Jump to content

ow7iee

Member
  • Content Count

    15
  • Joined

  • Last visited

Community Reputation

0 Neutral

About ow7iee

  • Rank
    Member

Profile Information

  • Gender
    Male
  1. Thank you.. Those screenshots and your explanation meant a lot. Now I can calm down knowing it's not some nasty malware hiding itself
  2. ok.. just uploaded the one in SysWOW64 and here's the link: https://www.virustotal.com/sv/file/e9bc87e0c90d1a5469cc2b3fe68e555480dfb3fc807d5a0a0232db25e7a21a35/analysis/1374528381/ Looks clean to me...
  3. I would be happy to do that, the only problem is that it doesn't exist No explorer.exe in system32 at all, no autostart entries in the registry points to that either! But if I delete the entry in OA.... Online Armor ads the system32/exlorer.exe entry again after reboot... I think this is not a virus or anything, maybe OA just registers the explorer.exe in 64-bit windows wrongly?
  4. Yes.. But why doesn't OA detect the real path instead of /system32 ... It's well known that many trojans places a false explorer.exe in system32. If I didn't know that I wouldn't have spent a whole day inspecting my computers files and registry entries...
  5. Why does online armor re-add these entries after every windows startup??? Also in autoruns section it detects: explorer.exe, 0.0.0.0, (0.0.0.0) C:\Windows\System32\explorer.exe Hash(MD5): 219E677B3CC4BDE37251CD3F6FA2702A There is no explorer.exe in system32. If I understand correctly from what I've read on several tech forums 64-bit windows automatically redirects a call from a 32-bit binary for explorer.exe at the C:\Windows\System32\ location to C:\Windows\sysWOW64\Explorer.exe .. since that is the 32-bit version and the 64-bit version of Explorer.exe is in C:\windows\ The
  6. I'm a long time Online Armor & NOD32 user... excluding nod32 in OA and vice versa has always been enough and having HIPS enabled in both applications have never caused any problems. However, since Windows 8, their honeymoon is definitely over I had huge problems yesterday since my computer locked up completely for the 3 rd time in just one week!!!. This time I couldn't even uninstall OA, I couldn't open task manager either because it locked up the whole os before it fully loaded up . Was also trying to restart into the new service mode in windows 8 pro (old safe mode) or whatever it
  7. Wow! I never seen customer support as great as here anywhere else... Many thanks for all your efforts trying to help No I don't have active subnet scanning enabled. My computer is connected directly to the broadband wall socket (temporarly until I'll get a new wireless router) About the sniffer... Many thanks for your offering your help.. I know exactly what it is and how to use such software... I played a practical joke on a neighbour friend a few years ago, he laughed when I told him to change from WEP to WPA because of the weak security in wep.. This was before facebook supported the secu
  8. Hi again... The female on the phone didn't really get what I was trying to explain and I was in a hurry so I we didn't solve this issue... However... today I got an idea, I downloaded a network scanner, I thought it would show the name of the computers, just like OA always done for me in the past until I got the new ISP. Here .... This picture might explain it? Every http;// found in there goes to a "WEB LOGIN" page... different ip:s but always the same page!!! That means it CAN NOT be computers that is filling the "computers" list in my Online Armor... Is it a server that is acting weir
  9. This started after I had switched to a new ISP a few days ago... Before that the list was almost empty, only my smartphones were in the list if they were connected. I don't get this... new computers all the time now in my list... At least 10-20 unknown computers / day, I give them all the "Distrust" status... I'm not running a network, I live alone with my kids... We only have 1 computer atm.... Any ideas whats going on here???
  10. Thanks for the answer, I'll uninstall OA and do a fresh install now
  11. Since the upgrade to version 6.0.0.1736 I've been wondering if it's recommended to completely uninstall OA and do a fresh installation instead? Is there anything to gain in a clean installation of OA, better performance or anything compared to the normal automatic upgrade???
  12. For some strange reason it's not even listed in firewall settings. I added it manually and "allowed".. In Programs settings it's trusted. Same thing happened again so I checked firewall settings and consent.exe wasn't there anymore. Hmmm, tried it one time again, added consent.exe to firewall settings and made it "allowed", it was removed only a few seconds later and automatically blocked by online armor again. This isn't a super big issue after all, but I'm a problem solver and I can't give up until I've solved the problem, even if it's a really small problem like this... Hm, I should've re-
  13. It keeps blocking consent.exe (the regular CLEAN file in c:\windows\system32\) ... Check this text below: Created: 9/24/2012 10:20:55 PM Summary: Firewall: Automatic decision Description: C:\windows\system32\consent.exe, Outgoing TCP access blocked to: (ocsp.verisign.com;ocsp.verisign.net;ocsp.thawte.com;evsecure-ocsp.verisign.com) 199.7.57.72:80 Event type: Firewall: Automatic decision(17) Event action: Blocked(3) It doesn't matter how many times I remove it from online armor or set it to "ask" and the allowing it. A few minutes later it's blocked again! What's going on here?
  14. I see that this post is a bit old now but I just thought I'd post my tip anyway... I solved the problem by excluding oa in nod32, like this: C:\Program Files (x86)\Online Armor\*
×
×
  • Create New...