Jump to content

Search the Community

Showing results for tags 'Closed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







  1. Hi, Searching this morning for a formula to calculate the result of a multi-innings cricket match (it's a big game here in the UK and other parts of the world!) I downloaded and scanned with Emsisoft a zip file which the search had suggested might be able to help. No negatives from Emsisoft so I unzipped the file. I stopped unzipping it when a second and then a third zip file appeared. I then completed scans by Emsisoft and in the process 19 I think it is malware objects were removed. The EEK hasn't found any more since then. However, my browser appears to have been hijacked. Every so often a new tab (in Chrome) will appear with the message "Loading ... " although nothing else appears to happen. I have also notice in the Programs section of Control Panel that there a program with what I suspect is a Russian name has been installed which has a publisher called Mail.ru. Another search of the web seems to show there are removal tools for it - I'm very reluctant to click the "Yes" button (which is in English) in CP in order to remove it. Can you help please? Files as requested are attached. Thanks in advance. Bob Patterson scan_170711-142150.txt FRST.txt Addition.txt
  2. Everytime I run a scan it gets stuck at zPharaoh.exe - How do I remove it permanently ? Thanks.
  3. Why a program does not delete these viruses located in a computer report1.pdf
  4. Hi there, I can't download Emsisoft Emergency Kit or - Farbar Recovery Scan Tool as my PC won't let me get past start up unless it's through booting safemode. (can only acces safemode on my PC) I have the above issues - Trojan.smartservice(a) infection x2. It's maifesting itself in giving me a blue screen up on start up and lot letting me boot up unless in safemode.. Please help! thanks.
  5. I have GeekBuddy by Comodo which I was told by the Comodo chat support to download the Geekbuddy. When I downloaded it, suspicious popups started appearing saying that I had many viruses and such which sounded wierd as my laptop is brand new so I knew it didn't sound right. I uninstalled Comodo and then I tried to uninstall the Geekbuddy from within the control Panel but it is not doing anything. I ran Eset Scan and it detected nothing, then I ran Emsisoft Scan and 4 Malware objects were detected. I presume it's from the Geekbuddy or Comodo. I am using the trial version of Emsisoft so what do I need to do to remove Geekbuddy?
  6. Greetings, It seems my computer has been infected with malware for weeks. Every hour my Emsisoft detects and quarantines this program. In the process, my computer downloads about 20 Gbytes per day if left on continuously. An Emsisoft scan does not find the problem. I have run Malwarebytes and SuperAntiSpyware free addition but neither of these have found the problem either. Attached are the reports from the Emsisoft Emergency Kit, Farbar Recovery Scan Tool, and quarantine logs from Emsisoft Antimalware. I appreciate any assistance you can give me. Thanks, David Addition.txt BB_170624-053654.txt FG_170624-053637.txt FRST.txt Quarantine_170624-053524.txt scan_170624-060215.txt Shortcut.txt
  7. Hi! I have an urgent problem! Emsisoft does not detect the Trojan below. However, Kaspersky does detect it, but cannot remove it: Detected: MEM:Trojan.Script.AngryPower.gen Location: System memory. Any suggestions please?
  8. This is what needs to be removed: C:\ProgramData\Microsoft\Windows\WinLogonUpdater\slinit.exe Trojan.GenericKD.4739092 I haven't been able to load EEK so I can not attach its logs, FRST loaded and ran, logs are attached. Addition.txt FRST.txt
  9. Me: "I was reading the recent EIS notification re Double Pulsar malware and while reading it online with Chrome, there was an attempt at an exploit in the folder \Downloads\Emsi\ but fortunately EIS stopped the exploit." GT500: "The DoublePulsar exploit detection only detects if DoublePulsar is trying to install a payload, so it is possible that there is still a DoublePulsar infection present and it just hasn't tried installing another payload since the first time it was blocked. That being said, our DoublePulsar detection is fairly new and I'm not sure whether or not it is possible for something to trigger a DoublePulsar alert even if it isn't actually DoublePulsar (most Behavior Blocker alerts can be triggered by legitimate software). Just in case I recommend following these instructions for creating a new topic in our Help, my PC is infected! section, and one of our malware removal specialists will take a look at your logs." Thanks in advance for your help. Addition.txt FRST.txt scan_170704-201510.txt
  10. Hey, Someone in the stable product forum posted about an issue with Windows' firewall status being misreported post-creators-update. I ran into an issue with the current beta (.7538) wherein EIS reports the product firewall is functioning, Windows says: 1. Emsisoft isn't mentioned as product managing the firewall, 2. The Windows firewall is off. (reported by both Windows Security center and the Windows Firewall applet itself). In this state, the firewall is actually stopped and EIS' firewall doesn't do anything to inbound packets (I'm able to ping the system despite explicitly blocking ICMP echo for testing purposes) Would you guys like me to see if I can reproduce this and provide logs, or is it something you're already aware of & tracking? Thanks Chris
  11. Hi, Emsisoft has flagged the title files as infected and sent me here. Hope you can get this sorted for me. Please find the files you requested attached as well as one from the scan that flagged this originally. TIA FRST.txt Scan_170628-191707.txt Addition.txt EmsisoftBehavioirLog.log
  12. I have a computer that has the Zeus Virus Attack on it and we were to call Microsoft which turned out to be a scam. They wanted money to fix the computer! I downloaded the Emsisoft Emergency Kit and ran the program but it did not catch this virus nor any. My computer does not support the Farbar recovery Scan Tool so I could not download that program. So I don't know what log you are looking for after the Emergency Kit was run. Help!
  13. Fabian, Please find attached the log files from the FRST. I look forward to your next instructions. Thank you. FRST.txt Addition.txt
  14. Windows 7 using EAM EAM was uninstalled and I downloaded and re installed EAM through the new feature in EEK This was build 7600. I turned on beta updates and updated to 7681 manually. No issues with update. I did notice that after the EAM download through EEK I was asked to restart machine which I did. There were none of those system integrity 6281 errors showing in event viewer. So I did a shutdown of machine. After turning machine back on the 6281 errors did show. Does this mean EAM was not hooking until a full shutdown and restart of machine was done?
  15. Installed this via updater from 7437 beta on Windows 7. No issues with update. Did a scan and after it found Eicar and finished scan it offered to tell me more about protecting my machine which took me to the EAM download page. Is that how the new easy switching feature works? Is yes, it worked
  16. Emsisoft Anti-Malware and Emsisoft Internet Security 2017.6.0.7640 In new "Email Notifications" window, "Ok" button should be "OK".
  17. Windows 7 and Windows 10 using EAM. Why has this event id of a security audit failure mentioning a2hooks64.dll started showing under the Security section of the Event Viewer? I see there was a post about it in German section which Fabian answered but German is not my strongest subject Here are debug logs of the audit failure after boot on my Windows 10 64 bit machine just now, along with entry from event viewer. a2service_20170620144414(1336).zip
  18. I'm trying to open a couple of ports for a game and the settings are. Allow IN/OUT UDP PORT ALL I'm on a private network and the rule is above the 2 blocks on the bottom. I also opened up my local IP to DMZ and when I test the port I get "Connection Refused" on CanYouSeeMe.org and Closed on WhatsMyIP.org
  19. I cant run any anti malware programs to get rid of this thing! Please help! Addition.txt FRST.txt scan_170625-080755.txt
  20. EAM on Win 7 64bit via autoupdates. No issues so far with new build. As I do not logon to my machine I guess this won't affect me ''Unattended scheduled scans: Scans now run even if no user is logged on in Windows.''
  21. EIS stable 7567 Windows 10 Pro Version 1703 OS Build 15063.413 64-bit Frank, I have sent you a PM with the download link for the malware along with the password Please take-down the video once you have grabbed it if you wish Use the current stable or beta versions of HMP.A to replicate; all will give the same result = break the behavior blocker in this particular test scenario The system after the second test after HMP.A has been installed alongside EIS is fully infected I cut the video short before the launch of powershell and both it and wscript connecting out to the network What the malware actually does is not important; HMP.A causing the behavior blocker not to react in this particular test is what is important A demonstration of how piling other security softs on top of Emsisoft can negatively affect the behavior blocker; Emsisoft protected the system until another security soft - that was not needed - was added to the system You have the sample and can fully replicate Video removed by OP
  22. I don't think the scan is working I run scan put my computer says not protected,and how do I get this on my desk top
  23. Dear Sirs: We are trying to clean Trojan.SmartService but we can only place it into quarantine. I enclose requested files after running step by step the procedure.If you need further information do not hesitate asking me. Thank you very much in advance Best regards Ivan, GEDLUx scan_170621-162649 (1).txt FRST.txt Addition.txt
  24. I dont know if i accidentally opened one when i tried to power on the monitor somehow, or did it come there by itself. Also I was logged off here when i restarted browser, even though it should stay logged in. I havent cleared cookies. I have tried scanning computer but havent found anything. Do these logs show anything? Addition.txt FRST.txt Shortcut.txt
  25. Hello I started to get this survey pop up about 2 weeks ago. It started to come more frequently last week. I reached out to my internet provider and they did some work on my chrome and reset it. I've downloaded your emergency kit and done a number of scans and I'm still getting this pop up this morning. I'm wondering if someone could help me out. I would like to know what I can do to prevent it again and I would also like to get rid of it. Thank you so much. FRST.txt Addition.txt scan_170609-170506.txt scan_170612-144823.txt scan_170613-150744.txt
  • Who's Online   0 Members, 0 Anonymous, 54 Guests (See full list)

    • There are no registered users currently online
  • Create New...