Search the Community

Showing results for tags 'Closed'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Malware Research Center
    • Help, my PC is infected!
    • Ransomware First Aid
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Public Betas
    • Feedback, Comments and Suggestions
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 689 results

  1. Hello, hoping someone has some knowledge to impart on me. I have an external drive WD mybook, probably 4 or 5 years old. I've had it plugged into my pc the entire time never on any other machine. last night I tried to view some old pictures and videos and I had a prompt tell me I don't have permission to access the files. Also, prompted me to access the account settings to make changes. as far as I can see all the users listed have full access to everything, so there is nothing to adjust. I do see that an odd account is listed - Account Unknown S-1-5-21... I ran bitdefender to scan the hard drive and it does so, however comes back with a long list of password protected files it could not scan. I never used a password to protect any files which makes me believe there may be an infection that caused this. I can manually find some of the password protected files and I can delete them but there are also a few that I can not delete because, again I do not have permission. from the same password protected files that could not be scanned, there are files, such as ($Recycle.bin-S-1-5-21...) that I can not track down at all. I went on the remove the hard drive from my pc and plugged it into a MacBook, to my surprise I was able to view all of the same pictures and videos the PC would not give me access to so I don' think the hard drive itself has any issues. I feel like something has dug into my pc and hidden itself in these password protected files.
  2. MY Windows PC has also get infected as the screen of the system has turned blue and the system is not booting after restarting. It is showing ERROR CODE 0XC0000428 in the interface and I really do not know how would I fix that.
  3. My computer (desktop) has been infected for quite some time. After one of Microsoft Wndows 10 updates that turned off all my protection the machine got infected. That was close to 2 years ago. I have been working on getting rid of the many infections manually and with a few killers. I recently ran across EEK and us4ed it and I used FRST as outlined in hopes this will finally get my desktop back in action. When fully infected I could not run anything. After I did some cleaning I was able to get into safe mode. but the infections would not allow me to change anything, delete or remove any files it presented me with an error box stating that I did not have permission to do that or when I attempted to run various malware and virus killers or start any anti-virus program. It stated it was already running. I am hoping that you can assist me in remedying my situation at hand with my desktop. I have attached the reports from EEK and FRST as outlined. I thank you in advance for your assistance. Addition.txt FRST.txt scan_190130-155741.txt
  4. JeremyNicoll

    CLOSED Beta 9188

    Windows 8.1, 64 bit The beta correctly identifies that I don't as yet have the browser security extension installed on my default browser (which is Firefox), but I have to go looking in Settings to see that. I still don't get a warning (when I start Firefox) saying that the extension is not installed there - should that still happen? I do (still) get the warning when I start Chrome.
  5. Upon attempting to quarantine 4 suspicious files found during a scan, I got a message stating: "Removing these items bears an unusually high risk of crashing your operating system during automatic cleaning, as these threats are embedded deeply. The malware removal experts at the Emsisoft Support will guide you through a safe removal of these threats." Accordingly, I am attaching the requested log files as per the forum posting instructions, and await your instructions. scan_190124-135355.txt Addition_24-01-2019 14.11.35.txt FRST_24-01-2019 14.11.35.txt
  6. I'm on Windows 10 64-bit, version 1809 (OS Build 17763.292) the latest update January 22, 2019 I've had Emsisoft installed for some time and I haven't had any issues so far with infection. CPU usage is normal, when I do do anyting it's 1 to 4 %, when I start up a browser it goes to 8-11 %. Nothing out of the ordinary. I've started monitoring my network traffic recently and I noticed that Windows Host processes represented by svchost and their assocciated Windows processes conneting to these IP addresses. I didn't monitor my network before. Maybe these connections always were there. I don't know. Is this normal behavior for Windows 10 nowadays? I thought Windows host processes like Cryptographic service or Diagnostic Policy service must connect only to Microsoft IP addressess but why Google MSI Verizon and Cloudflare? I don't get it. They don't run very often, just occaionally pop up for a few second once a day, and quicly stop. Maybe I became a bot or something? I think Emsisoft would pick it up already External IP PID 216.58.209.35:80 Google LLC USA 4276 CryptSvc 93.184.220.29:80 MSI Communications UK 4276 CryptSvc 104.16.95.121:80 Cloudflare Inc USA 4276 CryptSvs 172.217.17.67:80 Google LLC US 4276 CryptSvc 93.184.221.240:80 MSI Communications UK 4276 CryptSvc 216.58.209.131:80 Google LLC US 4140 DPS
  7. Jeff22

    CLOSED Slowdown

    Hello, recently i have noticed a slowdown in my machine, could you please take a look. FRST.txt Addition.txt scan_190128-024733.txt
  8. Please see attached screenshot. I don't know how to handle this because I get the same pop up if I click on quarantine.
  9. My HP Pavillion dv7-7135us has been freezing up lately with no warning and no visible symptoms other than I return to it after a few hours and find it frozen. The only remedy is to power down. EEK and FRST files are attached. I tried to scrupulously follow the instructions. EEK did not display the same choices as the instructions, but I tried to get a clean scan, without changing any parameters after the sw updated itself. FRST showed no anomalies on operation. Addition.txt FRST.txt a2scan_190112-100254.txt
  10. I have uninstalled this program several times and it always returns. I understand that it prob is not malware, but I already have Emsisoft so I don't need another trying to get my attention. It was installed without my permission, and I don't see how it could have piggy backed on anything because I have not installed any new programs lately. It does not have an uninstall option on its menu. I have tried remove using the Windows 10 App/uninstall. Can someone help please?
  11. So is this error which shows in Event Viewer after each EAM update Microsoft's fault? https://answers.microsoft.com/en-us/windows/forum/all/event-id-17-security-center-failed-to-validate/1fe0f4d7-8b4e-40a6-b607-e1895bfc7535
  12. I ran a scan and with EK and I see 7 varieties of threats, but I can't remove with either delete or quarantine? Help Here is my log file. scan_190109-092825.txt
  13. Win 10 build 9144. As part of some troubleshooting I uninstalled 9144 and selected for EAM to remove the everything option. It leaves a Program Folder in C drive with quarantine in it. Surely if I select to remove everything (all folders etc) it should do just that?
  14. I'm on the Beta feed. EAM just 'updated' but it's installed 2018.11.0.9073 when before that I was running 2018.12.1.9144. Why? See logs screenshot at: https://www.dropbox.com/s/lo685jpbogs0ce6/20190107 EAM update that isn't.jpg?dl=0
  15. I just can't find/get rid of this software (Go.MennyThanks, or AAMennyThanks)), that was secretly installed on my computer. I'd prefer not having to buy more malware software. Can anyone help me? Thanks. Bob
  16. https://malwaretips.com/threads/emsisoft-browser-security.88869/ Pity it wasn't posted here as well.
  17. I wish you and you beloved ones and family a Merry Christmas, have a peaceful and happy time. Cheers
  18. Win 10 1809. Auto update went through okay. No issues so far. I see on the main page of the GUI it's already 2019 !!
  19. The first time (in a Windows session) that I click on any of the four main panels on the EAM gui overview screen (Protection, Scan & Clean, Logs or Settings), it takes several seconds to open the relevant screen, and sometimes it doesn't open it at all.
  20. Dear Experts, I was wondering if my computer might be infected or maybe I'm just paranoid. Although nothing seems to be out of the ordinary, please tell me I'm just paranoid here on this. I've heard about dll injection when malware authors have been exploiting Windows dynamic library where executables access the library and share the memory space, with a malicious dll beieng injected into a legitimate process. Then we won't then see a malicious process runing in memory there because it's a legitimate executable that could very well be an essential Windows operating system process but carrying out the malicious activities because it's actually executing functions that are part of a malicious dll file. Because I have Windows 10 Pro 64-bit(Version 1809 17763.134) (X64) there are obviously two rundll32.exe for calling different programs respectively. One is located in C:\Windows\System32\rundll32.exe Another one is in C:\Windows\SysWOW64\rundll32.exe Sometimes when I turn on my computer I see them both ( I guess) starting up with Windows, and sometimes they don't start up with Windows. Today for example they started up again. See attached Task Manager screenshot. I scanned my computer with Emsisoft while they were runnng. The scan result attached. I ran FRABAR scan. FRST nad Addition scans attached. I also ran cmd command (tasklist /m /fi "IMAGENAME eq rundll32.exe") to identify loaded DLLs in these running rundll32.exe,. Screenshot attached. Am I paranoid? My browsing habbits are pretty rigorous. I don't visit suspicious websites, I don't download literally anyting unless I have to. I don't even click on links that I send to myself not to mention some attachments coming in an email. My browser security settings don't have even one weak cipher siute and they are all with forward secrecy, My browser user agent only supports TLS 1.2 and obviously 1.3 and it's immune to logjam, freak and poodle attacks with a bunch other firefox about:config strengthened security settings. I know I'm probably a very sick individual in terms of this hyphened sense of security but that the way it is now. Should I be worried about these two rundll32.exe? EEK SCAN.txt FRST.txt Addition.txt
  21. Please see here https://support.emsisoft.com/topic/30208-aktuelle-beta-keine-deutsche-sprachdatei-mehr/
  22. Auto updated okay on Win 10. Are there supposed to be different colours here?
  23. I was getting this some time back and don't know how it got solved. Now it's back. Emsisoft scan finds it, I quarantine it and the next time E scans it's back again. Over and over. I just ran EEK and the item in question was not found. But that is probably because I had just finished a scan which found it and quarantined it. scan_181118-225318.txt FRST.txt Addition.txt
  24. I think I have an infection and would like guided help to remove. Please see attached as requested and let me know the next steps. Thank you in advance emergency scan 181113-174933.txt
  25. HP EnVY TS 17 Notbook PC Has an I7 4700 processor and 16 GB ram. This machine should be running real fast. However it seems to be really slow. After running a full clean up using Techsuite (which includes EMSI soft removal tools) I was ready to give it back to the client..AFter a reboot it started running real slow again. I ran the techsuite software again and removed 17 new items. The only thing the machine had done was site idle on the internet. Attached is the EEK report. The FRST 64 bit would run until I pressed scan, then it would crash. (I verified the machine is running 64 bit windows 10 home) Thanks, scan_181029-172340.txt