Aura

Malware Hunter
  • Content Count

    668
  • Joined

  • Last visited

  • Days Won

    5

Aura last won the day on August 13 2016

Aura had the most liked content!

Community Reputation

26 Excellent

1 Follower

About Aura

  • Rank
    Forum Regular
  • Birthday 02/14/1994

Profile Information

  • Gender
    Male
  • Location
    Québec, Canada
  • Interests
    Technical Support, Malware Removal & Analysis, Information Security

Recent Profile Visitors

8478 profile views
  1. Not really important. My native language is French, but I use every OS, program, etc. in English. Way easier to understand, troubleshoot, research, etc.
  2. Hi Sam Would you happen to have an encrypted file, and the original file (not encrypted)? If not, we'll try something.
  3. You do not, but it can be seen as such. In that case, you can go with Malwarebytes. If you only want a second opinion scanner, the free version is all you need. Malwarebytes Anti-Malware (MBAM) only offers malware and web protection. Malwarebytes 3.0 offers malware, web, exploit and ransomware protection. You could see the BB module (Behavior Blocker) as being kind of an Anti-Exploit. That's right. Let's see that I run an outdated game launcher for League of Legends. I really doubt that there are significant "in the wild" EKs abusing an older version of the game launcher for an exploit/security bug that have been patched in the newest launcher. Usually, web browsers, plugins, multimedia players, Office, etc. programs (and your OS obviously) are the ones you want to always keep updated as they are the most commonly targetted by EKs.
  4. I would stay away from IObit products, and I would also stay away from "System Optimization" suites. These aren't needed at all on your system and if anything, can mess it up in the long run. I've never heard of that website for security products reviews, so I would take what is posted there in a grain of salt. Personally, I don't know how to answer you, since I don't see myself giving recommendations about other products on the forum of a "competing" product. The protection is added only if you update the outdated software it reports. So if you know to keep your Adobe Flash Player, Adobe Reader, Java, VLC, Windows, etc. up to date, there's no need for Heimdal (unless you want it to automate everything). The "protection" you're referring to is to not run outdated software that can be exploited (via EK for instance).
  5. Emsisoft Anti-Malware is an Antivirus, so no, you shouldn't have two Antivirus installed on a system at once. It's one or the other. Also, why would you want to use Bitdefender with Emsisoft Anti-Malware, when Emsisoft's includes Bitdefender engine and their own (more powerful that way).
  6. My computer froze (couldn't do anything at all, only the mouse was responding/moving) directly after installing EIS v12 Beta and getting past the initial scan. Otherwise, it seems to be running fine. I might be throwing Malwarebytes Anti-Ransomware Beta tonight in the mix to see what happens though.
  7. It's actually possible to have infected media file (such as pictures). In the case of pictures, it's done via what we call "stenography" and the malicious code can leverage a known vulnerability in the application used to handle that picture file, and from there, execute malicious code that can lead to infection. What told you exactly that the picture transferred you to an unknown site which tried to download suspicious files? And like I said, I don't think it's possible since unless the leverage an exploit on Twitter, Facebook, etc. and these have yet to be found (in the context you're referring to). Taking screenshots of a picture (using a screenshot software like ShareX or the Print Screen button) is safe to me since no code gets executed, except the one of your screenshot software. Like I said before, I've never heard of a such case, so I'll wait for an actual employee in the Malware Research team to answer that one.
  8. Hi Adam I've never heard of any of the infection methods you're mentionning in your post. At most, the biggest danger of browsing YouTube, Facebook, etc. would be to get hit by malvertising (malicious ads), and/or willingly clicking on malicious links. Other than that, embedding malicious code in YouTube videos, Facebook pictures, etc. isn't something I've seen or heard. And yes, Emsisoft Internet Security will block redirections to malicious websites/links if these are flagged by Emsisoft. If they aren't and somehow the payload manage to get downloaded and executed on your system, it'll most likely trigger Emsisoft's Behavior Blocker and from there you'll be able to block the execution. I'm sure an employee will be able to give you more details about the process above, but that pretty much sums it up
  9. I fail to see why you would post this on Emsisoft Forums since it doesn't seems related with Emsisoft products at all to be honest.
  10. Same. No more pop-up on reboot after update to 11.9.0.6513. Thanks!
  11. 0.0.0.0 can be used in various different ways, it just depends on where it is used. 0.0.0.0 in your hosts file isn't the same as my "ip route 0.0.0.0 0.0.0.0 s/0/0/0" on a Cisco router. Here's the answer you're looking for. http://www.howtogeek.com/225487/what-is-the-difference-between-127.0.0.1-and-0.0.0.0/
  12. What Peter said is right. You're installing two Antivirus programs on one system, which you should never do since it can create system instability and conflict. Source: https://www.emsisoft.com/en/software/antimalware/ And this article in Emsisoft's KB confirms it. Are Emsisoft products fully compatible with other security products?
  13. Having the same issue as well. For SkypeHost.exe, HexChat.exe, etc. Basically, every time I start my computer and launch the program, Emsisoft asks me what I want to do. I click "Allow all connections", for the process and then it goes away. However, it comeback after a reboot, as if it didn't save the settings. I'll grab debug logs tonight and post them here.
  14. Pretty sure you could have enabled the Windows Firewall during that time, which is also a good firewall.