Jump to content
b.trash

Weird "Treats have been detected" Events

Recommended Posts

Hello Guys!

 

I receive some notifications but in fact i dont see anything happen.

 

Here is the content in the mail:

Event Threats have been detected happened on computer xxx in the domain yyy on Montag, 26. März 2012 03:27:30 (GMT+01:00) Detected

 

I dont see any events on local computer.

But I see critical events on AdminKit

 

Event name Threats have been detected

Severity: Critical event

Application: Kaspersky Endpoint Security 8 for Windows

Version number: 8.1.0.646

Task name: Protection

Computer: xxx

Group: admin

Time: Montag, 26. März 2012 03:27:30

Name of virtual Server:

Description: Detected

 

 

The event happens regularly every 6h with some randomization.

Thats the same interval than the scheduled update task.

But the Update doesnt log any errors.

 

AdminKit Version : KSC 9.0.2786

KAV Version : ES 8.1.0.646

 

 

 

 

 

 

 

Share this post


Link to post
Hello Guys!

 

I receive some notifications but in fact i dont see anything happen.

 

Here is the content in the mail:

Event Threats have been detected happened on computer xxx in the domain yyy on Montag, 26. März 2012 03:27:30 (GMT+01:00) Detected

 

I dont see any events on local computer.

But I see critical events on AdminKit

 

Event name Threats have been detected

Severity: Critical event

Application: Kaspersky Endpoint Security 8 for Windows

Version number: 8.1.0.646

Task name: Protection

Computer: xxx

Group: admin

Time: Montag, 26. März 2012 03:27:30

Name of virtual Server:

Description: Detected

The event happens regularly every 6h with some randomization.

Thats the same interval than the scheduled update task.

But the Update doesnt log any errors.

 

AdminKit Version : KSC 9.0.2786

KAV Version : ES 8.1.0.646

 

I've had this problem too.

I think it happens when KES re-checks quarantined objects when an update is applied.

To solve it, just remove the objects from the quarantine, and you should be fine.

 

This notification should be more explicit though.

 

Share this post


Link to post
I've had this problem too.

I think it happens when KES re-checks quarantined objects when an update is applied.

To solve it, just remove the objects from the quarantine, and you should be fine.

 

This notification should be more explicit though.

 

 

Thanks, that solved it also for me.

A better description/notification would be really good!

 

 

Share this post


Link to post

Hey guys, I'll chime in here as we have also noticed that two critical fields (path to object and action performed) seem to be mysteriously missing from the fields available for selection in the email alerts. We raised this with Support and here is what we received back:

 

"This is known issue. The reason of this issue is the events format. This will be fixed in Critical Fix 1 for Endpoint."

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.