I am not sure if my problem is related to malware or to a setting change or driver problem or software conflict. I am hoping you can help me figure it out.
I have been running Emsisoft Anti-Malware on an old Gateway desktop, Windows 7, 64-bit. I am the sole user of this computer and use a Homegroup only to use a wireless Kodak printer. There should be no remote access to this computer.
A couple of days ago I tried to install "Blackbird," a program that claims to reduce Windows telemetry/spying. While installing the program, I got a message from my computer that "The operation could not be completed because the file contains a virus." However, the installation program claimed to have installed successfully. Just as background, there was a period of time in the past when I used to get that message (about a file containing a virus) on my machine, and multiple clean scans eventually led an IT person to tell me that it was a false positive related to Windows. However, I hadn't seen the message in a long time.
Because the message was concerning, I decided to scan the computer with Malwarebytes Anti-Malware. The program quarantined two files with vague names that included the words "report malware" (I forgot exactly what they were). When I rebooted, I got a message from Emsisoft Anti-Malware that a "serious problem" was preventing the program from starting and reaching the service.
I did a system restore to the day before which claimed to be successful, but Emsisoft Anti-Malware again failed to start and gave the same message. I uninstalled Emsisoft Anti-Malware using Revo Uninstaller and also used EmsiClean, which said there were no remnants on the system. However, I have been unable to reinstall it using any method on your website. When I use the web installer, it installs to 99 percent and then goes backwards to zero before closing the installation program. Using the regular 64-bit installer or the .msi installer, I get a complaint that a driver is unsigned for the Emsisoft Protection Platform (epp.sys).
I did notice a user on your website wondering if eset security software might cause the driver signature complaint. I don't have eset software installed, but I do use the online scanner, and it may save files on my computer.
I ran Emsisoft Emergency Kit, Malwarebytes (again), and eset online scanner. None found any malware.
a. if I have malware related to the Blackbird installation
b. if the Blackbird program has changed settings to prevent Emsisoft Anti-Malware from running or to prevent the computer from reading the signed driver.
c. if the driver is unsigned
d. if there are hardware problems on this old computer causing the whole thing
I think there are Blackbird files still on my computer, but the executable disappeared when I did the system restore. I am not sure of the best way to remove any remaining files. Also, I still like the idea of a program like that and am wondering if there is any way to use something like that safely. I am wondering what happened.
Thanks in advance for any help you can give.
P.S. I ran Farbar and Emsiclean. Logs are attached.
scan_190808-143855.txt FRST.txt Addition.txt