Suddenly, multiple File 'Sysinspector_[Numbers].mdmp' was sent to ESET Virus Lab' Entries...

Tetranitrocubane · May 25

I was doing some various troubleshooting on my computer this afternoon, when something odd started happening.

At a certain point, I ran Sysinspector to ensure that nothing untoward was happening on the system. Two and a half hours later, the ESET event log showed that ESET started to upload Sysinspector files to the ESET Virus lab, and continued doing so every few hours. I cannot locate these files that ESET is uploading.

The ESET log shows that ESET never uploaded anything to the Virus Lab before today, so this has me very worried.

If these files are suspicious, why didn't ESET alert me to them? Why didn't ESET even verify or notify me that it was uploading these files?
Why is ESET suspicious of files generated by a part of its own software?
Why does ESET continue to find more and more of the .mdmp files, even though I've only collect two Sysinspector snapshots?
Where ARE these .mdmp files located on the system? I cannot find them anywhere, even with a powershell driven command line search.

Overall, is this expected and normal behavior? Or an indication something is wrong? If something is wrong, why is ESET silently doing this without sending me notice?

Thanks tremendously. I admit I'm out of my depth on this one.

Edited May 25 by Tetranitrocubane
Clarification in a sentence

Marcos · May 25

Those mdmp are minidumps from a crash. It appears that SysInspector was crashing on your machine for some reason. Have you recently tried to launch it several times and each time a minidump was generated?

Please provide logs collected with ESET Log Collector from the machine.

itman · May 25

9 hours ago, Tetranitrocubane said:

Overall, is this expected and normal behavior? Or an indication something is wrong? If something is wrong, why is ESET silently doing this without sending me notice?

If you do not desire Eset statistical and performance date to be submitted to Eset servers, disable the two settings shown in the below screen shot:

Tetranitrocubane · May 25

7 hours ago, Marcos said:

Those mdmp are minidumps from a crash. It appears that SysInspector was crashing on your machine for some reason. Have you recently tried to launch it several times and each time a minidump was generated?

Please provide logs collected with ESET Log Collector from the machine.

No, as a matter of fact, at the times when theses minidumps were uploaded, I was not trying to run Sysinspector at all. This smells fishy.

I have generated the requested logs. Is it safe to upload them here? I am unsure if the logs contain sensitive system information that should not be public.

Tetranitrocubane · May 25

2 minutes ago, itman said:

If you do not desire Eset statistical and performance date to be submitted to Eset servers, disable the two settings shown in the below screen shot:

I have no issue with the samples being submitted - I just would like ESET to alert me when it sees malware activity so I know a system is potentially compromised.

itman · May 25

1 minute ago, Tetranitrocubane said:

I have generated the requested logs. Is it safe to upload them here? I am unsure if the logs contain sensitive system information that should not be public.

Only Eset moderators can access forum posted attachments.

Tetranitrocubane · May 25

7 minutes ago, itman said:

Only Eset moderators can access forum posted attachments.

Great! Thank you for the reassurance, itman.

I have uploaded the logs as requested.

eav_logs_2.zip

Tetranitrocubane · May 26

On 5/25/2023 at 6:26 AM, Tetranitrocubane said:

Great! Thank you for the reassurance, itman.

I have uploaded the logs as requested.

eav_logs_2.zip 57.5 MB · 0 downloads

Not to be rude, but is any further information required? I am trying to avoid using the impacted machine until there's word on these logs. Thanks much!

Marcos · May 26

A ticket has been created for developers, we'll keep you posted. However, it's just a dump from a SysInspector crash so if you don't experience any issues with it, it's not a problem.

P_ESSW-16604

Tetranitrocubane · May 26

12 minutes ago, Marcos said:

A ticket has been created for developers, we'll keep you posted. However, it's just a dump from a SysInspector crash so if you don't experience any issues with it, it's not a problem.

P_ESSW-16604

Thanks tremendously, Marcos! I'll stand by, and in the meantime, proceed as normal.

Very much appreciate your help!

Marcos · Wednesday at 09:17 AM

A fix for the crash will be included in v16.2 and newer once available.

Tetranitrocubane · 2023-06-02T00:30:04Z

On 5/31/2023 at 2:17 AM, Marcos said:

A fix for the crash will be included in v16.2 and newer once available.

Much appreciated! I still don't understand how Sysinspector could crash when I wasn't running it, but this seems like an issue that will be resolved with the next version update. Thank you much.

Sign In

Suddenly, multiple File 'Sysinspector_[Numbers].mdmp' was sent to ESET Virus Lab' Entries...

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Recently Browsing 0 members

Quick search

FAQ

Topics