Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by Mattchu

  1. It looks to me like you have a variety of the Ramnit malware which is very difficult to remove with any sort of confidence. I recently came accross a nasty similar to this (computer was running MSE), and decided the best way forward was to completely wipe the disc from a cd and start afresh. You may be wise getting someone from the malware support team here at Emsisoft to do some checks as this malware sometimes communicates with a c+c center on various ports! Gooc luck, Mattchu
  2. Cheers Christian your reply is much appreciated, i did a search but couldn`t see it reported elsewhere, good to know the bug has been identified and being worked on. Iv`e actually just replaced the version on my USB and it is now so hopefully all will be OK. Just to provide some feedback on the new look, i find it a welcome improvement over the old version, it looks very professional and polished (not that the old one was bad mind ) Good stuff Mattchu
  3. Hello all hope all is well. Emsisoft Emergency Kit is my number 1 go to scanner for use on a portable USB stick however i have just been out to a friends and wanted to run a scan on his computer with it so i tried to update it first. After a while it came up with an error something along the lines of "update failed-tied to a different computer-key needs resetting" (sorry i forgot/didn`t not down the exact error). So is EEK no tied into/must be updated from the computer or OS it was originally set up on? Or how do i sort out the key error? Many thanks, Mattchu
  4. I`m thinking this is an April fools joke gone wrong Latest database, just scanned, same result!
  5. After a full scan it actually flags 1 process and 2 files as suspect (picture of detection added). Submitted for analysis and as a false positive! Cheers, Mattchu
  6. Hey guys, just a heads up for those using Sandboxie 3.54 (soon to be 3.55) that the Ikarus engine is flagging the file C:\ProgramFiles\Sandboxie\SbieCtrl.exe as "Virus.Worm.SuspectCRC!IK" VirusTotal Iv`e submitted this as a false positive via the GUI but just thought i`d post here as well as this is an integral part of said program and the sooner the fixed the better... Cheers, Mattchu
  7. Hello all, just a heads up/query as to a recent scan result with asquared Emergency Kit scan. It is reporting the uninstaller executable of Format Factory by Formatoz as "Trojan.StartPage!IK" it looks like the Ikarus engine picking it up, heuristics off . Now i can`t remember as iv`e had it installed a while but i do think the ASK toolbar is bundled with the installer so maybe the uninstaller reverts the home page back to default (this could be why it`s being triggered). Iv`e submitted it as a false positive via the interface because if said file is deleted/quarantined you could run into problems if you wish to uninstall. Just thought i`d post this so you are aware of the issue, and whether or not you consider this a false positive? Virus total link---- VirusTotal Cheers, Mattchu p.s. Detected on operating systems Windows 7 32Bit and 64Bit (not that it should make any difference)
  8. Just updated my USB stick from the prior version to the new Emergency Stick set up (which is very nice btw) and i seem to be having a minor problem. The issue is when you click on the start.exe you get a menu which allows you to run one of the 4 variables for some reason Blitzbank does not wan`t to run from there. I can run it directly from the executable but just not from the menu. Not sure if anyone else has seen this or it`s just a config thing, just thought i`d let ya`ll know Tried on Windows 7 Home Premium and Pro, might try on XP later, also tried running start.exe as Admin, no difference. Different security software on each (well none on one). Cheers, Mattchu Didn`t realise i had an XP booted up behind me same on that.
  9. Eye it be fixed it be Cheers Bud, Mattchu
  10. Hello all, just a quick notification that the VLC uninstall.exe is being flaged as Trojan.Win32.TDSS.!IK Sure this is a fp anyway here`s the Virus Total result My link I have submitted it via the alert as a fp (not by email) but thought it may get sorted quicker by posting it as well. Operating system Windows 7 (not tried on XP)no other real time security. Cheers, Mattchu. p.s. This review on resource usage doesn`t fair to well towards emsisoft anti-malware Raymond.cc. I know it`s not the be all and end all and i would rather the product catch stuff, but still..... you`ve seen it
  11. One thing you could try which solved a similar problem (well sort of) whereby the news pop-up box would allways be checked after a re-boot after i had unchecked it is to right click the asquared anti-malware short cut shield and select "Run as Administrator". You should get a UAC prompt, then do the changes.... Good luck with it
  12. I suddenly got this "One or more files has incorrect file versions. Do you want to update the program now?" message last night. Did a manual update and also there was an auto-update but the message still appeared today! Anything we can do to try and help resolve the situation? One other thing i just noticed which i haven`t seen before (or maybe i`m just dumb ) was in the Configuration/License section there is now a Freeware license entry (today`s date) which if highlighted turns off the File Guard protection. My only concern would be if someone where to have windows Security/Action centre disabled then they wouldn`t know full protection wasn`t on. Allthough the chances of this are very very slim.... Cheers all...
  13. Some images of IE8 not having it! Sandboxed Firefox not working again now either with regards to surf protection (after a deletion of the sandbox)...still working on unboxed Firefox but not on Internet Explorer at all!
  14. Is this where you added them gazs 1? It still doesn`t seem to work for me, maybe i`m just being dumb! I`ll leave the sandboxie picture up in case someone else needs it. The Hosts Rules don`t seem to be working correctly for me either. Tryed to block www.facebook.com and i can still get there! Windows 7 32Bit, Emsisoft, Online Armour Free. After a bit of testing i found that this only occurs if Firefox is sandboxed (it is fine not in the box). Allthough with Internet Explorer it doesn`t matter either way. Not a biggie though!
  15. Hello all, the latest version of Technitium`s MAC changer v5 Release 3 is being flagged by the Ikarus engine as Trojan-Dropper.SuspectCRC!IK According to VirusTotal it is the only one picking it up VirusTotal. The program is not Malware but could be misused will it continue to be picked up? p.s. Iv`e submitted it via the Submit function.
  16. Is it just me or the update servers down for everyone? Tried on different computers (XP and 7) with different versions. Just wanted a confirmation if possible. Cheers, Mattchu
  17. From what i`ve seen if you have turned off your computer and the updates are set for say every 1 hour, if you re-boot and it is longer than 1 hour (or whatever your schedule is) then it checks for and downloads updates immediately. Therefore as soon as you turn the laptop on after a week the update should start (it may take a while, i`ve noticed sometimes if you don`t update for a few days the whole database [ikarus one i think] is rewritten). Cheers, Mattchu
  18. I`ll give it a bash Fabian and let you know the result Cheers, Mattchu Seems to do the trick Fabian, saves a re-install, top call... Windows 7 32Bit, V5.
  19. I`ll give it a bash Fabian and let you know the result Cheers, Mattchu
  20. Just done a reinstall of 4.5 and clicked on the Emsisoft news link and this alert popped up (picture below). Upgraded to 5 click on the same link and no pop-up, even with all surf protection settings on Alert Browser=Firefox 3.6, no other security software, Windows 7 32Bit A bit disconcerting when the main news page brings up an alert about malware distribution! I`m fine because i realise what it`s about, others may be alarmed by it though. Just a FYI Cheers, Mattchu p.s. Sorry should have been a C not a c
  21. I realise this is not the best way to do it but i`ve just done it this morning and it worked and asquared is being seen by Action/Security centre. It requires a uninstall/reinstall so if your on a capped bandwidth or slow connection it may not be the best thing to do. Try at your own discretion. Start/type in "cmd" and than right click "cmd.exe" and select "run as administrator" Type in winmgmt /resetrepository This will reset the repositrory to the initial state when the OS was insatlled. After i did this the results are in picture below. Now uninstall asquared and re-boot, then re-install asquared. After doing this Action Centre is reporting fine. There is no guarentee this will work on your machine, but it could All the best, Mattchu
  22. Have you tried stoping the "windows management instrumentation" (which in turn should stop the security centre) via services.msc and deleting the directory C:\Windows\system32\wbem\Repsitory Restart the WMI and Security Centre services, Re-boot and the repository should be re-built, it might recognise it then! Worth a shot. Cheers, Mattchu
  23. Thanks Fabian, i`ve a feeling it was the Ad/Tracking Hosts part of surf protection which was causing the alerts. One think i`m not sure of yet is why when i was just googling for stuff and in the results there was a dodgy site it got flaged! I did a search for "Recover my files windows 7" and there where several links that were torrents/warez, etc. Each of these gave an alert even though i hadn`t clicked on the link, should it do this (on 4.5)? Like the V5 interface a lot, starting to get familiar with the various settings... Cheers, Mattchu p.s Thanks for the tip about going back to 4.5, nice 1.
  24. Installed asquared full (4.5) for the first time yesterday, and it was ridiculously intrusive. Alerts where being generated for everything and most websites where being reported as suspicious (even asquared`s site got flaged) google search`s (say for MBAM) Brothersoft, Tucows, etc. Now i`ve moved up to the Beta version it seems to have become a lot less jumpy, in fact i`m yet to see a site get flaged!... Basic question really, what is most peoples prefered settings for minimal intrusion alert but still safe? Cheers, Mattchu
  • Create New...