Jump to content

Search the Community

Showing results for tags 'Closed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







  1. Win 10 1803 with EAM 8631 Turned on machine this morning but it wouldn't reach desktop.. just a grey screen with cursor. Did a hard reset and everything loaded okay after booting again, Debug logs and screenshot of event viewer entry (4.40.11 am) a2service_20180517044653(1624).zip
  2. I am having harrowing time with these malwares which no AV or Anti-malware softwares seem to remove, slowing down my already slow system. It keeps on coming back and have to rescan restart with no end in sight. Until I came across emsisoft and after scaning and trying to quarntine it says removing them will pose high risk of crashing the system during automatic cleaning, as the threat is deeply embedded and it refered to the online support for quidance for removal. Following the instruction at "START HERE' I managed to attach the requisite files. Plz kindly help which will be highly valued. Thanking you. FRST_10-05-2018 14.14.12.txt Addition_10-05-2018 14.14.12.txt scan_180510-131930.txt
  3. I have misgivings if there's going to be no offline help at all. What happens if someone's not got an internet connection? The beta release notes say "Enhanced documentation which is available in our online Helpdesk that describes all aspects of the software." I sincerely hope you're planning to populate the online help because at the moment it seems a bit sparse. The first topic I looked at, in the FAQ section "Installing & Uninstalling" is described as "Best practice advise for installing and removing Emsisoft products properly."... and does not contain ANY relevant information for current releases. Instead it just mentions XP and Vista. It's a backward step if all you're going to do is assemble a set of blog posts. I think the existing offline help document is already a bit sparse, but at least one could start at the top and read the whole thing. A set of miscellaneous Q&A isn't as good.
  4. EAM 7424 on Win 10 Creators Build. The Flash Player Settings Manager in Control Panel will not open unless EAM service is turned off. Debug logs attached. I turned EAM service off and on twice Frank just to make sure that EAM was responsible. a2guard_20170426152920(5700).zip
  5. Not sure what to do. Basically, i ran a scan with emsisoft and it found 4 threats, all within the same main folder. It was a game i downloaded(Universe Sandbox 2), in the folder downloads/games/Universe-sandbox-2. So, Emsisoft successfully removed 2 of the viruses but could not remove the other 2 displaying the error message: "The following objects were not removed for your safety ...Removing these items bears an unusually high risk of crashing your OS.." So i followed the instructions on the "START HERE.." page and now i'm posting. I'm not exceptionally good with computers so try to dull it down and make it simple for me, please. Thank you, and let me know if any other information is needed. Addition_06-05-2018 17.02.54.txt FRST_06-05-2018 17.02.54.txt scan_180506-164815.txt
  6. I get the message shown in attachment. Result from Emergency Kit Scanner attached. I cannot open FRST64. scan_180504-100342.txtscan_180504-100342.txtscan_180504-100342.txt Help, please! Yrs Torben Jensen
  7. Hi, I just done a scanner with emisoft Emergency kit scanner and when i pressed on quarantine selected objects appears a message to me that says that these ones can't be removed, what can i do? C:\Program Files (x86)\Common Files\Over-Find\uninstall.exe C:\Program Files (x86)\Rabat\1317.exe C:\Program Files (x86)\Rabat\8461.exe C:\Program Files\0CQJLD2DYU\uninstaller.exe C:\Program Files\0PIEFBC8QC\uninstaller.exe C:\Program Files\1IUXO22K7E\uninstaller.exe C:\Program Files\3NNRG6D7TO\uninstaller.exe C:\Program Files\65NC92JAA6\uninstaller.exe C:\Program Files\8AT4HIRP9O\uninstaller.exe C:\Program Files\8VCJCQ067X\uninstaller.exe C:\Program Files\9S85KQF7J7\uninstaller.exe C:\Program Files\B1PA2QQFT7\uninstaller.exe C:\Program Files\IBDLPKDX40\uninstaller.exe C:\Program Files\KP1EGX8873\uninstaller.exe C:\Program Files\LJOIOEKYKV\uninstaller.exe C:\Program Files\O6JZ6XPU5P\uninstaller.exe C:\Program Files\S976WYX1K6\uninstaller.exe C:\Program Files\ULIQ84WGTX\uninstaller.exe C:\ProgramData\647aa69a-af5e-4df8-9558-e2c4b4c57398\OneSystemCare.exe C:\ProgramData\dcbdb831-95af-4d21-874a-b8159552646c\OneSystemCare.exe C:\Users\ricos\Downloads\Studio_12_5.exe C:\WINDOWS\bb6d490448c4a0c6997d6d4a32046007.exe C:\WINDOWS\laZagne.py C:\WINDOWS\System32\Drivers\43278e20a3f4eb1b2c80abd764a24597.sys C:\WINDOWS\TEMP\g62B1.tmp.exe Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\03D22C9C66915D58C88912B64C1F984B8344EF09 Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\0F684EC1163281085C6AF20528878103ACEFCAAB Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\1667908C9E22EFBD0590E088715CC74BE4C60884 Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\18DEA4EFA93B06AE997D234411F3FD72A677EECE Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\2026D13756EB0DB753DF26CB3B7EEBE3E70BB2CF Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\249BDA38A611CD746A132FA2AF995A2D3C941264 Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\31AC96A6C17C425222C46D55C3CCA6BA12E54DAF Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\331E2046A1CCA7BFEF766724394BE6112B4CA3F7 Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\3353EA609334A9F23A701B9159E30CB6C22D4C59 Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\DISALLOWED\CERTIFICATES\373C33726722D3A5D1EDD1F1585D5D25B39BEA1A Key: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATE
  8. I now have 2 n/a entries in BB list. Are they both the famous MEM compression? EDIT in Process Explorer... Pid 2348 is Mem compression Pid 96 is listed as Registry..NT Kernel & System
  9. Win 10 build 8555 Noticed last night that I have produced no debug logs from the 3rd April onwards. The last thing that all the logs say on the 3rd is that I disabled logging at boot (you know I wouldn't do that EAM did it !!) Looking at Forensics it was during boot and a restart of EAM was requested. No mention of debug logging being turned off in Forensics. Find attached debug logs for that short time which show logging being turned off. a2guard_20180403043818(7332).zip
  10. Some weeks ago i noticed that my CheatEngine now closes itself about 10 secs after i try to use it, no matter what. According to message at the top of cheatengine.org' main page and to this topic https://github.com/cheat-engine/cheat-engine/issues/247 there is supposed to be some malware targeting CheatEngine. Also, every time i try to find solution for that problem by typing requests like "CheatEngine crash" or CheatEngine malware", my browsers tend to close immediately. That affects absolutely all browsers, installed and portable, even ones running in Comodo Sandbox. Both CheatEngine and browsers worked perfectly well in the Safe Mode last time i checked. There is some tool called windowsrepair.exe that Cheatengine.org suggests to use to fix problems with malware, but it never worked for me. While said CheatEngine can be considered Riskware, it helped me to avoid hours of grinding in many games for many years without such problems as now. Also, it may be relevant or not, but few days ago i already tried to fix that problem, and while i did a full system scan with EEK, it found and quarantined plenty of copies of Gen:Variant.Symmi.45452 (B) [krnl.xmd] in four directories on my Disk E. I added report concerning them in addition to three mandatory logs, below all of them. Please help. I don't want to reinstall Windows just because of that problem i have.
  11. Hi again, Kevin, hope all is well with you. My system has become noticeably slower, and Windows Explorer (not MIE but the local system file browser) crashes with "Windows Explorer has stopped." I have run the System File Checker with "sfc /scannow" and all system files appear to be fine. EIS reports no issues, nonetheless, something is infesting my PC and causing the problems described as well as numerous other annoying anomalies.. Logs attached. Thanks in advance for waving your magic wand over my system. Again. FRST.txt Addition.txt scan_180419-205206.txt
  12. hi , i just ran quick scan with emsisoft antimalware and it detected DKOM.DoublePulsar(A) in OS Kernel and is unable to remove that. since i just ran out of trial period so as per forum rules the stable version of emsisoft anti malware will act as portable version of emsisoft emergency kit. Also I am using realtime eset protection and eset did not detected any thing. attached are the logs and image of detection. windows 8.1 Addition.txt FRST.txt Forensics_180419-031813.txt
  13. Just got this through updates (any info?)
  14. Hello I keep getting variations on this detection: Location: SHA1: 4EE29875C8322D363CDDC9492AC8C50FB8B61257 Detection: Behavior.Worm Detected by: Behavior Blocker Is this a concern and if so how can this be resolved?
  15. LS, I have recieved an extorsion mail by someone who states to have infected my PC with a trojan horse virus and claims to have control over my microphone and camera. I have Emsisoft AntiMalware installed, daily updated and running (version 2018.2.1.84830). Scans do not deliver any infection or risk. Can you pls check if some kind of trojan horse is installed? I have run the advised/mandatory scans. Pls find the logs attacched. Hope to hear fron you soon, Michiel Addition.txt EEK 20180330 Forensics_180330-190037.txt FRST.txt
  16. Win 10 8528 Does game mode persist across a cold boot ? (fast boot turned off)
  17. I have followed the instructions you provided and it asked to post remaining items here. Thanks for your help. a2scan_180304-012901.txt Addition.txt FRST.txt
  18. Whats going on? I scanned with emsisoft antimalwares custom scan but no threats was found. Here are farbar logs: FRST.txt Addition.txt
  19. When you first ever do a scheduled scan and go to that page to select a time and frequency, is there already some pre-selected time and day of the week there for you?
  20. I scan whith emsi a removable media i have a susy trojan i send to quarintine, then i recover the files and scan documents folder and then perform a fullmalware scan . I send you my reports and my farbar tool reports to see if i dont have traces and i send you a screen shot because i see in scan tab does not appear the units who emsi scan is it normal? -- Emsisoft Anti-Malware Full 2018.1.0.8407 stable [es-es] OS: Windows 10 (Version 10.0, Build 16299, 64-bit Edition) Addition.txt Forensics_180210-112732.txt FRST.txt
  21. Kevin, I contacted you in early December and still have a problem. Someone has gotten into my email (Outlook 2010) and has gone to my Amazon account and tried to but things on my account. I have changed passwords on both Amazon and my ISP provider. Also, IE is running extremely slowly. Nearly unusable. Also, a quick flash of a black box in the upper right quadrant of the screen appears - looks like something opening - just a flash. I am attaching EEK & FRST logs. Hope we can find out what this is this time. Many thanks, Tom Addition.txt FRST.txt scan_180122-060039.txt
  22. После проверки пк на вирусы ваша программа обнаружила вирусы с высоким уровнем заражения,удалять их запрещенно т.к. нарушится работа всей операционной системы моего ноутбука.Пишет что они засели глубоко в системе.Как их удалить и очистить пк от вирусов без нанесения вреда моему ноутбуку.
  • Who's Online   0 Members, 0 Anonymous, 65 Guests (See full list)

    • There are no registered users currently online
  • Create New...