Jump to content

David F. M.

  • Posts

  • Joined

  • Last visited

Everything posted by David F. M.

  1. Thank you for advice. The careful use and awareness play a significant role in the user's safety. However, my love to know and compare leads to me know the best. What can I do?! I was ransom-wared with Cerber in December so I dedicated tons of hours investigating the case, tech info on malware, security suites, products, safe browsers, etc. So when I investigated browsers I came to Safe Browser Comparisons and I found these and collected info from a few websites. As for the article entitled HTTPS interception: What Emsisoft customers need to know, I got the idea that HTTP interception tries to force this type of interception (= interference in connecting to websites) through detailed analysis of all user's web traffic leading to the encryption being not end-to-end (user-to-website) The local antivirus scan proxy has to simulate web servers perfectly down to the tiniest detail in order not to weaken the encryption chain. Here is where implementation mistakes are easily made and the security problems described in the earlier mentioned study arise. As for the paper which is attached to the article, https://zakird.com/papers/https_interception.pdf, I admit that I may not be able to read it carefully to summarize it accurately. I searched the idea and found a summary here: Study shows that poor HTTPS interception is compromising security and putting users’ data at risk https://www.egress.com/blog/study-shows-that-poor-https-interception-is-compromising-security Here are the findings of the same study you refereed to: A new study has shown that HTTPS interception, the practice of decrypting and scanning HTTPS connections to monitor traffic for security vulnerabilities, is a much more common feature in security software processes than first thought. The group of researchers behind the paper ‘The Security Impact of HTTPS Interception’ also showed that the devices and software that perform HTTPS interception also significantly reduce the protection offered by HTTPS. By terminating the existing Transport Layer Security (TLS) connection and replacing it with a weakened implementation, the overall safety of users’ data is put at risk – with potentially serious consequences. Also here: Alert (TA17-075A) - HTTPS Interception Weakens TLS Security https://www.us-cert.gov/ncas/alerts/TA17-075A I'll try to study the articles in a simple way. I am a Mozilla Firefox fan so I included it at the end of the list of specially designed ones with the extensions on which I found multiple recommendations even in the Heimdal Security Blog. makeuseof, etc. uBlock origin is my favorite. I did not use Lastpass or other free PW Manager till now. Unfortunately, some questions occurred to my mind: 1 - Does this apply to HTTPS Everywhere add-on? Does it spy and store / send on my web traffic? 2 - Does this apply to any or all of the above allegedly safe browsers? Which one is more authentic? 3 - Does HTTPS interception itself have a weak point in it without being targeted by security software or add-ons? 4 - How can as an end-user with nearly zero expertise in the field of complicated securuity measures and software comparisons to test this myself?
  2. Questions about Safe Browser First of all, hello everybody in Emsisoft. I hope you are all fine. Introduction We all know that the dangerous threats coming from unsafe browsing are beyond description these days so there are some options to choose from given by companies other than Mozilla (Firefox), Microsoft (IE & Edge) and Google (Chrome) for the sake of using a safer browser. I have collected some information about them but I want to put my questions in safe hands to find a more trusted answer. The following ones are all respectable but I seek a definite answer to the best ones, two or three ones of all, not one because it may hard to prefer only one above all the rest. My first question is about deciding the top browsers in the following ones: Which browser is safer to use than the others from Commodo Browsers, Epic Privacy Browser, Yandex Browser, Tor Browser, Maxthon Cloud, Avira Scout or Firefox with Hardening extensions? Browsers to Choose From - Commodo Broswers [Two different versions] use Comodo’s SecureDNS servers for Dragon [secure surfing] maintains compatibility with plug-ins, stored passwords, and favourites if desired incorporates a domain filtering system designed to limit exposure to problem domains of the sort used by malware - Epic Privacy Broswer [Version 55 +] Cookie Blocker. Cookies and trackers are eliminated after each session Instant Proxy. proxies all searches through the firm’s own servers (no way to connect an IP address to a search), Secure Search. attempts to prioritise SSL connections wherever possible useful for open Wi-Fi connections Built-in ad blocking. Do Not Track. does not collect data about its users and comes with excellent eschewing plug-ins , compatible with password manager LastPass. - Yandex Browser [Version 17.4.1] DNS Spoofing Protection DNSCrypt technology = Encrypts DNS traffic Ad blocking pornographic advertising Protecting Wi-Fi - Maxthon Cloud Browser [Version] - a totally new type of HTML5-compatible browser that wants to act as a straight replacement - embeds claimed protection from AdBlock Plus including the (for some) contentious ‘Acceptable Ads’ technology, AES256 encrypted synchronisation of files to its cloud services, limits employee access at its end to customer data. - Avira Scout integrates a no track functionality uses Avira's database to let you know when you’re visiting dangerous web sites make sure you’re connecting using secure connections, blocks unwanted scripts from running blocks infected and phishing websites for you - Hardened Firefox [Version 47 +] with Hardening Extensions (HTTP Everywhere + uBlock + No Script + Privacy Badger + Ghostery + Avira Browser Safety + What Else?) HTTP Everywhere = encryption of traffic uBlock = blocking all ads No Script = prevents active scripts on websites unless you grant permission to them Ghostery = blocks web trackers so that companies can’t track activity Disconnect = blocks web trackers so that companies can’t track activity Avira Browser Safety = blocks web trackers so that companies can’t track activity Privacy Badger My second question is about uMatrix Source: http://www.makeuseof.com/tag/completely-secure-11-must-have-firefox-addons-security/ uMatrix is a relative baby when compared to the rest of the addons on this list, but it’s one worth looking into if you want an edge in security. Simply put, it’s a dynamic firewall that allows you to toggle various defenses whenever you want. These firewall options show up as a colored red-and-green matrix and all you have to do is click on the features you want to toggle. It’s a bit more advanced than a straightforward blocker, but the steeper learning curve allows for more power and flexibility in the end. Thank You
  3. Yes This is a cursed Ransomware Mr Kevin I nearly deleted all the infected files Recuva or EaseUS Data Recovery Wizard did nothing at all, no traces were found Look at the above PDF and if it is clean unlike what is reported tell me
  4. Hello Gentlemen, I have this issue about a very important 35-MB .PDF. I finally could get this *.pdf file and for the first time in years I find it for free on a torrent link. If it is clean and the five results in the cloud scan are null, it is OK. I am very anxious to open it I lost a good version of it last December in the Cerber Ransomware Attack If you please send me the cleaned version via my mail to study. = If you disinfect it, thank you. = If you tell me how to disinfect it safely, thank you. = If you tell me how to use it EXACTLY and does not get infected. Upload to Google & Read on-line? Open in the Browser? Simple Virtual Machine Software? Unactivated Windows 8.1 Reader? David Fayez Test URL / Me / Today https://www.virustotal.com/en/file/a8be7ce183859a837095a8de6519aa2ed86e95ce668a3b3d23fea75ef98e8fb2/analysis/1494591017/ Transparent minds_ Narrative modes for presenting consciousness in fiction.pdf
  5. Source Via Yahoo NHS hit by major cyber attack with hackers demanding ransom Laura Donnelly, The Telegraph 15 minutes ago https://uk.yahoo.com/news/nhs-hit-major-ransomeware-cyberattack-143125715.html ========== The full scale of the attack is unknown The NHS has been hit by a major cyber attack, with hackers demanding a ransom. Hospitals are understood to have lost the use of phonelines and computers, with some diverting all but emergency patients elsewhere. At some hospitals patients are being told not to come to A&E with all non-urgent operations cancelled. Several hospital trusts and GP surgeries are reporting problems, but the full scale of the problems is not yet known. NHS hospitals across the North, East and West Midlands, and London are reporting IT failures, in some cases meaning there is no way of operating phones or computers. At Lister Hospital in Stevenage, the telephone and computer system has been fully disabled in an attempt to fend off the attack. Patients have tbeen told not to come to A&E and all non-urgent appointments and operations have been cancelled. East and North Hertfordshire NHS trust said in a statement: “Today the trust has experienced a major IT problem, believed to be caused by a cyber attack. “The trust is postponing all non-urgent activity for today and is asking people not to come to A&E - please ring NHS111 for urgent medical advice or 999 if it is a life-threatening emergency. “To ensure that all back-up processes and procedures were put in place quickly, the trust declared a major internal incident to make sure that patients already in the trust’s hospitals continued to receive the care they need.”Health officials are understood to have declared a major incident and ordered a meeting of national resilience teams. At a glance | High profile hacks NHS Digital said: “We’re aware that a number of trusts that have reported potential issues to the CareCERT team. We believe it to be ransomware.” There are reports that trusts affected include East and North Hertfordshire, North Cumbria, Morecambe Bay hospitals, Blackpool, and Barts Health in London. A number of GP surgeries also say they are also unable to use their systems. One source told Health Service Journal that multiple trusts had been affected by a suspected malware attack around 1.30pm. They said trusts had their computer systems almost entirely shut down. Services affected are thought to include picture archiving communication systems for x-ray images, pathology test results, phone and bleep systems and patient administration systems. The source added: “This will mean delays and a focus on the sickest patients. I’ve seen it once before and we relied on local trusts supporting each other. If truly widespread then that’ll not be an option.” A spokesman for North Cumbria University Hospitals NHS Trust confirmed the trust had been affected by the attack. Also affected is Derbyshire Community Health Services NHS Trust which says it has shut down all of its IT systems following a 'secure system attack'.
  6. Thank you for your excellent explanation. It is a type of securing the transmission of data between the user and the website. You also troubled me!! So if a malware source website is in HTTPS, the infection from the website into the soon-to-be-compromised system will be securely transmitted !!!!!! WOW!!! Alsom if it is a secure website, the login & use experience will be safe. That's the cool part. Here I have a question If the website and the HTTPS connection are both secure, can a hacker hack the web browser during the user's session if other open tabs are not used while using another secure one? I mean just opening the page without activity on it such as psoting, browsing, downloading, etc. I have never saw these words before and do not know what they are .
  7. WFP Does EIS has a buitt-in Traffic Filtering? Man, Heimdal Pro, the software I told you about here, is an antimalware + WF of Traffic, and System Patcher So, EIS can make us use only Heimdal Free Version which is a System Patching Tool without caring about the Traffic Filtering if what you mean is exactly what I understood and exactly the same as the Heimdal Pro Vendors mean.
  8. HTTP = HyperText Transfer Protocol HTTPS = HyperText Transfer Protocol Secure The word Secure means a type of encryption to protect the data transfer between you and the server or website you are using. This secured connection keeps your information safe from hackers. Using HTTPS, the computers agree on a "code" between them, and then they scramble the messages using that "code" so that no one in between can read them. Look at this post I found for you, I'll read it myself https://www.theproblemsite.com/ask/2016/02/http-vs-https-difference I'll give some more information on this after I return home in a few others. I will study this myself.
  9. Thank You MBAM is good but it has a bug that it may not start with all the layers turned on I thought of it not as competitive to EIS as it does not have a firewall and does not provide a full antivirus solution, only a protective sheild with RW, MW & Expliots W the main shield im EIS. It detects well, I may have it as a scanner only if this is not provided as free from Voodoosheild. They say it, Voodoosheild, works well with EIS on their website. Also, RansomeFree is free and is not an antivirus or even antimalware, just a behavior blocker of ransomware. If they say it here that the three will never conflict with each other or weaken protection, I will stick to them. What can I do, I have been destroyed by Ransomware, so I have a lot of security layers without conflicts. There is some confusion I had because I do not want to install a bundle of programs to prevent RW. CryptoPrevent Free, RansomFree, or buy I program such as WinPatrol without knowing its benefits over the first free two. The Word 'Expliot' in Java, Adobe Acrobat, Adobe Flash, etc cause me trouble, SO I loved MBAM WHEN i USED IT BEFORE KNOWING EMSISOFT PRODUCTS. EIS provide me with an excellent protection, but I am still sad I was ransomware'd like that before I knew it or knew other programs. The system was havoc, and the AV was not updated or I do not know what. I hate K & N a lot because they are very heavy and caused me problems and I wil never try them again. A-- captitalized detects a lot of false positives. I used Avt for years. I never used BD, So.., Pa.., F-S, etc All respect to all vendors, they are all eager to protect people their ways & God help them all Here in E Community, they are very generous & their products are absolutely valuable, e.g. smart, light & effective. By the way, EIS detected all possible threats without giving false positives and they did not detect better than it at all, all other threats are nearly FPs. When it was alone on the system, it was very effective and did not cause problems. One thing I wish is that they think of upgrading the EIS with additional modules and solve the crashing problem which I do not know its cause that appears from time to time.
  10. ----------------------------------------------------------------- First Two Possible Enhanced Features EIS 2017 ----------------------------------------------------------------- Hello, Sirs Consider these two features very soon Feature One Feature : Integration of Necessary MS Hotfixes by Default. Related to: Installation & Overall Functionality Personal Rating: High Value. Benefit: Error-Free Complete Installation & Prevention of System Errors. Way: Integration by the Emsisoft Developer Team with further User Involvement if possible / better. Enabling Automatic Necessary Download during Installation Process if possible / better. Other: If they are already available in the full update packages of versions, tell the users and remove the notice. Feature Two Feature : Automatic Scanning of Newly Detected Hardware. Related to: Scanning Module. Personal Rating: High Value. Benefit: Enriching Scanning Features with automaticity. Way: Addition to the Module by the Emsisoft Developer Team with further User Involvement Other: Can be unchecked by user after installation Request I hope other members share thoughts and ratings of these two features to help share them with this marvelous team
  11. Early Report on Version 2017.2 Free Notice 1 - My system is absolutely unstable and the previous versions and other installations of Avira AV [Unistalled but still on!!!], MBAM [Ended & Unistalled], EEK [Portable] & EIS V. 2017.1 [Unistalled as it shifted into Scanner] may be the cause of this havoc. 2 - Also, I did not install the full update package of the Win 64 bit 3 - VoodooSheild & RansomFree are installed and working as Free Versions only 4 - I posted it lest they are bugs Error 1 The EIS crash notice of Internal Processor Error appears No Need to take a screenshot Suggestion The so called 'KB2958399 hotfix' must be integrated into Emsisoft products to put an end to the perplexity odf the users. Contact Microsoft for integrating the two hotfixes of 32 and 64 bit versions in all of the products that match the E versions. Server for server and home for home etc. Or if you have it, integrate to Benefit: Smoother error-free Installation of the products Note It is not available as free one link without e-mails & not available as trusted if we wanted to have it for example on such a website thehotfixshare.net [I never used it] Error 2 Error in Numbers The number of detections is not consisent AS THEY ARE TWELVE NOT TWENTY. The early number was correct Error 3 Lost Log Log file is not activated as usual. I am not able to judge the 142 detections as there are 'No Risk' Flags & things I deleted Error 4 Quarantine & Deletion [If it is an Error] This is perhaps not an error as I understand it, but this to be clear in my posts. The 'Avira Traces' did not detect EIS at all. EIS Free wasa able to detect the Avira quarantined files and flaggging them but did not quarantine them, instead it sucessfully deleted them as I chose
  12. OK I do not understand you fully because know nothing about this in detail at the moment, so I'll have a try to read some basic educational material on it. Scripts work well and mblock origin is very great and works without any problems and allows what I assign using the 'Temporarliy' option. I will read again and try Ghostry. I hope them all the best of luck in all their hard tiring task and that they develop a much more robust protection techniques that come close to perfection. That silly threat aka Ransomware the hackers invented is the worst thing that came to live on the internet since it was invented. I HAVE A TERRIBLE STORY with it. God bless the malware fighters' efforts. Of course because I have nothing to do with programming, I thought that creating a module and adding it to the suite just requires writing codes very well and inserting them into the package!! Sure, testing is a prerequisite. Thank You for this compliment and that encouraged me to re-write my already written suggestions and reformulate what I want to say which best suites a very good staff like yours. I'll post the rewritten suggestions in two or three days and will inform you. I will mention this thread as well.
  13. First, Thanks for the detailed reply, man Second, your words are convincing and real, but you don't get what is behind my words. Why I say so? Third, I loved the smart unobtrusive firewall, proactive defense and light load of EIS, so I wanted to have it with other feaures that I know you can do and integrate safely. If it has a file shredder, a disc cleaner, encrypted safe feature and broswer integration with it, it will seem unparalled to me and other people. I'm going to my work now and I WILL DETAIL EVERYTHING WHEN I COME BACK. WE WILL DISCUSS THEASE AND HOW I ORGANIZE THEM ALL TOGETHER I will assume I'm using EIS & send a foused question about what I want to use But what I meant here is what they call Hardened Secure Browsing. I do not exactly that the solution secures the main default browser or it creates another secure brother. By the way, theay caused me a lot of annoyance untill I used three extensions simultaneously. OMG The buit-in ones are either weak or I do not know how to configure them. Yes, they are so numerous that I got perplexed and did not use any till now but I'm going to complete my survey and form conclusions. In this point in particular, you got me convinced. Completion not gimmick, man. A Solution that does multiple jobs from the same windows. When I said, its your yard, I MEANT IT LITERALLY. Yes, we have got Sir Fabian Wosar with his respected team. So, why they do not create a marvelous module that creates encrypted safes and encrypts individually. They can produce a a highly-secure, hard-to-decrypt, robust built-in Encryptor with file, folder, drive, safe AES encryption. What Else? That's because from the compy I respected a lot. Yes, and that's what I SEEK. The main product with some extra safe-to-use stuff and if possible one another extra protection. I will not use either of them because Kaspersky blocks my connection completely and I do know how to use the firewall and AVG Internet Security did find a lot of false positives. That's despite the fact that they have extra features. And all what I say not about better detections, I want a very secure hardened computer security all in all especially when I saw some very advanced features in MBAM such as Application Hardening, Advanced Memory & Java Protection, etc when I used it as trial. Thanks a lot for these info.
  14. I Never compared or Considered MBAM as competive with EIS, the latter is very special in my view I want a second opinion scanner not a malware scanner. No scanner found better than EIS. What other scanners detected were nearly all false positives. Also, I did not list what I want to buy [EIS] with the OTHER products WHICH ARE SECONDARY IN MY OPINION EIS = Full Antivirus + Antimalware + Antiransomware + Firewall + PC Drives Protection MBAM = Antimalware & Anti-expliot Protection Does EIS have Expliot Protection? -------- I do not understand this The "protection" you're referring to is to not run outdated software that can be exploited (via EK for instance). Do you mean not all un-updated software pose expliots?
  15. Mr Kevin, You helped me before. You enlist WinPatrol Plus Is it MBAM 3 + ALTERNATIVE? Do they mean the very same layered protection I want to finalize my war and purchase the EIS 2017 as it proved peace of mind for me for a cheaper price. For me, this is crucial. WHAT is the best second opinion product like MBAM 3 + ? IS IT BETTER THAN OTHERS? DO YOU PLAN TO INSERT MORE MODULES IN THE NEAR FUTURE?
  16. Stunning Review !!!!!!!!! It is very good, but there is a bug which makes it stops one of the protection layers and you manually enable it = Is this the cause of what you say? = What is (are) your best Trusted Alternative(s) according to personal judgement of overall protection against MW, RW & Expliot Zemma AM?! Heimdal Pro?! Hitman Pro?! WinPatrol ?! CryptoPrevent?! What?! Why?! Peter, I mean a second layer of defense with my main internet security software not the sole solution.
  17. OK, Mr Pete Thanks a lot for advice Voodooshield was added seconds ago then I saw you included it. I will add it to my fresh system upon unistall. Sandboxie, Hitman Pro Alert Anti Exploit & Shadow Defender are all paid. I found something called Cuckoo Sandbox - https://cuckoosandbox.org/ Never heard of it. Cameyo is another thing I have already found. http://www.cameyo.com/ I am waiting for techical recommendations & responses Where is MBAM 3.0.6 among all these?
  18. I'm going to buy it, but? First of all, I'm happy I'm here. I've already prepared a very detailed review for the product & website and will post it soon. You are in general proved to be smarter than some other top-rated competent software [Lighter, Smoother, but Efficicient] although I'm very sad EIS lacks some of the features I'm eager to have. Also, I must say Thank You special for Mr Kevin Zoll for the gracious support for a new free user even without buying the full product. Before buying the EIS 2017 Version for myself and a friend through a man who has a paypal account here in Egypt because I do not have one , I want to ask some questions. First, I see the EIS is Great but why does it lack other significant modules such as a built-in browser integration, pop-up blocker, password manager & encryption / safes module? - Encryption / safes module is your yard In other words, WHAT IS NEXT FOR 'EIS' in 2017 for major or minor completion? [If you welcome my suggestions, I'll post them if you want] Second, what are the best free top-rated security-related stuff I can install with the EIS product without making conflicts on the OS , e.g. Firefox browser extensions, a second layer of free [or Paid] ransomware protection, system vulnerability patching tool [Flash, Java] & finally best system optimization suite OF THESE? = Firefox browser extensions [disconnectme free or mblock origin or Avira bowser safety or all] = Second layer of free [or Paid] ransomware protection [ RansomFree or KS Antiransomware Tool or MBAM 3.0.6 or VoodooSheild] = System vulnerability patching tool [Heimdal Free or IObit ASCU] = System optimization suite [IObit ASCU or Glarysoft Utilities Pro 5 +] Third, Is you license in the form of serials or files? Fourth, can you provide us a light discount on the licenses which my friend Ahmed will bring for me or not. I see that you do not have a reseller here in Egypt. I told a busnisess care company about you on the phone today while asking for a product there [SUNDAY]. Addition 1 I saw these features in this review http://antivirus-software.specout.com/l/416/Emsisoft-Internet-Security Anti-Spyware/Adware & Vulnerability Protection Where are they evident in the software settings? Addition 2 If there are any conflicts inmy classification tell me Addition 3 Does MBAM 3.0.6 add more security than other stuff [ RansomFree or KS Antiransomware Tool or VoodooSheild] Does Heimdal Free really add to protection to the system with its patching? I need no malware scanner Thank You Please consider this as I want some relief regarding my purchase Waiting & Watching Yours, David =====================================================
  19. What I did is exactly as follows: - I copied the code as requested. - I put in in the same folder with the Farbar Tool. - I launched the tool and clicked fix. - It required a restart and I did. - The "Fixlog.txt" file was created in the same directory as the tool in: D:\Tool for decrypting files\- Tools\Farbar Recovery Scan Tool - The log is attached to the reply as I copied it to & uploaded it from the desktop. NB - The Internet connection is on. Fixlog.txt Now, if it turned out to be a real false positive, the question of how I get rid of it by replacing the MBR raise tough questions for me: How do I get it eliminated for any future scans or fresh Windows installations? How can I get a fresh copy of MBR by replacing it? Here I find a lot of methods presented online for MBR Sample Collection & Replacing which will necessitates full understanding and a much higher expertise than mine. What do I do if it was detected on another HDD from those which are not connected now? Will I follow the same procedures of what preceded and what will follow? Will Reformatting & Recreating the HHD it is spotted on after I empty them using Acronis Disk Director Suite {Bootable on Installed on the System} clear this problem?
  20. Hello Shellie, I'm not a specialist, but I know the program and use it in the free edition. If it was installed without your consent, you have to remove it. No Unistall Option!! I do not why OK Try to use an advanced unistallation program to fully get rid of it. I suggest using Revo Unistaller or IObit Unistaller , the two which I used before and you can use the free versions especially of IObit Unistaller because it works without any Upgrade to Pro Edition which is paid. They will detect and unistall it. In IObit Unistaller, it will ask you after unistallation to shred residue files, of couse check it. I did not use Revo Unistaller for a long time now. If there are other alternative suggestions, I'll learn from it. Greetings, David
  21. Dear Mr. Kevin Zoll, First of all, Thank You for your Quick Reply & Interest in Aiding Inexperienced Users. This is Awesome. Although I'm very new to your products, do not own a license key to the EIS and away from where you are, you spared no efforts to help and because God knows I need such experienced assistance more that any other time, He made me know Who are behind Emsisoft. I followed the instructions fully [Also included Sreenshots] 1 - As you did not tell me to do or not to do: - I did NOT run the two tools NEITHER in Safe Mode NOR as Admin - Internet Connection is on - I will not put any other HDD or USB Storage Devices as well, I got what you intent as removing the physical disk 500 HDD caused the reading of the physical drive change between the diagnostic reports of KIS & EIS and both were correct at the time of scan. - I will not add or remove any other security programs at all. - I installed and immediately removed WinMerge Open Source program because a friend programmer wanted to see what the ransomware did in a PDF file by comparing a newer donload with the corrupt one when he came to visit me yesterday and he said that the virus caused damage to the file header and data is turned upside down due to the alghorism. [Added] - What is more important for me is Data Safety After the Removal Process on the Three Disks. As for the system drive, I can re-install it and the most important software in 1 hour. [Added] - EIS installs updates regualry [Added] 2 I included Sreenshots of what I did: - Also included extra screens of some programs - Also, the [cmd & pmp_usb ] I found within a picture folder on the 3-TB HDD!! 2 - I made all hidden categories undidden as the sreenshot will shows you. 3 - Running the EEK, as follows: - It is already downloaded on my HDD nearly 12 days ago and has been used before on the old now-replaced system - I Updated it before the scan in , say, ten minutes - I Used the Malware Scanner Function as you will see the report. - I Saved the Scan Report on Desktop 4 - Running the bleebingcomputer.com Farbar Scanner Tool - I Downloaded the tool as it is lost with other files. - I Scanned [ included two optional criterias which I do not know what they are!!]. - I Saved the two reports on the Desktop. OMG These two files include all what has happened and are on the system!!!!!!!!!!!!!!!!!!!!!!!! Hahahahah 5 - I collected the sreenshots and the scans in the message in a disinfection first steps .rar file 6 - Notes - I noticed that this damned infection is always spotted very fast by all scanners I mentioned in my message as it appears the first in the results [EIS, EEK, EAM {Your 3 Releases} , MBA Free, previously by KIS , S Norton, Iobit ASC & Avast]!!!!!!!!!!!! - Protected Folder (HKLM-x32\...\Protected Folder_is1) (Version: - IObit) is outdated and I do not use it at all - KIS is not on the system anymore because its firewall is extremely agressive , the newly known to me Anti- Ransomware Tool, installed before downloading the new EIS. The logs will prove this - When I tried to rescan using Farbar Tool, EIS told me it wants to install ON MY SYSTEM ALTHOUGH IT DID NOT NOTE IT IN FIRST USE!!!!!!!!!!!!!!! - As a means of visual feedback, I'm compiling, not posting now, screens of EIS to show you how the suite is working [and some ads that were allowed] Thank You Mr. Zoll Yours, David. disinfection first steps.rar cmd.rar pmp_usb.rar
  22. Hello Mr. Worsar & Everyone in the Emsisoft Team & Community, After Hearty Greetings, It is a pleasure for me to be here as one of the users not a mere guest. Thank You Very Much for your Generous Aids and Hard Valuable Work. Also, Hands Up for your endless efforts and superb products and ransomware decryptors. I knew about your respected company only this December [2016] when I was crying and dying for a solution for damned Cerber encryption dilemma. Not to detail about this now. Introductory Note: Lord Have Mercy ========================== I have been plagued with catastrophic events in my computer. The first event which saddened me alot was the falling of a 2-TB Western Digital Green HDD on the room floor and it was damaged [Then diagnosed with corrupt header and God Knows]. Then, more dramatic, I have been stunned with the infamous infection of the badly notorious Cerber 4/5 version in the course of a night (sleeping and waking up to see the damage). The problem is multifaced because 1. No Decryptor Available Now, 2. No Decryptor will Be Sent After Ransom or it will cause further trouble & 3. I'm nearly Bankrupt to pay any ransoms and this is the bare truth. Of course I'm waiting for a solution soon. The Main Problem To Discuss Now ========================== The third problem which is persistent and that is related to my questions is "Boot Virus Malmo". Here is all info I collected to you to diagnose. Part I: "Boot Virus Malmo" Notes: - The error is deeply rooted on my disk , as Emsisoft told me, as it is present and persists before and after installing a bundle of security programs and two or three Windows 7 [32 & 64] in the course of a year now. - Boot Virus Malmo in one of my disk which was detected but not removed by: a) Avast Internet Security Suite which was installed for months (All the Time, long ago) b) IObit Advanced System Care Ver. 9 Full Version (All the Time, long ago) c) Malwarebytes Antimalware Free & Registered Versions Multiple Times ( inc. 7 Days ago) before reinstalling the plagued system. d) Kaspersky Internet Security 17.0.0. .... Free Trial Activated Multiple Times (Months ago & before installing EIS) e) Norton Internet Security Free Edition (7 Days ago) before reinstalling the plagued system (& installing EIS) f) Emisoft Antimalware Ver. 12 (5 Days ago) before reinstalling the plagued system g) Emisoft Internet Security Ver. 12 of which I post the photos and is currently installed AND UPDATED Part II: System Notes: The System - Windows 7 [x64] running [ Installed a week ago & KIS was removed due to blocking the internet access and annoying me desite knowing it is an excellent package. - No other Antivirus or IS Suites are installed [Neither Free, nor Cracked Nor Legit Purchased] - The computer was plagued with Cerber 4 / 5 Ransomware and the damage has been done and it is a fresh Win. - I removed any malware types previously detected by d), e) & f) above before reinstalling the system to install Emisoft Internet Security in a cleaner more respectable environment instead of the very old deteriorated system - All of my HDDs are Western Digital SATA 1 TB w/ System Installed + 1 TB + 3TB + 500 TB Part III: Reports & Sreenshots 1 Here are the Emsisoft Scan Note: \DosDevices\PhysicalDrive1 Rootkit.MBR.Malmo.A (Boot image) (B) [krnl.xmd] - Attached Scans & Screenshots- 2 Here is part of the Kasper Advanced Disinfection with my notes: 09.12.2016 13.43.28 Object (physical disk) not processed \Device\Harddisk2\DR5 Physical disk: \Device\Harddisk2\DR5 Object name: Virus.Boot.Malmo Reason: Disinfection impossible - Attached Sreenshots - Part IV: I have a lot of questions and suggestions concerning your Internet Security Suite. If you welcome them, I'd post them separately in a post entitled "Thoughts, Questions & Suggestions on EIS Ver. 12" Tell me where to share such a personal opinion. Part V: Thank You Very Much Again & Again Much Appreciated In Advance Greetings & Prayers for You from Egypt Yours, David NB Attached file contains scan reports and screenshots of what I mentioned I did not attach the cmd & ini files I found in a photo folder while cleaning an encrypted photo folder from cerber, just photos. I rare them and kept them !!!!!!!!! Best for message.rar
  • Create New...