katycomputersystems

Members
  • Content count

    9
  • Joined

  • Last visited

  1. Detected attack against security hole

    The workstation is running Windows 10 Pro version 10.0.16299
  2. Detected attack against security hole

    There was a threat reported against one of our workstations, the event is described as: "Detected attack against security hole" The rule name is: "RDP/Exploit.EsteemAudit" Does eset resolve this by blocking access from the offending IP address (5.101.6.170) ? I am assuming this address tried to access the workstation with an incorrect password, if that's the case and eset blocks access from the evil doer, how many failed login attempts does eset allow before the remote address is blocked, can this parameter be changed in ERA?
  3. CompatTelRunner.exe

    Looks like I sent the community down a deep dark hole, it turns out that CompatTelRunner wasn't the problem. I misread the threats log, the real problem was file:///C:/users/marketing/downloads/utorrent.exe/GenericSetup.exe I apologize for the long delay, I installed ERA6 last week - it has been like drinking water from a very large fire hose. Thank you to everyone that took the time to thoughtfully respond to my post.
  4. CompatTelRunner.exe

    What is everyone doing about C:\Windows\System32\CompatTelRunner.exe ? It shows up on several computers as a potentially unwanted application ("MSIL/WebCompanion.A" & "Win32/SoftonicDownloader.E"), it seems to be an important Windows system file. On my computer, I am unable to delete the file and have not tried removing it from client workstations. Is there a windows update that needs to be run? Do I restore from SFC? Is there another/better solution?
  5. Disable end user alerts

    Thank you!
  6. Disable end user alerts

    Threat alert is the main concern. ESET will identify installer files that are missed by KAV, it also detects chrome plugins with pupware that is missed by KAV These are all good things, but during this roll-out we need to take action on these newly identified items over a few days, it will be difficult to do this if the phone is ringing off the hook. Another concern we have is that we don't want our clients to be desensitized to threat alerts, when they get an alert, we want them to take the alert seriously. If during the roll-out we are forced to say "dont' worry about that alert", many end users will fail to pay attention when it's important that they do so.
  7. Disable end user alerts

    We are replacing Kaspersky with eset endpoint security on several hundred workstations. When we do this there will be hundreds of alerts, we don't want all those calls until after we have had a chance to remediate the issues uncovered by eset. Is there some way to turn off end user alerts in ERA ? We still want the alerts displayed in RAC and sent to our email address. Actually in a perfect world we'd like a policy that says never alert end user during first the first 10 days of installation.