Mattchu

Member
  • Content Count

    31
  • Joined

  • Last visited

Community Reputation

1 Neutral

About Mattchu

  • Rank
    Member
  1. It looks to me like you have a variety of the Ramnit malware which is very difficult to remove with any sort of confidence. I recently came accross a nasty similar to this (computer was running MSE), and decided the best way forward was to completely wipe the disc from a cd and start afresh. You may be wise getting someone from the malware support team here at Emsisoft to do some checks as this malware sometimes communicates with a c+c center on various ports! Gooc luck, Mattchu
  2. Cheers Christian your reply is much appreciated, i did a search but couldn`t see it reported elsewhere, good to know the bug has been identified and being worked on. Iv`e actually just replaced the version on my USB and it is now 2.0.0.8 so hopefully all will be OK. Just to provide some feedback on the new look, i find it a welcome improvement over the old version, it looks very professional and polished (not that the old one was bad mind ) Good stuff Mattchu
  3. Hello all hope all is well. Emsisoft Emergency Kit is my number 1 go to scanner for use on a portable USB stick however i have just been out to a friends and wanted to run a scan on his computer with it so i tried to update it first. After a while it came up with an error something along the lines of "update failed-tied to a different computer-key needs resetting" (sorry i forgot/didn`t not down the exact error). So is EEK no tied into/must be updated from the computer or OS it was originally set up on? Or how do i sort out the key error? Many thanks, Mattchu
  4. I`m thinking this is an April fools joke gone wrong Latest database, just scanned, same result!
  5. After a full scan it actually flags 1 process and 2 files as suspect (picture of detection added). Submitted for analysis and as a false positive! Cheers, Mattchu
  6. Hey guys, just a heads up for those using Sandboxie 3.54 (soon to be 3.55) that the Ikarus engine is flagging the file C:\ProgramFiles\Sandboxie\SbieCtrl.exe as "Virus.Worm.SuspectCRC!IK" VirusTotal Iv`e submitted this as a false positive via the GUI but just thought i`d post here as well as this is an integral part of said program and the sooner the fixed the better... Cheers, Mattchu
  7. Hello all, just a heads up/query as to a recent scan result with asquared Emergency Kit scan. It is reporting the uninstaller executable of Format Factory by Formatoz as "Trojan.StartPage!IK" it looks like the Ikarus engine picking it up, heuristics off . Now i can`t remember as iv`e had it installed a while but i do think the ASK toolbar is bundled with the installer so maybe the uninstaller reverts the home page back to default (this could be why it`s being triggered). Iv`e submitted it as a false positive via the interface because if said file is deleted/quarantined you could run into problems if you wish to uninstall. Just thought i`d post this so you are aware of the issue, and whether or not you consider this a false positive? Virus total link---- VirusTotal Cheers, Mattchu p.s. Detected on operating systems Windows 7 32Bit and 64Bit (not that it should make any difference)
  8. Just updated my USB stick from the prior version to the new Emergency Stick set up (which is very nice btw) and i seem to be having a minor problem. The issue is when you click on the start.exe you get a menu which allows you to run one of the 4 variables for some reason Blitzbank does not wan`t to run from there. I can run it directly from the executable but just not from the menu. Not sure if anyone else has seen this or it`s just a config thing, just thought i`d let ya`ll know Tried on Windows 7 Home Premium and Pro, might try on XP later, also tried running start.exe as Admin, no difference. Different security software on each (well none on one). Cheers, Mattchu Didn`t realise i had an XP booted up behind me same on that.
  9. Eye it be fixed it be Cheers Bud, Mattchu
  10. Hello all, just a quick notification that the VLC uninstall.exe is being flaged as Trojan.Win32.TDSS.!IK Sure this is a fp anyway here`s the Virus Total result My link I have submitted it via the alert as a fp (not by email) but thought it may get sorted quicker by posting it as well. Operating system Windows 7 (not tried on XP)no other real time security. Cheers, Mattchu. p.s. This review on resource usage doesn`t fair to well towards emsisoft anti-malware Raymond.cc. I know it`s not the be all and end all and i would rather the product catch stuff, but still..... you`ve seen it
  11. One thing you could try which solved a similar problem (well sort of) whereby the news pop-up box would allways be checked after a re-boot after i had unchecked it is to right click the asquared anti-malware short cut shield and select "Run as Administrator". You should get a UAC prompt, then do the changes.... Good luck with it
  12. I suddenly got this "One or more files has incorrect file versions. Do you want to update the program now?" message last night. Did a manual update and also there was an auto-update but the message still appeared today! Anything we can do to try and help resolve the situation? One other thing i just noticed which i haven`t seen before (or maybe i`m just dumb ) was in the Configuration/License section there is now a Freeware license entry (today`s date) which if highlighted turns off the File Guard protection. My only concern would be if someone where to have windows Security/Action centre disabled then they wouldn`t know full protection wasn`t on. Allthough the chances of this are very very slim.... Cheers all...
  13. Some images of IE8 not having it! Sandboxed Firefox not working again now either with regards to surf protection (after a deletion of the sandbox)...still working on unboxed Firefox but not on Internet Explorer at all!
  14. Is this where you added them gazs 1? It still doesn`t seem to work for me, maybe i`m just being dumb! I`ll leave the sandboxie picture up in case someone else needs it. The Hosts Rules don`t seem to be working correctly for me either. Tryed to block www.facebook.com and i can still get there! Windows 7 32Bit, Emsisoft 5.0.0.53, Online Armour Free. After a bit of testing i found that this only occurs if Firefox is sandboxed (it is fine not in the box). Allthough with Internet Explorer it doesn`t matter either way. Not a biggie though!
  15. Hello all, the latest version of Technitium`s MAC changer v5 Release 3 is being flagged by the Ikarus engine as Trojan-Dropper.SuspectCRC!IK According to VirusTotal it is the only one picking it up VirusTotal. The program is not Malware but could be misused will it continue to be picked up? p.s. Iv`e submitted it via the Submit function.