Jump to content

Search the Community

Showing results for tags 'Closed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







  1. Shutdown Protection? I think we should not add that option to right click menu because when a ransomware comes as a crack or patch the user need to stop their antivirus to run that that file, they mention that in the download window. as the user searches for stopping the protection he will see and click on the shutdown protection button, boom all the files will be locked before he knows it. since we are not running in the background we can't do anything... I think the button should be like "stop protection" which will turn off automatic protection. since the behaviour analysis is running in the background we can block it... please reply and let me know if this suggestion worth of thinking...
  2. Emsisoft Internet Security 2017.4.0.7424, running on Windows 10 Home x64. Action Center does not register EIS' firewall as being active and keeps asking to turn on Windows Firewall.
  3. EIS 2017.6.0.7681 Windows 10 Pro Version 1703 OS Build 15063.483 64-bit Microsoft Edge 40.15063.0.0 With either EAM or EIS installed, I notice a distinct slowdown in the connection of Edge to IP addresses. This happens every single time I launch Edge or click on a link within a webpage. I have tested multiple high-end machines (i7 7700K, 64 GB RAM, 15+ Mbps networking speed) as well as different networks with speeds in excess of 80 Mbps. Edge connection to URLs\IPs is notably faster after EAM or EIS is uninstalled.
  4. Hey, I am a beta tester. I really want to test some products of emsisoft... is there any beta testing on going now? is there any way to join any program?
  5. I found a thread named Miner Problems similar to the issues I am having on your forums. I am running server03 in a VM. I tried to install EEK but it's telling me that KB2533623 is required to start it so I stopped. From the other thread it looked like running AVZ resulted in a fix. I would appreciate any help that you can give me. Attached are the FRST.txt and Addition.txt files. Thanks! Addition.txt FRST.txt
  6. All of this started 1½~ week ago. Bitdefender(free) started blocking 2 things, "item.dat" and "lsmo.exe". The second one got blocked every 3 hours on the second. This went on for around a week then suddenly nothing for a day or two. Then i noticed on my cpu/ram/hdd monitor that my CPU was overworking itself to death and say a file called "lsmose.exe" eating away at full power. I manually killed it and scanned the file with bitdefender which found nothing wrong with it, deleted it from my HDD. Then anywhere in a 3-8h window this guy would come back, so i froze its process with Process explorer so i didnt have to bother with it. This worked for a while but then a new file called "lsmosee.exe" got added and killed the first one and started chewing CPU. Now both of these got added everytime but only 1 of them would start up. Also at the same time these 2 where downloaded something killed my task manager if i had it open(but ignored process explorer) and it added 3 new scheduled tasks for system startup called "Mysa1", "Mysa2" and "ok". Mysa1 and ok wanted to start up DLL files in the same folder in the miner called "item.dat" and "ok.dat", item.dat has been stopped a week ago and never seen from again, never seen ok.dat probably stopped even earlier. Mysa2 does something with the cmd which i guess you will see in the logs. Yesterday bitdefender stopped and quarantined lsmose.exe and tagged it as a "trojan generic" but i manually scanned lsmosee.exe and it found nothing wrong with it. Also the schedules point to windows\debug where the 2 miners always appeared, but after bitdefender stopped lsmose.exe, lsmosee.exe started appearing in windows\help. lsmosee.exe was still on my HDD when i did the logs and the system start up schedules are also there but i turned them to inactive in case of PC crash or sudden restart, i always delete the schedules before i restart my PC but they get reactivated even if i dont delete them when the miner drop happens. Dont really dare to swap out from bitdefender atm since it's keeping part of the problem at bay. Edit: I also did the scans with lsmose.exe on my hdd before bitdefender got updated and caught it and the first scan did not detect it. Logs: scan_170727-052925.txt FRST.txt Addition.txt
  7. Updated EAM from 7213 to 7219 on Win 7 64bit. Turned laptop off. After a few moments turned it back on again (to confirm delay in boot fixed now) Then got to old user profile issue again. Had to log out and log in again as me. Attached are both sets of debug logs from the 2 boots this morning, plus the 4 event viewer errors 1508, 1502, 1515, 1511. Note the user profile service in this session said it had successfully started (1531) immediately before the errors. (Frank this user has a ticket with you for similar issue?) https://support.emsisoft.com/topic/26833-bootvorgang-korrumpiert/#comment-167652 a2guard_20170226055045(3236).zip ev4.zip
  8. Win 7 64 bit. Uninstalled EAM and rebooted twice. Updated EEK from 7677 to 7694. Did a scan and it found Eicar. At end of scan it offered to install EAM. No reboot needed after EAM was installed. Everything went perfectly P.S. I don't like the fact that no desktop icon appears for EAM when you use the EEK download P.S. Forgot to say thanks to dev team for offering choice to remove all logs and reports when uninstalling EAM.
  9. I do have the same problem; Mysa1, 2, 3, lsmose.exe and weird entries in the task scheduler
  10. EIS 2017.7.0.7797 Office365 (all versions) The Office365 installer launches Powershell. Powershell code triggers Emsi's anti-exploit protection.
  11. EAM Win 7 64bit What is the default for the number of Forensic log entries? Is it the same as default of 300? (It will soon fill up) Is the Forensic log supposed to show any changes I have made from the default settings everytime I open the GUI? for example.. Setting "Application restarts" has been changed to "Enabled" Setting "Removable device connections" has been changed to "Enabled" To see this, change a setting, reboot, open Settings and quickly cycle though General, Privacy, Update etc tabs and then Forensics will show any changes from Default settings that you have. When I have an auto update while online it will show that I have moved update notification to right center.
  12. Exploit protection trigger when you launch hp recovery manager. No clue if it's something you need to fix or vbs scripts launching always give an exploit alert but just letting you know. http://i.imgur.com/fgJpIZn.png
  13. EAM on Win 7 64 bit after manual update from 7797 I did a block all rule for mspaint to test fix. This is warning I get when I tried to run it.
  14. "New: General warning for possible compatibility issues with other already installed Anti-virus/Anti-Malware programs, during installation." Where/what list for people that don't install regular? I would like to know compatibility issues without installing. Could you post one? Thanks.
  15. 2 Desktops and 1 VM all autoupdated. So far so good.
  16. One VM and one desktop updated today. Both updates went fine. So far so good.
  17. Is there any beta testing on going now? do I get any prizes if were able to detect more bugs or help you in any way?
  18. On a Windows 10 system, Emsisoft has reported the following: "The following Windows kernel files have been detected as infected: C:\Windows\System32\sdclt.exe As these files are essential for Windows to work, you can't delete or quarantine them." Please advise on how to proceed.
  19. I am noticing random browser opening, infrequent, but disturbing for adware/malware infection. I have downloaded EEK and FRST and ran both. Will attach the files. Nil detected with EEK. Also noticing when opening Office 365 file (word or excel), sometimes not working on the first go. Your help is appreciated. FRST.txt Addition.txt scan_170716-085701.txt Scan_170716-085737.txt
  20. i keep getting pop ups malicious code detected in the following file : c:program files\intel\sur\queencreek\task.vbs any help gratefully recived Haydn
  21. This is just a FYI as it is a Windows bug Windows 10 Pro Version 1703 OS Build 15063.483 64-bit EIS 2017.6.0.7681 1. Windows Security Center shows EIS Firewall ON and Windows Firewall OFF (Cap1 below) 2. Despite 1 above, Windows Firewall GUI shows Public Profile - Windows Firewall ON (Cap2 below) 3. Within Windows Firewall GUI, change Public Profile - Windows Firewall from ON to OFF and then Save Settings 4. The change made in Step 3 does not always persist; Public Profile sometimes reverts from OFF back to ON (Cap2 below) 5. After attempting to set Windows Firewall Public Profile to OFF multiple times, it stays OFF (Cap3 below)
  22. Hi, I am getting warning messages from both attempting to delete and quarantine infected files; I am being told they I am at risk of crashing my system. Am looking for help safely cleaning out these files please. All logs are attached. Thank you scan_170718-212453.txt Addition_18-07-2017 23.00.47.txt FRST_18-07-2017 23.00.47.txt
  23. Hello, on my pc i found the Trojan.SmartService trojaner and after delate it appers after pc is rebboting. Log File is attached. I have serached the forum for help but the user have become a pm how delate the trojan. It seems that this is a file loose infection. How is it that Emsisoft does not see this in behavioral analysis? Is there currently a possibility to recognize this threat in real-time. What does this Trojan do on the system? Thanks Krolik scan_170718-134822.txt
  24. Hi, I have recently been plagued by clicks initiating new tabs with advertising. I have run malwarebytes, hitman, etc and finally came across EEC. The scans keep coming up clean but the problem persists. I have tried to attached reports as requested. The Farbar scan is not creating reports, or they could be null reports. Thanks for any assistance you can offer. I have PC with Windows 10.1 64 bit. I have Bitdefender installed. Thanks, Steven scan_170710-145150.txt
  • Create New...