Jump to content

malware1

Member
  • Posts

    2312
  • Joined

  • Last visited

  • Days Won

    8

Posts posted by malware1

  1. Confirmed that he uninstall survey doesn't work right at the end (goes no where but a white page when you press submit)

     

    I think the submission pages should be 

     

    http://www.emsisoft.com/en/support/submit/   (English)

     

    http://www.emsisoft.de/de/support/submit/ (  German)

    I don't recommend to use the submission page... It seems nobody checks it, I tried many times and my samples submitted there never get added. Better use [email protected] or post it in the Malware Submissions forum.

    • Upvote 1
  2. And one more thing i forgot to say,can we expect one day some advanced desinfection modules in EAM? You really need this features. I cannot imagine cleaning a badly infected windows files with EAM that would end very bad.....And also it would be nice to see a home page browser locking protection to prevent hijacking....greetings

    EAM will direct you to the support forum in case it finds an infected Windows file.

     

    today i was go to the malwaredomainlist site and i noticed that EAM dont detect a latest malicious url-s,many of them are few days old most of them with IE Exploit and EAM dont detect it,i had check this url-s on virus total and they are malicious,and detected . ..Even Google browser block it,but EAM not...Why EAM web filter is going down the hill?

    These links are not fresh, some sites were already cleaned. I've just had a look at latest links and most are dead. Note that Emsisoft may detect the malicious payload even if it doesn't detect the URL.

     

    For example:

     

    https://www.virustotal.com/en/file/9bcdb492b7f221438b3599f06de70a3ad5a3b726ebf740f5ff13a54d59832327/analysis/1404640432/

     

    There's indeed a malicious javascript in the source code: http://c**ma.de/fjzlnvhb.php?id=53433327 but since it's dead nothing will happen when opening the page.

  3. You shouldn't uncheck the detected items, please check and remove/quarantine them. You can close Emsisoft after cleaning if it didn't ask for a reboot.

     

    Edit: I'm not sure if I understand you correctly, I assume that you don't want to delete the detected objects. Just exit Emsisoft, that's ok :)

  4. Thanks for checking.

     

    Please look at my log. "EICAR-Test-File (not a virus) (B)" is written backwards.

     

    I've just opened the log in Notepad++, and you're right, it's shown correctly. Seems to be Notepad's fault.

     

    If you can, open your log using Windows Notepad and try to select the detected malware path along with the threat name. You'll see something odd.

  5. Emsisoft Anti-Malware - wersja 8.1

    Ostatnia aktualizacja: 2013-12-20 13:25:30

    Nazwa użytkownika: OS\User

    Ustawienia skanera:

    Typ skanu: Użytkownika

    Obiekty: C:\Users\User\Documents\2\2013-12-20\Nowy folder\invoiceord‮fdp.exe

    Wykrywanie PNP: Włączone

    Skanowanie plików skompresowanych: Włączone

    Skanowanie ADS: Włączone

    Filtr rozszerzeń plików: Wyłączone

    Zaawansowana pamięć podręczna: Włączone

    Dezpośredni dostęp do dysku: Wyłączone

    Skanowanie uruchomiono:    2013-12-20 13:32:01

    C:\Users\User\Documents\2\2013-12-20\Nowy folder\invoiceord‮fdp.exe     Wykryto: EICAR-Test-File (not a virus) (B)

    Przeskanowano:    1

    Wykryto:    1

    Koniec skanu:    2013-12-20 13:32:01

    Skan trwał:    0:00:00

     

     

    This happens if I try to scan a file with the Unicode Right-to-Left trick (RLO):

    http://blog.malwarebytes.org/intelligence/2013/07/bi-directional-trickery-%E2%95%AF%E2%96%A1%E2%95%AF%EF%B8%B5-o%D7%9F%C9%B9/

     

    I've attached Eicar test file with this trick for testing.

  6. I know, but the same happens when I scan malware, not PUP.

     

    Emsisoft on VT currently doesn't detect any files as malware.

     

    Another example:

     

    Old scan: https://www.virustotal.com/en/file/66c6087144338b5b45e1b547677f12ef729ec57c4618008007a57ab9f531fee4/analysis/1385824193/ - detected: Gen:Variant.Kazy.286708 (B)

    New scan: https://www.virustotal.com/en/file/66c6087144338b5b45e1b547677f12ef729ec57c4618008007a57ab9f531fee4/analysis/1387010655/ - undetected

  7. Hello,

     

    I can't update Emsisoft Anti-Malware because it stops at 69 KB. This is free version of Emsisoft without the realtime protection.

     

     

    Version: 8.1.0.19

    System: Windows 8 64 bit

    Other security software: I don't use.

     

    Update log:

     

     

    Pobieranie informacji o aktualizacji...

    Pobieranie aktualizacji.. Signature update...
    Malware signatures (e_spyw.i00)

    Pobieranie aktualizacji.. Signature update...
    Malware signatures (emalware.490)

    Pobieranie aktualizacji.. Signature update...
    Malware signatures (jpeg.cvd)

    Pobieranie aktualizacji.. Signature update...
    Malware signatures (ve.cvd)

    Pobieranie aktualizacji.. Signature update...
    Malware signatures (variant.c00)

     

    Thanks :)

×
×
  • Create New...