ESET SysInspector Questions
Q1: What is ESET SysInspector?
A1: ESET SysInspector is a free tool designed to collect information about your computer's operating environment.
Q2: Does ESET SysInspector remove malware?
A2: Currently, ESET SysInspector does not have any ability to make any changes to computers. It is "read-only" in that it is designed for analysis, not malware remediation. If you need an anti-malware program, you can download a trial version of our software from here or use the free ESET Online Scanner program.
Q3: What is operating systems does ESET SysInspector support?
A3: ESET SysInspector works with Microsoft Windows 2000 and higher. Both 32-bit (x86) and 64-bit (x64) operating systems are supported. ESET SysInspector has not been tested with earlier versions of Microsoft Windows.
Q4: Does ESET SysInspector require Administrator privileges to run?
A4: While ESET SysInspector does not require Administrator privileges to run, some of the information in collects can only be accessed from an Administrator account. Running it as a Standard User or a Restricted User will result in it collecting less information about your operating environment.
Q5: Does ESET SysInspector create a log file?
A5: ESET SysInspector can create a log file of your computer's configuration. To save one, select File→Save Log from the main menu. Logs are saved in XML or zipped XML format. By default, files are saved to the %USERPROFILE%\My Documents\ directory, with a file naming convention of "SysInpsector-%COMPUTERNAME%-YYMMDD-HHMM.XML" (or .ZIP). You may change the location and name of the log file to something else before saving, if you prefer.
Q6: How do I view the ESET SysInspector log file?
A6: To view a log file created by ESET SysInspector, run the program and select File→Open Log from the main menu. You can also drag and drop log files onto the ESET SysInspector application. If you need to frequently view ESET SysInspector log files, we recommend creating a shortcut to the SYSINSPECTOR.EXE file on your Desktop; you can then drag and drop log files onto it for viewing.
Q7: Is a specification available for the log file format? What about an SDK?
A7: At the current time, neither a specification for the log file or an SDK are available since the program is still in development. After the program has been released, we may provide these based on customer feedback and demand.
Q8: What command-line options does ESET SysInspector support?
A8: The following command line options are currently recognized by ESET SysInspector:
/? or /HELP — displays the list of available command line options
/BLANK — starts ESET SysInspector without creating or loading a log file
/GEN={path specification} — saves an XML log file to the location specified by {path specification}
/PRIVACY — used with /GEN, collects information about system except for personally-identifiable information
/SILENT — surpressed the display of the progress bar during report generation
/ZIP — used with /GEN, saves XML log file in .ZIP archive format
{path specification 1} — loads a previously-saved log file from {path specification 1} into ESET SysInspector
{path specification 2} — if a second log file is listed on the command line, ESET SysInspector compares it against the first log file, {path specification 1}
Additional command line option functionality may be added based on customer feedback and demand.
Q9: How does ESET SysInspector evaluate the risk posed by a particular object?
A9: In most cases, ESET SysInspector assigns risk levels to objects (files, processes, registry keys and so forth) using a series of heuristic rules that examine the characteristics of each object and then weight the potential for malicious activity. Based on these heuristics, objects are assigned a risk level from "1 - Fine (green)" to "9 - Risky (red)." In the left navigation pane, sections are colored based on the highest risk level of an object inside them.
Q10: Does a risk level of "6 - Unknown (red)" mean an object is dangerous?
A10: ESET SysInspector's assessments do not guarantee that an object is malicious—that determination should be made by a security expert. What ESET SysInspector is designed for is to provide a quick assessment for security experts so that they know what objects on a system they may with to further examine for unusual behavior.
Q11: Why does ESET SysInspector connect to the Internet when run?
A11: Like many applications, ESET SysInspector is signed with a digital signature "certificate" to help ensure the software was published ESET and has not been altered. In order to verify the certificate, the operating system contacts a certificate authority to verify the identity of the software publisher. This is normal behavior for all digitally-signed programs under Microsoft Windows.
Q12: Can ESET SysInspector detect files, services and processes which are stealthed (cloaked), such as rootkits?
A12: ESET SysInspector contains a kernel mode anti-stealth driver to detect malicious objects which might be cloaked using various stealth mechanisms, including rootkits. Items which are stealthed show up with a risk level of "9 - Risky (red)" and are colored blue.
General Questions
Q1: How many beta test releases will there be?
A1: ESET does not have a public schedule for when new beta test builds will be released. New beta test builds will be released in response to feedback from bug reports and feature requests as well as to add additional functionality to the software.
Q3: For how long will the beta test program run?
A2: The beta test cycle for ESET SysInspector will run until the program reaches the necessary levels of quality, performance and reliability.
Q3: How do I provide feedback on ESET SysInspector?
A3: To contact ESET in order to report a bug, request a feature or ask a question regarding ESET SysInspector, write a message in the ESET Beta Forum or send email to betasupport@eset.sk. Please keep in mind that ESET may not respond to your report unless additional information is required in order to replicate the problem.
REV.20080412-1234AG
