File Scanning on Client computers

[Fran Nava 0]

I have a complete domain setup with ESET, it runs scan regularly and warns us as expected if any errors occur.

 

Is there a way to scan for a particular file, or file name, or content in a file on all ESET installed client stations from the administrator remote desktop? 

This needs to happen silently and the users should not be interrupted.

 

Assume the potential of a wildcard like * or ?:

Example real file name: test-test1-test2.pdf

Can we go for a search which searches for all files which have the word test and is a PDF?

 

the detection engine for endpoint policies only uses exclusions.

I've tried excluding all files except some specific folders.

Example: "C:\* !(Users)"

 

But there isn't a precise enough interface that I've been able to find where I could type a parameter to search for and ESET can look in the systems and find it.

 

Can you guys help?

[Marcos 5,074]

If you would like to scan all pdf files on a particular drive, create a new on-demand scanner profile and exclude all extensions of files that you don't want to have scanned in this profile:

[Fran Nava 0]

Thers is no way to search for specific file names and get a list, like using sysinspector or something?

[Marcos 5,074]

8 minutes ago, Fran Nava said:

Thers is no way to search for specific file names and get a list, like using sysinspector or something?

Definitely not within the program but you could probably use a series of commands in a batch file and then use ecls.exe to scan them. However, since elcs.exe doesn't support loading a list of paths to files, it would need to load before a file is scanned and then unload which would be time consuming.

[Fran Nava 0]

So ESET doesn't have a remote file search logging ability right now?

[Marcos 5,074]

Not sure what you mean by a remote search ability, however, it's not possible to scan files of a specific type (e.g. pdf) by entering *\*.pdf or something like that which would scan only pdf files on one or more local or remote drives.

[Fran Nava 0]

What if i did a run command? would i be able to get the result of that command?

I.E: "where /R C:\Users\other /T *.txt"

How could i get the output to display in my remote admin?

[Marcos 5,074]

Ok, probably I misunderstood your question. I thought that you would like to run a scan of files with a specific extension on a remote machine.  If you want to run a specific command on clients, create a Run command client task in the ESMC console:

[Fran Nava 0]

No, I do want to run a scan of files with a specific extension or file names on a remote machine in my domain. 

I thought this could be achieved with the run command task, but the output of the commands isn't returned to the web console.

is there a way to run a command and get the resulting output as a report on the web console?

[MichalJ 434]

@Fran Nava Do I get it properly, that you want to basically check, whether a specific file / or file with a specific extension is present on the system? That´s a use-case that is currently not supported with our products. We will track it as an improvement for the future, however we have not yet received such request, as that´s more related to DLP solutions, than to security software.