Jump to content

Search the Community

Showing results for tags 'Closed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







  1. Almost slipped this one bye me. Smooth with no update issues
  2. Hi Kevin, I read a similar thread with a similar issue, in my case I got a persistent folder that comes up in my main PC and another two laptops... The location that shows is C:\ProgramData\simplitec and the tread is an Application.AppInstall (A) Note that, that folder is empty and it seems is a low risk thread. Please find attached the report and log that came up from Emsisoft. I really appreciated all your help and thank you very much in advance. Kind regards, John Lange Forensics_171120-135057.txt scan_171120-132841.txt
  3. This is the information emsisoft displayed to me, " Windows kernel files have been detected as infected. C:\Windows\explorer.exe As these files are essential for Windows to work, you can't delete or quarantine them now. The removal experts on Emsisoft Forum will help you to safely remove this detection for free. http://support/emsisoft.com . Below find attached the required Log files as directed to find a solution. scan_171204-142020.txt FRST.txt Addition.txt
  4. Я не могу сам удалить вирусы ! Мне сказали разместить отчёты и ждать помощи. ПОМОГИТЕ, ПОЖАЛУЙСТА !!!!scan_171129-231615.txt FRST.txt Addition.txt
  5. Hallo, mein Emsisoft-Programm teilt mir mit: Die folgenden Windows-Kernel-Dateien wurden als infiziert erkannt: C:\Windows\System32\wermgr.exe und sagt mir, ich solle das hier posten. Bitte um Support. Vielen Dank!
  6. Emsisoft Anti-Malware 2017.11.0.8247 BETA on Windows 7 x64 Home Premium SP1 Just performed an update to the latest beta. When notification box is shown I put the mouse pointer over "change blog" text link. The second row then blinks and this repeats each time you move the pointer away and back over the link.
  7. I was hacked! They got the info for my bank's debit card ($2000), my Discover Card ($200), my WalMart Mastercard ($0), and my PayPal ($700). The bank is not working with me so the $2K is gone. Discover and PayPal are helping but in the end I'm not sure how much that's going to cost me. The hackers tried to get into my email but Roadrunner saw it was coming from outside Texas and locked my email account. I contacted Roadrunner and the tech support found a long list of outside IP addresses and then found a Torpig. He then started a list inside my Notebook program of what we needed to do to g
  8. Repeated restarts do not resolve the issue. Requested logs are attached. Addition.txt FRST.txt scan_171124-163623.txt
  9. There is something going on here. I cannot find it, but it's here somewhere. Can you help? Files are attached. Thanks Scan_171126-135308.txt Addition.txt FRST.txt
  10. Hi, I've done the scans and now attaching the logs. Thanks, Deen FRST.txt Addition.txt scan_171128-092208.txt Scan_171128-094149.txt
  11. FRST.txt scan_171128-023526.txt Addition.txt
  12. Autoupdate on Windows 10. No issues so far.
  13. I updated manually the EEK I already had. (took a while to install the updates ) I right-clicked on EAM taskbar icon and selected to stop protection. Then I did a manual scan with EEK which found my eicar test file. EEK then asked about my current protection etc etc and offered to enable Emsi protection for me. I clicked on it and EEK disappeared. EAM gui then came up in red. All protection disabled. It is not possible to re-enable protection by the individually tickboxes in the GUI (surf protection, file guard etc) EAM service is not running in taskmanager but is
  14. Frank just wondering if you can see any reason why sometimes it takes so long for the first update of the day to happen after a cold boot on Win 7 (machine turned off at night) This morning it took 18 minutes from when protection first started. Yesterday 16 minutes. The day before that 2 minutes. The day before that 9 minutes. Auto updates during the day are fine and on time. Debug logs for today plus forensics .txt attached. a2service_20171024044106(852).zip Forensics_171024-050217.txt EDIT.. just noticed that it seems to want to update aft
  15. After starting the chrome browser last evening my husband's computer displayed a popup that covered most of the screen with a message supposed from support.windows.com. The message said ** Windows Warning Alert ** Malicious Pornographic Spyware/Riskware Detected and that it was necessary to call 888 596 8332. He rebooted his machine and all seemed well until it came back this morning. I took photos of the messages and ran the requested scans and restarted (not a complete reboot) the machine. After rebooting Chrome opened automatically, but the message is not d
  16. I have downloaded all files and even paid the $39 to purchase the license. However I cannot ever delete or quarantine anything. Every time I try I get the same error which is: Runtime Error (at 65:231): Step 3 Error (170): The requested resource is in use. This is happening no matter what virus software I try to run. I hear good things about your so I tried it but still to no avail I cannot run anything. So I haven't been able to login with my subscription or anything since nothing will run. Addition.txt FRST.txt EEK Report scan_171122-204435.txt
  17. I have no idea how Bing got onto my computer but I resent the imposition so could someone please advise me how to dump it. Many thanks.
  18. Hi there, I scanned my computer a while back for malware and found out about what's in the title. Now I've been trying for a while to get rid of this shit and would really appreciate help as soon as possible. Files of the scans are located below, thanks again. Emisoft Scan.txt FRST.txt Addition.txt
  19. Hello, shortly after updating to the newest beta, I noticed that while update is in progress, Forensic logs falsely alert user to an update failed from not know reasons (Wystąpił nieznany błąd aktualizacji = An unknown error occured). As you can see in the box below (copied the entire log content) and on the screenshot attached, there is an information about files not being updated, moreover, the date is definitely wrong. This is nothing very important, and this error disappeared right away update was finished, but someone might be alerted to it as an error. Ogólne informacje:
  20. EAM 7353 on Win 10 Pro 64 bit build 1703. What is this Mem Compression just shown as verifying?
  21. EAM on win 10 Pro 64bit I paused EAM while I re-downloaded Eicar to test scanning. EAM restarted protection and while EAM was doing a malware scan I was looking in the Event Viewer. EAM caught Eicar and then I noticed scan was stuck on 99% on C\Windows\write.exe Could not use taskmanager to do a dump of Emsi, nothing at all would work so I did a hard shutdown. Find enclosed debug logs. + Screenshot of stuck scan before all desktop froze as well. +Screenshot of forensic logs for today +txt file of event viewer error for a2service radar_pre_leak64
  22. Did we ever get it sorted about why so many event id 15 entries appear in the Windows Event Manager? I remember this from quite a while agao but cannot find post for it at the moment. This is from today's update to beta 7353 on Windows 10 using EAM They say.... Updated Emsisoft Anti-Malware status successfully to SECURITY_PRODUCT_STATE_ON.
  23. EAM *.7838 Windows 10 Pro 1703 OS Build 15063.540 x64 1. Execute malicious file (Locky variant) 2. Behavior blocker eventually detects suspicious activity, AMN query is performed, Bad reputation is returned, and the behavior blocker auto-resolves the file by terminating and sending to quarantine 3. The malicious process still appears in the behavior blocker list of actively running processes, but the process is not in active memory on the system 4. In the behavior blocker list, right-click on the process and select any of the context menu options and nothing happens (a
  24. EAM *.7838 Windows 10 Pro 1703 OS Build 15063.540 x64 1. Extract malware pack 2. Files are detected by File Guard real-time protection 3. Detected files are auto-quarantined and added to the Quarantine folder with .EIQF extension 4. Not all detected and auto-quarantine files appear in the GUI Quarantine list 5. Also some event logging quirks appeared in the Forensic Log during the process of detection and auto-quarantine There are occasional duplicate entries. The Component\Action sequences are OK. In the image below, take note of duplicate, identical l
  25. I am having a problem removing two files. I keep getting a syntax error. Is there something wrong with this script: DeleteFile: ReplaceWithDummy C:\Users\OWNER\AppData\Local\zadtgpv C:\Users\OWNER\AppData\Local\exibrgo
  • Create New...