Jump to content

PassingBy

Members
  • Posts

    125
  • Joined

  • Last visited

  • Days Won

    1

PassingBy last won the day on December 12 2019

PassingBy had the most liked content!

About PassingBy

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Taiwan

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Thanks Itman. I had read about it. Once i realized something was wrong i checked to see whether there were security notices about it and found out it was around since at least 2019. Both my laptops and mobile are working fine but this morning i noticed some email services on my mobile aren't synching. Access to most emails seems fine but i didn't check all accounts. I did change the password for the account i used to experiment with the Evite invitation minutes after testing it. Rechanged it once more one day later. But my email client on Android isn't synching (i had tried to open also through Android relying on the idea that the phishing threat was designed for Windows). Not clear whether there are issues caused by that specific action or whether a recent mail client update is causing the issue. The client update (third party app) occurred almost simultaneously.
  2. I just did. Bit late but i got busy. Other people in a group received the same email, too. So the account was definitely hacked.
  3. Hi everyone, First, i am aware this should be in another section but i put it here just as an appetizer of potential further investigation, which i hope is unnecessary. The story in short is this: 1) I received a fake Evite invitation from a well known contact. 2) Since i found it strange i sent him an email using the same account he used for the invitation (i have no other account) asking whether he had actually sent it (imagining a Man in the Middle thing). No reply. 3) Despite the suspicious activity, including the links etc., i gave it a shot with a secondary account i use. The result was a denied access in both cases, on both Edge (Outlook 365 automatic redirection, asking me to connect to Adobe cloud with one of my email accounts) and Firefox showing a 403 error. 4) I changed the password on my email account used to run the attempt. No other malicious behavior noticed. 5) Contacted Evite which confirmed the email is not from them and confirms the malicious nature of the email, advising me to clean up the data/cookies from all my browsers (all those used to executed activities on the email). Question: Any chance I am infected with something and ESET missed it? I can submit a copy of the email if necessary, but i'd prefer not to if possible. Thanks in advance for any insight. Rick
  4. I can't quite get the changes. For a start i need 3 licenses, not 5. I may need a VPN but i don't surely need a password manager and the rest of the features. The prices are completely off. Why can't they just offer standard Internet Security + VPN for the number of licenses we need? I have 2 laptops and 1 mobile device. Why do i have to pay 2 extra licenses? Who is doing the marketing over there? Mickey Mouse?
  5. The IP is reportedly my provider. It is Taiwan. That is one of the reasons why i have been posting more frequently of late. Geographic position and other factors, add up to the strange behaviors of machines and networks. If you recall i posted a while ago on strange IP behaviors. I still have those. I waste considerable amounts of time monitoring those. Last but not least, i have someone who tries daily to find the password of one of my email accounts through repeated attempts to login. He managed to open a Venmo account without being able to access my email and despite me deleting the confirmation emails i got from Venmo. He probably did through social engineering. Bottom line, i am having a quite stormy period with threats and when the AV behaves like that i like to know what is going on. I will skip the ticket. It's just too troublesome. But thanks for the feedback. E.
  6. As to the ticket: 1) The log is too big to be uploaded. 2) As i was completing the process the below occurred. I guess i won't try a second time as it's too lenghty. Thanks in advance for any help you may provide based on the log.
  7. Thanks Marcos, Opening a ticket from the support gets me through the Knowledge Base and the usual drill and there seems to be no easy way to open a ticket with a human operator. I understand why it's done but it proves impossible to get to open a ticket fast. I wish it was just as easy as "Open a ticket" straight from the UI of ESET. I'd prefer not to upload in public here, if at all possible.
  8. Dear all, This just happened. Any clues? Also, earlier today i found two unknown users in the "Security" tab of the C drive. After checking the two SIDs i removed them. One didn't reappear, the other reappeared. ESET kept working also after a reboot and the issue below occurred randomly about 10 hours later, while watching videos. No other events detected. Thanks a lot for your help. Brief edit: This seems to be fixed, all alone. I'd still like to know whether the issue was on the ESET side. E.
  9. Dear Itman, thanks for the kind explanation and for the time you devoted to this. Understood. Thanks a million. R.
  10. I am not worried about ESET connections. I am investigating the IPv6 addresses in the screenshot below (often it is just one associated). Since they are set as private and no information is provided i think it's normal to express a degree of doubt on what they are doing in my machine. The second doubt is why EIS is not blocking them as instructed.
  11. The question is: Why despite me setting rules for IPs and domains i want to block they still show among my connections? Is the firewall blocking or those rules are inefficient? Am i doing something wrong? If so what? Bottom line. How can i actually block IPs and Domains from EIS?
  12. Hi Marcos Apparently the log is too big and won't let me upload it. Can you kindly clarify what part do you need? Thanks
  13. Here is a screenshot of what i see. On the right (redacted IPs) you have the normal IPs...they're mostly fine and link directly to my router's IP On the left you see the others. That's today's. I have others for other days. I will try to drop a log later on but i think the screenshot is eloquent enough.
×
×
  • Create New...