malware1

Tester
  • Content Count

    2312
  • Joined

  • Last visited

  • Days Won

    8

Everything posted by malware1

  1. I don't recommend to use the submission page... It seems nobody checks it, I tried many times and my samples submitted there never get added. Better use [email protected] or post it in the Malware Submissions forum.
  2. EAM will direct you to the support forum in case it finds an infected Windows file. These links are not fresh, some sites were already cleaned. I've just had a look at latest links and most are dead. Note that Emsisoft may detect the malicious payload even if it doesn't detect the URL. For example: https://www.virustotal.com/en/file/9bcdb492b7f221438b3599f06de70a3ad5a3b726ebf740f5ff13a54d59832327/analysis/1404640432/ There's indeed a malicious javascript in the source code: http://c**ma.de/fjzlnvhb.php?id=53433327 but since it's dead nothing will happen when opening the page.
  3. Malwarebytes scans only files that begin with MZ (PE files) so the EICAR test file is not targeted.
  4. You shouldn't uncheck the detected items, please check and remove/quarantine them. You can close Emsisoft after cleaning if it didn't ask for a reboot. Edit: I'm not sure if I understand you correctly, I assume that you don't want to delete the detected objects. Just exit Emsisoft, that's ok
  5. That's really sad, my condolences to his family.
  6. Welcome to Emsisoft Support
  7. Did the window appear in your browser? Maybe that was just a FakeAV, if you didn't download the file then you should be safe.
  8. Yes, it is. Emsisoft Anti-Malware is compatible with other security software.
  9. Another sample of this malware: setup.exe - https://www.virustotal.com/en/file/f05045f5e9badf1017d245a1977fa49c85183f0bc34aa4f1800c5c462b7c34eb/analysis/1388853235/ (undetected by Emsisoft) Dropped files: XB_010~1.EXE - https://www.virustotal.com/en/file/625060052f56063999793d944accb98b60dcb2411bdce005c8156e2e75cf2449/analysis/1388853290/ (detected by Emsisoft) w_64.DLL - https://www.virustotal.com/en/file/dd9ded59410d4e2a77f5154ac0548aa657078d398057924f596bb8901c964344/analysis/1388853314/ (undetected by Emsisoft) w_win.dll - https://www.virustotal.com/en/file/43eb4d54b1a8b204f41f2d67fe2563ad36ccd833325be4aab744d236e049ae56/analysis/1388853290/ (undetected by Emsisoft) I'll submit the undetected files.
  10. This file is undetected by Emsisoft: setup.exe - https://www.virustotal.com/en/file/09943ba819c2f70899dfa16d2930c65b4170989de9bf7de8b2cdaf15d137a7c1/analysis/1388832922/ Some other antivirus products with BitDefender engine detect it, but Emsisoft does not It drops WINDOW~1.EXE and WINDOW~1.EXE drops w_win.dll and w_64.DLL. WINDOW~1.EXE, w_win.dll, w_64.DLL - these files are detected.
  11. Please take a look at this post: http://support.emsisoft.com/topic/13160-possible-fp/#entry94849 Another similar result: old scan: https://www.virustotal.com/en/file/57a244d84989707afa9fd3afd7ea2e3ae840cafef4c890f1ab961e80e25d7d54/analysis/1387475414/ latest scan: https://www.virustotal.com/en/file/57a244d84989707afa9fd3afd7ea2e3ae840cafef4c890f1ab961e80e25d7d54/analysis/ Something is still wrong with Emsisoft scanner on VirusTotal... I noticed these odd detections few times.
  12. Thanks for checking. Please look at my log. "EICAR-Test-File (not a virus) (B)" is written backwards. I've just opened the log in Notepad++, and you're right, it's shown correctly. Seems to be Notepad's fault. If you can, open your log using Windows Notepad and try to select the detected malware path along with the threat name. You'll see something odd.
  13. This happens if I try to scan a file with the Unicode Right-to-Left trick (RLO): http://blog.malwarebytes.org/intelligence/2013/07/bi-directional-trickery-%E2%95%AF%E2%96%A1%E2%95%AF%EF%B8%B5-o%D7%9F%C9%B9/ I've attached Eicar test file with this trick for testing.
  14. I know, but the same happens when I scan malware, not PUP. Emsisoft on VT currently doesn't detect any files as malware. Another example: Old scan: https://www.virustotal.com/en/file/66c6087144338b5b45e1b547677f12ef729ec57c4618008007a57ab9f531fee4/analysis/1385824193/ - detected: Gen:Variant.Kazy.286708 (B) New scan: https://www.virustotal.com/en/file/66c6087144338b5b45e1b547677f12ef729ec57c4618008007a57ab9f531fee4/analysis/1387010655/ - undetected
  15. Here's a new scan of an old sample: Old scan: Emsisoft doesn't detect it according to the new VirusTotal scan. However, it was detected on the old scan. Emsisoft Anti-Malware results:
  16. Hello, What's up with the Emsisoft scanner on VirusTotal? It doesn't detect any files even if Emsisoft Anti-Malware blocks them.
  17. Please close this topic, the issue seems resolved. After reboot, it updates succesfully.
  18. Hello, I can't update Emsisoft Anti-Malware because it stops at 69 KB. This is free version of Emsisoft without the realtime protection. Version: 8.1.0.19 System: Windows 8 64 bit Other security software: I don't use. Update log: Thanks
  19. Sorry for late reply. I've installed Emsisoft Anti-Malware because it's got context menu scanning option and there's no the issue anymore. Thanks for help.
  20. It's no matter if proxy is enabled or not, in both cases I have the problem. But when Fiddler was running and proxy enabled then it was updated succesfully. Maybe should I try again with Fiddler?