Jump to content

custom in-depth scan didn't show action window after finishing the scan


Recommended Posts

  • Most Valued Members

i connected my external hdd on my pc and started an in-depth scan of both my pc and the external drive plus all other options like registry, wmi etc.
on my external, there are a couple crack tools/generators that i know are safe and they are recognized as PUA. after the scan finished, the program didn't show the action dialog (keep, ignore, delete).
it's the first time i noticed that. to further test it, i did another scan selecting only the folders with the executables in question, once it was done the dialog appeared.

could it be a one time occurrence? there are no files in the exclusion list.
i have gathered full logs in case someone wants to take a look, since the file is 1.2GB i uploaded it to onedrive and the link is available to eset staff upon request.

Link to comment
Share on other sites

I restored from Eset quarantine to a USB drive, a previously detected eicar file. Performed an Eset on-demand "removable media" scan and had no issues. Try the removable scan option.

Eset_Media.thumb.png.e2a2ecdbe0c0fa78e9ee7e2b75c78c33.png

Edited by itman
Link to comment
Share on other sites

  • Most Valued Members

the dialog was shown in the removable media option.
if i didn't make it clear before, the dialog never appeared when i selected advanced scans  > custom > select this pc > and from the settings top right gear > scan profiles > in-depth

Link to comment
Share on other sites

1 hour ago, shocked said:

if i didn't make it clear before, the dialog never appeared when i selected advanced scans 

OK .......

This time I restored the AMTSO PUA test file from Eset Quarantine. I then did an on-demand scan of the USB drive. No problem here:

Eset_Scan.thumb.png.f84f9b7ecc39f418fbcdf9807cae24f8.png

Link to comment
Share on other sites

  • Most Valued Members

what can i say, it was the first time ever that this happened. perhaps the program glitched and it didn't show it. i still have the logs however

Link to comment
Share on other sites

1 minute ago, shocked said:

what can i say, it was the first time ever that this happened. perhaps the program glitched and it didn't show it. i still have the logs however

I didn't do an in-depth scan but used the default Smart scan profile. Try a one like this and see if you get the same result I did. There might be a bug with the in-depth scan on removable media but believe that unlikely.

Link to comment
Share on other sites

2 hours ago, shocked said:

i did another scan selecting only the folders with the executables in question, once it was done the dialog appeared.

Also the drive I scanned only had files on it but no directories; excluding the root directory of course. So again, there may be a bug with in-depth scanning period. I haven't run one in ages.

Link to comment
Share on other sites

  • Most Valued Members

smart scan and the right click context option from the Windows Explorer both work as indented

Link to comment
Share on other sites

This morning, I duplicated your in-depth scan;

1. Created a folder on the USB drive.

2. Restored from quarantine AMTSO PUA test file to this folder.

3. Ran in-depth scan.

Eset detected the PUA, but auto cleaned it.

Eset_Scan.png.d9e5684ca711e571775211310e7620b8.png

What I believe is happening here is Eset is using ThreatSense cleaning settings that are established for the default real-time Smart scan profile. Those are "Remedy if safe, otherwise ask user." Note that by default, Eset off-line scans will use Threatsense real-time scan settings.

Appears the only option in your case would be to enable "Scan without cleaning" option for an on-demand in-depth scan:

Eset_Scan_Option.png.5bd2ff70d1913262a9ff69720b301bb5.png

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...