Search the Community

Showing results for tags 'Closed'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Found 842 results

  1. You may or may not remember Frank I have always had very low figure showing in taskmanager details for all the 3 Emsi things. Since you 'fixed' the a2start thing in this new beta my a2start CPU moves between 1-2-and 3% constantly. I also cannot get memory usage down to previous levels. Plus the processes window jumps all the time because of a2start. What did you change that could have had this affect on my machine? I know it is not a high CPU etc, but I've never had it before.
  2. I wasn't able to neither quarantine nor delete a malware detected in a system essential file. So please suggest me a way to safely remove this infection.
  3. Hi, I am using a Windows 8.1 64Bit OS. A few days ago my antivirus AVAST detected a rootkit C:\Windows\System32\Drivers\Wdf45726.sys Every time I delete this file manually or thru AVAST it comes back after reboot. Avast does not allow me to Quarantine this file. I am unable to rename this file as i get "Access Denied" error even in Safe Mode and Logged on as Administrator. I have used Adaware and Malwarebytes which found some more potential Trojans etc which I was able to remove easily except this one. I ran EMISoft Emergency Kit and it too detected this. Regards, Sam Addition.txt FRST.txt scan_200615-115023.txt
  4. Hi i know you advised that Malwarebytes and emsisoft dont get along now but ive still been using it, but i notice now certain programs not starting including iexplore Malwarebytes has found, malware removed and a pup but its a program after downloading i scanned and it came up clean, it seems trying to uninstall the program my problems started Can you run me through the process of removing malware, as although ive run a deep scan many times nothing is showing but my PC is not happy with something, im running a vpn also Many thanks Haydn PS - this link advertises the software i installed and i couldnt remove it so i installed software from this site both appear to be infections, these arnt links to the actual downloads regards Haydn O appologies if i wrote this in the wrong section
  5. Problem #1: I am being inundated with adds that I am unable to close. Many of them take up a good deal of screen real estate making content difficult to read. They are identifiable by a small blue triangle with the word "AdChoices" next to it. When I click on "X" to close the ad ... the ad is replaced by the text "Ads by Google ... Report this ad ... Why this ad?". A few seconds later this is replaced by another ad. Problem #2: uBlock Origin is blocking zero items on every webpage I visit. Problem #3: On ... when reading a page describing an item to buy ... and when the mouse pointer is in the top left half of the page where product images are ... the mouse pointer drags around a blue cross hatched rectangle that magnifies everything. The magnified image is large and located on the right side of the mouse and blocks out almost all text. While investigating the problem prior to this post EAM detected and quarantined JS:Trojan.Cryxos.3758(B) ... I don't know if it is related. Quarantining it didn't fix the problems described above. Specs: Windows 10 v1909, FireFox v76.0.1 (64 bit) EEK and FRST reports are attached So ... I need help! Thanks! KenB Addition_25-05-2020 21.37.18.txt scan_200525-212939.txt FRST_25-05-2020 21.37.18.txt
  6. As we improved WSC integration in v2020.6, could one of you test on a 32 bit OS an check if EAM is registered in WSC after update to beta please note that it can take a few minutes till Windows starts WSC, Thanks
  7. Well the browser addon notification works.
  8. Win 8.1 64 bit The logs display is completely empty. (I have 'all components' set, and the filter field has no contents not even spaces.)
  9. I just reported a problem in the main forum, of a2start going mad when the last update got installed about 25 minutes ago. See: occurs to me that -.10078 is maybe stil only a beta? (How is one meant to know?) Debug logging was on throughout this - do you want the logs?
  10. Update went well and all seems ok. Did you know Frank that if you forget a scan is running in tray, and you do a context menu sca, the cursor freezes a bit while it has a think and then just carries on as if you hadn't asked it to do that 😀
  11. Win 10 via manual update from previous beta. All seems ok (scans etc)
  12. Updated manually on Win 10 1909. Whenever I do a right-click scan with EAM on something on my desktop for example, a separate entry for a2start appears in the logs folder (ProgramData) Why is that? If I have a folder and do a context menu scan on it, it automatically gets stored in the custom scan settings and will stay there until I do another context menu scan on a different item. It will then replace the previous item in the custom scan settings. Why is that? I do understand that context menu and custom scans are the same, but right-click scan with EAM tend to be one offs, and so I don't see why they should be stored as a custom scan entry in the GUI.
  13. hi all, i need to uninstall ad-aware, and i have bugs & malwares installed on all my comodo virtual desktops: the containment & the secure shopping, which makes impossibility to make online shopping bugs & malwares in the infected virtual desktop of containment (comodo sandbox)--: -reimage -yara editor trial -diffview trial -techtoolstore->privazer -tuneup360 -audio/video to exe -registry first aid -smart privacy cleaner -if/when i try again to reinstall the virtual desktop of comodo sandbox: impossible->error of installation of microsoft siverlight and the bugs & infections installed in the virtual desktop of comodo secure shopping: -pchelpsoft pc cleaner -spyhunter -radiorage en page d'accueil -systools pdf bates numberer -wondershare 1-click pc care internet problem on galaxy book pc, the icon of livebox wifi displays connected/connexion ok, but if i come on/go to various internet browsers i have error of connexion at every web sites the UVK & UAK logs here: Thanks... uak rapport.txt Ultra Virus Killer Report.htm
  14. My Desktop icons and taskbar periodically just disappear, leaving only my wallpaper image visible. The only way I have found to recover (without a power-off/on hard boot) is to bring up Task Manager and log off, then log back on at which point my Desktop is restored. "Windows Explorer has Stopped Working" keeps popping up in mid-session, the only recovery option being to Restart Windows Explorer, thereby losing whatever I had been working on. I have run sfc /scannow to see if any Windows files were corrupt, but it reports no problems found. The only common factor I can find in the various "solutions" found on various sites for both of these issues is Malware, so here I am, on bended knee- "Help me, Obi-Wan Kenobi, you're my only hope!" Logs are attached, please help. Thanks. Addition.txt FRST.txt scan_200417-182828.txt
  15. Hi. so i have a problem started this morning, a strange error keep popping up on the startup i will attach a screenshot of it and the name of the file causing the error is Win32 Cabinet Self-Extractor, not sure if i got kind of virus or its just windows itself kidding me. scan_200423-233248.txt FRST.txt Addition.txt
  16. Hi There! In the interest of keeping this short and to the point, I believe I have some sort of persistent malware / rootkit / keylogger, which apparently, is able to survive a clean format and installation of Windows 10. Right now, I have a relatively clean installation (as far as I can ascertain) of Windows 10 Home 64bt, along with some minimal software: Chromium based Edge Browser Office 365 OneDrive Windows Defender I've attached the Emsisoft Rescue Kit and Farbar Recovery Scan logs per the instructions. --- Below is the, not so short, possibly irrelevant details about what was happening prior to the current configuration... I've been dealing with a stalker situation offline. Specifically, my upstairs neighbor. That along with some curious behavior from my laptop, led me to suspect malware. Additionally, I live in a city with an unusually robust community of hackers. There are over a dozen of hacking/coding/security boot camps within a 1 mile radius of where I live. It is not out of the realm of possibility here, as it might be elsewhere. I've also observed various fishy incidents: For instance, in one such incident, Windows Update, one day, notified me of a keyboard driver update, all of a sudden out of nowhere. When I went to verify these drivers with the manufacturer, there were no such drivers. (When I reinstalled Windows, as noted above, and updated all drivers, this same driver wasn't offered again.) When I initiated a support chat with Microsoft, the support technician directed me to a shady non-Microsoft site to get more information about this driver. It could just be Microsoft being cheap and hiring inexperienced support people, but it was extremely strange, and immediately set off alarm bells in my head. (I have screenshots of this incident if you would like to see. ) A terminal window starting popping up on every startup, apparently running some script, before quickly closing My BIOS admin/user password along with the startup lock disappeared all by itself Various suspicious Wi-Fi networks probing the area, and repeated disconnections, as might happen during a deauthorization attack. All this leading me to use ethernet instead instead of Wi-Fi. Numerous other incidents, which in retrospect were extremely suspicious and should have set off alarm bells. Before reinstalling Windows 10 from scratch*, for the final time, the following security software was installed on another clean installation of Windows 10: Sophos AV novirusthanks OS Armor Voodoo Shield malwarebytes Windows Firewall Control This resulted in a weird Windows "black screen of death" crash: Logon was normal Post Logon was greeted with a black screen showing only my mouse cursor, that's all (almost as if a remote desktop session had been initiated, but this is Windows 10 Home and I had disabled all remote access... CTRL+ALT+DEL did not work SHIFT + Power Button also didn't work Safe Mode Threw Errors when I tried to restore to an earlier restore point I consider myself relatively computer savvy, so yes, you can assume I tried all the usual tricks to boot into Windows, nothing worked. I did this a couple of times, installing only Sophos, or only OS Armor and VooDoo shield. They all ended with this black screen of death after an initial period of working. So I'm thinking, maybe those security programs set off some sort self-defense mechanism? So I started from scratch* and came here for help to see if perhaps I am missing something. I did notice in the Farbar logs something about a modified boot sector, but I'll leave the analysis to you... * Well, I started from scratch as much as I could. Normally, in this situation, I would have removed the drive entirely and attached it to another computer running Linux or something, and done full format, making sure I had overwritten everything, unfortunately, on this laptop, the main drive is an NVMe SSD located in a very difficult area to reach. Instead, in this case, I tried to overwrite everything using the Windows installation software on a USB stick I had made for me from a Microsoft Store in town. Addition.txt FRST.txt scan_200419-184855.txt
  17. Win 10 1909 via autoupdater. No issues so far. Took a little while for readings to settle down after beta update but they are fine now.
  18. I ran Emsisoft and received the message that it was unable to remove "C:\Program Files (x86)\IdeaBadaga\IdeaBadaga.exe" I then ran the required 3 tools as your forum requests. I have the 3 files but no idea how to "attach" them here. Any help is appreciated! (This is for my mother-in-law's computer in case the different email matters - hers is ********* KATIE scan_200408-134044.txt Addition.txt FRST.txt
  19. My 23rd day with trouble; Apps don't install, or they crash after a few seconds. Apart from that, the system is 100% stable. No "traditional bluescreen"/system crash. I am far from an expert in many fields, but I have fixed all kind of computer problems myself, since 1983, within a day or two. This time I'm really stuck. Latest: MS Defender now (not shown before) report "HackTool: Win32/AutoKMS, 10.04.2020 17:46 (Active)" - "Start Actions - Hacktool: Win32/keygen ....High". I'm unsure what Defender did about it. I try to follow this : , but MBSetup.exe crash as soon as "Installing" starts. Only the two M.2's installed/connected, Everything I have tried to install the past weeks is licensed software, and/or free software. (Emissoft, EaseUS Todo Backup, EaseUS Partition Master, Macrium Reflect, Faststone image viewer/capture (free, but I have licenses for both) ++ Online scan (F-secure, Eset): Downloading install file OK, but installing (as adimin or not) leads to crash within 5-30 secs, during installation or performing the task. I reboot a lot. Secure boot is set to UEFI, boot manager on M.2 as the only boot option. More info, written earlier today: Many of the installed programs also crash (when I restore old images) Usually Werfault.exe report something like "Instruction ...referred memory at address..... Memory could not be read /...could not be written." All Microsoft programs works OK (Outlook, Excell, Notepad...). Edge, Chrome, Emisosoft, EaseUs Partition Master and some other program work OK. Installers for online scans (Eset, F-secure) crash. EEK crash It doesn't matter if I start anything normally, or as admin. I have also had a lot of these errors WDDMStatus, AliyunWrapExe, NVIDIA Web Helper, AISuite3, SearchProtocolHost, DipAwayMode, acrobat_sl, unins000, epm0, FXC_ProxyProcess ++, but not so many of these lately. I have made several clean install of Windows Pro 10/64. Problems persists. Install image from july 2019. Problems persists. Update Windows. Problems persists. Roll back Windows build 1909. Problems persists. 4 x 16 RAM, Corsair . Have tried 2x16 GB in slot A1/2, or only B1/B2. I have run several memory tests. BIOS, HWInfo and laser thermometer show low temperatures. OCCT stress test OK. HWInfo report CPU 2.2 GHz in "security mode". 3.7 GHz otherwise. I now run with only two M.2's installed. All HDD's USB's are disconnected. ASUS ROG Crosshair Hero VII Wifi (july 2019). Replaced a few days ago with ASUS X570-PRO AMD Ryzen 7 2700x Samsung M.2 (2016) replaced with Samsung M.2 SSD 970 EVO+. Clean install of OS. Problems persist. Update Win, problems persist. Install image from july 2019 (no problems), problems persist. GPU Nvidia GeForce GTX 1660 Ti. Tried both "Gamer-driver" and "Studio-driver". Now unable to reinstall/change driver. I also started a thread at Tom's hardware March 23rd ( )
  20. Hello, I am trying to help my father with a virus on his computer. Your tool detected the subject trojan and I am following your guide on how to get support for the removal. Please find the attached files requested. Thank you, Stu Addition.txt FRST.txt scan_200406-040502.txt
  21. hi all, i'm back, android emulated on my Windows of my two computers on MEmu are infected by the malicious apps on/of that link: which infected the two pc, memu, hijacked and hacked my gmail accounts, because of that infections &bbugs, camtasia/snagit freezes and crash, i have licenses of eset drive security installed on 3 usb disks: -the 4gb Kingston privacy datatraveller vault -the 40GB portableapps datashur -and my winsows to go workspace 64 Gb Kingston workspace with portabilized Windows (my 3RD pc) its partnership with clevx, only eset license i have is drivesecurity, this forums and disinfection here is accepted.possible for eset drivesecurity license detenders ? eset, avg & emsisoft installed have also two bugs on two others devices (ray) : the 64 GB SD Card & the Acer R1 Series Monitor: i have bug on acer r1 series monitor on desktop pc:if/when i turn on the screen it's takes between 10 minutes & 1 hour to turn on the screen (longtime black screen with at certains time a energy star logo) the 64 GB sd infected it's impossible to take with sony cybershot my important video the april 10Th:"database error" my DNS is Comodo TrustConnect THanks...
  22. Via manual updates Win 10 1909 running EAM binary (10100 !!) Can you give a clue as to any of the fixes?
  23. Installed via autoupdates on Win 10 1909. GUI seems to behave a bit better By the way, how many times during a malware scan should it say 'enumerating files' ?
  24. Win 10 1909 with all updates. Updated beta enabled 10048 to 10065 without issue. Did a malware scan and again Defender caught eicar first (debug logs and screenie attached) There is no trace of eicar on machine now even though I selected for Defender to allow it. Can confirm that right-click delete now works on EEK folder using Win10 Downloaded and installed EEK again. I noticed in Forensics that it says ''detect pups has been changed to enabled'' It didn't ask me about that!!
  25. hi all., we are new in the forum of antivirus, if i import videos with camtasia the application freeze, it causes i can't produce and upload in youtube with camtasia in MEmu android emulator on pc a notification "MEmu (rocket cleaner) 99.0 mb" appears repetitively but rocket cleaner is malicious app installed on MEmu whichs causes hacking of Google accounts, the speed clean and G5 Gamebox malicious android apps on MEmu virtual android on windows more info here: En bref Dans MEmu tous ça à piraté le pc, camtasia freeze et comme on est français et sur forum antivirus multilingue the traduction i installed google translate: salut à tous., nous sommes nouveaux dans le forum des antivirus, si j'importe des vidéos avec camtasia, le freeze de l'application, ça fait que je ne peux pas produire et télécharger sur youtube avec camtasia dans l'émulateur Android MEmu sur PC, une notification "MEmu (Rocket Cleaner) 99,0 Mo" apparaît de manière répétitive mais Rocket Cleaner est une application malveillante installée sur MEmu, ce qui provoque le piratage des comptes Google, speed clean et G5 Gamebox malveillantes applications android sur MEmu virtual android sur windows Plus d'infos ici: [/blue] avanquest uninstalled & thanks/merci...