Jump to content

ESET Server security 10.x not reacting to eicar test fila with the latest module updates

Recommended Posts



whit the current definition version eset server security 10.0.12014.0 is not reacting to eicar test file.

it was working yesterday with the same program build, only changes are module updates.

v9 still detecting eicar test file.

Link to comment
Share on other sites

  • Administrators

Please provide logs collected with ESET Log Collector as well as a Procmon log from a test with eicar.

I assume that we are talking about the eicar test file which meets its definition (https://www.eicar.org/download-anti-malware-testfile/ )

It consists entirely of printable ASCII characters, so that it can easily be created with a regular text editor. Any anti-virus product that supports the EICAR test file should detect it in any file providing that the file starts with the following 68 characters, and is exactly 68 bytes long:


The first 68 characters is the known string. It may be optionally appended by any combination of whitespace characters with the total file length not exceeding 128 characters. The only whitespace characters allowed are the space character, tab, LF, CR, CTRL-Z. To keep things simple the file uses only upper case letters, digits and punctuation marks, and does not include spaces.

Link to comment
Share on other sites

hi, yes we generate the test file with a script and write it to a folder on c:.

test was triggered for devices with 9.x but not with 10.x

was working for 10.x yesterday

Link to comment
Share on other sites

  • Administrators

ESET Server Security was installed without Web access protection, ie. it won't detect eicar nor other potential malware upon download.

Also you have a bunch of dangerous process exclusions created. I'd recommend removing exclusions and using them with care as a last resort to solve issues:

In performance exclusions you have a bunch of drivers, I assume there were no performance issues loading these:


HIPS - Exploit Blocker is disabled. Did you experience any issues when enabled?


Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...