Jump to content

Search the Community

Showing results for tags 'Closed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







  1. Hello, I've been using the Emsisoft Emergency Kit for a couple of years and this is the first time I have encountered this problem. After running a Malware scan I was notified of the following suspicious files, all at the "No risk" level. BTW, the scan window (attached screenshot) only shows two filed detected, while the log (text below) shows three: Scan type: Malware Scan Objects: Rootkits, Memory, Traces, Files Detect PUPs: On Scan archives: Off ADS Scan: On File extension filter: Off Direct disk access: Off Scan start: 3/30/2017 4:26:07 PM Key: HKEY_USERS\S-1-5-21-539313758-2116612764-2897670571-1001\SOFTWARE\YAHOOPARTNERTOOLBAR detected: Application.Win32.YTool (A) [270452] Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} detected: Application.AdGenie (A) [270454] Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} detected: Application.Toolbar (A) [280926] Scanned 75490 Found 3 Scan end: 3/30/2017 4:33:04 PM Scan time: 0:06:57 When I try to quarantine these files, the Emsisoft software seems to run, but is not able to complete the process. I have let it run for as long as an hour, until I forced it to shut down. Why are these files so hard to remove? Is there a way do do so? Thanks in advance for any help!
  2. Greetings there. Had to sign up as soon as I saw this - I am facing exactly the same symptoms, and was searching like crazy these past few days for a cause of this. I'd never thought it could be related to Emsisoft, I thought I'd have to change my motherboard or PSU. Anyway, I am using Internet Security, and the symptoms started showing a few days ago. Emsisoft showed a software update last night, but didn't help - still having problems with shutdown: - Monitor goes off - GPU goes off (nvidia 1070) - CPU still working (presumably, water pump keeps spinning) (i7 8520k) - SSD/HDD'd still working - Fans still working When selecting restart - everything goes OK; when selecting Shutdown, either from Win10 or from log on screen - it never turns off. Thank you in advance, Predrag
  3. Should surf protection work when using Opera browser ? (opera 44) Because it doesn't for me. GT500.ORG is blocked when using SeaMonkey but not Opera (GT500.ORG is my custom test surf rule :)) Sandboxie not involved in tests. Am using Opera built in VPN
  4. Two updates to desktops. All is well
  5. I noticed browsing with Chrome several popups and screens/tabs that say my Windows doesn't work etc, inviting you to click on. (of course I don't, but it's a sign something wrong here). Run Kaspersky Internet Security at first, but no finds, but still the same problem. So I went looking further: Malwarebytes didn't find anything exept programms from IOBIT. This is my brothers old pc and he installed the programm, actually I don't use it, but I didn't remove it. And then I found your programm. The results are attached. Hope you can help me. Grtz, Fran Walter FRST.txt scan_170322-122456.txt Addition.txt
  6. Trying to move on from 7219 to 7260 via autoupdate on Win 7 ''Unable to retrieve update information from server' No debug logs available ..7 days has run out it said (I'm sure it's not working right) eam.txt
  7. Hi I'm struggling first my Instagram was hacked and now my email has been sending emails to friends without consent Ive changed the email associated with all main accounts and used command prompt to check netstat ports cant see anything obvious what else can I do ive run BT Mcafee anti virus nothing found Malwarebytes also shows no infections including root kits I'm a bit lost now, I contacted my isp and got my email back and changed password, ive raised 2 cases with Instagram who have failed to respond and it seems whoever is in my Instagram is still active I'm guessing they use a proxy ip to remain anonymous any help gratefully accepted PS just to add I went on my Home Network last night to get a list of connected devices and there seemed to be too many for the amount of devices, I turned all off and still found what looked like two devices I didn't recognise so I disabled them
  8. Comes up and prevents me from going to the link I clicked on, but not every time. scan_170323-111714 EEM.txt FRST.txt Addition.txt
  9. Emsisoft emergency kit logs:scan_170314-204740.txt frst and addition logs Addition.txt FRST.txt
  10. I downloaded the Emsisoft Decrypter for Nemucod but I cannot get it to work. Addition.txt DECRYPT.txt FRST.txt scan_170316-140851.txt
  11. I've been having problems with the windows\syswow64\dnsapi.dll on my computer for some time. I use Avast and it instantly detects the file. Avast couldnt remove the file and it remains on my computer to this day. Even worse, as long as I keep Avast active, I cant open my internet. I get a crash report every single time. I have to disable my antivirus to access the internet. Here are the logs created by the emergency kit and Fanbar scanner. FRST.txt Addition.txt scan_170226-111514.txt
  12. I ran a malware scan and it found many trojans but i quarantined the virus and it asked to restart,after restarting the taskbar colour changed into white as windows xp The Theme Service Deleted! Here is the screenshot: and here are the logs:scan_170312-182639.txt
  13. Hello. I have been doing some malware testing lately and I have come across four samples that completely crash real-time protection. After a reboot the notification icon is red, and after a few minutes I get a pop up as shown in the attachment. One of the samples from 03/16 is still zero-day as the signatures and heuristics don't pick it up along with the Behavior Blocker misses it. I have tested in both Oracle VirtualBox and VMWare with Windows 7, 8.1, and 10 and it occurs with all of them. I have forwarded 3 of the samples to customer service over a week ago, but I see this hasn't been addressed yet and was advised to start a thread in this particular sub-forum to get the most quick and direct feedback from a developer. Thanks.
  14. I use the old .bat files to keep debug logging on so I have logs for any reports I make. Took me a little while to figure out why I had no debug logs anymore. EAM automatically turns off debug logging after 7 days.
  15. Yesterday I autoupdated to 7207 on Win 10 64bit. with EAM I reset the logs counter only. Today I booted up and after almost 15 minutes there is still no update. Gui says last update was 23 hours ago. Debug logs attached a2service_20170224070047(1420).zip
  16. Hi Frank Again, the updates are smooth. Thanks, Pete
  17. Just wondering why description for ZAM.exe is missing in BB list (beta 6716)
  18. My EAM was updating to the latest stable released today. I received a notification popup (GUI was closed) but when I pressed Restart button nothing happened. EAM did not restart...even after few minutes. I had to manually restart PC in order to finish the update. Logs.zip
  19. I have uploaded a file to https://id-ransomware.malwarehunterteam.com/ and it is coming back as AI-Namrood. The system was scanned using the paid version of Malewarebytes which did not find anything. A large amount of the files are encrypted like the attached file. My question is what do I need to do to make sure it's really gone. I did notice a large amount of attempts to log in from an unknown IP with no PID with a ton of user name guesses in the security log. I have since turned off the IIS server and it seems to have stopped the flood of attempts but the machine went off-line and is currently unreachable. It appears to have encrypted a large amount of pdf/doc/excel files but it also seems to have stopped my BackupExec because the services will no longer start and various other programs are now broken as well. All files are marked with the [email protected] address.The services for BackupExec were also marked as disabled when I went into see why it wouldn't start but I haven't seen anything online about this happening to other people. This is machine is running Server 2008 and I cannot run the Emergency kit because of the OS level but theFRST log is attached. What other info would be needed to be sure I have gotten rid of this Ransomware? Our backups should be good from a few days back I am hoping. We do not plan on paying this criminals off. I would like to not have to rebuild the server from scratch. Any help is greatly appreciated Rob FTB_folder.pdb.ID-DC9A265DUS[[email protected]].mga5adiamga4aa FRST.txt
  20. Since lifting these items is buried deep, there is a high risk of your operating system crashing during automatic cleaning. Malware removal experts in the Emisoft Forum will guide you safely to remove these threats I am speak Turkısh I'm sorry my English is not good C:\WINDOWS\SysWoW64\bthudtask.exe C:\WINDOWS\SysWoW64\pla.dll C:\WINDOWS\SysWoW64\Windows.UI.CredDialogController.dll
  21. I am working on a PC that keeps turning BITS off every few days. I have followed the recommendations from Microsoft Answer but it is still stopping every few days. Could there be an infection? https://answers.microsoft.com/en-us/windows/forum/windows_vista-security/background-intelligent-transfer-bits-will-not/ff0940c1-288e-4b82-b534-ae252d445309
  22. As I had seen users in EEK forum mentioning unsigned drivers I thought I would try an replicate it. I downoaded 6971 on Win 10 64 bit and got these 2 screenshots. EEk opened when I clicked on the 'start emergency scanner' No debug logs were produced as Emsisoft logging said I had turned it off I have provided the logs saying this in this thread here https://support.emsisoft.com/topic/26889-debug-logging/
  23. Installed 6971 on Win 10 64bit and updated it, then changed to beta updates and updated. All went well with GUI and scans. (still absolutely hate the 'not responding' on the installer..it looks so unprofessional)
  • Create New...