Search the Community

Showing results for tags 'Closed'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Found 840 results

  1. Good afternoon everyone, I have a problem on my computer, I can not see the photos, The photos have this name. I dont know what it is and how to recover the photos, if you could help me. Since there was no image of any 'rescue' of the photos, I'm not sure if it's any ransomware or what it could be. scan_170818-144400.txtFRST.txtAddition.txt
  2. Hi, I downloaded the Emisoft software and ran a scan on my computer yesterday. 13 files were detected, 12 were low risk and looked unimportant for computer functioning ( something or other, all of them). I quarantined all of the files. Now I am unable to open any files (pictures, pdfs, etc) on my computer, nor many programs (adobe, VLC, etc). The Emisoft scan tool is also constantly popping up on the screen without be prompted to. I went back in to restore the quarantined files just in case that caused the issue, but all of the low risk files have disappeared. The medium risk one was still there, however. When I went back in to access the log of the quarantined files from yesterday, only one file remained, which was deemed medium risk. None of the low risk files are there anymore. When I attempt to uninstall a program, I get the error message "RuntimeBroker.exe" .... "Server Execution Failed." When I attempt to open a program (ie. Adobe) is get the error message "The application was unable to start correctly (0xc0000005). Click ok close the application". I'm in the last few weeks of trying to complete my thesis and desperate to resolve this issue quickly, as I am completely helpless without my computer and it's stored contents. Thank you in advance for your help!
  3. The EAM notice contains the text in Finnish: Since these files are essential for Windows, you can't remove or export them to quarantine. scan_170729-224435.txt FRST.txt Addition.txt
  4. I have enabled all the protection setings including file guard, but after each and every restarts its get turned off automatically. is it a known issue?
  5. First scan, found adware in zip files and windows 10 kms activator. When i tried to quarantine your popup said if i did it could damage. What do i do? Wouldnt program find files that are bad to keep? I am a novice. ~email address removed to avoid member being spammed Shell24
  6. when u click "always block this" , there is no responding test with latest beta 7318 ,window 7 x64
  7. Shutdown Protection? I think we should not add that option to right click menu because when a ransomware comes as a crack or patch the user need to stop their antivirus to run that that file, they mention that in the download window. as the user searches for stopping the protection he will see and click on the shutdown protection button, boom all the files will be locked before he knows it. since we are not running in the background we can't do anything... I think the button should be like "stop protection" which will turn off automatic protection. since the behaviour analysis is running in the background we can block it... please reply and let me know if this suggestion worth of thinking...
  8. EIS 2017.6.0.7681 Windows 10 Pro Version 1703 OS Build 15063.483 64-bit Microsoft Edge 40.15063.0.0 With either EAM or EIS installed, I notice a distinct slowdown in the connection of Edge to IP addresses. This happens every single time I launch Edge or click on a link within a webpage. I have tested multiple high-end machines (i7 7700K, 64 GB RAM, 15+ Mbps networking speed) as well as different networks with speeds in excess of 80 Mbps. Edge connection to URLs\IPs is notably faster after EAM or EIS is uninstalled.
  9. Hey, I am a beta tester. I really want to test some products of emsisoft... is there any beta testing on going now? is there any way to join any program?
  10. I found a thread named Miner Problems similar to the issues I am having on your forums. I am running server03 in a VM. I tried to install EEK but it's telling me that KB2533623 is required to start it so I stopped. From the other thread it looked like running AVZ resulted in a fix. I would appreciate any help that you can give me. Attached are the FRST.txt and Addition.txt files. Thanks! Addition.txt FRST.txt
  11. All of this started 1½~ week ago. Bitdefender(free) started blocking 2 things, "item.dat" and "lsmo.exe". The second one got blocked every 3 hours on the second. This went on for around a week then suddenly nothing for a day or two. Then i noticed on my cpu/ram/hdd monitor that my CPU was overworking itself to death and say a file called "lsmose.exe" eating away at full power. I manually killed it and scanned the file with bitdefender which found nothing wrong with it, deleted it from my HDD. Then anywhere in a 3-8h window this guy would come back, so i froze its process with Process explorer so i didnt have to bother with it. This worked for a while but then a new file called "lsmosee.exe" got added and killed the first one and started chewing CPU. Now both of these got added everytime but only 1 of them would start up. Also at the same time these 2 where downloaded something killed my task manager if i had it open(but ignored process explorer) and it added 3 new scheduled tasks for system startup called "Mysa1", "Mysa2" and "ok". Mysa1 and ok wanted to start up DLL files in the same folder in the miner called "item.dat" and "ok.dat", item.dat has been stopped a week ago and never seen from again, never seen ok.dat probably stopped even earlier. Mysa2 does something with the cmd which i guess you will see in the logs. Yesterday bitdefender stopped and quarantined lsmose.exe and tagged it as a "trojan generic" but i manually scanned lsmosee.exe and it found nothing wrong with it. Also the schedules point to windows\debug where the 2 miners always appeared, but after bitdefender stopped lsmose.exe, lsmosee.exe started appearing in windows\help. lsmosee.exe was still on my HDD when i did the logs and the system start up schedules are also there but i turned them to inactive in case of PC crash or sudden restart, i always delete the schedules before i restart my PC but they get reactivated even if i dont delete them when the miner drop happens. Dont really dare to swap out from bitdefender atm since it's keeping part of the problem at bay. Edit: I also did the scans with lsmose.exe on my hdd before bitdefender got updated and caught it and the first scan did not detect it. Logs: scan_170727-052925.txt FRST.txt Addition.txt
  12. Updated EAM from 7213 to 7219 on Win 7 64bit. Turned laptop off. After a few moments turned it back on again (to confirm delay in boot fixed now) Then got to old user profile issue again. Had to log out and log in again as me. Attached are both sets of debug logs from the 2 boots this morning, plus the 4 event viewer errors 1508, 1502, 1515, 1511. Note the user profile service in this session said it had successfully started (1531) immediately before the errors. (Frank this user has a ticket with you for similar issue?) a2guard_20170226055045(3236).zip
  13. Win 7 64 bit. Uninstalled EAM and rebooted twice. Updated EEK from 7677 to 7694. Did a scan and it found Eicar. At end of scan it offered to install EAM. No reboot needed after EAM was installed. Everything went perfectly P.S. I don't like the fact that no desktop icon appears for EAM when you use the EEK download P.S. Forgot to say thanks to dev team for offering choice to remove all logs and reports when uninstalling EAM.
  14. I do have the same problem; Mysa1, 2, 3, lsmose.exe and weird entries in the task scheduler
  15. EIS 2017.7.0.7797 Office365 (all versions) The Office365 installer launches Powershell. Powershell code triggers Emsi's anti-exploit protection.
  16. EAM Win 7 64bit What is the default for the number of Forensic log entries? Is it the same as default of 300? (It will soon fill up) Is the Forensic log supposed to show any changes I have made from the default settings everytime I open the GUI? for example.. Setting "Application restarts" has been changed to "Enabled" Setting "Removable device connections" has been changed to "Enabled" To see this, change a setting, reboot, open Settings and quickly cycle though General, Privacy, Update etc tabs and then Forensics will show any changes from Default settings that you have. When I have an auto update while online it will show that I have moved update notification to right center.
  17. Exploit protection trigger when you launch hp recovery manager. No clue if it's something you need to fix or vbs scripts launching always give an exploit alert but just letting you know.
  18. EAM on Win 7 64 bit after manual update from 7797 I did a block all rule for mspaint to test fix. This is warning I get when I tried to run it.
  19. "New: General warning for possible compatibility issues with other already installed Anti-virus/Anti-Malware programs, during installation." Where/what list for people that don't install regular? I would like to know compatibility issues without installing. Could you post one? Thanks.
  20. 2 Desktops and 1 VM all autoupdated. So far so good.
  21. One VM and one desktop updated today. Both updates went fine. So far so good.
  22. Is there any beta testing on going now? do I get any prizes if were able to detect more bugs or help you in any way?
  23. On a Windows 10 system, Emsisoft has reported the following: "The following Windows kernel files have been detected as infected: C:\Windows\System32\sdclt.exe As these files are essential for Windows to work, you can't delete or quarantine them." Please advise on how to proceed.
  24. I am noticing random browser opening, infrequent, but disturbing for adware/malware infection. I have downloaded EEK and FRST and ran both. Will attach the files. Nil detected with EEK. Also noticing when opening Office 365 file (word or excel), sometimes not working on the first go. Your help is appreciated. FRST.txt Addition.txt scan_170716-085701.txt Scan_170716-085737.txt
  • Who's Online   0 Members, 0 Anonymous, 104 Guests (See full list)

    There are no registered users currently online