Jump to content

Search the Community

Showing results for tags 'Closed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







  1. Windows 7 using EAM EAM was uninstalled and I downloaded and re installed EAM through the new feature in EEK This was build 7600. I turned on beta updates and updated to 7681 manually. No issues with update. I did notice that after the EAM download through EEK I was asked to restart machine which I did. There were none of those system integrity 6281 errors showing in event viewer. So I did a shutdown of machine. After turning machine back on the 6281 errors did show. Does this mean EAM was not hooking until a full shutdown and restart of machine was done?
  2. Emsisoft Anti-Malware and Emsisoft Internet Security 2017.6.0.7640 In new "Email Notifications" window, "Ok" button should be "OK".
  3. Windows 7 and Windows 10 using EAM. Why has this event id of a security audit failure mentioning a2hooks64.dll started showing under the Security section of the Event Viewer? I see there was a post about it in German section which Fabian answered but German is not my strongest subject Here are debug logs of the audit failure after boot on my Windows 10 64 bit machine just now, along with entry from event viewer. a2service_20170620144414(1336).zip
  4. I'm trying to open a couple of ports for a game and the settings are. Allow IN/OUT UDP PORT ALL I'm on a private network and the rule is above the 2 blocks on the bottom. I also opened up my local IP to DMZ and when I test the port I get "Connection Refused" on CanYouSeeMe.org and Closed on WhatsMyIP.org
  5. I cant run any anti malware programs to get rid of this thing! Please help! Addition.txt FRST.txt scan_170625-080755.txt
  6. EAM on Win 7 64bit via autoupdates. No issues so far with new build. As I do not logon to my machine I guess this won't affect me ''Unattended scheduled scans: Scans now run even if no user is logged on in Windows.''
  7. EIS stable 7567 Windows 10 Pro Version 1703 OS Build 15063.413 64-bit Frank, I have sent you a PM with the download link for the malware along with the password Please take-down the video once you have grabbed it if you wish Use the current stable or beta versions of HMP.A to replicate; all will give the same result = break the behavior blocker in this particular test scenario The system after the second test after HMP.A has been installed alongside EIS is fully infected I cut the video short before the launch of powershell and both it and wscript connecting out t
  8. I don't think the scan is working I run scan put my computer says not protected,and how do I get this on my desk top
  9. Dear Sirs: We are trying to clean Trojan.SmartService but we can only place it into quarantine. I enclose requested files after running step by step the procedure.If you need further information do not hesitate asking me. Thank you very much in advance Best regards Ivan, GEDLUx scan_170621-162649 (1).txt FRST.txt Addition.txt
  10. I dont know if i accidentally opened one when i tried to power on the monitor somehow, or did it come there by itself. Also I was logged off here when i restarted browser, even though it should stay logged in. I havent cleared cookies. I have tried scanning computer but havent found anything. Do these logs show anything? Addition.txt FRST.txt Shortcut.txt
  11. Hello I started to get this survey pop up about 2 weeks ago. It started to come more frequently last week. I reached out to my internet provider and they did some work on my chrome and reset it. I've downloaded your emergency kit and done a number of scans and I'm still getting this pop up this morning. I'm wondering if someone could help me out. I would like to know what I can do to prevent it again and I would also like to get rid of it. Thank you so much. FRST.txt Addition.txt scan_170609-170506.txt scan_170612-144823.txt scan_170613-150744.txt
  12. Both Desktops auto updated. So far so good
  13. I saw some outgoing internet traffic while doing nothing, and earlier when i started pc the File Explorer was open when i came to look at pc, so i wasnt even at my pc when that folder was opened, though that happened before i even was connected to pc as I just had installed motherboard drivers before connecting to internet. Also when i opened edge browser, it also opened another smaller window. FRST.txt Addition.txt Shortcut.txt
  14. For months ive been wiping my ssd and reinstalled windows, because I keep experiencing something weird with my pc constantly. Now latest was some black box flashing in lower right corner in browser when i was looking at emsisoft webpage, the site is reputable so thats not issue. Also I noticed that my downloads folder had changed its view settings to "large icon", previously it was set to "details" which is the default, and I have not changed that myself. I cant find anything from various virus scanners. Also I noticed some weird event logs in the event viewer, where unknown process does
  15. EIS 2017.5.0.7538 Windows 10 Pro Version 1703 OS Build 15063.332 64-bit Process Hacker 2 (https://www.isthisfilesafe.com/?md5=B365AF317AE730A67C936F21432B9C71) Since some vendors treat Process Hacker as potentially malicious, it is possible that the behavior below is intended - so I'm not sure if it is a bug * * * * * 1. Launch Process Hacker 2 2. processhacker.exe shows in the Behavior Blocker list 3. A rule for processhacker.exe is never created in the Applications Rules list http://processhacker.sourceforge.net/downloads.php
  16. Frank, please PM me and I will provide you a download link for the *.bat and password. Video is .mp4 format. Delete Shadow Copies.mp4
  17. I've tried at least 4 antimalware programs after recieving disruptive amounts of pop-ups from my browser (chrome) despite not clicking on any ads, and from sites I've been frequenting for years that had no problems before, such as YouTube, Discord, and even new tabs. Unfortunately, all of the anti-malware scans have come clear; I've checked my applications for any programs I never installed myself and found none; I've done a disk clean on safe mode and reset chrome, and followed a bunch of steps from how to clean malware, so maybe I've been making it worse? but honestly I don't know. After I d
  18. In practice, I find that I usually go to the Behavior Blocker list first to verify what is running, it's reputation, etc and then, if need be, go to the Application Rules list I find that I spend more time looking at the Behavior Blocker list than I do at the Application Rules - since the EAN pretty much takes care of the rules in 99.9 % of the cases The current logic is that a user must open the GUI first and then navigate to Protection > Behavior Blocker It would be more convenient to be able to open the Behavior Blocker list directly from the tray icon context menu - inste
  19. The last couple of weeks I've been seeing - frequently - the attached series of messages/dialog boxes. Since the first message makes it clear that your software couldn't reach some server on your end ("...check your internet connection..."), why doesn't that message simply offer a "Retry" option instead of shoving me into a "Change your License" dialog and, as I now realize, incrementing a counter with a limit? I'm doing a lot of restarts lately trying to speed up Win7 startups and, since this license issue happens so often, am now unable to open the GUI. An attempt to do so just thro
  20. I get that title every time I try to use an execution file to clean my computer. I also noticed that I have a file in my downloads that is the source for my rootkit problem I am having. RogueKillerIndir1210100(x86x64). Attached are the 3 files requested. Thank you in advance for the help. It is greatly appreciated. scan_170602-184106.txt FRST.txt Addition.txt
  21. All execution program I try to use to clean my computer displays the following error message. The requested resource is in use. Can you help please? scan_170603-072834.txt FRST.txt Addition.txt
  22. I’m having incredible problems with my HP Pavilion Laptop, just purchased in December (windows 10). Even after running Emsisoft and deleting the 2 high-risk files that had been found, I can’t use the computer for more than 15 minutes before it locks up. I go between two locations and the problem is much more evident at this location, however, my husband has no problems with his laptop. When making a side-by-side comparison test yesterday, I found that his computer will have the spinning arrow if mine is on and locks up. When mine is shutdown, his operates normally. The internet speed test s
  23. Good afternoon, I am having the same issue -- it seems that I have been infected with 4 Trojan.SmartService (A) trojans.
  24. Hi Emsisoft Support, I use an Asus laptop (Windows 7 x64 SP1) and a recent Emsisoft Anti-Malware alert as given in the attached screen shot shows the following message: I use PatchMyPC (https://patchmypc.net/supported-products-free-updater) for updating selected applications on my laptop when new versions become available. However, the "C:\PatchMyPCUpdates\" folder does not seem to exist. Did Emsisoft remove this folder or is this a false positive? I have attached the screen shot and the Emsisoft Emergency Kit log (scan_170518-154302.txt) from the "C:\EEK\Reports" folder
  25. Using EIS on Win8.1 x64 There's no info in the help file about what this does. The tickbox's label implies it is only(?) for Outlook/Thunderbird's files, so... does that mean a particular file-extension or a few file-extensions, and does it mean ony when they are found in whatever are the typical locations that those apps would store their data files in? What about data files for other email clients? Is whatever is done in the scan of these files any different from what happened previously when a custom scan looked at these files, if that scan was done with filtering by file-ext
  • Create New...