Search the Community

Showing results for tags 'Closed'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • Feedback, comments, and suggestions
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 756 results

  1. I have GeekBuddy by Comodo which I was told by the Comodo chat support to download the Geekbuddy. When I downloaded it, suspicious popups started appearing saying that I had many viruses and such which sounded wierd as my laptop is brand new so I knew it didn't sound right. I uninstalled Comodo and then I tried to uninstall the Geekbuddy from within the control Panel but it is not doing anything. I ran Eset Scan and it detected nothing, then I ran Emsisoft Scan and 4 Malware objects were detected. I presume it's from the Geekbuddy or Comodo. I am using the trial version of Emsisoft so what do I need to do to remove Geekbuddy?
  2. Greetings, It seems my computer has been infected with malware for weeks. Every hour my Emsisoft detects and quarantines this program. In the process, my computer downloads about 20 Gbytes per day if left on continuously. An Emsisoft scan does not find the problem. I have run Malwarebytes and SuperAntiSpyware free addition but neither of these have found the problem either. Attached are the reports from the Emsisoft Emergency Kit, Farbar Recovery Scan Tool, and quarantine logs from Emsisoft Antimalware. I appreciate any assistance you can give me. Thanks, David Addition.txt BB_170624-053654.txt FG_170624-053637.txt FRST.txt Quarantine_170624-053524.txt scan_170624-060215.txt Shortcut.txt
  3. Hi! I have an urgent problem! Emsisoft does not detect the Trojan below. However, Kaspersky does detect it, but cannot remove it: Detected: MEM:Trojan.Script.AngryPower.gen Location: System memory. Any suggestions please?
  4. This is what needs to be removed: C:\ProgramData\Microsoft\Windows\WinLogonUpdater\slinit.exe Trojan.GenericKD.4739092 I haven't been able to load EEK so I can not attach its logs, FRST loaded and ran, logs are attached. Addition.txt FRST.txt
  5. Me: "I was reading the recent EIS notification re Double Pulsar malware and while reading it online with Chrome, there was an attempt at an exploit in the folder \Downloads\Emsi\ but fortunately EIS stopped the exploit." GT500: "The DoublePulsar exploit detection only detects if DoublePulsar is trying to install a payload, so it is possible that there is still a DoublePulsar infection present and it just hasn't tried installing another payload since the first time it was blocked. That being said, our DoublePulsar detection is fairly new and I'm not sure whether or not it is possible for something to trigger a DoublePulsar alert even if it isn't actually DoublePulsar (most Behavior Blocker alerts can be triggered by legitimate software). Just in case I recommend following these instructions for creating a new topic in our Help, my PC is infected! section, and one of our malware removal specialists will take a look at your logs." Thanks in advance for your help. Addition.txt FRST.txt scan_170704-201510.txt
  6. Hey, Someone in the stable product forum posted about an issue with Windows' firewall status being misreported post-creators-update. I ran into an issue with the current beta (.7538) wherein EIS reports the product firewall is functioning, Windows says: 1. Emsisoft isn't mentioned as product managing the firewall, 2. The Windows firewall is off. (reported by both Windows Security center and the Windows Firewall applet itself). In this state, the firewall is actually stopped and EIS' firewall doesn't do anything to inbound packets (I'm able to ping the system despite explicitly blocking ICMP echo for testing purposes) Would you guys like me to see if I can reproduce this and provide logs, or is it something you're already aware of & tracking? Thanks Chris
  7. Hi, Emsisoft has flagged the title files as infected and sent me here. Hope you can get this sorted for me. Please find the files you requested attached as well as one from the scan that flagged this originally. TIA FRST.txt Scan_170628-191707.txt Addition.txt EmsisoftBehavioirLog.log
  8. I have a computer that has the Zeus Virus Attack on it and we were to call Microsoft which turned out to be a scam. They wanted money to fix the computer! I downloaded the Emsisoft Emergency Kit and ran the program but it did not catch this virus nor any. My computer does not support the Farbar recovery Scan Tool so I could not download that program. So I don't know what log you are looking for after the Emergency Kit was run. Help!
  9. Fabian, Please find attached the log files from the FRST. I look forward to your next instructions. Thank you. FRST.txt Addition.txt
  10. Windows 7 using EAM EAM was uninstalled and I downloaded and re installed EAM through the new feature in EEK This was build 7600. I turned on beta updates and updated to 7681 manually. No issues with update. I did notice that after the EAM download through EEK I was asked to restart machine which I did. There were none of those system integrity 6281 errors showing in event viewer. So I did a shutdown of machine. After turning machine back on the 6281 errors did show. Does this mean EAM was not hooking until a full shutdown and restart of machine was done?
  11. Emsisoft Anti-Malware and Emsisoft Internet Security 2017.6.0.7640 In new "Email Notifications" window, "Ok" button should be "OK".
  12. Windows 7 and Windows 10 using EAM. Why has this event id of a security audit failure mentioning a2hooks64.dll started showing under the Security section of the Event Viewer? I see there was a post about it in German section which Fabian answered but German is not my strongest subject Here are debug logs of the audit failure after boot on my Windows 10 64 bit machine just now, along with entry from event viewer. a2service_20170620144414(1336).zip
  13. I'm trying to open a couple of ports for a game and the settings are. Allow IN/OUT UDP PORT ALL I'm on a private network and the rule is above the 2 blocks on the bottom. I also opened up my local IP to DMZ and when I test the port I get "Connection Refused" on CanYouSeeMe.org and Closed on WhatsMyIP.org
  14. I cant run any anti malware programs to get rid of this thing! Please help! Addition.txt FRST.txt scan_170625-080755.txt
  15. EAM on Win 7 64bit via autoupdates. No issues so far with new build. As I do not logon to my machine I guess this won't affect me ''Unattended scheduled scans: Scans now run even if no user is logged on in Windows.''
  16. EIS stable 7567 Windows 10 Pro Version 1703 OS Build 15063.413 64-bit Frank, I have sent you a PM with the download link for the malware along with the password Please take-down the video once you have grabbed it if you wish Use the current stable or beta versions of HMP.A to replicate; all will give the same result = break the behavior blocker in this particular test scenario The system after the second test after HMP.A has been installed alongside EIS is fully infected I cut the video short before the launch of powershell and both it and wscript connecting out to the network What the malware actually does is not important; HMP.A causing the behavior blocker not to react in this particular test is what is important A demonstration of how piling other security softs on top of Emsisoft can negatively affect the behavior blocker; Emsisoft protected the system until another security soft - that was not needed - was added to the system You have the sample and can fully replicate Video removed by OP
  17. I don't think the scan is working I run scan put my computer says not protected,and how do I get this on my desk top
  18. Dear Sirs: We are trying to clean Trojan.SmartService but we can only place it into quarantine. I enclose requested files after running step by step the procedure.If you need further information do not hesitate asking me. Thank you very much in advance Best regards Ivan, GEDLUx scan_170621-162649 (1).txt FRST.txt Addition.txt
  19. I dont know if i accidentally opened one when i tried to power on the monitor somehow, or did it come there by itself. Also I was logged off here when i restarted browser, even though it should stay logged in. I havent cleared cookies. I have tried scanning computer but havent found anything. Do these logs show anything? Addition.txt FRST.txt Shortcut.txt
  20. Hello I started to get this survey pop up about 2 weeks ago. It started to come more frequently last week. I reached out to my internet provider and they did some work on my chrome and reset it. I've downloaded your emergency kit and done a number of scans and I'm still getting this pop up this morning. I'm wondering if someone could help me out. I would like to know what I can do to prevent it again and I would also like to get rid of it. Thank you so much. FRST.txt Addition.txt scan_170609-170506.txt scan_170612-144823.txt scan_170613-150744.txt
  21. Both Desktops auto updated. So far so good
  22. I saw some outgoing internet traffic while doing nothing, and earlier when i started pc the File Explorer was open when i came to look at pc, so i wasnt even at my pc when that folder was opened, though that happened before i even was connected to pc as I just had installed motherboard drivers before connecting to internet. Also when i opened edge browser, it also opened another smaller window. FRST.txt Addition.txt Shortcut.txt
  23. For months ive been wiping my ssd and reinstalled windows, because I keep experiencing something weird with my pc constantly. Now latest was some black box flashing in lower right corner in browser when i was looking at emsisoft webpage, the site is reputable so thats not issue. Also I noticed that my downloads folder had changed its view settings to "large icon", previously it was set to "details" which is the default, and I have not changed that myself. I cant find anything from various virus scanners. Also I noticed some weird event logs in the event viewer, where unknown process does some registry changes. Here are also farbar logs for analyzing. Shortcut.txt Addition.txt FRST.txt
  24. EIS 2017.5.0.7538 Windows 10 Pro Version 1703 OS Build 15063.332 64-bit Process Hacker 2 (https://www.isthisfilesafe.com/?md5=B365AF317AE730A67C936F21432B9C71) Since some vendors treat Process Hacker as potentially malicious, it is possible that the behavior below is intended - so I'm not sure if it is a bug * * * * * 1. Launch Process Hacker 2 2. processhacker.exe shows in the Behavior Blocker list 3. A rule for processhacker.exe is never created in the Applications Rules list http://processhacker.sourceforge.net/downloads.php
  25. Frank, please PM me and I will provide you a download link for the *.bat and password. Video is .mp4 format. Delete Shadow Copies.mp4