Removal Of Unsafe/Unwanted Items

[Fraser Morrison 0]

Good Day,

Our organization is new to using the ESET line of products so I would like some assistance with the remote administrator. We have setup ESET Endpoint Antivirus version 6.4 on all of the desktops and laptops. We have setup version 6.4 of the remote administrator on our network. I can see all of the clients in the remote administration console. Some of them are in red meaning they have potentially unwanted applications and some are yellow meaning they have potentially unsafe applications. I can look at each entry and see what the issue is. But I cannot figure out how you go about resolving the issue being displayed. For example with our last product if a machine was infected with a virus I could simply right click on the machine and tell it to remove the infection. I can't see anything similar in the ESET administration console. Perhaps I am looking at how this works incorrectly. Can someone please help with resolving this issue? Thanks in advance.

Fraser

[Marcos 5,074]

In order to remove active threats, you'll need to run a custom scan from ERA using the In-depth scan profile and with cleaning mode set to strict cleaning so that the scanner doesn't wait for user's intervention when a potentially unsafe or unwanted application is detected but cleanes/deletes it automatically. If all threats have been cleaned, they will no longer appear as active threats in the ERA Console. Eventually manually resolve threats if you are sure that everything is ok and the threats have been cleaned properly.

[Fraser Morrison 0]

Marcos,

Thanks for the response. I have found how to create the task that has the in-depth scan but I can't seem to see where I set it to "strict" cleaning as it would be good not to have it stopped waiting for user input.

[Marcos 5,074]

I see, it's not very straightforward. When creating a new scan task with the In-depth scan profile you have no way to adjust settings for this scan. The solution will be to apply a policy that will change the cleaning level for the In-depth scan profile to Strict cleaning. Once applied, selecting Scan -> Scan with cleaning for a desired computer or a group of selected computers will run a scan using the new In-depth scan settings, ie. even PUAs will be cleaned automatically.

[Fraser Morrison 0]

Marcos,

 

Thanks so much for your help. I think I know why I am not seeing what you are describing. From what I can tell in the screen shot you included you are looking at the settings right on the client computer itself. I am looking at the setting through the remote administrator. I have included a screen shot with this message. If you can tell me why I can't find the same option that you show I would greatly appreciate it.

[MichalJ 434]

You have to configure in-depth scan settings via policy. Create a new policy for Endpoint, assign it to the group / computer and then execute the task you want. Policies could be configured in ERA in Admin / Policies / New policy.

[Fraser Morrison 0]

Thank you both very much for the help. Are there any types of training videos on how to configure these types of settings in the remote administration? I know that there is the documentation but that can be dry and confusing at times. I would like to take a course type of setup on the remote administration where I am a new administrator so if there is one please let me know. Thanks again.