Tzatz 0 Posted November 29, 2021 Share Posted November 29, 2021 (edited) I never know when a detection is made and cleaned, therefore I can never take the time to assess when or where an infection originated, which is harmful to security. The only option I see is "always ask end user". I would rather it immediately nullify the threat, because I don't want to wait for the damage to be done, but notify me upon cleaning, while offering to undo the remedy. Is there any way to accomplish this most basic functionality with eset? Edited November 29, 2021 by Tzatz Link to comment Share on other sites More sharing options...
Tzatz 0 Posted November 30, 2021 Author Share Posted November 30, 2021 (edited) Does ESET "always ask end user" prevent malware from executing? and is it invincible to novel unforeseen zero-day breakthrough? Edited November 30, 2021 by Tzatz Link to comment Share on other sites More sharing options...
Administrators Marcos 5,090 Posted November 30, 2021 Administrators Share Posted November 30, 2021 If a threat is detected upon accessing a malicious file, the file is always blocked and execution is prevented no matter if an action is performed automatically or if no action is chosen by the user. Link to comment Share on other sites More sharing options...
Tzatz 0 Posted November 30, 2021 Author Share Posted November 30, 2021 1 hour ago, Marcos said: If a threat is detected upon accessing a malicious file, the file is always blocked and execution is prevented no matter if an action is performed automatically or if no action is chosen by the user. Well, that is good to know. It would be nice to see an option to auto-clean, then provide a user an option to undo the remedy, that option is available in the vast majority of anti-virus software. Link to comment Share on other sites More sharing options...
LesRMed 23 Posted November 30, 2021 Share Posted November 30, 2021 19 hours ago, Tzatz said: then provide a user an option to undo the remedy Why would you want to do that? An admin maybe, but personally, I wouldn't want an end-user undoing it. To me, that's a huge security breach. mallard65 1 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,090 Posted November 30, 2021 Administrators Share Posted November 30, 2021 An admin can restore files from quarantine and create exclusions remotely from the ESET PROTECT console. Link to comment Share on other sites More sharing options...
Tzatz 0 Posted December 1, 2021 Author Share Posted December 1, 2021 (edited) Same reason microsoft windows defender does it by default. Having that option to chose would take one extra step out of the process for users like myself who would utilize this feature. Edited December 1, 2021 by Tzatz Link to comment Share on other sites More sharing options...
itman 1,668 Posted December 1, 2021 Share Posted December 1, 2021 On 11/29/2021 at 9:34 PM, Tzatz said: Well, that is good to know. It would be nice to see an option to auto-clean, then provide a user an option to undo the remedy, that option is available in the vast majority of anti-virus software. You can restore anything that has been quarantined. Your restore options vary based on the threat detected. The below screen shot shows an Eset suspicious detection which allows for restore to original directory. mallard65 1 Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted December 1, 2021 Most Valued Members Share Posted December 1, 2021 This reminds me of the fact you can't select always ignore as an option at the end of a virus scan. Instead you have to go into exceptions Link to comment Share on other sites More sharing options...
Tzatz 0 Posted December 2, 2021 Author Share Posted December 2, 2021 11 hours ago, peteyt said: This reminds me of the fact you can't select always ignore as an option at the end of a virus scan. Instead you have to go into exceptions Yes that would be another basic and fundamental feature that would improve ESET products greatly. Link to comment Share on other sites More sharing options...
Tzatz 0 Posted December 2, 2021 Author Share Posted December 2, 2021 (edited) 13 hours ago, itman said: You can restore anything that has been quarantined. Your restore options vary based on the threat detected. The below screen shot shows an Eset suspicious detection which allows for restore to original directory. Note how "restore and exclude from scanning" is grayed out? why debase the software? One has to enter tools, then "more tools", then quarantine, etc... and the "restore and exclude from scanning" option is grayed out, forcing users to restore every time, or to manually add an exception. What I suggest is a simple option, for a popup upon cleaning, to restore, and exclude from scanning would make ESET pass the baseline of security feature standards. Edited December 2, 2021 by Tzatz Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted December 2, 2021 Most Valued Members Share Posted December 2, 2021 7 hours ago, Tzatz said: Yes that would be another basic and fundamental feature that would improve ESET products greatly. I belive it is done to avoid someone accidently telling it to ignore malware for good. I have suggested having it be an option that would need to be enabled and is disabled by default, which might stop this happening Link to comment Share on other sites More sharing options...
itman 1,668 Posted December 2, 2021 Share Posted December 2, 2021 (edited) 10 hours ago, Tzatz said: Note how "restore and exclude from scanning" is grayed out? why debase the software? Only available for PUA detections: Quote Restoring from the Quarantine Quarantined files can also be restored to their original location: •Use the Restore feature for this purpose, which is available from the context menu by right-clicking a given file in the Quarantine. •If a file is marked as a potentially unwanted application, the Restore and exclude from scanning option is enabled. See also Exclusions. Edited December 2, 2021 by itman mallard65 1 Link to comment Share on other sites More sharing options...
Recommended Posts