Search the Community

Showing results for tags 'Closed'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Found 835 results

  1. Two updates to desktops. All is well
  2. I noticed browsing with Chrome several popups and screens/tabs that say my Windows doesn't work etc, inviting you to click on. (of course I don't, but it's a sign something wrong here). Run Kaspersky Internet Security at first, but no finds, but still the same problem. So I went looking further: Malwarebytes didn't find anything exept programms from IOBIT. This is my brothers old pc and he installed the programm, actually I don't use it, but I didn't remove it. And then I found your programm. The results are attached. Hope you can help me. Grtz, Fran Walter FRST.txt scan_170322-122456.txt Addition.txt
  3. Trying to move on from 7219 to 7260 via autoupdate on Win 7 ''Unable to retrieve update information from server' No debug logs available ..7 days has run out it said (I'm sure it's not working right) eam.txt
  4. Hi I'm struggling first my Instagram was hacked and now my email has been sending emails to friends without consent Ive changed the email associated with all main accounts and used command prompt to check netstat ports cant see anything obvious what else can I do ive run BT Mcafee anti virus nothing found Malwarebytes also shows no infections including root kits I'm a bit lost now, I contacted my isp and got my email back and changed password, ive raised 2 cases with Instagram who have failed to respond and it seems whoever is in my Instagram is still active I'm guessing they use a proxy ip to remain anonymous any help gratefully accepted PS just to add I went on my Home Network last night to get a list of connected devices and there seemed to be too many for the amount of devices, I turned all off and still found what looked like two devices I didn't recognise so I disabled them
  5. Comes up and prevents me from going to the link I clicked on, but not every time. scan_170323-111714 EEM.txt FRST.txt Addition.txt
  6. Emsisoft emergency kit logs:scan_170314-204740.txt frst and addition logs Addition.txt FRST.txt
  7. I downloaded the Emsisoft Decrypter for Nemucod but I cannot get it to work. Addition.txt DECRYPT.txt FRST.txt scan_170316-140851.txt
  8. I've been having problems with the windows\syswow64\dnsapi.dll on my computer for some time. I use Avast and it instantly detects the file. Avast couldnt remove the file and it remains on my computer to this day. Even worse, as long as I keep Avast active, I cant open my internet. I get a crash report every single time. I have to disable my antivirus to access the internet. Here are the logs created by the emergency kit and Fanbar scanner. FRST.txt Addition.txt scan_170226-111514.txt
  9. I ran a malware scan and it found many trojans but i quarantined the virus and it asked to restart,after restarting the taskbar colour changed into white as windows xp The Theme Service Deleted! Here is the screenshot: and here are the logs:scan_170312-182639.txt
  10. Hello. I have been doing some malware testing lately and I have come across four samples that completely crash real-time protection. After a reboot the notification icon is red, and after a few minutes I get a pop up as shown in the attachment. One of the samples from 03/16 is still zero-day as the signatures and heuristics don't pick it up along with the Behavior Blocker misses it. I have tested in both Oracle VirtualBox and VMWare with Windows 7, 8.1, and 10 and it occurs with all of them. I have forwarded 3 of the samples to customer service over a week ago, but I see this hasn't been addressed yet and was advised to start a thread in this particular sub-forum to get the most quick and direct feedback from a developer. Thanks.
  11. I use the old .bat files to keep debug logging on so I have logs for any reports I make. Took me a little while to figure out why I had no debug logs anymore. EAM automatically turns off debug logging after 7 days.
  12. Yesterday I autoupdated to 7207 on Win 10 64bit. with EAM I reset the logs counter only. Today I booted up and after almost 15 minutes there is still no update. Gui says last update was 23 hours ago. Debug logs attached a2service_20170224070047(1420).zip
  13. Hi Frank Again, the updates are smooth. Thanks, Pete
  14. Just wondering why description for ZAM.exe is missing in BB list (beta 6716)
  15. My EAM was updating to the latest stable released today. I received a notification popup (GUI was closed) but when I pressed Restart button nothing happened. EAM did not restart...even after few minutes. I had to manually restart PC in order to finish the update.
  16. I have uploaded a file to and it is coming back as AI-Namrood. The system was scanned using the paid version of Malewarebytes which did not find anything. A large amount of the files are encrypted like the attached file. My question is what do I need to do to make sure it's really gone. I did notice a large amount of attempts to log in from an unknown IP with no PID with a ton of user name guesses in the security log. I have since turned off the IIS server and it seems to have stopped the flood of attempts but the machine went off-line and is currently unreachable. It appears to have encrypted a large amount of pdf/doc/excel files but it also seems to have stopped my BackupExec because the services will no longer start and various other programs are now broken as well. All files are marked with the [email protected] address.The services for BackupExec were also marked as disabled when I went into see why it wouldn't start but I haven't seen anything online about this happening to other people. This is machine is running Server 2008 and I cannot run the Emergency kit because of the OS level but theFRST log is attached. What other info would be needed to be sure I have gotten rid of this Ransomware? Our backups should be good from a few days back I am hoping. We do not plan on paying this criminals off. I would like to not have to rebuild the server from scratch. Any help is greatly appreciated Rob FTB_folder.pdb.ID-DC9A265DUS[[email protected]].mga5adiamga4aa FRST.txt
  17. Since lifting these items is buried deep, there is a high risk of your operating system crashing during automatic cleaning. Malware removal experts in the Emisoft Forum will guide you safely to remove these threats I am speak Turkısh I'm sorry my English is not good C:\WINDOWS\SysWoW64\bthudtask.exe C:\WINDOWS\SysWoW64\pla.dll C:\WINDOWS\SysWoW64\Windows.UI.CredDialogController.dll
  18. I am working on a PC that keeps turning BITS off every few days. I have followed the recommendations from Microsoft Answer but it is still stopping every few days. Could there be an infection?
  19. As I had seen users in EEK forum mentioning unsigned drivers I thought I would try an replicate it. I downoaded 6971 on Win 10 64 bit and got these 2 screenshots. EEk opened when I clicked on the 'start emergency scanner' No debug logs were produced as Emsisoft logging said I had turned it off I have provided the logs saying this in this thread here
  20. Installed 6971 on Win 10 64bit and updated it, then changed to beta updates and updated. All went well with GUI and scans. (still absolutely hate the 'not responding' on the looks so unprofessional)
  21. Two Desktops and 1 VM updated automatically. So far so good
  22. In Windows Event Viewer under 'System' logs at each boot it shows 2 errors Event ID 7009 ''Description: A timeout was reached (30000 milliseconds) while waiting for the Emsisoft Protection Service service to connect.'' Event ID 7000 ''Description: The Emsisoft Protection Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.'' The effect of these 2 errors is that at boot there is a time of about 20-30 seconds where there is only a black screen with a cursor. I also reported the same for build 7207 and provided debug logs etc. Find more debug logs attached for this attached a2service_20170225060458(3056).zip
  23. EAM updated to this build this morning on Win 7 then I turned laptop off. Rebooted again just now and noticed 2 errors in event viewer about Emsi service not starting in a timely manner. Debug logs plus 2 event viewer errors in attached zip a2guard_20170224124622(2556).zip