Jump to content

Search the Community

Showing results for tags 'Closed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

  1. Me: "I was reading the recent EIS notification re Double Pulsar malware and while reading it online with Chrome, there was an attempt at an exploit in the folder \Downloads\Emsi\ but fortunately EIS stopped the exploit." GT500: "The DoublePulsar exploit detection only detects if DoublePulsar is trying to install a payload, so it is possible that there is still a DoublePulsar infection present and it just hasn't tried installing another payload since the first time it was blocked. That being said, our DoublePulsar detection is fairly new and I'm not sure whether or not it is possi
  2. Hey, Someone in the stable product forum posted about an issue with Windows' firewall status being misreported post-creators-update. I ran into an issue with the current beta (.7538) wherein EIS reports the product firewall is functioning, Windows says: 1. Emsisoft isn't mentioned as product managing the firewall, 2. The Windows firewall is off. (reported by both Windows Security center and the Windows Firewall applet itself). In this state, the firewall is actually stopped and EIS' firewall doesn't do anything to inbound packets (I'm able to ping the system despite explicitly
  3. Hi, Emsisoft has flagged the title files as infected and sent me here. Hope you can get this sorted for me. Please find the files you requested attached as well as one from the scan that flagged this originally. TIA FRST.txt Scan_170628-191707.txt Addition.txt EmsisoftBehavioirLog.log
  4. I have a computer that has the Zeus Virus Attack on it and we were to call Microsoft which turned out to be a scam. They wanted money to fix the computer! I downloaded the Emsisoft Emergency Kit and ran the program but it did not catch this virus nor any. My computer does not support the Farbar recovery Scan Tool so I could not download that program. So I don't know what log you are looking for after the Emergency Kit was run. Help!
  5. Fabian, Please find attached the log files from the FRST. I look forward to your next instructions. Thank you. FRST.txt Addition.txt
  6. Windows 7 using EAM EAM was uninstalled and I downloaded and re installed EAM through the new feature in EEK This was build 7600. I turned on beta updates and updated to 7681 manually. No issues with update. I did notice that after the EAM download through EEK I was asked to restart machine which I did. There were none of those system integrity 6281 errors showing in event viewer. So I did a shutdown of machine. After turning machine back on the 6281 errors did show. Does this mean EAM was not hooking until a full shutdown and restart of machine was done?
  7. Emsisoft Anti-Malware and Emsisoft Internet Security 2017.6.0.7640 In new "Email Notifications" window, "Ok" button should be "OK".
  8. Windows 7 and Windows 10 using EAM. Why has this event id of a security audit failure mentioning a2hooks64.dll started showing under the Security section of the Event Viewer? I see there was a post about it in German section which Fabian answered but German is not my strongest subject Here are debug logs of the audit failure after boot on my Windows 10 64 bit machine just now, along with entry from event viewer. a2service_20170620144414(1336).zip
  9. I'm trying to open a couple of ports for a game and the settings are. Allow IN/OUT UDP PORT ALL I'm on a private network and the rule is above the 2 blocks on the bottom. I also opened up my local IP to DMZ and when I test the port I get "Connection Refused" on CanYouSeeMe.org and Closed on WhatsMyIP.org
  10. I cant run any anti malware programs to get rid of this thing! Please help! Addition.txt FRST.txt scan_170625-080755.txt
  11. EAM on Win 7 64bit via autoupdates. No issues so far with new build. As I do not logon to my machine I guess this won't affect me ''Unattended scheduled scans: Scans now run even if no user is logged on in Windows.''
  12. EIS stable 7567 Windows 10 Pro Version 1703 OS Build 15063.413 64-bit Frank, I have sent you a PM with the download link for the malware along with the password Please take-down the video once you have grabbed it if you wish Use the current stable or beta versions of HMP.A to replicate; all will give the same result = break the behavior blocker in this particular test scenario The system after the second test after HMP.A has been installed alongside EIS is fully infected I cut the video short before the launch of powershell and both it and wscript connecting out t
  13. I don't think the scan is working I run scan put my computer says not protected,and how do I get this on my desk top
  14. Dear Sirs: We are trying to clean Trojan.SmartService but we can only place it into quarantine. I enclose requested files after running step by step the procedure.If you need further information do not hesitate asking me. Thank you very much in advance Best regards Ivan, GEDLUx scan_170621-162649 (1).txt FRST.txt Addition.txt
  15. I dont know if i accidentally opened one when i tried to power on the monitor somehow, or did it come there by itself. Also I was logged off here when i restarted browser, even though it should stay logged in. I havent cleared cookies. I have tried scanning computer but havent found anything. Do these logs show anything? Addition.txt FRST.txt Shortcut.txt
  16. Hello I started to get this survey pop up about 2 weeks ago. It started to come more frequently last week. I reached out to my internet provider and they did some work on my chrome and reset it. I've downloaded your emergency kit and done a number of scans and I'm still getting this pop up this morning. I'm wondering if someone could help me out. I would like to know what I can do to prevent it again and I would also like to get rid of it. Thank you so much. FRST.txt Addition.txt scan_170609-170506.txt scan_170612-144823.txt scan_170613-150744.txt
  17. Both Desktops auto updated. So far so good
  18. I saw some outgoing internet traffic while doing nothing, and earlier when i started pc the File Explorer was open when i came to look at pc, so i wasnt even at my pc when that folder was opened, though that happened before i even was connected to pc as I just had installed motherboard drivers before connecting to internet. Also when i opened edge browser, it also opened another smaller window. FRST.txt Addition.txt Shortcut.txt
  19. For months ive been wiping my ssd and reinstalled windows, because I keep experiencing something weird with my pc constantly. Now latest was some black box flashing in lower right corner in browser when i was looking at emsisoft webpage, the site is reputable so thats not issue. Also I noticed that my downloads folder had changed its view settings to "large icon", previously it was set to "details" which is the default, and I have not changed that myself. I cant find anything from various virus scanners. Also I noticed some weird event logs in the event viewer, where unknown process does
  20. EIS 2017.5.0.7538 Windows 10 Pro Version 1703 OS Build 15063.332 64-bit Process Hacker 2 (https://www.isthisfilesafe.com/?md5=B365AF317AE730A67C936F21432B9C71) Since some vendors treat Process Hacker as potentially malicious, it is possible that the behavior below is intended - so I'm not sure if it is a bug * * * * * 1. Launch Process Hacker 2 2. processhacker.exe shows in the Behavior Blocker list 3. A rule for processhacker.exe is never created in the Applications Rules list http://processhacker.sourceforge.net/downloads.php
  21. Frank, please PM me and I will provide you a download link for the *.bat and password. Video is .mp4 format. Delete Shadow Copies.mp4
  22. I've tried at least 4 antimalware programs after recieving disruptive amounts of pop-ups from my browser (chrome) despite not clicking on any ads, and from sites I've been frequenting for years that had no problems before, such as YouTube, Discord, and even new tabs. Unfortunately, all of the anti-malware scans have come clear; I've checked my applications for any programs I never installed myself and found none; I've done a disk clean on safe mode and reset chrome, and followed a bunch of steps from how to clean malware, so maybe I've been making it worse? but honestly I don't know. After I d
  23. In practice, I find that I usually go to the Behavior Blocker list first to verify what is running, it's reputation, etc and then, if need be, go to the Application Rules list I find that I spend more time looking at the Behavior Blocker list than I do at the Application Rules - since the EAN pretty much takes care of the rules in 99.9 % of the cases The current logic is that a user must open the GUI first and then navigate to Protection > Behavior Blocker It would be more convenient to be able to open the Behavior Blocker list directly from the tray icon context menu - inste
  24. The last couple of weeks I've been seeing - frequently - the attached series of messages/dialog boxes. Since the first message makes it clear that your software couldn't reach some server on your end ("...check your internet connection..."), why doesn't that message simply offer a "Retry" option instead of shoving me into a "Change your License" dialog and, as I now realize, incrementing a counter with a limit? I'm doing a lot of restarts lately trying to speed up Win7 startups and, since this license issue happens so often, am now unable to open the GUI. An attempt to do so just thro
  25. I get that title every time I try to use an execution file to clean my computer. I also noticed that I have a file in my downloads that is the source for my rootkit problem I am having. RogueKillerIndir1210100(x86x64). Attached are the 3 files requested. Thank you in advance for the help. It is greatly appreciated. scan_170602-184106.txt FRST.txt Addition.txt
×
×
  • Create New...