Search the Community

Showing results for tags 'Closed'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • Feedback, comments, and suggestions
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 755 results

  1. All of this started 1½~ week ago. Bitdefender(free) started blocking 2 things, "item.dat" and "lsmo.exe". The second one got blocked every 3 hours on the second. This went on for around a week then suddenly nothing for a day or two. Then i noticed on my cpu/ram/hdd monitor that my CPU was overworking itself to death and say a file called "lsmose.exe" eating away at full power. I manually killed it and scanned the file with bitdefender which found nothing wrong with it, deleted it from my HDD. Then anywhere in a 3-8h window this guy would come back, so i froze its process with Process explorer so i didnt have to bother with it. This worked for a while but then a new file called "lsmosee.exe" got added and killed the first one and started chewing CPU. Now both of these got added everytime but only 1 of them would start up. Also at the same time these 2 where downloaded something killed my task manager if i had it open(but ignored process explorer) and it added 3 new scheduled tasks for system startup called "Mysa1", "Mysa2" and "ok". Mysa1 and ok wanted to start up DLL files in the same folder in the miner called "item.dat" and "ok.dat", item.dat has been stopped a week ago and never seen from again, never seen ok.dat probably stopped even earlier. Mysa2 does something with the cmd which i guess you will see in the logs. Yesterday bitdefender stopped and quarantined lsmose.exe and tagged it as a "trojan generic" but i manually scanned lsmosee.exe and it found nothing wrong with it. Also the schedules point to windows\debug where the 2 miners always appeared, but after bitdefender stopped lsmose.exe, lsmosee.exe started appearing in windows\help. lsmosee.exe was still on my HDD when i did the logs and the system start up schedules are also there but i turned them to inactive in case of PC crash or sudden restart, i always delete the schedules before i restart my PC but they get reactivated even if i dont delete them when the miner drop happens. Dont really dare to swap out from bitdefender atm since it's keeping part of the problem at bay. Edit: I also did the scans with lsmose.exe on my hdd before bitdefender got updated and caught it and the first scan did not detect it. Logs: scan_170727-052925.txt FRST.txt Addition.txt
  2. Updated EAM from 7213 to 7219 on Win 7 64bit. Turned laptop off. After a few moments turned it back on again (to confirm delay in boot fixed now) Then got to old user profile issue again. Had to log out and log in again as me. Attached are both sets of debug logs from the 2 boots this morning, plus the 4 event viewer errors 1508, 1502, 1515, 1511. Note the user profile service in this session said it had successfully started (1531) immediately before the errors. (Frank this user has a ticket with you for similar issue?) https://support.emsisoft.com/topic/26833-bootvorgang-korrumpiert/#comment-167652 a2guard_20170226055045(3236).zip ev4.zip
  3. Win 7 64 bit. Uninstalled EAM and rebooted twice. Updated EEK from 7677 to 7694. Did a scan and it found Eicar. At end of scan it offered to install EAM. No reboot needed after EAM was installed. Everything went perfectly P.S. I don't like the fact that no desktop icon appears for EAM when you use the EEK download P.S. Forgot to say thanks to dev team for offering choice to remove all logs and reports when uninstalling EAM.
  4. I do have the same problem; Mysa1, 2, 3, lsmose.exe and weird entries in the task scheduler
  5. EIS 2017.7.0.7797 Office365 (all versions) The Office365 installer launches Powershell. Powershell code triggers Emsi's anti-exploit protection.
  6. EAM Win 7 64bit What is the default for the number of Forensic log entries? Is it the same as default of 300? (It will soon fill up) Is the Forensic log supposed to show any changes I have made from the default settings everytime I open the GUI? for example.. Setting "Application restarts" has been changed to "Enabled" Setting "Removable device connections" has been changed to "Enabled" To see this, change a setting, reboot, open Settings and quickly cycle though General, Privacy, Update etc tabs and then Forensics will show any changes from Default settings that you have. When I have an auto update while online it will show that I have moved update notification to right center.
  7. Exploit protection trigger when you launch hp recovery manager. No clue if it's something you need to fix or vbs scripts launching always give an exploit alert but just letting you know. http://i.imgur.com/fgJpIZn.png
  8. EAM on Win 7 64 bit after manual update from 7797 I did a block all rule for mspaint to test fix. This is warning I get when I tried to run it.
  9. "New: General warning for possible compatibility issues with other already installed Anti-virus/Anti-Malware programs, during installation." Where/what list for people that don't install regular? I would like to know compatibility issues without installing. Could you post one? Thanks.
  10. 2 Desktops and 1 VM all autoupdated. So far so good.
  11. One VM and one desktop updated today. Both updates went fine. So far so good.
  12. Is there any beta testing on going now? do I get any prizes if were able to detect more bugs or help you in any way?
  13. On a Windows 10 system, Emsisoft has reported the following: "The following Windows kernel files have been detected as infected: C:\Windows\System32\sdclt.exe As these files are essential for Windows to work, you can't delete or quarantine them." Please advise on how to proceed.
  14. I am noticing random browser opening, infrequent, but disturbing for adware/malware infection. I have downloaded EEK and FRST and ran both. Will attach the files. Nil detected with EEK. Also noticing when opening Office 365 file (word or excel), sometimes not working on the first go. Your help is appreciated. FRST.txt Addition.txt scan_170716-085701.txt Scan_170716-085737.txt
  15. i keep getting pop ups malicious code detected in the following file : c:program files\intel\sur\queencreek\task.vbs any help gratefully recived Haydn
  16. This is just a FYI as it is a Windows bug Windows 10 Pro Version 1703 OS Build 15063.483 64-bit EIS 2017.6.0.7681 1. Windows Security Center shows EIS Firewall ON and Windows Firewall OFF (Cap1 below) 2. Despite 1 above, Windows Firewall GUI shows Public Profile - Windows Firewall ON (Cap2 below) 3. Within Windows Firewall GUI, change Public Profile - Windows Firewall from ON to OFF and then Save Settings 4. The change made in Step 3 does not always persist; Public Profile sometimes reverts from OFF back to ON (Cap2 below) 5. After attempting to set Windows Firewall Public Profile to OFF multiple times, it stays OFF (Cap3 below)
  17. Hi, I am getting warning messages from both attempting to delete and quarantine infected files; I am being told they I am at risk of crashing my system. Am looking for help safely cleaning out these files please. All logs are attached. Thank you scan_170718-212453.txt Addition_18-07-2017 23.00.47.txt FRST_18-07-2017 23.00.47.txt
  18. Hello, on my pc i found the Trojan.SmartService trojaner and after delate it appers after pc is rebboting. Log File is attached. I have serached the forum for help but the user have become a pm how delate the trojan. It seems that this is a file loose infection. How is it that Emsisoft does not see this in behavioral analysis? Is there currently a possibility to recognize this threat in real-time. What does this Trojan do on the system? Thanks Krolik scan_170718-134822.txt
  19. Hi, I have recently been plagued by clicks initiating new tabs with advertising. I have run malwarebytes, hitman, etc and finally came across EEC. The scans keep coming up clean but the problem persists. I have tried to attached reports as requested. The Farbar scan is not creating reports, or they could be null reports. Thanks for any assistance you can offer. I have PC with Windows 10.1 64 bit. I have Bitdefender installed. Thanks, Steven scan_170710-145150.txt
  20. Hi, Searching this morning for a formula to calculate the result of a multi-innings cricket match (it's a big game here in the UK and other parts of the world!) I downloaded and scanned with Emsisoft a zip file which the search had suggested might be able to help. No negatives from Emsisoft so I unzipped the file. I stopped unzipping it when a second and then a third zip file appeared. I then completed scans by Emsisoft and in the process 19 I think it is malware objects were removed. The EEK hasn't found any more since then. However, my browser appears to have been hijacked. Every so often a new tab (in Chrome) will appear with the message "Loading ... " although nothing else appears to happen. I have also notice in the Programs section of Control Panel that there a program with what I suspect is a Russian name has been installed which has a publisher called Mail.ru. Another search of the web seems to show there are removal tools for it - I'm very reluctant to click the "Yes" button (which is in English) in CP in order to remove it. Can you help please? Files as requested are attached. Thanks in advance. Bob Patterson scan_170711-142150.txt FRST.txt Addition.txt
  21. Everytime I run a scan it gets stuck at zPharaoh.exe - How do I remove it permanently ? Thanks.
  22. Why a program does not delete these viruses located in a computer report1.pdf
  23. Hi there, I can't download Emsisoft Emergency Kit or - Farbar Recovery Scan Tool as my PC won't let me get past start up unless it's through booting safemode. (can only acces safemode on my PC) I have the above issues - Trojan.smartservice(a) infection x2. It's maifesting itself in giving me a blue screen up on start up and lot letting me boot up unless in safemode.. Please help! thanks.
  24. I have GeekBuddy by Comodo which I was told by the Comodo chat support to download the Geekbuddy. When I downloaded it, suspicious popups started appearing saying that I had many viruses and such which sounded wierd as my laptop is brand new so I knew it didn't sound right. I uninstalled Comodo and then I tried to uninstall the Geekbuddy from within the control Panel but it is not doing anything. I ran Eset Scan and it detected nothing, then I ran Emsisoft Scan and 4 Malware objects were detected. I presume it's from the Geekbuddy or Comodo. I am using the trial version of Emsisoft so what do I need to do to remove Geekbuddy?
  • Who's Online   0 Members, 0 Anonymous, 49 Guests (See full list)

    There are no registered users currently online