Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Posts posted by Lode

  1. Dear Kevin,


    I guess you are so busy and used to helping others solving their difficulties that you overlooked -in you hurry to help me- that in the mean time I posted that I had uninstalled SpyHunter using its own uninstaller. See my post right above yours if you please, beginning with :excl:. My apologies to you too. 


    But even though the difficulty was solved, thank you very much for your kind offer to be of help. 8)  

    Much appreciated.  :thumbs:

  2. PS:

    On the Internet there are quite a few tutorials under the title "How to remove SpyHunter." But the first and second ones I found did not work on my machine, and the third one involved using the command prompt... 



    :excl: Oops... it looks like I overlooked one tiny detail! I just saw it on one of the "How to remove SpyHunter" tutorials on YouTube.


    During the uninstall that panel offering to purchase a 6 month license for $10 appears, but what I overlooked was that left of the green "Get Offer" button, there appears another one: "Proceed with Uninstall." (See below attached screen shot.)


    Just to find out if that would indeed work, I installed SpyHunter4 trial version again. And yes, it does uninstall that way.


    Now I wish I could change the title of this thread to "SpyHunter4; How Overlooking a Detail Got Me Lost in a Labyrinth of Making Mistakes." And delete the "PUP" and "Malware" comments I erroneously made. My apologies to Enigma Software Group, and the readers of this thread.   :blush:


    Oh well, making mistakes is only human. And it was a valuable lesson to learn not to be so curious. Because it was only out of curiosity that I needlessly got into this, while knowing in the back of my head that EIS gives me all the protection I need.   :)


  3. Last week I received an email supposedly from a company telling me I had made a substantial payment to them. In case I wanted to review the payment, "see attached document"... sure... :D


    I searched for that company on the Internet, but found only a company with a slightly similar name, but not with the exact same spelling as the one the email came from.


    So I knew right away this was malware, and via the free version of MailWasher I have forwarded it to SpamCop. (SpamCop informs the ISP of the spammer or malware spreader that their service is being abused by so and so.)


    But I have MailWasher set to render only the first 50 lines of text, as SpamCop only needs to see the header of the email to know where it originally comes from. So I decided to also read the email in my Opera browser -12.17- integrated email client, to see if there was more text in that email. There wasn't. Then I scanned with all the anti-malware scanners I have: herdProtect, Malwarebytes, Hitman Pro, and Emsisoft Internet Security. 


    None but latter detected the 3 trojans that were in that attachment. Good for Emsisoft!  :thumbs:

  4. :excl:  (In the mean time I discovered that I was mistaken about SpyHunter4 trial version not uninstalling. See my next post below this one.)



    Thank you for your response.


    On their website it says: "Attention! Submitting support tickets is only for customers who purchased our products."


    I see no other way to contact them electronically. They do give their physical location though, so it would be a matter of sending them a letter.


    On their website they also give instructions on how to remove SpyHunter. It is the regular way: Control panel > Programs > Remove a program. But in my case that didn't work as I described. Nor with RevoUninstaller, not even using System Restore! It blocked that. Including attempting System Restore in Safe mode!  :o


    (Maybe that prescribed removal procedure only works with the purchased version. I didn't try that.)


    So I would have only been able to have it removed with your help -or that of another expert- or using a system backup, as I did. If I would not have had that backup, I'm sure with your guidance it would have worked, but in the mean time I would have seen SpyHunter start scans unasked for about every 20 minutes. Speaking of being a nuisance! All together not exactly your regular software in my experience...    :D


    Anyway, the point of all my writing here is to share with others what I have experienced with SpyHunter4 in the trial version. If others still want to try it out, go ahead. But I would strongly recommend making a System Backup first. Or else be prepared to ask the helpful friendly staff of Emsisoft for assistance in case you decide not to keep the software on your machine. That is all.   :)


    It would be interesting to find out what the experience of the Emsisoft staff is with the trial version of that software. If it would be good, then it must be something peculiar on my notebook -HP EliteBook 850 G2- blocking the removal. If it would be bad, I could imagine Emsisoft preferring not to disclose that.    :P

  5. PS:

    The question in this case is: "If professional help from anti-malware specialists is needed to remove a software that is very annoying to you in its behavior, could that software be called 'malware'?"


    In the mean time the maker of SpyHunter4 is suing Bleeping Computer because one of its members posted a negative review of the software. 


    So now they are also going to start a lawsuit against Emsisoft because of my posts here? 


    I guess not. But things are getting a bit ridiculous... :D

  6. Thank you much for your offer to help. :)


    But I decided to simply utilize my latest system backup made a few days ago, saved on an external drive. Saves you work too. 


    I would like to add the following though:


    After every reboot SpyHunter4 shows a splash screen and starts a scan automatically. It also starts scanning spontaneously every 20 minutes or so.  


    Even using a system restore point -made previously to installing the program- does not work. The program seems to block System Restore. It does that even in safe mode. 


    After I tried to disable it via a handy small free program called "Boost" by Reason Software, the latter's popup showing the progress froze on the screen. Then I could not even reboot normally by just clicking. Pressing the physical On/Off button for a second to initiate the normal reboot did not work either. I had to keep the physical On/Off button pressed down for maybe 5 seconds till the system shut down instantly.  


    So this is more than a PUP in my experience. I dare call it Malware. 


    In my opinion EIS should treat it as that. But at least as a PUP. 

  7. Hi!

    Please add SpyHunter4 to the PUP list.

    I watched a video which showed that out of 230 malware Items SpyHunter detected only 2. And to remove those one would have to buy a license. The subtotal is $34.99. For 6 months only! In the video it said that the total comes to $80 a year...

    I wanted to see how bad it really was for fun, and installed it out of curiosity with the intent to remove it afterwards. But I haven't been able to get rid of it. (I'll try to be less curious next time.)

    Using the default uninstall option via the Control panel a message appears offering a licence for $10. But if you decline the offer, the uninstall does not proceed. Instead another message appears asking "Exit installer?" If you click on "No" that No/Yes message disappears, but the panel with the $10 offer is still there, as well as SpyHunter4. If you click "Yes" that $10 panel disappears, but not SpyHunter. 


    The same using SpyHunter's own uninstall option in the Start list.

    I even tried with Revo-Uninstaller; same result.

    I also tried in Safe Mode, and SpyHunter's message was "Settup Failed!"

    Can you please help me get rid of this PUP?



    This is all about the trial version which does not remove any detected malware.

  8. I've had some false positives in herdProtect. But when it detects things it also offers the option to report them as false positives to herdProtect. I've done that a few times when I began using it. A day later when I scanned again they were no longer appearing. So herdProtect had looked into them and no longer flagged them as malware. Since then -months ago- I've not seen any false positives.

    • Upvote 1
  9. May I recommend the free cloud scanner herdProtect as a second opinion scanner? It is powered by 68 anti-malware engines, among them from the top brands, one of them being Emsisoft.


    Can't hurt together with Emsisoft IS on your machine, specially not because herdProtect does not protect you while you are surfing and downloading stuff, and Emsisoft IS does.... but as a second opinion scanner it might be the best one. And it removes detected malware for free.  :)

    • Upvote 1
  10. Hi!


    EIS detected 3 trojans which are in an attachment with an email in my Opera Browser's integrated email client. But only in Custom Scan mode. The default Malware Scan did not detect them.


    So I'm glad EIS found them. But if at all possible, it might be handy if the default scan would also detect them. 


    Not sure if in the default Malware scan scan rootkits are also scanned for, or if EIS can be set to do that, but in Custom Scan I have it enabled. Maybe that is the difference? Or are those trojans not rootkits? 


    I always surf and open emails in the sandbox of Sandboxie. So malware can't spread beyond that virtual space to my hard disk. Plus I knew already from the message in the email that it was fishy. Supposedly I had made a substantial payment to some company, and was offered to review it in the attached document. I saw that first in my MailWasher program, and through that program forwarded the email to SpamCop. For that I only have the first 50 text lines appearing in Mailwasher, as SpamCop only needs the header. So to see the whole message I also read it in my Opera 12.17 browser build-in email client. I deleted that email, but somehow EIS still found the trojans. Good for EIS!   :thumbs:



    I had the trojans moved to quarantine. 



  11. I decided to trust EIS enough not to add SpyShelter to my notebook after my last post here. And I never came back to this thread. Until now, because today I received an email from them about an upgrade. So I decided to come back here, and see if there had been a reply. 


    I installed SpyShelter again, and added its file for exclusion in EIS, but after rebooting the black screen still appeared again. Luckily via my Recovery USB and System Backup saved on an external drive I had my notebook working again as before in about 25 min. 


    I guess I could install SpyShelter again and this time look for the program as well besides the folder to add to the exclusions. But instead I decided again to trust EIS enough to not install SpyShelter also. I feel very well protected by EIS.


    Thank you very much for your tutorial. I might someday need it for something else.

  12. I use Sandboxie even with Chrome... even though that browser partially sandboxes itself.   :)


    I've used Sandboxie for a decade, with Opera, Firefox, IE and lately Chrome. The Sandboxie forum was very helpful in advising me on how to set things up, and solve some issues, when I began using it. I got a lifelong license after using it for free for some months. Only because with the paid version you can set it to do things automatically, so it saved me from having to do them manually by clicking on some buttons now and then. But the free and paid versions are identical besides that. I just got lazy :blush:  so I choose the "everything automatic" version. 

  13. Hi!


    After installing the latest SpyShelter Premium and a reboot to activate it I got a completely black screen. Only the litte white arrow appeared in it. 

    I solved that using my Recovery USB stick for Windows 8.1, and a System Restore point made before installing SpyShelter.


    On advice of SpyShelter I tried again after uninstalling EIS, and then there was no problem. Could Emsisoft have a look into this please? I'll add the link to this thread to my SpyShelter support ticket so they can also have a look at this here. 


    EIS and SpyShelter used to work fine together.

  14. Found some more. See top in GlasWire list. (Left thumbnail.)


    Looked it up online to see what its name was from "SQM Consolidator." Turns out to be "wsqmcons.exe" EIS is blocking it now. I had to refresh my system, and this appeared while the other 2 on EIS' list I had it block before (thumbnails posted above) disappeared. 



  15. It looks like first some spyware has to be installed on one's pc before those programs can work. And I'm confident that Emsisoft's vigilance will catch that.


    But just in case, I'm using Sandboxie and HitmanPro Alert 3 as well next to EIS. They seem to work well without compatibility issues so far on my notebook.


    Although the NSA taps directly from the cables and now also wants to do it from the ISPs. But at least HitmamPro Alert 3 encrypts what one types while online. Like this text is appearing here after it was send encrypted. I can see that in a small popup in the right bottom corner of my screen right now. 


  16. Here is some info originally leaked by WikiLeaks:


    Kaspersky expert explains that the government can now have childporn placed on the computer of anyone they want locked up in jail and who's reputation they want to ruin. They use code to put the childporn on that pc, then that code self-removes so that no trace is left, then the local police is told so and so has childporn on his pc, and the person who is completely innocent goes to jail and his reputation is ruined:


    "Hacking Team and Gamma International in 'business-to-government malware'"

    (At 6:35 about placing childporn on someone's pc)


    Promo for one of the mentioned programs:


    "Hacking Team E X P O S E D Gov’t Spyware Company Leaked"




    A promo for another similar program:


    "WikiLeaks Spy Files: GAMMA"

  17. PS:

    What does MS actually collect now?


    "According to the agreement, the OS will save your Bing searches, private email content and the apps you access, as well as "your typed and handwritten words".

    Microsoft says the data is being collected to personalize the OS.

    "We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith that doing so is necessary to protect our customers or enforce the terms governing the use of the services", Microsoft said in its recently updated new terms of services agreement."


    "However, we do not use what you say in email, chat, video calls or voice mail, or your documents, photos or other personal files to target ads to you", Microsoft’s privacy statement reads."


    So "your typed and handwritten words" is a keylogger.


    They also collect our Skype conversations, which falls under "video calls": 



    So it is not done for advertising. Indeed not:


    The Guardian: "Microsoft handed the NSA access to encrypted messages"



    For Windows 10 this might help:


    "Stop Windows 10 Telemetry and Other Data Collection"





    "Even when told not to, Windows 10 just can’t stop talking to Microsoft"


  • Create New...