ERA 6.4 | On Demand scan due to threats discovered

[avielc 54]

Hi everyone,

I'd like to know if there is a way to make sure a scan on demand I deploy as a task through ERA web console will clean+remove anything that can't be cleaned without requesting the user on the computer to get involved. this pop up message is just creating anxiety among techno-phobic users (there are some of those in the company

 

Thank you!

[Marcos 5,074]

With default cleaning mode, threats are cleaned automatically. However, in case of archives that contain also clean files besides malicious ones or if a potentially unwanted or unsafe application is detected, a user intervention is required. To avoid this, set the cleaning mode for the desired scan profile to "Strict cleaning" and then run an on-demand scan task using that profile settings.

[avielc 54]

Thank you for the answer Marcos, 

However, in the "threats" section on the web console + the reports, I still see threats which are marked as "not handled", even after running on demand in depth scan with "Strict Cleaning"

can you tell me why is that? or how can we get "threats handled" approval? 

Thank you

[MichalJ 434]

You mean "threat handled" or "threat resolved".  

"Threat handled" is a separate column, and "threat resolved" is the internal indication of ERA (they could be resolved only manually, by marking them as such). 

Could you please added here a screenshot? Also, it might happen, that detections are not "threats", but potentially unwanted / unsafe applications, which are not removed even with standard cleaning, and the popup is displayed. 

 

[avielc 54]

Sorry Michal, been busy with work, I couldn't get a chance to respond to this thread.

I'm leaving this subject for the time being, as i've came up with my own solution with an email with the columns i found has the most information if issue was handled or not, (I think its action description or something, e.g.: file deleted, etc)

That was good enough for my reports.

I would however like to suggest remodel that, there are way too many columns which some don't even return any information that is user friendly \ readable. 

not to mention "threats" under the web console has different information compared to different reports you can find under reports generations. Don't get me wrong, some reports are quite useful, but they aren't as easy to work with as clicking "threats" and seeing what happens with your current state of network. (and you are limited in some to specific conditions which can't be added in others, e.g. : range of dates for threats, i don't remember exactly which report you couldn't choose a date range of results, so I had to take a range of 40-60 entries and manually choose which dates are good for me and what aren't)

 

Thanks again for all the support, i really appreciate all your help in that (that goes to all the staff as well).

Aviel