just noticed that the latest version of ESET Protect Server for Windows is 9.0.1144.0 and I'm on 9.0.1141.0. So, looks like I didn't receive a notification for that either.

Hello. I have a curious question. In my dashboard's RSS feed, I saw a notice that hotfix version 9.0.10.2 was released on 12/7 and that it updates the HTTP proxy. I did some digging and noticed that my server component is up-to-date to the current version but the proxy and tomcat are a couple versions old. I confirmed this by starting the 9.0.10.2 installer and it showed me those components were not current. I have not done this upgrade yet. My question is, I know the protect console will show up updates are available. I did not receive a notification for the proxy or tomcat being out of date. Does the notification not include those components? Is an update to 9.0.10.2 still recommended if everything is running fine?

Sorry to bring up an old thread. But, I'm a bit confused. I've finally had an instance where I need to do a scan with cleaning. I have setup a custom scan profile called "In-depth scan (with deleted)". I've created a task with the task "In depth scan". Under scan profile, the profile I've created wasn't listed so I selected "Custom" and manually typed in "In-depth scan (with deleted)" in the custom profile box. Is that the correct way to do this? I would've thought if I selected "Custom" that all custom profiles would be listed in a dropdown under "Custom". Just took me by surprised that I'd have to manually type in the name.

Thanks for the advice. I'll give this a shot. By "prevent users from using this scan profile" are you referring to if they go into Endpoint > Computer Scan > Custom Scan > Settings? If so, yeah it would be great to be able to "hide" it but, for us, it shouldn't be a big deal. Just as long as that profile isn't used for automatic/scheduled scans, we are OK setting it up this way.

Hello, just wanted to let you know I PM'd the files to you on Oct 8th.

Thank you. I was able to remotely get the log. Can I share them with you via PM?

Just out of curiosity, is there a way to collect logs from a workstation remotely rather than being logged directly onto the computer? It may be a while before I can get into the machine in question. The file in question in this instance was one particular Chrome cache file that came up with "Potentially unwanted application". Name is "MSIL/DotSetupIo.A"

Right now, we are still at the "setting up" stage of ESET. We have most of our policies setup at "Balanced" or "Cautious" because, at this point, we want ESET to report to items but we want to manually clean them (or make an exception if necessary) after we review them. The problem is, when something is detected, I'll go to the detection, select "Scan Path", and make sure "Scan with Cleaning" is selected. I run the task, and I know it runs on the workstation, but nothing happens. It just reports on the infection again but does not clean it. What am I doing wrong?

Thanks for the information. I'm aware of filtering but is there a way to manually clear them out of the database? My statistics are all skewed. I have about 10 times more detections (which are false) on one workstation than I do the entire network. Or, can I just change "clean incident logs over than" to 1 day and after they clear out change it back to the previous setting?

Hello! I can't seem to find information on how to manually clear the detection list and statistic in ERA. I've seen FAQs stating there is a "Clean Up" now button but I can't seem to find it. I know I can lower the logging down but I'd like to run it on demand. Last night, we had a workstation with a Kali Linux ISO on it and the system reported 1000+ detections that we would like to remove from the statistics. Thanks!

Hello everyone. I'm still learning the ropes of ESET protect at the moment but, I have a question. When doing updates of ESET security products from the Protect console, "Reboot if needed" is checked by default. Is there a way to have that unchecked by default? Worried that I may speed through it at some point and accidentally reboot workstation unintentionally.