Jump to content

Finding threats?


Recommended Posts

I have a Windows workstation (latest agent, AV = 7.0.2091.0). It has been scanned three times over two days. Each scan reports the same: 'Critical': 48 infected, 0 cleaned.

When I go to the linked client details, it shows only 2 warnings for PUP's in the Threats/Quarantine section. In the ERA console view, the workstation shows with a green check showing status 'OK', but also reflects the two active threats. The 'High severity scans in last 30 days' reflects the three scans each showing 48 infections.

I haven't yet found a report or view that details what items are infected.

My questions are:

  1. Where can I look to see what items are infected and/or why they were not handled?
  2. If the system is infected, why is not flagged as such? It shows status 'OK' and only reflects the two PUP warnings. Nothing else in the client view indicates any infections or issues otherwise.

Thank you.

Link to comment
Share on other sites

  • Administrators

Please gather a complete set of logs with ESET Log Collector (select All in the drop-down menu). I'd like to check raw logs from the client first.

Link to comment
Share on other sites

@Marcos I've attempted to get the logs over several days, but each time I get the following: "Failed to start application |  Log collector command timed out and was terminated"

Didn't find any details why it's failing. Other tasks appear to be running without issue. Any suggestions how to troubleshoot this?

Link to comment
Share on other sites

  • 2 weeks later...

I updated the client to 7.0.2091 and rebooted last night. Today I attempted to run the log collector again. Still get the same timeout error.

Any suggestions how to troubleshoot log collector failures? Does the log collector create its own logs somewhere?

Link to comment
Share on other sites

  • Administrators

I'd suggest raising a support ticket for customer care.  It is weird that ELC has some issues gathering logs, perhaps a Procmon log from the time ELC is running could shed more light.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...