Raymond 0 Posted September 17, 2015 Share Posted September 17, 2015 (edited) Hi, we recently deployed ESET 6. Our ERA server is running 6.2, but clients are still on 6.1. One of the PCs we deployed to had a few thousand threats found (multiple files belonging to the same dodgy software). We cleaned it up and ran another full scan which reported it as clean. However, the PC is still showing as having thousands of unresolved threats in ERA. I don't want to have to mark them as resolved one by one. How can i force the client to tell ERA that it no longer has any threats? We have a number of PCs in the same situation. Edited September 17, 2015 by Raymond Link to comment Share on other sites More sharing options...
Administrators Marcos 4,715 Posted September 17, 2015 Administrators Share Posted September 17, 2015 It's not clear how you performed the cleaning. The scan (with cleaning) must be run from ERA and the In-depth scan profile must be used. Of course, all found threats must be cleaned for the threats to become resolved in the ERA console. Link to comment Share on other sites More sharing options...
Raymond 0 Posted September 17, 2015 Author Share Posted September 17, 2015 Thanks for the reply Marcos. For the PC with thousands of threats, I kicked off the scan manually on the PC after removing some dodgy software and deleting some old user profiles. Should i kick off another full scan (in depth, with cleaning) from the ERA console against that PC to get it to update its status in ERA to zero unresolved threats? Link to comment Share on other sites More sharing options...
Raymond 0 Posted September 18, 2015 Author Share Posted September 18, 2015 The in-depth scan with cleaning that i kicked off from ERA completed successfully. However the unresolved threats have not cleared. If I look at the threats and look at the Occurred column, none of them are from yesterday so it seems the old threats are not being removed. How can i remove them? I can't click through 4000+ of them to remove them. Also is there any way to see the results of a full scan from the ERA console? I can see that the scan was successful but I can't see where to check if any new threats were found. Link to comment Share on other sites More sharing options...
Raymond 0 Posted October 1, 2015 Author Share Posted October 1, 2015 Bump... Link to comment Share on other sites More sharing options...
Administrators Marcos 4,715 Posted October 1, 2015 Administrators Share Posted October 1, 2015 Please open a standard support ticket as this will need to be looked at by ERA developers. What you could try beforehand is running an in-depth scan again but now with cleaning level set to strict cleaning so that potentially unwanted applications are removed without asking for an action at the end of the scan. Link to comment Share on other sites More sharing options...
Raymond 0 Posted October 1, 2015 Author Share Posted October 1, 2015 No problem, will do, thanks. Link to comment Share on other sites More sharing options...
j-gray 31 Posted October 14, 2015 Share Posted October 14, 2015 Any further information on this? I'm experiencing the exact same thing with several systems. I've manually deleted the detected items (found in a user's IE cache), re-run the scan with in-depth scan with cleaning enabled. Scan has completed successfully multiple times, nothing detected in the last few days. However, system still shows with over 100 Active Threats. Link to comment Share on other sites More sharing options...
Raymond 0 Posted October 14, 2015 Author Share Posted October 14, 2015 Hi j-gray, no progress i'm afraid. I've had my hands full and haven't had a chance to log a support call with ESET for this. Link to comment Share on other sites More sharing options...
avielc 48 Posted March 24, 2016 Share Posted March 24, 2016 anything new regarding this @Raymond? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,715 Posted March 29, 2016 Administrators Share Posted March 29, 2016 To put it right - running an in-depth scan with strict cleaning from the ERA console will clear active threats, ie. such computers will lose membership in the Active threats dynamic group. However, marking threats as resolved is a manual process - open the Threats pane, use a filter to show computers with unresolved threats, mark them all and click "Mark as resolved". My understanding is that if threats were resolved automatically, it would be more difficult for an administrator to notice that a threat was detected on particular computers. Link to comment Share on other sites More sharing options...
avielc 48 Posted March 29, 2016 Share Posted March 29, 2016 @Marcos, not sure i follow, for the sake of a proper example, i have\had a computer with a "potentionally unsafe program" on the computer, the item was deleted a long time before i noticed the threat (which has remained active and in an alarming "Red" status. I ran the in-depth with cleaning scan option from ERA which i confirmed to be running on the machine. even though it finished the run, the threats didn't get resolve dautomatically, I had to resolve it myself, and yet they remain in the threat window. (which doesn't help, as the list now hold over 3k of alerts. is there any way to remove these old threats? Regards. Aviel Link to comment Share on other sites More sharing options...
Recommended Posts