TriK

Member
  • Content count

    34
  • Joined

  • Last visited

Community Reputation

3 Neutral

About TriK

  • Rank
    Member
  • Birthday

Profile Information

  • Gender
    Not Telling

System Information

  • Operating System
    Windows 7 x64
  • Firewall or HIPS Software
    Online Armor Permium
  • Other Security Software
    CyberGhost VPN
  1. I was strengthening executable from IE v9 "ielowutil.exe" which was being called on by Yahoo Messenger v11.5 for added security. I used the RunSafer feature of my Emsisoft Online-Armor Firewall. The yahoo messenger threw an error code associated with "Messenger/Plugin/16762d37-0eb1-40d0-5863-5fa5ade02675.yplugin/vitality/vitality/vitality.html" and "vitality.min.js" (which was installed with the messenger) preventing the app from shutting down normally. I uninstalled the messenger, flash player, .net framework, internet explorer, removed all temp files, registry keys. ran in cmd prompt regsvr32 jscript.dll regsvr32 vbscript.dll ^numerous times reinstalled all mentioned software noticed internet explorer didnt want to download google.com/chrome without "scriptlets" enabled under internet options> "security" tab> "custom levels" button as well as functioning for firefox download. so I was stuck with internet explorer, and unable to download other browsers. ontop of that yahoo messenger was still throwing the error with vitality.min.js this left me with one option. "ielowutil.exe" was still being run in RunSafer mode with Online Armor. any chance we will see windows executables on a different level of RunSafer to prevent conflicts such as this while still being able to provide the sandbox features of RunSafer? I spent about 8 hours nonstop trying to fix this, please fix Emsisoft staff.
  2. I noticed online armor premium detected svchost.exe send RAW data as Ouput without a destination, it was added as a rule. Is this normal of svchost.exe?
  3. The Anti-Keylogger in Online Armor Premium showed explorer.exe in the Anti-Keylogger section after I deleted all my trusted programs etc to start fresh and remove unneeded trusted files after installing 3rd party apps. Is it safe? Or am I infected down to the explorer.exe.
  4. download.piriform.com is where the downloads for piriforms software come from. Was blocked due to suspicious activity upon connection. Piriforms software includes famous software such as CCleaner and Defraggler
  5. Restart fixed problem but I received a, "Connection Reset" so I cleared recent history through my browser and the page works now.
  6. ran the update but site not working the browser says, ".. can't find the server at lifehacker.com"
  7. whatever happened to lifehacker.com seems I can't access lifehacker.com now but all other sites work.
  8. Lifehacker.com, I thought this site was clean, but only recently the site has been resetting the connection. If they are a malware site or similar it is likely because someone hacked them and it is only temporary. Its a very popular site so I'm sure someone got in and set a virus on their legit site.
  9. Turning on Online Armor's "Filter Invalid MAC Address (According to IEEE OUI Listing)" under ADVANCED mode> Options > Firewall makes Cyberghost unable to connect to there VPN network. Don't know if this is a problem with me in particular or something that just is and would like to know.
  10. Did that and anti-malware disabled surf protection and behaviour blocking. Took into consideration if it took out the antivirus then I need to reformat. methods I took to clean the computer Darik's Boot and Nuke Wiped the harddrive with quick erase. Flashed motherboard BIOS reinstalled Operating System
  11. an extras.log wasnt made for some reason, I checked on Purity and LOP. didnt set at minimal output. and it made this log first time it started 04162012_184508.log problem is OTL shut itself down immediately after. so I restarted OTL again. and it closed unexpectedly possibly from me clicking on stuff while it was starting up. then 3rd time "a charm" it started up and i ran the scan. here is the log.
  12. So I found some other tools to help resolve this problem once and for all. CatchMe log shows a ntdll modification. MBR log could be a compatibility problem with Windows 7 I dont know but it doesnt look like it completed successfully. GMER came back clean.
  13. [#10193] got this error from support.emsisoft.com while trying to login but I went to my profile and get around the error. Also google.com and related sites like gmail.com do not work though I have tested to see if the sites are down with 3rd party sites designed to test sites for you and it came back as on. So it is just me that can not access google.com and gmail.com. Ive tryed with different browsers and the problem still exists.
  14. Windows Defender was showing an error under the the description of it when going to start>run>services.msc and clicking on the Windows Defender service. The problem that windows defender had though has been fixed on its own! It must have resent the information when updating with definitions. Everything seems ok now. Though its amazing how nothing has come up. I could have sworn my computer was throwing some very bazaar symptoms, and like we found out crypto wasnt working properly. If I am infected its probably something laying low till a predetermined date in the future. Unless you say otherwise.
  15. here is the tdsskiller log and I do know that the detection of "switchboard" should be alright. it is an adobe application, though I dont know why its not recognized as signed. so maybe o ye read the post prior to this one there is more. ps cryptographic service is running again.