haydn

Member
  • Content Count

    47
  • Joined

  • Last visited

Everything posted by haydn

  1. Hi i was checking my user appdata folder as Microsoft Windows Store stopped working and in C:\Users\user\AppData\Local\Packages\Microsoft.WindowsStore_8wekyb3d8bbwe i found a folder called AC, in AC is a folder Microsoft and in Microsoft it shows CryptnetUrlCache and Crypto i got Windows store working again buy uninstalling in trouble shooter I did a full scan with Emsisoft but nothing found Any ideas please Many thanks H PS on further searches it seems Microsoft creates files for certificates Hope i havent wasted your time Many thanks
  2. Hi Kevin thank you for this Arthur has dealt with this via messenger this issue can be closed complete thanks you to the Emsisoft team for you hard work and dedication Regards Haydn
  3. Hi i know you advised that Malwarebytes and emsisoft dont get along now but ive still been using it, but i notice now certain programs not starting including iexplore Malwarebytes has found, malware removed and a pup but its a program after downloading i scanned and it came up clean, it seems trying to uninstall the program my problems started Can you run me through the process of removing malware, as although ive run a deep scan many times nothing is showing but my PC is not happy with something, im running a vpn also Many thanks Haydn PS - this link advertises the software i installed https://www.digitalcitizen.life/best-free-alternatives-task-manager-windows and i couldnt remove it so i installed software from this site https://www.iobit.com/en/advanceduninstaller.php both appear to be infections, these arnt links to the actual downloads regards Haydn O appologies if i wrote this in the wrong section
  4. PS V1 needed to use java which i never enabled but v2 seemed to operate without and as such was free to do what it wanted, i can see how a hacker could easily make a malware injecting clone of this software, but i did download from Microsoft so didnt think it was a risk
  5. Hi Jeremy yes i stupidly saw it as an upgrade to the debug software i already had and it was only after i started getting overflows and saw rundll32 i sort of suspected malware but it may have been i didn't set the cache report size the hard drive suddenly filled up, as you say this program is probably for grown ups, me not being one of them as i see some developers having trouble disabling it or removing it, just out of curiosity does Emsisoft use the rundll command to update, i was also getting rundll commands from masked ip addresses, i still have the updated v2 software in my downloads folder, if i send it are you able to check is validity, i compressed it but its still 27meg but the unpacked program is 1.4 gig, if it was sending the reports for analysis im hoping they only went to Microsoft, i did panic when i saw theres was no uninstall utility, but in the UK there is a law somewhere that says all programs produced must have an uninstall utility and being a microsft program they wouldnt make software available that wasn't unistallable but i guess different countries have different laws, any help gratefully accepted Many thanks H
  6. Hi Arthur ive had another program problem, its a program i downloaded to capture Blue Screen crashes i was having, called debug diagnostics originally version 1 then i upgraded to 2 it was fine until i started getting buffer overflow alarms, so im wondering if this was what was causing all my problems, it didnt have an uninstall but i finally removed it last night, with a tool called IObit When it was installed no deep scans found anything but i see someone saying it may have cloned the original windows diagnostic debug tool, have you had anyone with problems like that, i thought i downloaded from an official Microsoft site, ive got the original upgrade file if that helps, i think its for running on servers so it consumed vast amounts of hard drive space, i thought it may have been my ignorance and stupidity ar using it, i wonder if it was trying to capture the emsisoft malwarebytes clash
  7. Hi right ive found it it was by BT Vision Box basically my internet TV box, i didn't set it up it must have been set up by default, it was set up to port forward to port dcom 1024 i just disabled it and dcom 1024 is in stealth, that device was provided by my ISP good old BT, ive got c++ redistributable running as well would that have allowed the hacker better access ? What i do find annoying, there's hundreds of youtube videos teaching people hacking tech (in the name of protection) but virtually nothing on staying safe, you might say anyone can close a port, yes i can but this port covers hundreds of access points and id never heard of dcom ports that by pass your firewall until yesterday thanks for the reply GT It wasnt just a crashed programs it wouldnt fill up my HD with 263gb of debug reports, which was all the space i had left on c, it didnt disable the machine completely luckily as otherwise id be trying to remove some malware or other, i did find the intruder ip but it was a proxy
  8. Just to add to this i did a shields up port scan and can see DCOM 1024 is open, i disabled TCP port 1024 but then found i couldn't use my browser, but i think DCOM is not controlled by the firewall so i went in to component services to disable DCOM services, but this has multiple windows services running on it including windows update, so i was loathed to disable, when i keep my vpn running the port is invisible, but i shouldn't have to rely on my VPN just to keep me safe, how do i close the port but keep the services running, should i get a 3rd party firewall and not rely on windows defender, im a bit stuck
  9. Hi i was playing a game the other day and it wasnt multiplayer, but did require authentication to Steam to run i noticed glitches in the game then it crashed, windows reported running out of disk space i tried to find the offending file, but suspecting intrusion i turned on network lockdown, the pc was virtually running on ram as there was only a few megs of operating hard drive space left Malware-bytes was shutdown and couldn't be opened im guessing as not enough memory, as was my VPN client, i cleaned my drive recycle bin etc to free up space and ran a full system scan, my external hard drive was locked up, and as it was not indexed i needed to eject it, but it wouldn't eject, it only contains images as i do photography, it seemed one file was opened preventing me ejecting it of a friend on his track day, as it was USB i shut the pc and disconnected the drive i restarted with network lock still enabled and it seemed to free up more workable space, the windows drive still had 263gb of unknown data and the PC was running on about 500mb, it took me some time to locate the offending file, it was a crash report folder id set up to capture blue screen crashes, funnily enough caused by tcpip exceptions that i suspected came from your web protection i found literally thousands and thousands of crash reports generated by Debug Diag 1 there is a 2 out now that ive updated to, it creates java generated reports that can be analysed online, although i have java off by default, and never used it on this software as ive always analysed myself I have down a deep clean on all drives with nothing detected, reconnected my VPN to a different server, im hoping the network lockdown was initiated before any damage could be done, Credit to Emsisoft whilst other services shutdown i assume due to lack of memory, Emsisoft stayed up and allowed a quick lockdown response Preventing buffer overflows seems to be more than a simple switch and may require additional software, although i thought windows had this protection, im still not 100% sure if this was an attack as they would have needed access to my kernal pool, that windows defender guards against, could it just have been my game crash that caused this overflow, Any help gratefully accepted H
  10. Just tested my security Notably phishing sites and found this : so i have no phishing protection ?
  11. Iwasted hours reinstalling drivers uninstalling certain software, installing BSOD software paying for update driver software i didn't need, i got reimbursed. but thats not the point how much do you get into loosing hours of your life trying to figure out a problem Emsisoft should never have inflicted on its subscribers, i now have web protection disabled, and use only Malwarebytes Premium (only paying a one off payment for) who incidentally had the same issue last year, looking through the forums but have developed a patch, im seriously looking at ending Emsisoft subscription when the contract ends and yes i havent had a BSOD since web protection disabled
  12. Im getting the same issue, i nearly did a win10 reset until i saw a tech say check your anti virus, i have disabled Web Protection for Emsisoft but still have Malwarebytes protection who i see had the same tcpip.sys BSOD issues but they appear to have solved it
  13. Hi Arief yes please send me the appropriate forum section Did you have any answers to my other issues please many thanks Haydn
  14. Hi i recently got alerts from Google when searching saying suspicious behaviour from your network alerts and i had to enter a code to continue searches, now i understand that these google alerts generalise my ISPs network and may not mean my PC is infected in fact a full scan from both Mcafee and Emsisoft found no issues i did a port scan with "shields up" and found that port 1024 was open, when i did a port scan i could see no evidence of this, after doing further searches i found my BT TV Box known as You-View used this port for online TV, i wanted to see if i could close the port but it only closes when i turn the TV box off i thought i could create better firewall protection ( I currently only use Windows 10) by installing Mcafee firewall that comes with virus protection, Mcafee started blocking outbound connections from some old gaming software OverWolf and some gigabyte software that speeds up computer processes for gaming by shutting down various not used windows processes since the uninstallation of these programs ive started getting Buffer Overflow alerts from Mcafee, now i don't know if these are because of remnants left over from these programs or Emsisoft is conflicting with Mcafee If Mcafee and Emsisoft dont get along can i disable Mcafee virus protection but still use its firewall many thanks Haydn
  15. HI my PC and PS4 connect to the same HUB but since the latest update im getting intermittent internet on games, the PS4 Games continually stutter making online game play poor to the point of unplayable
  16. Im getting an error when trying to install in to Microsoft Edge Reporting this problem will help us understand it better. You can wait for a while and try again or restart your device. That may help. Code: 0x80072F8F
  17. Hi i installed an app i believe to be a spoof or something worse, is there anyway of scanning my ipad for possible malware or viruses ? my worry is its linked to my PC and may provide access to my local network ? regards Haydn
  18. well i originally purchased internet security but emsisoft did an update and i think that since that time (not sure when) i only have malware protection ? i do not see the firewall option on my GUI
  19. Hi ive done a full win 10 install and I think previously when I had Emsisoft malware protection installed the firewall was off by default but now I keep getting a warning after turning off the windows firewall manually should I have it on or off please many thanks H
  20. I think I found it it was the intel chipset update service apparently the first update software was causing all sorts of issues but ive installed the update and appears to have cured it many thanks H
  21. i keep getting pop ups malicious code detected in the following file : c:program files\intel\sur\queencreek\task.vbs any help gratefully recived Haydn
  22. Hi Kevin seems to be running much better thank you for all your help, Kevin (The Mal Miester) Zoll I still haven't got my Instagram back I'm guessing that's lost forever as they don't have phone support and the hack reports ive raised with Instagram have returned no results Ive closed the old email account that was used in multiple applications and log ins, as it appears this was the basis of the hacking once the hacker / bot had this it was using it predominantly to track trace my accounts in multiple applications, took pretty much a week to change everything over to new accounts and try and get a defence to the attacks that seemed to be predominantly on my bank and financial accounts, luckily my banking orgs have a three part access process that is very hard to crack, I'm a little worried about trying to get my Instagram back as this may make me a target again so may be worth just opening a new account Emsisoft made the whole process easier to deal with I thought I was going to have to do a full windows reinstall to clear all the bugs but thanks to you guys ive saved a lot of data that would normally have been lost it seems once I downloaded this rouge malware they closed down my virus protection including Malwarebytes that appears useless against this form of malware Thanks Again to the whole Emsisoft team regards Paul Davies SE UK
  23. Addition.txt FRST.txt scan_170402-231336.txt
  24. Hoping its fixed X fingers crossed Fixlog.txt