Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


malware1 last won the day on April 27 2015

malware1 had the most liked content!


13 Good

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

8620 profile views
  1. I don't recommend to use the submission page... It seems nobody checks it, I tried many times and my samples submitted there never get added. Better use [email protected] or post it in the Malware Submissions forum.
  2. EAM will direct you to the support forum in case it finds an infected Windows file. These links are not fresh, some sites were already cleaned. I've just had a look at latest links and most are dead. Note that Emsisoft may detect the malicious payload even if it doesn't detect the URL. For example: https://www.virustotal.com/en/file/9bcdb492b7f221438b3599f06de70a3ad5a3b726ebf740f5ff13a54d59832327/analysis/1404640432/ There's indeed a malicious javascript in the source code: http://c**ma.de/fjzlnvhb.php?id=53433327 but since it's dead nothing will happen when opening the page.
  3. Malwarebytes scans only files that begin with MZ (PE files) so the EICAR test file is not targeted.
  4. You shouldn't uncheck the detected items, please check and remove/quarantine them. You can close Emsisoft after cleaning if it didn't ask for a reboot. Edit: I'm not sure if I understand you correctly, I assume that you don't want to delete the detected objects. Just exit Emsisoft, that's ok
  5. That's really sad, my condolences to his family.
  6. Did the window appear in your browser? Maybe that was just a FakeAV, if you didn't download the file then you should be safe.
  7. Yes, it is. Emsisoft Anti-Malware is compatible with other security software.
  8. Another sample of this malware: setup.exe - https://www.virustotal.com/en/file/f05045f5e9badf1017d245a1977fa49c85183f0bc34aa4f1800c5c462b7c34eb/analysis/1388853235/ (undetected by Emsisoft) Dropped files: XB_010~1.EXE - https://www.virustotal.com/en/file/625060052f56063999793d944accb98b60dcb2411bdce005c8156e2e75cf2449/analysis/1388853290/ (detected by Emsisoft) w_64.DLL - https://www.virustotal.com/en/file/dd9ded59410d4e2a77f5154ac0548aa657078d398057924f596bb8901c964344/analysis/1388853314/ (undetected by Emsisoft) w_win.dll - https://www.virustotal.com/en/file/43eb4d54b1a8b204f41f2d67fe2563ad36ccd833325be4aab744d236e049ae56/analysis/1388853290/ (undetected by Emsisoft) I'll submit the undetected files.
  9. This file is undetected by Emsisoft: setup.exe - https://www.virustotal.com/en/file/09943ba819c2f70899dfa16d2930c65b4170989de9bf7de8b2cdaf15d137a7c1/analysis/1388832922/ Some other antivirus products with BitDefender engine detect it, but Emsisoft does not It drops WINDOW~1.EXE and WINDOW~1.EXE drops w_win.dll and w_64.DLL. WINDOW~1.EXE, w_win.dll, w_64.DLL - these files are detected.
  10. Please take a look at this post: http://support.emsisoft.com/topic/13160-possible-fp/#entry94849 Another similar result: old scan: https://www.virustotal.com/en/file/57a244d84989707afa9fd3afd7ea2e3ae840cafef4c890f1ab961e80e25d7d54/analysis/1387475414/ latest scan: https://www.virustotal.com/en/file/57a244d84989707afa9fd3afd7ea2e3ae840cafef4c890f1ab961e80e25d7d54/analysis/ Something is still wrong with Emsisoft scanner on VirusTotal... I noticed these odd detections few times.
  11. Thanks for checking. Please look at my log. "EICAR-Test-File (not a virus) (B)" is written backwards. I've just opened the log in Notepad++, and you're right, it's shown correctly. Seems to be Notepad's fault. If you can, open your log using Windows Notepad and try to select the detected malware path along with the threat name. You'll see something odd.
  • Create New...