Search the Community

Showing results for tags 'Closed'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • Feedback, comments, and suggestions
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Found 719 results

  1. Hi, I was trying to download something and then i installed a malware. Browser is redirecting me to scan_170123-170414.txt logs.db3 Addition_23-01-2017 17.19.13.txt FRST_23-01-2017 17.19.13.txt
  2. Hi, We have a PC that has been infected by the I_LOVE_YOU .MERRY encryption. I have the offending executable as well as a before and after file. I have attached them for your reference. I hope you can work out a decryptor and help me and others out! Chrome
  3. Hi Kevin... Unfortunately, we have a client that had an employee infected with this same variation. We have removed the virus from the infected PC, however, this PC was part of a domain with a shared map drive at the server level ( Windows server 2012) All the files on the shared drive are, of course, encrypted also. We have tried the software using several different files. All return a message " The decrypter could not determine a valid key, Please drag and drop .........." Any suggestions as what we might try now? Thank you in advance
  4. Vector: Possibly email, looks to be like Craigslist though. Files renamed to .merry, also included in each directory/subdir the file merry_i_love_you_bruce.hta which displays the ransom ID. New email seems to be [email protected] Hybrid Analysis: Attached is the infection file. Current MCR tool doesn't seem to work on this variant, so hopefully this helps. In case your AV blocks it, encrypted 7z password is 123 . Chrome_Font.exe Chrome_Font_pass123.7z
  5. Just updated my EEK on Win 10 64 bit only to be told it is the wrong bitness and cannot be run. EEK froze when trying to finish installing the update. Did a couple of dumps from taskmanger. Both EEK 32 and EEK 64 were listed. However here are debug logs first. You probably won't need the dump files as obviously an error in the bitness update is the problem. a2emergencykit_20170126161633(4476).zip
  6. Hi ! My file has encrypted by HakunaMatata it's secured version of Nmoreira have you an idea to unlock file ? (The payment is 2BTC...)
  7. Updates to latest build. Very smooth.
  8. Hello, My customer as been attacked by ransomware and a lot of their files are encrypted with BTC extension. Does anyone knows if there is a decryptor tool available somewhere ? Thanks in advance !
  9. EAM Win 7 6862 When uninstalling beta builds ( and I've done a lot of that lately!!) during the uninstall there is a brief flash of a Window which disappears so quickly that I cannot read what it is. It is a flat new design and I suspect it may be the captcha window. It disappears without user being able to do anything with it. It is enabled in settings. (p,s. I wish Emsi would remove itself from C/Program Files when uninstalling)
  10. I saw the earlier post but was closed. I believe I have the same Ransom ware that was listed. I have Run decrypt_globe and decrypt_globe3 and was not able to recover the files. We are a small rural volunteer fire dept and could use your help in beating this ransom ware. I have included the files requested for the post. has the before and after encryption files (they are the same). I know you hear this everyday but could really use the help. Volunteer fire depts. don't have any spare money for ransom. . All Your Files Was Encrypted ! [email protected] Your personal ID: 4397901964750120554349060915665793204258456780216700799829993880166818782255058789507692881005701106 1454643890182311423851343918799786208804428058625826423190222463500891297733295837951600624261773034 7223077740909605993674200300304144084218937827921221896732841260018253312239271680760038866534604360 1608060420875435423320535498647320764066223617436976370185751073419898255672805161314569915978229245 7658890046044543511976949136208793676625307632173895373566386578782749912785986054444813779273842804 8380647117697804675935065716328160815393777701122995890093034950654751296343214835490525145995013785 75719371892090081 Your documents, photos, databases, save games and other important data was encrypted. Data recovery is required decryptor. Contact EMAIL: [email protected] Attention! Do not attempt to remove the program yourself, or run anti-virus tools. All attempts to self-decrypting files will result in the loss of your data. Decoders are not compatible with other users of your data, because each user's unique encryption key. Addition.txt FRST.txt Read Me Please.hta
  11. EAM ..Win 7...6844 I have seen this twice in the last week ....Event ID 1530 warning It happens at shutdown warning.txt
  12. Just noticed that my Surface Pro updated to the latest version (think it might be EIS just to see it uninstalled EIS completely after restart. Will have to install from scratch. I have some files that were left in the EIS directory if any are of help.
  13. New to EAM ... just have a couple of usage questions. 1. How should EAM be configured when I make system backups and images? Should I right click the tray icon and select "Protection status > Disable all components" ... or ... select "Pause protection > Disable until computer restart"? Is that sufficient or is there something else I should do? Should any of the EAM files be excluded from backups and system images ... and if so which ones? 2. Tracking cookies ... what should I use to remove them? Thanks! KenB
  14. As in v11, I've noticed that EIS performs its auto-updates (signatures and software updates) during system startup. While it makes sense to do this as soon as possible, in practice it causes problems on older systems and even newer systems with slow HDD drives (many laptops). There's too much hard disk activity during startup (especially with several programs present in the startup list) and the system can become unresponsive (even unusable) for some time (usually short, but still an issue). EIS can add a significant amount of HDD activity during startup. My suggestion is to add a small delay and perform these updates after the startup sequence is well complete (similar to the "Automatic/Delayed Start" option found in Windows Services). It could be added as a performance option, close to "Activate memory usage optimization" for example. I don't believe it would be a security issue to delay the updates for 1-2 minutes or so.
  15. EAM just autoupdated to EAM 6956 on Windows 7. After doing the requested app restart file guard is off I will turn it on manually. Noticed a brief glimpse of a countdown by numbers on slide ...should I have? Logs attached. a2service_20161124182439(2612).zip
  16. Perhaps instead of ''do not necessarily resolve in the same paths'' put.................. ''do not necessarily resolve to the same paths'' also ........... ''because the software protects on system level'' should be ...... .''because the software protects at system level''
  17. Hi, I really like your products, but they are only partially translated into my language, so here I leave the translation update to Portuguese Portugal (pt-pt). Best Regards. pt-pt.lng
  18. Hi Frank Both of my desktops auto updated to 7035, and I didn't even notice. Successful update on both Win 7x64 machines.
  19. Win 7 smooth autoupdate to 7035 Did a reboot afterwards to see if update was still was Notice the first scan in a windows session takes twice the time as it does later in the same session. This is on a hard drive not SSD
  20. EAM on Win 7. After autoupdating to a new build I always do a malware scan. It took 15 minutes I think I will do a reboot and try again.
  21. Regarding this issue here I also noticed that if you are doing an EAM malware scan with the GUI on screen, and an update slide appears, the slide does not disappear until the scan is finished. Is this expected behaviour?
  22. EIS Windows 10 Home Version 1607 OS Build 14393.447 Shadow Defender EIS update freezes in Shadow Defender Shadow Mode. a2guard CPU will remain at approximately 15 %. This issue was caught "on-the-fly" so I collected an a2guard memory dump using Windows task manager. a2guard task manager memory dump attached. a2guard.7z
  23. Using a Lenovo X230 Win7 64bit. Friday morning, working normally. Closed screen. In the afternoon, computer would not come alive. I berated myself for not using the Winkey+L for shut down. Rebooted. I was surprised that an error options menu did not appear as on the desktop whenever I cut the power. Got as far as the user choices, then the pw for a user. After a minute or so, the hdd light stopped blinking. There followed over six hours of work. Delighted, Lenovo had included the Recovery Mode. Tried autorecovery. Saw the details, there was nothing to fix. Tried system restore, that failed (not unexpected). Tried removing the battery + press power switch to bleed the RAM. Even tried removing the battery while rebooting, and that never gave me the 'windows failed to close properly, choose between ... safe mode.. try normal boot etc. I wonder why this does not happen. Delighted, the laptop booted automatically from an external DVD, so scanned for viruses using Avira Rescue CD. Next, safe mode, uninstall possible startups. I keep these extras to a minimum since I come from the Dos era, where you only run the programs you need, and if you go too fast computers get confused. I uninstalled GWX control panel. No difference. I then ran ccleaner and zsoft uninstaller to delete piles of tmp files. By now, I was running out of options. EasyRE told me I needed a more up to date version to cope with my version of Win7 (true, a year ago I deliberately bought one of the last Win7 laptops on the market, never mind, at least I did no damage. I now suspected the security suite. So, in safe mode uninstalled. Rebooted. Back to safe mode, reinstall. Still the same problem. So, Uninstall again. Installed MS Security Essentials. Reinstalled GWX control panel to make sure MS does not force any patching on me. One problem a time. Ran in the Maintenance Centre, "resolve problems" just out of curiosity. MS reported problems with Emsisoft security Suite, and named four files. I promptly copied them to a new folder. They are C:\Users\Ivan\AppData\Local\Temp\WERFAD.tmp\AppCompat.txt C:\Users\Ivan\AppData\Local\Temp\WERFAD.tmp\memory.hdmp C:\Users\Ivan\AppData\Local\Temp\WERFAD.tmp\minidump.mdmp C:\Users\Ivan\AppData\Local\Temp\WERFAD.tmp\WERInternalMetadata.xml
  24. All went well and malware scan time is normal.
  • Who's Online   0 Members, 0 Anonymous, 34 Guests (See full list)

    There are no registered users currently online