peterm 0 Posted August 20, 2021 Share Posted August 20, 2021 I use windows remote desktop to connect from home. I have been using it for a year or two. NO issues, I used it last night and when I came to work today there is a message popping up occasionally which says " this compuer is being ctorlled by a remote application... " I know my computer at home is switched off so its not that computer. What is going on here, this seems like a serious concern. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,238 Posted August 20, 2021 Administrators Share Posted August 20, 2021 This happens when you are running a secure browser and an RDP session is detected. Please open a support ticket for further investigation if you think that this cannot be the case. Link to comment Share on other sites More sharing options...
peterm 0 Posted August 20, 2021 Author Share Posted August 20, 2021 how do i open a support ticket? Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 396 Posted August 20, 2021 Most Valued Members Share Posted August 20, 2021 2 hours ago, peterm said: how do i open a support ticket? Have you recently updates Eset or started using the secure browser feature? By design, the secure browser will warn you if it detects remote access in case it wasn't you using it and the user is in fact infected. However this doesn't seem the case as you have mentioned you are using remote access. For example if I use TeamViewer I get the warning, possibly also when connecting from the computer with Eset to another computer. Link to comment Share on other sites More sharing options...
itman 1,743 Posted August 20, 2021 Share Posted August 20, 2021 Since this is a work computer displaying this alert, open Eset Network Connections monitoring tool in the Eset GUI. Open each svchost.exe instance till you find one using remote port 3389. If the remote IP address/s shown do not reflect your work LAN IP address range, this RDP connection is originating from a source external local network. In any case, your work system/network admin should be able to shed some light on this activity. Link to comment Share on other sites More sharing options...
Recommended Posts