Jump to content

Search the Community

Showing results for tags 'Closed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







  1. My Computer has been encrypted...paid the ransom buy never got a decrypt key..really hope to get the data back. Scan 12.29.2016.txt FRST.txt Addition.txt
  2. Hello, I'm new On this forum I Have Emsisoft Internet Security 12 + Malwarebytes Premium V3! And I'm getting a browser webpage popup every couple of minutes http://fs1news.ru/afishasm Thats the webpage I'm getting! Tried To full scan Not helping!
  3. Hello, I wanted to know how the Emsisoft beta testing works, I am interested to participate and contribute feedback. My question is in the license issue, do you give a free license for tests or only the 30 days? Thank you in advance.
  4. Hello, I Have a problem with the Manual update I cant seem to update the signatures with Manual update Please Fix It guys! Btw my last update was 1HR Ago so for sure there has an update but I Still cant update It either manual or Automatic I Dont know where to get the debuglogging logs So I cant attach them. Please tell me how!
  5. Hi I didn’t notice the above message and visited the site (www. craiggottlieb. com). I didn’t enter any information, click on anything or log in. I wasn’t redirected to another site. I use EAM for real time protection and didn’t get any warning message. I subsequently used VirusTotal to scan the site and the results showed it was clean. I ran a Malware Scan with EAM and nothing was detected. I posted on the EAM forum and GT500 suggested I ask for help here in checking my PC is clean of any infection.
  6. Alguien por favor que me pueda ayudar con una solucion para recuperar los archivos me salen todos encriptados y terminan en .osiris A6A47D02--178A--94E0--0B13ED9F--F69CAAC57AB4.osiris
  7. Emsisoft Malware detected the trheat but it can't remove or quarantine Bedep. My PC runs windows 7Ultimate 64bit. Could you please help me to remove the theat? Thank you in advance. Gianmarco
  8. When I enabled the 30 day trial, the Security Center crashed. Also, when I was installing Emsisoft IS 12, the first update made the security center freeze at 47%, hide, and then crash. The update log shows that I manually aborted the update, but it crashed.
  9. Hi, I was trying to download something and then i installed a malware. Browser is redirecting me to www.windowsappz.xyz. scan_170123-170414.txt logs.db3 Addition_23-01-2017 17.19.13.txt FRST_23-01-2017 17.19.13.txt
  10. Hi, We have a PC that has been infected by the I_LOVE_YOU .MERRY encryption. I have the offending executable as well as a before and after file. I have attached them for your reference. I hope you can work out a decryptor and help me and others out! Chrome Font.zip
  11. Hi Kevin... Unfortunately, we have a client that had an employee infected with this same variation. We have removed the virus from the infected PC, however, this PC was part of a domain with a shared map drive at the server level ( Windows server 2012) All the files on the shared drive are, of course, encrypted also. We have tried the software using several different files. All return a message " The decrypter could not determine a valid key, Please drag and drop .........." Any suggestions as what we might try now? Thank you in advance
  12. Vector: Possibly email, looks to be like Craigslist though. Files renamed to .merry, also included in each directory/subdir the file merry_i_love_you_bruce.hta which displays the ransom ID. New email seems to be [email protected] Hybrid Analysis: https://www.hybrid-analysis.com/sample/28bda4bf96841c5734fc1dc9f7fe76724488a79cf177d3992c03eb88b8fdf36f?environmentId=100 Attached is the infection file. Current MCR tool doesn't seem to work on this variant, so hopefully this helps. In case your AV blocks it, encrypted 7z password is 123 . Chrome_Font.exe Chrome_Font_p
  13. Just updated my EEK on Win 10 64 bit only to be told it is the wrong bitness and cannot be run. EEK froze when trying to finish installing the update. Did a couple of dumps from taskmanger. Both EEK 32 and EEK 64 were listed. However here are debug logs first. You probably won't need the dump files as obviously an error in the bitness update is the problem. a2emergencykit_20170126161633(4476).zip
  14. Hi ! My file has encrypted by HakunaMatata it's secured version of Nmoreira have you an idea to unlock file ? (The payment is 2BTC...)
  15. Updates to latest build. Very smooth.
  16. Hello, My customer as been attacked by ransomware and a lot of their files are encrypted with BTC extension. Does anyone knows if there is a decryptor tool available somewhere ? Thanks in advance !
  17. EAM Win 7 6862 When uninstalling beta builds ( and I've done a lot of that lately!!) during the uninstall there is a brief flash of a Window which disappears so quickly that I cannot read what it is. It is a flat new design and I suspect it may be the captcha window. It disappears without user being able to do anything with it. It is enabled in settings. (p,s. I wish Emsi would remove itself from C/Program Files when uninstalling)
  18. I saw the earlier post but was closed. I believe I have the same Ransom ware that was listed. I have Run decrypt_globe and decrypt_globe3 and was not able to recover the files. We are a small rural volunteer fire dept and could use your help in beating this ransom ware. I have included the files requested for the post. Recovery.zip has the before and after encryption files (they are the same). I know you hear this everyday but could really use the help. Volunteer fire depts. don't have any spare money for ransom. . All Your Files Was Encrypted ! [email protected] Yo
  19. EAM ..Win 7...6844 I have seen this twice in the last week ....Event ID 1530 warning It happens at shutdown warning.txt
  20. Just noticed that my Surface Pro updated to the latest version (think it might be EIS just to see it uninstalled EIS completely after restart. Will have to install from scratch. I have some files that were left in the EIS directory if any are of help.
  21. New to EAM ... just have a couple of usage questions. 1. How should EAM be configured when I make system backups and images? Should I right click the tray icon and select "Protection status > Disable all components" ... or ... select "Pause protection > Disable until computer restart"? Is that sufficient or is there something else I should do? Should any of the EAM files be excluded from backups and system images ... and if so which ones? 2. Tracking cookies ... what should I use to remove them? Thanks! KenB
  22. As in v11, I've noticed that EIS performs its auto-updates (signatures and software updates) during system startup. While it makes sense to do this as soon as possible, in practice it causes problems on older systems and even newer systems with slow HDD drives (many laptops). There's too much hard disk activity during startup (especially with several programs present in the startup list) and the system can become unresponsive (even unusable) for some time (usually short, but still an issue). EIS can add a significant amount of HDD activity during startup. My suggestion is to add a smal
  23. EAM just autoupdated to EAM 6956 on Windows 7. After doing the requested app restart file guard is off I will turn it on manually. Noticed a brief glimpse of a countdown by numbers on slide ...should I have? Logs attached. a2service_20161124182439(2612).zip
  24. Perhaps instead of ''do not necessarily resolve in the same paths'' put.................. ''do not necessarily resolve to the same paths'' also ........... ''because the software protects on system level'' should be ...... .''because the software protects at system level''
  • Who's Online   0 Members, 0 Anonymous, 84 Guests (See full list)

    There are no registered users currently online

  • Create New...