invisik 0 Posted March 5, 2015 Share Posted March 5, 2015 Hi! Have fileserver 4.5 installed on a 2008 R2 machine. It has some folder exclusions applied, which are present when I go into the ESET program on the server itself... but in the real time protection monitor, the files that are going by at the bottom that it is scanning are files within the excluded folders. Do I need to do something else other then adding folders to the exclusions list for it to work? Does it automatically include all subfolders? Thanks... -m Link to comment Share on other sites More sharing options...
Administrators Marcos 4,931 Posted March 5, 2015 Administrators Share Posted March 5, 2015 If you put eicar test file to that folder, is it detected? The fact that you see them in the statistics doesn't mean they are actually scanned. Link to comment Share on other sites More sharing options...
invisik 0 Posted March 5, 2015 Author Share Posted March 5, 2015 FYI Just tested copying some files around in an excluded folder on an ESET Endpoint Antivirus 5.0 client and the files do not appear in the statistics. I'll test on the server shortly. I would be surprised if ESET is monitoring accesses to files in excluded folders as that is the point of excluding folders (beyond not getting false detections) -m Link to comment Share on other sites More sharing options...
drenaud 0 Posted March 5, 2015 Share Posted March 5, 2015 Good day, I am having the same issue as well on multiple servers. I have global exclusions of C:\*.dmp, D:\*.dmp, etc... When viewing the Real-time file system protection Statistics it will show files with this extension after the "Scanned object:” being scanned. When looking at the client I see the policy has applied and can see the exceptions listed, I also have DMP added to the Real-Time file system protection->ThreatSense Engine->Extension->Files with the extensions listed below will not be scanned for threats. Product: ESET File Security for Microsoft server v 4.5.12017.0 OS: Windows Server 2008 R2 w/ SP1 and latest patches v6.1.7601.17514 Regards, Dale Renaud Link to comment Share on other sites More sharing options...
invisik 0 Posted March 5, 2015 Author Share Posted March 5, 2015 Hi.... Ok, I tested and it is working properly. I think there was a little lag in the policy being applied to the computer. Thanks... sorry. for the false alarm! -m Link to comment Share on other sites More sharing options...
drenaud 0 Posted March 5, 2015 Share Posted March 5, 2015 Hello I have the same issue in regards to it showing that the object I am excluding C:\*.log and D:\*.log is being scanned, the odd thing in the testing I found is that it will scan the test.log files on the c:\ drive but not the d:\ drive. it's as though it is not applying to the C:\ drive. I removed the exception and added it back in manually and still no luck. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,931 Posted March 5, 2015 Administrators Share Posted March 5, 2015 Hello I have the same issue in regards to it showing that the object I am excluding C:\*.log and D:\*.log is being scanned, the odd thing in the testing I found is that it will scan the test.log files on the c:\ drive but not the d:\ drive. it's as though it is not applying to the C:\ drive. I removed the exception and added it back in manually and still no luck. And did you test exclusions by copying the eicar test file to an excluded folder? The only way how to test exclusions is by attempting to trigger a detection which is the purpose of eicar. Also remember that each exclusions aggravates overall protection capabilities. If malware makes it to a folder excluded from scanning, it won't be detected and blocked even if it would be otherwise. Link to comment Share on other sites More sharing options...
Recommended Posts