Jump to content


  • Content Count

  • Joined

  • Last visited

Profile Information

  • Location
  1. Hello there! I'm wondering if ESET Online Scanner uses only signatures/patterns or applies other methods of detection like heuristics, sandbox, sends file's data to cloud, etc. Unfortunately brief surfing internet for answers were not fruitful.
  2. Thanks for such succinct response. Can you maybe share any insights on how this driver is used? Does this error mean that none of rootkit are detected by ESET Online Scanner&
  3. Thanks! Does it make sense to copy file ehdrv.sys to C:\Windows\System32\Drivers and keep it there? Will this work?
  4. Yes indeed! Mind if I start with their XML representation? They should contain all the details. <Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" /> <EventID Qualifiers="16384">7045</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x8080000000000000</Keywords> <
  5. More details. I have disabled everything in Windows Defender: Real-time protection Tamper Protection Memory integrity And still the same errors are reported to Windows Event System Log. The file ehdrv.sys exists indeed in the mentioned folder and is readable as normal user. SHA1: 8C244899A2082C28B24E7B0DA41904B8663B5A8B Logs in AppData\Local\Temp\log.txt don't show problems either.
  6. Hello! I've seen several topics regarding this error in Windows Event System Log but none of them provided definite solution what has to be done to eliminate these errors. So I thought about starting new one. This message about ehdrv.sys appears in the logs every time I run ESET Online Scanner. Similarily, if I don't run ESET Online Scanner, I never observe these records in the System log. Seems like this error doesn't directly affect ability to scan local disk and the tool even finds some undesired software. Still the fact that it's been reported for quite a while and I'm not t
  • Create New...