Search the Community

Showing results for tags 'Closed'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • Feedback, comments, and suggestions
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 740 results

  1. Hello, I was infected by malware about 6 weeks ago. After trying numerous programs and a fruitless round of Customer No-Service from Malwarebyes, this insipid piece of evil refuses to stay away once and for all! I thought for the past few days that I may have finally got it out of my hair. I started a trial run of Emsisoft's Anti-Malware and performed a malware scan right away (Those scan results are included in the attachments). It did indeed find the hijacker and I quarantined it-and it's still sitting there. After that, I had no problems at all. But then came today and so I'm back to square one. Even though I've had several hijack occurrences today, the scan results continue to show no infection with either the Emergency Kit or the Anti-Malware scanner. I must add that Malwarebytes Premium has also caught the hijacker soon after it has struck. I almost totally reset Windows trying to finally get rid of it, but my notebook has a lot of bloatware and I'd hate to have to go through all of that, including the increasing mountain of Windows updates as well. Please note that this is my 2nd attempt to post. That damn hijacker took out the 1st one. I just clicked on the screen and the tab I was on abruptly closed on me. Typical hijacker behavior! Thank you, auto save! Rick scan_160211-220441.txt scan_160214-185519.txt Addition.txt FRST.txt
  2. I also just downloaded and installed EEK (v11.0.0.6082) on a flash drive. Upon launching it the first time, I was promped to check for updates and, they too were downloaded and installed. Next, I ran Custom scan that seemed to complete successfully. About that time I got an "error" pop-up from Windows saying: "a device driver was not found/not installed successfully/device unplugged". Buy this time the user interface for EEK had "closed" so, I couldn't check the log to see if anything had been found during the scan. I attempted to re-launch EEK but it would no launch a second time!! I returned to the Newsletter that I accessed the EEK download from and saw a link for "an online version" of EEK. Have I misunderstood something here -- is the fact that I have installed my copy of EEK on a flash/thumb drive mean I cannot get the updates?? Why would I get an error about a device driver (I've been using my USB ports quite regularly with no problem). I'm running Windows 7 and the following security programs: Windows 7 PRO(64bit) SP-1; 16GB RAM Windows Defender Emsisoft Internet Security (malware & firewall) Malwarebytes Home Premium WinPatrol/WinPrivacy/WinAntiRansom Task Catcher (BillP Studios)
  3. Hi I had an update to EIS last night that required a restart and all seemed to go well until I turned my machine on this morning and I then got an Emsisoft error message saying that 'a major problem has prevented the application from starting' (see attached screenshot). I tried couple of reboots but the problem persists - so I thought a reinstall might help. So, I uninstalled EIS and rebooted twice and tried to reinstall but now I get a message saying 'it appears a version of EIS is already installed on your system' (see screenshot) and I can't uninstall it now as it no longer shows in the program list following the uninstall I did earlier. I've checked in Task Manager and the a2 AntiMalware service is showing in a stopped state so it appears the uninstall didn't work properly. I also still had the Emsisoft NDIS packet filter visible and enabled in my wifi adaptor properties - I've since uninstalled this driver and tried to reinstall EIS but the problem still persists - I can't install as it thinks it's already installed. I ran Emsiclean.exe, and closed it without letting it clean up, so that it generated a log file (see attached). Please advise me how to fix this. Thanks Marko EmsiClean_2016.02.05_10.32.24.txt
  4. I haven't had my laptop on for nearly two months, so when I turned it on all programs had to be updated. After Emsisoft updated it scanned and when the scan was finished and I closed the window there was an error window behind it. I have attached here. Also, where do I go to find out if my version has been updated; to find out which version I have?
  5. Hi Guys, I need a little help with this one. Since the update of 23rd November, I keep getting the BSOD when I run ExpressVPN (Version 4.1.1.380) on a Windows 7 32 bit O/S. This only occurred following that update. ExpressVPN DOES NOT crash when using the LT2P or the SSTP protocol options, just openvpn. I tried uninstalling and reinstalling the following Microsoft Net Framework 3.5.1 Microsoft Net Framework 4.5.2 Emsisoft Internet Security 11.0.0.5958 ExpressVPN Version 4.1.1.380 Whilst ExpressVPN app was uninstalled, and after reinstalling the other programmes above minus ExpressVPN, I tried installing OpenVPN 2.3.8 I601, using the ExpressVPN OVPN config files. I got the same result. Next I uninstalled Emsisoft Internet Security and ran ExpressVPN App in OVPN (TCP and UDP options) and it worked fine. No crash. So this is clearly a Emsisoft issue. I have included the last few minidumps and a Farbar scan as attachments. I would appreciate any advice. I don't consider myself a novice user, but having trouble souring the cause of this issue. I can see that fwndislwf32.sys is implicated in the problem but it still occurs even with the firewall turned off. Even with Emsisoft in disable all protection mode, this error keeps occurring. I have also run a Hitman Pro and MRT scan to see if anything came up but the system was entirely clear of any malware. The only thing that came up on Hitman Pro were tracking cookies, which would have been removed anyway by CCleaner when I closed the browser. Many thanks in advance. Mike aka Wheelie 112615-25490-01.dmp 112615-30295-01.dmp 112615-78452-01.dmp Addition.txt FRST.txt
  6. I'm getting the window that DEP closed Emsisoft to protect my computer. This is the second time in a week this has happened so I'm coming to the forum with it. Can anyone tell me why this is happening?
  7. Yesterday whilst on BT I got a pop-up asking me to do a survey, purportedly from BT - which I closed. I had a few tabs open on Edge and suddenly there was a 'warning' that I had a virus, that the site was unsafe (copied below) which I'd never heard of and to phone Microsoft toll free on the number written there. Needless to say I didn't do anything but I couldn't close Edge down unless I went through Task Manager but as soon as I re-booted up they all came again. I changed browser and went to Microsoft to find that Microsoft Edge had been hijacked. Prior to this I had run Emsisoft Emergency and quarantined 1 item - not this one - so I ran it again and I found 2 - one of which was the one referred to. I tried to take a screen shot of the messages but couldn't. Emsisoft quarantined the address and told me to come here and that experts would sort it for me, so here I am. Immediately after it was quarantined Edge was free of tabs but I'm not going to use it. When I put the computer on today message from Emsisoft said this site was trying to activate or something. Would I be safe if I uninstalled Edge? I find this situation very scary as I've never been 'targeted' before. The site in question is: attention.unugq.netdna-cdn.com/LP0304_uk/index.html?city=Wolverhampton&ip=86.170.33.235&isp=BT I have Win 10 Home 64-bit - Processor: AMD Athlan 11 x 2 220 2.80 GHz I hope I've given you all the info and look forward to hearing back from you. Thanks in advance.
  8. My Emsisoft Scan reports I have the 2 problems listed above. Enclosed are the logs; appreciate your help. Jim G. scan_150807-110802.txt FRST.txt Addition.txt
  9. Hi Kevin, you helped me before, I wonder if you could possibly help me again, please! Today I got one of those fake FBI warning web pages, saying I had accessed illegal information. I quickly closed the page, it tried to re-open so I closed it again. I then restarted my pc in safe mode with command prompts and did a system restore to the day before. I ran a smart scan with Emisoft Emergency Kit and it didn't find anything (apart from a false positive which is always finds). I then ran MalwareBytes Anti-Malware which found another false positive from another Chinese program. I deleted both these reported files just to be safe. I ran HitmanPro and it found a few tracking cookies, a few false positives from Chinese programs, and reported my certclient.dat as being suspicious. I didn't do anything with them and came to this forum for help. The scam web page didn't seem to take control of my browser or my computer in any visible way, but my antivirus reported that several web addresses were being redirected. After a Google search of the IP, it seems that may be my Astril VPN. What should I do to make sure my PC hasn't been infected? I ran Emisoft again as per the forum instructions (smart scan?), and then Farbar and attached the files. Thanks again, Kevin. Scan_150718-160524.txt FRST.txt Addition.txt
  10. Last night, I updated my windows updates. I usually wait several days to find out about possible issues with the updates. After not finding any (might be a careless error of mine,) I decided to install the windows updates last night. While in the process of downloading and installing the windows updates, Emsisoft Anti-Malware also installed an update that required a reboot because it contained updates for behavior blocker and other features for the program. Once my laptop restarted and booted back up, my laptop was barely functioning. My laptop continued to hang and stall. When I tried to open a program, a web browser, or whatever, it would not open. If it did open, when I closed it, the process would still be showing in process explorer as if it were still running. I tried manually terminating the process in process explorer, but it had no effect. Moreover, I could not run anything on my laptop after that point. If I tried to open something after that point, nothing would happen. My computer would be unresponsive. I had to manually turn off my laptop by pressing the button on the side. I am unsure what is causing the problem. It still persists. I can hardly use my laptop. I have done system restore several times, which seems to have fixed the issue each time; however, every time I do system restore, Emsisoft Anti-Malware updates with the one update that requires a system restart. Subsequently, my laptop reverts back to being hardly operable. I am now just leaving my laptop on because if the I restart/turn off my computer, the update will autoinstall and the problem will surface. Can anyone please assist me? Edit: I have turned my laptop off since I originally posted. As a result, EAM updated once again with the system restart update. Since then, my computer seems to be running fine, but when I open Chrome, Chrome starts to malfunction after a few minutes and/or will not close after I click out of it. After that, I cannot run any more processes or open any more windows. I am still guessing that there is an issue with the update maybe. I am probably going to use system restore once again to return to a point before the EAM update was installed to find out of Chrome functions without any problems. I currently using a system restore point that is before my latest updates from Tuesday, July 14th. Edit 2: I was trying to use my laptop after the EAM system restart update was installed/updated, but the same aforesaid symptoms resurfaced. I once again used system restore to a point before the EAM system restart update. Thus far, I do not have any problems, including using Chrome. I am thinking that it is becoming more evident that the problem somehow lies in the EAM system restart update or it causes the problem(s.) Again, my laptop stalls and is hardly operable after the EAM system restart update is installed. If someone could please help me, I would be most grateful.
  11. 1. I disabled the firewall 2. Rebooted 3. Opened Emsisoft (you can see the firewall is disabled) 4. Opened Device Manager (Emsisoft WFP Filter says it is Started) 5. Opened DebugView from Microsoft SysInternal Suite (monitoring all events/ kernel / win32 instructions) 1. Enabled Firewall in EIS 2. Closed Device Manager Properties and Re-opened to read current status (It still says Started) 3. DebugView, the way I read it, there was no change in services, also why "Request queue is empty" 1. Disabled Firewall in EIS 2. Closed Device Manager Properties and Re-opened to read current status (it now says Stopped) 3. Debugview, indicates calls were made to services to disable fwwfp and sets status code to zero (ie. disabled) 1. Activated Firewall in EIS 2. Closed Device Manager Properties and Re-opened to read current status (it still says Stopped) 3. Debugview, doesn't appear to have made a call to start the service again. At this stage, I can not connect to any websites, and I also believe is related to why my internet drops out (as svchost times out on connecting) Even after I restart the fwwfp service manually from Device Manager, i have to reboot in order to connect to the internet. I am using Version 10.0.0.5532 I have reinstalled twice, rebooting twice in between installations. I have reset settings to Factory Defaults several times.
  12. I'm running a trial of Emsisoft Internet Security and can get into Quickbooks from my computer but other computers on my network say it is unavailable. The Quickbooks File Doctor reports * Port number 55348- 'QuickBooks Database Port Service' for QuickBooks 2012 is closed on 'Boss-PC'. * Port number 8019- 'QuickBooks Port Finder Service' is closed on 'Boss-PC'. I do not see anything on the forums to resolve this. If I cannot get it straightened out quickly i will be forced to dump Emsisoft. I have done a custome rule as shown in the attached picture but it may not be done correctly as it does not help resolve the issue. Any help? Thanks
  13. I installed Emsisoft from the wizard fine, it completed and everything. The time the window it takes (the one you put your license key or choose trial version) took a lot of time to pop up, around 5 minutes, I put my key code and everything and the window closed. Then this thing showed up http://gyazo.com/38eb866b442299c67908ecd6761070d5 Few minutes later http://gyazo.com/bad5965d0cc0d8ab4ded6c7dbfba5cf2 I restarted the pc and the tray icon is red with a cross inside saying "Emsisoft - Background guard". I've already trying uninstalling and reinstalling more than 2 times with no success. PS: I don't know if this can help somehow but I installed the hotfix the installer mentions before I install EIS.
  14. Hi Emisoft, esp. Kevin Zoll, I'm a PC user with a potential malware Q, which shares a loopback address mentioned in one of your malware-fixes online, this past week. http://support.emsisoft.com/topic/17265-high-ram-usage/ Could I briefly ask about best steps / tactics? >> My story: Windows 7, Lenovo Thinkpad. I was recently running Lenovo update, which said "unable to connect to the proxy server". Looking at my Internet settings (IE), >> LAN settings, under 'Automatic Configuration': + Automatically detect settings. (was Checked, as usual for Earthlink / Time-Warner). + 'Use automatic configuration' script, was checked, with this localhost loopback: http://127.0.0.1:8445/okf.pac >> I just saw, you advised a fix for removing this same address, on your post cited above. So yesterday, I removed this loopback, unchecked 'Use automatic configuration', & closed Internet settings. When I reopened IE settings, 'automatic config. script' was still unchecked, but the loopback address was still there, greyed out. I searched my registry for this address, found the loopback in three entries at these keys: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NlaSvc\Parameters\Internet\ManualProxies HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\NlaSvc\Parameters\Internet\ManualProxies HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies I backed up registry & deleted all 3. However, that loopback remains in my IE settings, albeit greyed-out, as long as 'automatic config. script' is unchecked. >> So far as I know, it loops back to a proxy port on my LAN server. I almost never use IE, prefer Firefox, so no idea how long its been this way. I infrequently use, & still have installed two VPN's: OkayFreedom & Cyberghost. These VPN seem fairly mainstream, & I found no complaints they do this kinda thing. So I feared malware. As per yr recommends, I ran these anti-malwares, tho nothing came up, except some IE 'ProxyEnable' Registry items (I can likely change those): 1) CCleaner, (excluding windows logs). 2) M$ Malicious software removal, reports nothing. 3) Malwarebytes' Anti-Malware, reports nothing... see log, (AMWB.txt). 4) OTL, see logs (2). 5) Emisoft EEK, smart-scan, see log (a2scan_150515-143323.txt) 6) FRST64, see logs (2). I attach six (6) logs here. Finally, I had purchased this laptop last fall from a (reputable) refurbisher, who said he reconstituted Windows from the 'Lenovo Recovery' partition. Well, maybe this is a standard in Lenovo's special sauce. Can I briefly ask 4 you suggestion ? ~ Regards, Gadzoox AMWB.txt OTL.Txt Extras.Txt a2scan_150515-143323.txt FRST.txt Addition.txt
  15. Hi. My OS is Windows 8.1 Enterprise x64. EAM version 10.0.0.5366. I closed the "Emsisoft News" box, then Action Center told me no antivirus software is running. I checked the event viewer and found this: Log Name: Application Source: Application Error Date: 12/5/2558 21:25:23 Event ID: 1000 Task Category: (100) Level: Error Keywords: Classic User: N/A Computer: Sirawit-PC Description: Faulting application name: a2service.exe, version: 10.0.0.5366, time stamp: 0x554e6f77 Faulting module name: a2engine.dll_unloaded, version: 3.5.0.635, time stamp: 0x5538d5f2 Exception code: 0xc0000005 Fault offset: 0x000603ac Faulting process id: 0x4f8 Faulting application start time: 0x01d08bb21dfcf049 Faulting application path: C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe Faulting module path: a2engine.dll Report Id: b905548b-f8b2-11e4-8269-54271e1869e6 Faulting package full name: Faulting package-relative application ID: Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Application Error" /> <EventID Qualifiers="0">1000</EventID> <Level>2</Level> <Task>100</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2015-05-12T14:25:23.000000000Z" /> <EventRecordID>11988</EventRecordID> <Channel>Application</Channel> <Computer>Sirawit-PC</Computer> <Security /> </System> <EventData> <Data>a2service.exe</Data> <Data>10.0.0.5366</Data> <Data>554e6f77</Data> <Data>a2engine.dll_unloaded</Data> <Data>3.5.0.635</Data> <Data>5538d5f2</Data> <Data>c0000005</Data> <Data>000603ac</Data> <Data>4f8</Data> <Data>01d08bb21dfcf049</Data> <Data>C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe</Data> <Data>a2engine.dll</Data> <Data>b905548b-f8b2-11e4-8269-54271e1869e6</Data> <Data> </Data> <Data> </Data> </EventData> </Event> Please tell me if you need any more info. Thank you.
  16. Hello I tested EIS By pcflank (Advanced Port Scanner), Unfortunately EIS closed ports except 135, 139 http://www.pcflank.com/scanner1.htm Is it normal?? I think, EIS must stealthed all ports. Addition.txt FRST.txt EIS 9.0.0.5066 fully updated Win 7 SP1 64bit
  17. Hello and thanks in advance, I hope you can help. Windows explorer keeps restarting sometimes from it self or as I try to open a file (even in SafeMode), and CPU get really high without obvious reason. Besides I get black/blue strip/area occasionally on part of screen and youtube videos. Malewarebytes keeps blocking access to scvhost.exe, and I've already tried everything I can think of, run several programs (you can see it in FRST.text, reset browser settings (IE i Firefox) and chose no proxy for Internet, even installed Microsoft hoxfix, but problems persists. If you need any additional information just ask please, don't wanna to write a book... Please find enclosed reports as you requested. I've added 150321-'''130.txt from yesterday - first scan with EEK you may need it. a2scan_150322-164957.txta2scan_150321-000130.txtFRST.txtAddition.txt
  18. I currently have Emsisoft on my Computer (Vista Home Premium 32 Bit) but an having problems with my Windows Vista applications. 1)I keep getting Windows Command prompts being closed, 2) Multiple "Default IME" showing in Task Manager 3) Multiple "Internet Explorer" in Task manager 4) Emsisoft Full scan will not completely run to conclusion. 5)The computer is running extremely slow. I attached the Text files your website requested from Emsisoft Emergency Kit and Farbar Recovery Scan Tool. (I had to download them to a USB flash drive because my computer was running too slow. a2scan_150306-225258.txt Addition.txt FRST.txt Shortcut.txt
  19. Sorry I cuoldn't utilize internet on this week, I think you have closed the other topic because I didn't post anything. So now I attach the logs required in the second post. AdwCleanerS0.txt Fixlog.txt JRT.txt
  20. PingPlotter and plain ol tracert and ping can't seem to get out. I have not changed any settings in the firewall screen from the defaults (still trying to understand the layout of this new firewall coming from OA). It did previously show up in the (logs,firewall) log as having automatically added it with "IN/OUT - All Allowed" HOWEVER it didn't work. While this was happening I switched over to cmd prompt and tried tracert both programs show request timed out. I then tried to manually add the program via (Protection, Application rulews) the first time it simply wouldn't add, I went to the application rules and it wasn't there. I closed and re-opened the EIS dialog and went back to Application Rules and this time it stuck but pingplotter still failed to be able to get out, I confirmed in the log that it is there (IN/OUT - All Allowed) for the pingplotter.exe, same with tracert still times out. If I disable the EIS Firewall (Protection, Firewall, Uncheck OR the Protection screen) and then re-enable the windows firewall in action center both programs work properly (tracing and pinging is not longer blocked). I have attached the Protection Firewall screen and I don't recall ever modifying any rules directly on this screen, are they defaults? Any ideas would be appreciated, I keep suspecting I am just not used to this layout (brain is still in OA mode) and might be missing something. EIS 9.0.0.4799 Windows 8.1 pro 64bit
  21. hi i am having the same question, when making an online test onli 5-7 ports are stealhed and the rest are only closed. most of the firewalls use to stealth all the ports... besides even tho i set up emsi to be in a private network... other pc are able to read my host name and identify my pc... also for them they are able to reach my pc.... (when making ping to other ports) with other firewalls my pc is not even recognized and the results for all ports is stealhed.... this happens no matter which network i use... i usually go online in my campus and my house
  22. Hi :-) I was getting frequent warnings about EMIS Overwiew Has Shut Down everytime I closed the interface after a scan and occasionally at other times. Though I always believed it to be a false warning, it did make me feel unsure and I often I would restart my PC. I was looking at the Anti-Malware Forum where users there were reporting a similar issue. The suggestion there was to enable Beta Updates because the issue had been fixed in one of those updates. So, I of course enabled Beta Updates in EMIS. Soon thereafter, after surfing the net for several minutes my internet connection closed down. This happened several times. On a restart of my PC, which was the only way to re-open it, it was always open again. Whether this was a mere coincidence with problems with my ISP I do not know, but because of the nature and timing of the interruptions I doubt my ISP was the cause. I have uninstalled EMIS that had been updated with the Beta Updates. Will be running another security program tonight just too see if it was my ISP and will reinstal EMIS tomorrow with no Beta Updates and put up with the warnings about the Security Overview Stopped Working warnings, which after a time do become annoying.
  23. this is the final scan from the thread that was just closed with the same topic title . I had run the report and thought I already posted it .a2scan_141205-142714.txt
  24. Hello, This issue has suddenly appeared within the last two weeks; computer is extremely slow, Norton keeps reporting it's blocked various malware, internet is grindingly slow (we're on Verizon DSL) and shutting down the computer is slow as it always says something is running when when we've closed all "visible" programs. My system; Windows 7 Home premium, Service Pack 1 Dell Inspiron 1750 64 bit 2 GHz Norton 360 Messages from Norton and the Computer; Computer - Powershell has stopped working High Disk read usage by Com Surrogate There are more than this but I'm not sure which are relevant. Norton - reports that its blocked or removed (after a full scan, but of course they are still there) the following; Adware.Maltree.TS!g23 Trojan.Powelik Protecting your connection to a newly detected adapter "Teredo Tunneling Pseudo Interface (haven't installed any new hardware of software recently) Angler Exploit Kit Website There are more than this but I'm not sure which are relevant. Attached are the three analysis files Thanks, Peter
  25. My earlier post was closed because I was away from office for a week but I am back in action. Attached is the Fixlog.txt from running FRST. I also attached the originally requested files.