KathrynLynn 0 Posted June 17, 2017 Share Posted June 17, 2017 I have the latest home edition of Smart Security. A few weeks ago I started getting attacked. My mouse freezes and I have to shut down the computer and when I come back on, the Advanced setting anti phishing has been disabled. So I went in and put a password on the advanced settings only somehow they are able to break the code pretty fast and last week they changed the password. I finally got eset on the phone this afternoon. I was given the password unlock code and put a new password on the advanced settings. They have not broken my password code yet but they have already frozen my cursor once this evening and disabled the antiphishing. I didn't have this problem with eset nod 32 or with smart security until now. What can I do? Link to comment Share on other sites More sharing options...
Most Valued Members cyberhash 188 Posted June 17, 2017 Most Valued Members Share Posted June 17, 2017 If this was some kind of simple infection then i would try and help you clean it up. But what you have said here leads me to believe that you have been infected by some sort of RAT. You would be best waiting for a reply from a member of "ESET Staff" not other users. In the meantime i would suggest you don't use any banking sites or other sites that require a username or password to be entered as these details may be getting logged Link to comment Share on other sites More sharing options...
KathrynLynn 0 Posted June 18, 2017 Author Share Posted June 18, 2017 Cyberhash, Thanks for the info. Today, it happened again and this time they changed my password again. I don't do online banking but this is upseting still. I will have to wait til Monday when the office is open. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,070 Posted June 18, 2017 Administrators Share Posted June 18, 2017 I don't think it's an attacker or malware that disables anti-phishing. An attacker would disable the whole AV product or even uninstall it and not only disable a less important protection feature. I'd suggest opening a case with your local customer care and providing them with ELC and Procmon logs created at the time when you observe performance issues. Also a complete memory dump might shed more light. Link to comment Share on other sites More sharing options...
KathrynLynn 0 Posted June 19, 2017 Author Share Posted June 19, 2017 how do you do a memory dump? Thanks for your advice!!! Link to comment Share on other sites More sharing options...
TomFace 539 Posted June 19, 2017 Share Posted June 19, 2017 (edited) "How do I generate a memory dump manually?" http://support.eset.com/kb380/ ****************************************** ESET Log Collector (ELC) http://support.eset.com/kb3466/ Edited June 19, 2017 by TomFace Link to comment Share on other sites More sharing options...
KathrynLynn 0 Posted June 30, 2017 Author Share Posted June 30, 2017 (edited) Thanks Marcos and Tomface. Well a few nights ago it did disable my fire wall. I followed some of your suggestions, went in, put advanced logging and notify me of system changes and then last night I was scared to death when i started getting notices on the right side of the screen and I see you have talked about it on another post on here. It says something about Modify setup settings, Target HKey Local Machine System Control set 001 That's all I could write down and couldn't take a screen shot but according to another post, this is not a problem, right guys? Edited June 30, 2017 by KathrynLynn Trying to push the notify me when reply button but it's not there Link to comment Share on other sites More sharing options...
Recommended Posts