Aias 0 Posted February 27, 2022 Share Posted February 27, 2022 1. Laptop running on Win 8.1 OS and PC running on Win 10 OS. 2. ESET Internet Security 15.0.23.0 installed in both devices. 3. I perform full system custom scan with ESET as follows: - Advanced Scans>Custom Scan - Scan Profile: In-depth Scan - Scan without cleaning: I tried it both (i.e. with this option "Selected" and "Unselected") 4. In all cases, upon Scan completion I get the message: " Custom Scan completed - Detections Occurred" but I get no option how to treat the detected files (i.e. Clean, Delete, No action etc). I would really appreciated it if you could provide any kind of help. Thanks. John. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,298 Posted February 28, 2022 Administrators Share Posted February 28, 2022 Normally detected threats are cleaned unless you select to run the scan without cleaning. In case a threat cannot be cleaned automatically (e.g. it was found in an archive with other clean files), you should get a window with action selection at the end of the scan: Link to comment Share on other sites More sharing options...
Aias 0 Posted February 28, 2022 Author Share Posted February 28, 2022 1. Marcos, thank you for your answer. 2. As I mentioned in my first post, I tried Custom Scanning both ways; with the box option "Scan without cleaning" ticked and then unticked. That is, I tried to scan without and with cleaning, correspondingly. 3. In all cases, upon Scan completion I got the message: "Custom Scan completed - Detections Occurred: X (Cleaned: 0)" where X stands for the number of detections occurred. I got no Window with action selection at the end of the scan. Any other idea? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,298 Posted February 28, 2022 Administrators Share Posted February 28, 2022 With protection temporarily paused, please save the eicar test file to a new folder and then scan it. Is the file cleaned automatically? Link to comment Share on other sites More sharing options...
Aias 0 Posted February 28, 2022 Author Share Posted February 28, 2022 1. Marcos, thank you for your new suggestion. 2. I performed the EICAR test as advised. 3. The EICAR file was indeed cleaned automatically as follows: a. Context Menu Scan: Right click on the folder > "Scan with ESET Internet Security" b. Result: the folder was scanned and the file was cleaned. 4. Moreover, I ran the test again as follows: TEST 1 a. Advanced Scans > Custom Scan b. Scan Profile: In-depth Scan c. Scan without Cleaning > Ticked d. Result: "Scan Completed Detection Occurred: 1 (Cleaned: 0)" TEST 2 a. Advanced Scans > Custom Scan b. Scan Profile: In-depth Scan c. Scan without Cleaning > Unticked d. Result: " Scan Completed Detection Occurred: 1 (Cleaned: All)" Please further advise. Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 396 Posted February 28, 2022 Most Valued Members Share Posted February 28, 2022 Can you see what was scanned and missed in the logs? If so maybe try and scan them manually to see if the same behaviour occurs Link to comment Share on other sites More sharing options...
Administrators Marcos 5,298 Posted March 1, 2022 Administrators Share Posted March 1, 2022 Please repeat the test but now compress eicar.com along with another clean file and then scan the folder with the archive. A window with action selection should appear at the end of the scan. Link to comment Share on other sites More sharing options...
Aias 0 Posted March 1, 2022 Author Share Posted March 1, 2022 3 hours ago, Marcos said: Please repeat the test but now compress eicar.com along with another clean file and then scan the folder with the archive. A window with action selection should appear at the end of the scan. 1. Marcos, thank you for you reply. 2. I performed the Compressed EICAR test as advised: I compressed the EICAR.com file along with another clean file, I put the compressed archive in a folder and scanned the folder. 3. The folder was scanned as follows: a. Context Menu Scan: Right click on the folder > "Scan with ESET Internet Security" b. Result: the folder was scanned and a window with action selection ("No action" / "Delete") appeared at the end of the scan. When "delete" was selected the compressed archive was indeed deleted (all compressed files were deleted, both EICAR file and the clean file). 4. Moreover, I ran the test again as follows: TEST 1 a. Advanced Scans > Custom Scan b. Scan Profile: In-depth Scan c. Scan without Cleaning > Ticked d. Result: "Scan Completed Detection Occurred: 1 (Cleaned: 0)" No window with action selection appeared at the end of the scan. TEST 2 a. Advanced Scans > Custom Scan b. Scan Profile: In-depth Scan c. Scan without Cleaning > Unticked d. Result: the folder was scanned and a window with action selection ("No action" / "Delete") appeared at the end of the scan. When "delete" was selected the compressed archive was indeed deleted (all compressed files were deleted, both EICAR file and the clean file). Please further advise. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,298 Posted March 1, 2022 Administrators Share Posted March 1, 2022 The results of tests are ok and expected and even the window with action selection appears alright. It doesn't make sense why running a scan with cleaning doesn't clean found threats when you run a full disk scan. Could you confirm that you use the default "Always remedy detection" cleaning mode for all on-demand scan profiles? Link to comment Share on other sites More sharing options...
Aias 0 Posted March 1, 2022 Author Share Posted March 1, 2022 13 hours ago, peteyt said: Can you see what was scanned and missed in the logs? If so maybe try and scan them manually to see if the same behaviour occurs 1. Peteyt, thank you for your reply. 2. I examined the logs and tried to manually treat some of the detected files. 3. Result: ESET Internet Security now worked as it should be: a. A window with action selection ("Clean" / "Delete" / "No action") appeared at the end of the scan. b. When one of these actions was selected the file was treated accordingly. 4. Of course, this is a last resort solution. ESET Internet Security should provide automated solutions and not manual ones... Link to comment Share on other sites More sharing options...
Administrators Marcos 5,298 Posted March 1, 2022 Administrators Share Posted March 1, 2022 By default ESET cleans threats automatically. Only in case that cleaning is not possible (e.g. an archive contains also other clean files) you are prompted for an action. As I wrote, it is not clear why threats were not cleaned automatically when you scanned the whole disks but it worked when scanning only a specific folder or file. Link to comment Share on other sites More sharing options...
Aias 0 Posted March 1, 2022 Author Share Posted March 1, 2022 12 minutes ago, Marcos said: The results of tests are ok and expected and even the window with action selection appears alright. It doesn't make sense why running a scan with cleaning doesn't clean found threats when you run a full disk scan. Could you confirm that you use the default "Always remedy detection" cleaning mode for all on-demand scan profiles? 1. Marcos, thank you for your reply. 2. Cleaning mode is set to "Always ask the end-user" because this is how I want threats to be treated. As ESET Internet security says about this mode: "...If a threat is detected an alert window with the list of available actions will be displayed" . The problem I'm facing is that there is no window with a list of available actions appearing at the end of a full system scan. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,298 Posted March 1, 2022 Administrators Share Posted March 1, 2022 You can provide logs collected with ESET Log Collector and I will import your configuration for a test. Link to comment Share on other sites More sharing options...
Recommended Posts