Hardq

@CmdShepard Thanks for the information, I'm waiting for the new update

@Marcos Waiting for a response or some help I really need it okay thanks

@Marcos So if you have everything clear, I think that the information I pass is enough. Also take into account that this takes several hours if in Custom analysis This ticket is actually from the developer, right. (P_ESSW-17800)

@Marcos Okay, it is a minor problem, I understand that there is no estimated time, so this affects the scheduled analyzes on the other hand, although the option of Analyze, your computer is doing well while you verify the personalized analysis, is there an alternative solution for this?

@Marcos Waiting for some news please

So, the duration counter, as well as the object analysis counter, has also been included in its tracking. On the other hand, let me know if you need more information

Dear Eset Staff, I hope someone can help me with this problem and for once understand this problem, waiting for a response, thank you

I ask you to rewiev the video without skipping, watching it its entirety

Dear Marcos, Thank you for your prompt response. While the duration of the scan appears to be increasing correctly, there persists an inconvenient issue. During certain moments of the custom scan, I experience a freeze in the duration clock and analyzed objects. This problem can be quite discomforting and impacts the user experience. I am willing to provide more information or details if necessary for a better understanding of the issue. Any additional guidance you can offer would be greatly appreciated. Thanks again for your assistance.

Hey Marcos From second 00:00 to minute 04:30, I've recorded both scans where the issue occurs. However, from minute 04:35 to minute 07:08, the analysis runs smoothly without any problems. This division provides a clear distinction between the problematic and normal phases of the analysis 2024-02-02 12-12-49.mp4

Hello Marcos, Thank you for your prompt response. I have conducted additional tests by excluding both WMI and the registry from the scan, and the issue persists. The lack of real-time updates to counters and the duration clock continues to be present. I appreciate your ongoing assistance with this matter. If there are any further steps or insights you recommend, please let me know. Best regards

Issue Persisting in Eset Endpoint Security GUI: Request for Development Team Intervention Message: Hello Marcos, I trust this message finds you well. I want to discuss the ongoing challenge related to the lack of updating counters during registry and WMI scanning in Eset Endpoint Security. Reasons for Development Team Involvement: 1. Persistent Nature of the Issue: Despite following recommended steps, the problem persists, suggesting a potential fundamental issue within the software. 2. User Experience Impact: The absence of real-time updates to counters and the duration clock affects the user experience and compromises the software's effectiveness in providing accurate progress information during scans. 3. Possible Systemic Software Glitch: The persistence of the issue, even after excluding registry and WMI scanning, hints at a systemic glitch that may require a detailed analysis by the development team. 4. Call for Comprehensive Resolution: To ensure a thorough resolution and address any underlying software intricacies causing this behavior, involving the development team's expertise is crucial. Proposed Steps: 1. Development Team Analysis: Seeking the development team's involvement for a detailed analysis could unveil coding irregularities or underlying issues contributing to the lack of real-time updates. 2. Software Optimization Potential: Insights from the development team may lead to optimization measures, ensuring a smoother and more accurate display of progress indicators during scans. 3. Enhancing Overall Product Reliability: Addressing and resolving this issue at the development level would significantly contribute to the reliability and effectiveness of Eset Endpoint Security. I believe escalating this matter to the development team is essential for a comprehensive understanding of the issue and effective solutions. Your support in facilitating this escalation would be greatly appreciated. Thank you for your time and consideration. Best regards

Step 1: Computer Analysis 1. Open Eset Endpoint Security and navigate to "Computer Analysis." Select "Scan your computer" on the left side. Note: Up to this point, all elements, including the duration clock and analyzed objects, function correctly. Step 2: Issue Detected in Custom Analysis 2. The problem arises when opting for "Custom Analysis" with the following options: - Smart Analysis - Thorough Analysis Choose the following parameters: 1. Operating memory 2. Start sectors / UEFI 3. WMI database 4. System registry 3. Perform the analysis by selecting all disks. Identified Issue: During this process, it is observed that the duration clock and analyzed objects become paralyzed, adversely affecting the smoothness of the analysis. Steps to Reproduce the Issue: 1. Open Eset Endpoint Security. 2. Navigate to "Computer Analysis" and select "Scan your computer." 3. Choose "Custom Analysis" and select the mentioned options. 4. Initiate the analysis with the option to scan all disks. By following these steps, you can reproduce the problem and observe the interruption of the duration clock and analyzed objects. This report is posted on the forum in the hope of receiving assistance in identifying and resolving this issue. Any collaboration in addressing and solving this problem is appreciated.

Hi Marcos The sample has been sent to eset samples@eset.sk on January 23, on the other hand, it is being explained there, answering your question.

Hi Marcos Thanks for the reply. I uploaded the file to samples@eset.sk on January 23rd. On the other hand, in the email message I warned them that they should use a tool to improve the stability of the download

Dear Administrator Marcos, I have not heard from you. Can you send this file to one of the malware researchers at the Eset lab? I would also like to receive a response from you, please, we appreciate it.

Hello Itman Your comment is useful, if you are grateful, you know how to create the interface. This other alert also appears in Eset. On the other hand, you know how to create the exclusion. Your help would be appreciated

Hello, I trust this message finds you well. I've included the Eset log collector records along with the XML configuration file. This will allow you to replicate the issue if you have Eset Endpoint Security installed on your machine. You can download the Eset Log Collector from the following link: https://www.transfernow.net/dl/20240118JZmeB8z3 The link is valid for 7 days. Please note that the XML file contains specific settings used in our independently installed Eset Endpoint Security product. Feel free to review the configuration to better understand the parameters in use. If you have any questions or require further clarification, please don't hesitate to reach out. EES_CFR_Recomendada.zip

Ah, my apologies for any confusion. I was referring to the internal processes of antivirus companies. They typically have dedicated teams, like Malware Researchers, who handle sample analysis and database updates. This isn't something you pay for directly as a user; it's part of the antivirus service they provide. If you have specific samples you'd like them to analyze, you can reach out to ESET's laboratory at samples@eset.com.

Furthermore, this requires analysis in a virtual machine, both static and dynamic analysis, and deobfuscation of the code. Otherwise, how are they going to identify the threat, given that several days have already passed and it seems that the sample sent to your email was not processed.

As you said, it seems legitimate now. However, on virustotal.com, several suspicious IPs were found, and the rootkit is designed to hide in the operating system. On the other hand, this malware sample needs to be analyzed by a malware researcher, so I posted a message on this forum hoping to get assistance from a malware researcher.

In addition, this malware sample was sent to the Eset laboratory. On another note, it appears to be a rootkit. Since my knowledge is basic, I forwarded it to Eset for their examination and manual analysis.

Thank you for the link, itman. If I'm not mistaken, it would be helpful to have a member of the Eset staff from the Malware Research Team try to download the file and take a look at it for verification. Let's hope that a Malware Researcher from Eset can assist with this situation, as Marcos failed in attempting to download the file, which was too large.

The file size is approximately 22.9 GB. I attempted to download it using Internet Download Manager on the Windows operating system without success. He has recommended using the tool from this link: [Internet Download Manager](https://www.internetdownloadmanager.com/download.html). The suspicious nature of this large file raises concerns, and I believe it is crucial to investigate further. Your help is greatly appreciated. "Right-click on the download link, copy the link address, and then paste it into IDM using the 'Add' button."

Additionally, I've identified some suspicious IP addresses associated with the file. They appear to be linked to recent security concerns and unusual system activities. Please consider these details in the analysis. Thank you