Search the Community

Showing results for tags 'Closed'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • Feedback, comments, and suggestions
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 739 results

  1. This is just a FYI as it is a Windows bug Windows 10 Pro Version 1703 OS Build 15063.483 64-bit EIS 2017.6.0.7681 1. Windows Security Center shows EIS Firewall ON and Windows Firewall OFF (Cap1 below) 2. Despite 1 above, Windows Firewall GUI shows Public Profile - Windows Firewall ON (Cap2 below) 3. Within Windows Firewall GUI, change Public Profile - Windows Firewall from ON to OFF and then Save Settings 4. The change made in Step 3 does not always persist; Public Profile sometimes reverts from OFF back to ON (Cap2 below) 5. After attempting to set Windows Firewall Public Profile to OFF multiple times, it stays OFF (Cap3 below)
  2. Hi, I am getting warning messages from both attempting to delete and quarantine infected files; I am being told they I am at risk of crashing my system. Am looking for help safely cleaning out these files please. All logs are attached. Thank you scan_170718-212453.txt Addition_18-07-2017 23.00.47.txt FRST_18-07-2017 23.00.47.txt
  3. Hello, on my pc i found the Trojan.SmartService trojaner and after delate it appers after pc is rebboting. Log File is attached. I have serached the forum for help but the user have become a pm how delate the trojan. It seems that this is a file loose infection. How is it that Emsisoft does not see this in behavioral analysis? Is there currently a possibility to recognize this threat in real-time. What does this Trojan do on the system? Thanks Krolik scan_170718-134822.txt
  4. Hi, I have recently been plagued by clicks initiating new tabs with advertising. I have run malwarebytes, hitman, etc and finally came across EEC. The scans keep coming up clean but the problem persists. I have tried to attached reports as requested. The Farbar scan is not creating reports, or they could be null reports. Thanks for any assistance you can offer. I have PC with Windows 10.1 64 bit. I have Bitdefender installed. Thanks, Steven scan_170710-145150.txt
  5. Hi, Searching this morning for a formula to calculate the result of a multi-innings cricket match (it's a big game here in the UK and other parts of the world!) I downloaded and scanned with Emsisoft a zip file which the search had suggested might be able to help. No negatives from Emsisoft so I unzipped the file. I stopped unzipping it when a second and then a third zip file appeared. I then completed scans by Emsisoft and in the process 19 I think it is malware objects were removed. The EEK hasn't found any more since then. However, my browser appears to have been hijacked. Every so often a new tab (in Chrome) will appear with the message "Loading ... " although nothing else appears to happen. I have also notice in the Programs section of Control Panel that there a program with what I suspect is a Russian name has been installed which has a publisher called Mail.ru. Another search of the web seems to show there are removal tools for it - I'm very reluctant to click the "Yes" button (which is in English) in CP in order to remove it. Can you help please? Files as requested are attached. Thanks in advance. Bob Patterson scan_170711-142150.txt FRST.txt Addition.txt
  6. Everytime I run a scan it gets stuck at zPharaoh.exe - How do I remove it permanently ? Thanks.
  7. Why a program does not delete these viruses located in a computer report1.pdf
  8. Hi there, I can't download Emsisoft Emergency Kit or - Farbar Recovery Scan Tool as my PC won't let me get past start up unless it's through booting safemode. (can only acces safemode on my PC) I have the above issues - Trojan.smartservice(a) infection x2. It's maifesting itself in giving me a blue screen up on start up and lot letting me boot up unless in safemode.. Please help! thanks.
  9. I have GeekBuddy by Comodo which I was told by the Comodo chat support to download the Geekbuddy. When I downloaded it, suspicious popups started appearing saying that I had many viruses and such which sounded wierd as my laptop is brand new so I knew it didn't sound right. I uninstalled Comodo and then I tried to uninstall the Geekbuddy from within the control Panel but it is not doing anything. I ran Eset Scan and it detected nothing, then I ran Emsisoft Scan and 4 Malware objects were detected. I presume it's from the Geekbuddy or Comodo. I am using the trial version of Emsisoft so what do I need to do to remove Geekbuddy?
  10. Greetings, It seems my computer has been infected with malware for weeks. Every hour my Emsisoft detects and quarantines this program. In the process, my computer downloads about 20 Gbytes per day if left on continuously. An Emsisoft scan does not find the problem. I have run Malwarebytes and SuperAntiSpyware free addition but neither of these have found the problem either. Attached are the reports from the Emsisoft Emergency Kit, Farbar Recovery Scan Tool, and quarantine logs from Emsisoft Antimalware. I appreciate any assistance you can give me. Thanks, David Addition.txt BB_170624-053654.txt FG_170624-053637.txt FRST.txt Quarantine_170624-053524.txt scan_170624-060215.txt Shortcut.txt
  11. Hi! I have an urgent problem! Emsisoft does not detect the Trojan below. However, Kaspersky does detect it, but cannot remove it: Detected: MEM:Trojan.Script.AngryPower.gen Location: System memory. Any suggestions please?
  12. This is what needs to be removed: C:\ProgramData\Microsoft\Windows\WinLogonUpdater\slinit.exe Trojan.GenericKD.4739092 I haven't been able to load EEK so I can not attach its logs, FRST loaded and ran, logs are attached. Addition.txt FRST.txt
  13. Me: "I was reading the recent EIS notification re Double Pulsar malware and while reading it online with Chrome, there was an attempt at an exploit in the folder \Downloads\Emsi\ but fortunately EIS stopped the exploit." GT500: "The DoublePulsar exploit detection only detects if DoublePulsar is trying to install a payload, so it is possible that there is still a DoublePulsar infection present and it just hasn't tried installing another payload since the first time it was blocked. That being said, our DoublePulsar detection is fairly new and I'm not sure whether or not it is possible for something to trigger a DoublePulsar alert even if it isn't actually DoublePulsar (most Behavior Blocker alerts can be triggered by legitimate software). Just in case I recommend following these instructions for creating a new topic in our Help, my PC is infected! section, and one of our malware removal specialists will take a look at your logs." Thanks in advance for your help. Addition.txt FRST.txt scan_170704-201510.txt
  14. Hey, Someone in the stable product forum posted about an issue with Windows' firewall status being misreported post-creators-update. I ran into an issue with the current beta (.7538) wherein EIS reports the product firewall is functioning, Windows says: 1. Emsisoft isn't mentioned as product managing the firewall, 2. The Windows firewall is off. (reported by both Windows Security center and the Windows Firewall applet itself). In this state, the firewall is actually stopped and EIS' firewall doesn't do anything to inbound packets (I'm able to ping the system despite explicitly blocking ICMP echo for testing purposes) Would you guys like me to see if I can reproduce this and provide logs, or is it something you're already aware of & tracking? Thanks Chris
  15. Hi, Emsisoft has flagged the title files as infected and sent me here. Hope you can get this sorted for me. Please find the files you requested attached as well as one from the scan that flagged this originally. TIA FRST.txt Scan_170628-191707.txt Addition.txt EmsisoftBehavioirLog.log
  16. I have a computer that has the Zeus Virus Attack on it and we were to call Microsoft which turned out to be a scam. They wanted money to fix the computer! I downloaded the Emsisoft Emergency Kit and ran the program but it did not catch this virus nor any. My computer does not support the Farbar recovery Scan Tool so I could not download that program. So I don't know what log you are looking for after the Emergency Kit was run. Help!
  17. Fabian, Please find attached the log files from the FRST. I look forward to your next instructions. Thank you. FRST.txt Addition.txt
  18. Windows 7 using EAM EAM was uninstalled and I downloaded and re installed EAM through the new feature in EEK This was build 7600. I turned on beta updates and updated to 7681 manually. No issues with update. I did notice that after the EAM download through EEK I was asked to restart machine which I did. There were none of those system integrity 6281 errors showing in event viewer. So I did a shutdown of machine. After turning machine back on the 6281 errors did show. Does this mean EAM was not hooking until a full shutdown and restart of machine was done?
  19. Emsisoft Anti-Malware and Emsisoft Internet Security 2017.6.0.7640 In new "Email Notifications" window, "Ok" button should be "OK".
  20. Windows 7 and Windows 10 using EAM. Why has this event id of a security audit failure mentioning a2hooks64.dll started showing under the Security section of the Event Viewer? I see there was a post about it in German section which Fabian answered but German is not my strongest subject Here are debug logs of the audit failure after boot on my Windows 10 64 bit machine just now, along with entry from event viewer. a2service_20170620144414(1336).zip
  21. I'm trying to open a couple of ports for a game and the settings are. Allow IN/OUT UDP PORT ALL I'm on a private network and the rule is above the 2 blocks on the bottom. I also opened up my local IP to DMZ and when I test the port I get "Connection Refused" on CanYouSeeMe.org and Closed on WhatsMyIP.org
  22. I cant run any anti malware programs to get rid of this thing! Please help! Addition.txt FRST.txt scan_170625-080755.txt
  23. EAM on Win 7 64bit via autoupdates. No issues so far with new build. As I do not logon to my machine I guess this won't affect me ''Unattended scheduled scans: Scans now run even if no user is logged on in Windows.''
  24. EIS stable 7567 Windows 10 Pro Version 1703 OS Build 15063.413 64-bit Frank, I have sent you a PM with the download link for the malware along with the password Please take-down the video once you have grabbed it if you wish Use the current stable or beta versions of HMP.A to replicate; all will give the same result = break the behavior blocker in this particular test scenario The system after the second test after HMP.A has been installed alongside EIS is fully infected I cut the video short before the launch of powershell and both it and wscript connecting out to the network What the malware actually does is not important; HMP.A causing the behavior blocker not to react in this particular test is what is important A demonstration of how piling other security softs on top of Emsisoft can negatively affect the behavior blocker; Emsisoft protected the system until another security soft - that was not needed - was added to the system You have the sample and can fully replicate Video removed by OP
  25. I don't think the scan is working I run scan put my computer says not protected,and how do I get this on my desk top