user209 0 Posted January 26, 2021 Share Posted January 26, 2021 We have had a multitude of detections that are listed as "Unresolved" and shown as "retained". Our understanding is that running a "Scan with cleaning" should delete the files or quarantine them. However, after the scan, the files are still present and repeatedly detected. How can we get ESET to delete all detections, instead of "retaining" over 50% of detections (including trickbot malware embedded doc files)? The organization is using ESET security management center as the interface to control endpoints. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,250 Posted January 26, 2021 Administrators Share Posted January 26, 2021 "Retained" is logged if you run a scan in scan-only mode, ie. without cleaning. Please scan such file directly on a client, e.g. from the right-click menu and see if the malware has been cleaned. Then collect logs with ESET Log Collector and make sure to include on-demand scanner logs. Link to comment Share on other sites More sharing options...
user209 0 Posted January 26, 2021 Author Share Posted January 26, 2021 Yes, as stated in the post, we have ran "scan with cleaning" on multiple occasions and the detection is not removed. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,250 Posted January 26, 2021 Administrators Share Posted January 26, 2021 We'll need to check logs as well as the configuration of Endpoint. Link to comment Share on other sites More sharing options...
user209 0 Posted January 27, 2021 Author Share Posted January 27, 2021 Which logs specifically? Where is the location? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,250 Posted January 27, 2021 Administrators Share Posted January 27, 2021 As per my post above, please provide logs collected with ESET Log Collector for a start. Link to comment Share on other sites More sharing options...
user209 0 Posted February 1, 2021 Author Share Posted February 1, 2021 Is there any way I can securely transfer ESET the zip output of ESET log collector, to avoid leaking information on a public forum? Link to comment Share on other sites More sharing options...
LesRMed 23 Posted February 1, 2021 Share Posted February 1, 2021 23 minutes ago, user209 said: Is there any way I can securely transfer ESET the zip output of ESET log collector, to avoid leaking information on a public forum? Anything you upload here can only be viewed by ESET personnel. Link to comment Share on other sites More sharing options...
Recommended Posts