Jump to content

Is it just me or does scanning/cleaning really not do a good job anymore?


Go to solution Solved by Marcos,

Recommended Posts

Posted

I've been pushing out on-demand scans with cleaning to my users. Everything is completely under control with component upgrades of Server, Web Console, Agent, etc. But I feel like the performance of the scans just are not doing as well of a job as version 5.

 

I'll have some computers report back to me with 75+ threats on their computers, but ESET is only telling me that about 20 were cleaned by deleting. I check into quarantine to see if there's more and, depending on the clients or what was found, maybe I'll see a handful more threats in quarantine. But that still leaves an additional 35+ threats that were not taken care of. ESET will now report there are unhandled active threats, but when I push out a follow up scan with cleaning, the scan reports back clean and the active threats notification still remain. Now I have SVP of Operations telling me I need to get these under control, but I really don't know what to tell her.

 

I've mentioned it in other threads saying that the Threats need to be more verbose other than just saying PUA (Win32/Bundled.Toolbar.Ask.E). It would be a lot more helpful if we were given the path to the problematic file, (like the quarantine does!!). Is anyone else experiencing the same scenarios as me? I was hoping this was going to be fixed in the update, but I guess not. Maybe we can push this for the next update?

Posted

I tend to live in the "computers" screen, and I, too, find it frustrating that it just says "alert found". You need to go to the Reports screen tos ee the path, but then you've lost what the computer was etc. Making the red "alert" message clickable to give a secondary-level screen, just like the "windows security centre" alert can be clicked to see if it's update/firewall etc, would make diagnostics much quicker.

Posted

I want to bump this up back to the top again. This is getting really annoying. I pushed out scans with cleaning to about 55 computers on Friday night. I come in this morning and the scans picked up a combined total of 451 threats on problematic computers, GREAT!

 

But only 18 of them were cleaned/deleted... Now I have an unknown amount of infected computers with an unknown amount of infections on them and with no idea where to look on the computers. Is there something I'm missing? This is an anti-virus security program. I don't even know if these are real threats or just false positives. The scans and cleanings are failing to do what I need them to do, so why would I want to continue to use this product and recommend it other potential customers?

 

Because of this, I want to roll back to ERA 5. Which is a shame, because I am really warming up to ERA 6 and its functionality.

  • Administrators
  • Solution
Posted

If the not cleaned "threats" were potentially unwanted or unsafe applications (PUA), the user is asked for an action unless the cleaning mode is set to strict cleaning. Couldn't this be the difference between v5 and v6 that either no PUA was detected before or you had cleaning mode set to strict cleaning and now it's set to standard cleaning?

Posted

You are right. I checked my policies and found that they are set to standard cleaning. That would explain why trojans and viruses are deleted and PUAs remain. Thanks for clarifying the issue. Sorry for the strong post, I just thought things were not functioning like others.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...