Giovanni 0 Posted June 10, 2020 Posted June 10, 2020 Good morning eset 13.1.21.0 does not respect the exclusions set I set the exclusion of some network paths but they are still scanned in real time, creating significant slowdowns in the execution of the application that is called If I completely exclude all network locations, real-time scanning is not performed The problem occurs only with version 13.1.21.0, on a windows 7 pc with version 11.2.49.0 the problem does not occur
Administrators Marcos 5,733 Posted June 10, 2020 Administrators Posted June 10, 2020 Do you mean that if you put the eicar test file to an excluded network folder and then access it, it will be detected by ESET? Scanning of network drives is not recommended; instead we recommend installing ESET on each machine to have it fully protected.
Giovanni 0 Posted June 10, 2020 Author Posted June 10, 2020 good morning marcos thanks for the prompt reply, the application used resides on a server and is accessible via network path. With the real-time scan active, despite the exclusion of the network path, the application becomes very slow. If you completely disable the real-time scan or disable the scan on the network paths, the application will work correctly again I have not tried the test with the eicar file but also the visualization of the files checked in real time confirms to me that the exclusion of network paths is not considered I also confirm that the problem did not arise with previous versions of the antivirus
Administrators Marcos 5,733 Posted June 10, 2020 Administrators Posted June 10, 2020 Please provide logs collected with ESET Log Collector for a start.
Giovanni 0 Posted June 10, 2020 Author Posted June 10, 2020 good morning marcos the required log is attached eav_logs.zip
Administrators Marcos 5,733 Posted June 10, 2020 Administrators Posted June 10, 2020 According to the exported configuration, you have no performance exclusions set up.
Giovanni 0 Posted June 15, 2020 Author Posted June 15, 2020 hello Marcos sorry, now in the attached file there is the configuration with the exclusions, I also attach a screeshot where it is noted how the real-time scan continues to analyze the excluded network path Thanks doc1.pdf eav_logs.zip
Administrators Marcos 5,733 Posted June 15, 2020 Administrators Posted June 15, 2020 The screen shot in the pdf file is immaterial. You have "\\server\sistemi\profis3" in the detection exclusions which means files in this folder are scanned but no threat is reported even if there is some. Instead of detection exclusions use performance exclusions; exclude "\\server\sistemi\profis3\*". To test if the exclusion works, put the eicar test file to the excluded folder and access it. It should not be detected if the exclusion works.
Recommended Posts