Search the Community

Update ok so far.

Can't delete or fix this, when i run the program, it finds a "Application.Bitcoinminer.RD" on C:/Windows/Microsoft/svchost.exe:settings

When you first ever do a scheduled scan and go to that page to select a time and frequency, is there already some pre-selected time and day of the week there for you?

Automatic update. Smooth

Smooth update

I scan whith emsi a removable media i have a susy trojan i send to quarintine, then i recover the files and scan documents folder and then perform a fullmalware scan . I send you my reports and my farbar tool reports to see if i dont have traces and i send you a screen shot because i see in scan tab does not appear the units who emsi scan is it normal? -- Emsisoft Anti-Malware Full 2018.1.0.8407 stable [es-es] OS: Windows 10 (Version 10.0, Build 16299, 64-bit Edition) Addition.txt Forensics_180210-112732.txt FRST.txt

Kevin, I contacted you in early December and still have a problem. Someone has gotten into my email (Outlook 2010) and has gone to my Amazon account and tried to but things on my account. I have changed passwords on both Amazon and my ISP provider. Also, IE is running extremely slowly. Nearly unusable. Also, a quick flash of a black box in the upper right quadrant of the screen appears - looks like something opening - just a flash. I am attaching EEK & FRST logs. Hope we can find out what this is this time. Many thanks, Tom Addition.txt FRST.txt scan_180122-060039.txt

После проверки пк на вирусы ваша программа обнаружила вирусы с высоким уровнем заражения,удалять их запрещенно т.к. нарушится работа всей операционной системы моего ноутбука.Пишет что они засели глубоко в системе.Как их удалить и очистить пк от вирусов без нанесения вреда моему ноутбуку.

Hi, I hope you can help me to delete or destroit a virus wich is infected my PC. The emsisoftware A-squared free detected that the virus is infected 20 achieveds but couldn't eliminate them. I need to clean my computer and the USB too because all are full of direct acces and famtom achieves. Sorry about my english. I was wating for a solution.Thanks!

Windows 10... EAM build 8407 Steps to reproduce Open Settings..Permissions Untick 'Hide users with Default Permissions' This setting will now show users in the Windows Session you are in only. Turn off machine (FastStartup is NOT enabled on this machine) Turn on machine and go to Settings...Permissions. 'Hide users with Default Permissions' has now re-enabled itself. See here in beta archives for more info on old bug. https://support.emsisoft.com/topic/28927-8311-settings-permissions/

Today I reinstalled windows, and everything seems to be in order, but there was one thing which got me little worried; when i rebooted pc and the security center lags behind saying something about how threat defence is turned off, which is normal but this time there was text "malwarebytes needs actions", it only appeared for a brief moment and then disappeared and the red warning mark turned to green checkmark. I could not see any protection layers turned off in malwarebytes so maybe it was some windows bug. I scanned with emsisoft antimalware and it didnt find anything suspicious. But cant be too carefull, i would appreciate if you could review my farbar logs: FRST.txt Addition.txt

When I try to browse Netflix or the BBC, Google Chrome, Firefox or MS Edge hang or redirect me to "Help with Malware" sites or a firm called Reimage. I've asked Netflix for advice but they were as good as useless. I would appreciate some guidance please. Addition.txt FRST.txt scan_180124-065626.txt

New Beta No issues on install

Помогите удалить файлы из системы. И нужно ли их удалять?

Hi, team, It seems that my PC is infected with some kind of a malware/virus as it runs unusually slow with some errors (ie. firefox not opening even after refreshing and ran as admin,waking up from 'sleep' with a blank black screen that doesn't allow any control like restarting/Cntrl+Alt+Del except a mouse/smart pad control with a cursor you can navigate, AND "File System Error (-1073741819)." issue). I think this happened since a couple days ago (27th night-28th early morning) when I downloaded and ran 'AutoKMS' file from a website. Would you please help me with this issue? Thank you much for your help in advance!! Sam scan_180130-234739.txt FRST.txt Addition.txt

W8.1 64bit. I'm perplexed by some items on the BB display, which here looks like: https://www.dropbox.com/s/cgo1vcidnjlzl22/20180126 BB list.bmp?dl=0 The top three items have no meaningful name or description. When I double click, in turn on them, the 'detail' displays tell me nothing more First one: https://www.dropbox.com/s/c4euqqpdv6bwlxr/20180126 Process 1 detail.bmp?dl=0 Second one: https://www.dropbox.com/s/11lk28h3999hkf5/20180126 Process 2 detail.bmp?dl=0 Third one: https://www.dropbox.com/s/14vjz9gdgjukex5/20180126 Process 3 detail.bmp?dl=0 The first one, from C:\Dropbox\Programs--ALL is probably one of three versions of FileZilla that I have installed at the moment. I ran two or maybe even all three of them yesterday while trying to solve an FTP problem. The third one, from C:\Program Files (x86)\ is probably Firefox (originally a 32bit app when it auto-updated to 64bit it retained its 32-bit install location). I've no idea what the second one might be. Also a little lower on the BB display you can see eg "bash.exe" (from my "Msys2" environment) described as "Stopped". Does "Stopped" mean something other than "not currently running"?

Windows 10. Right-click scan from tray icon starts a custom scan, no option to do Malware Scan. I don't remember it being like that before. EDIT .....after more tests In my opinion the scan from tray is broken. It is almost impossible to get it to do a scan now as it auto defaults to last scan done (I tried a context menu scan last from GUI) I closed GUI, I opened it I selected 'new scan' etc etc but nothing works. I do not see restarting my machine, or restarting Explorer, as a way to do a scan from tray... not happening

Systems updated no problems. Did have one BSOD coming out of Shadowdefender Shadow Mode. It was in Epp.sys. I will wait and see if it happens again. Pete

Smooth upgrade. What's up Frank?

The suspicious behavior was blocked when I tried saving file on Tiled map editor, behavior blocked "code injection" in tiled.exe. I am fairly sure this is false positive but you never know for 100%, also dont know what those cmd windows were. Ive seen such cmd windows on start up before so they may be just windows thing. Here are farbar logs anyway, i would be glad if you could check them. FRST.txt Addition.txt

FRST.txt Addition.txt scan_180105-185403.txt The noscript pop up warning said Noscript detected a potential cross-site scripting attack from [...] to https://ww.malwarebytes.com Suspicious data: TypeError: ic is undefined,(URL) https://ww.malwarebytes.com/images/mb-logo-2.png I removed the first W from the addresses so that they are not functional in case they lead to malicious code.

This Chrome extension installed without my knowledge and defied many attempts to get rid of it. For one, it hijacked my image search tab. Reset Chrome, ran Emsisoft, M-Bam, and Superantispyware scans. M-BAM showed PUPS and quarantined them but no other scans turned anything up. Restarted my computer and it appears to be gone. I am careful surfing so not sure where I got it. Have adware blockers but had to disable them for Weatherunderground, which is full of adds. How do I permanently stop this from reappearing? Thanks

Sorry for not being reactive enough but I am not at all comfortable with this kind of things. I think I found what I downloaded and that I shouldn't have opened. in the description of the file, when you place the cursor on the name, it is actually written "nonextermination setup",though it is an .epub extension. I have attached the file. Marie PS: uploading this, the exe extension appears. Bridging_The_Communication_Gap.epub.exe

Outlook and Quiken would not open, ran Emisoft, found swizzor trojan. Attempted to quarantine, however program said I needed more assistance. Thank-you. Addition.txt FRST.txt logs.db3

Hi two days ago emsi detect something and i delete it it says are something in my browser who make cryptcoins or somethingl ikethat sorry to be ambigous. I delete the emsisoft logs. I have scan whith FRT to see if i have no traces FRST.txt Addition.txt Shortcut.txt