Jump to content

Sharman

Members
  • Content Count

    2
  • Joined

  • Last visited

Everything posted by Sharman

  1. Thanks for the response @Marcos, I will white list these IP addresses. @peteyt, the "blocked as unsafe" message is from the app I am evaluating "Blackfog". The IP range has been marked as suspicious because of some of the settings (Geo-fencing) within the application. I'm just trying to be as thorough as possible. I asked that question to Blackfog support - they sent me the links below: - These are the weird IP's that ekm.exe tries to connect to. They are Eset servers, but why do AV's mark them "malicious" ? 91.228.166.xx ( various last digits) https://hybrid
  2. Hi I am currently investigating / evaluating a product for a new client of mine. We are currently managing and checking all outgoing connections from all types of software running on their network. I want to know what the ekrn.exe process is doing when it connects to the following IP addresses. One of the machines on the network is connecting to the following IP addresses on a daily basis. Eset IP Address investigation: - Unsafe connection to 91.228.167.87 (91.228.167.87). Blocking. Process -> ekrn.exe Port -> 80 PID -> 2392 Unsafe connection to 91.228.167.137
×
×
  • Create New...