Search the Community

Showing results for tags 'Closed'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • Feedback, comments, and suggestions
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 704 results

  1. Win 10 8894 Sent report Perhaps these logs may help? a2start_20180830092322(3208).zip
  2. Win 8.1, 64bit. Update seemed smooth. Tooltips work on minimised sidebar menu. The mysterious "5123" number next to Quarantine is no longer there - I hope that's expected! Logs appear to be sorted properly.
  3. Upgrade was smooth. I'm using W8.1, 64bit. In the layout on the Overview screen, when one hasn't clicked on the top-left menu icon, it's still possible to click on the mini icons down the lefhand side, but hard to know what they do. I mean... quarantine is possibly meant to look liek something in a cage, but looks to me more like a washing-machine... Maybe these mini icons should produce tooltips? The Support screen talks about getting help from the "?" at the top right, but it's no longer there. Thank-you for - finally - making the About option easier to find, and taking away the problems that clicking on "Emsisoft" could previously cause... but I see one still can't copy the current version number out of the About display. Now would be a fine time to add that facility!
  4. I am trying to use the anti-malware program to remove "idleBuddy" and I got this warning. Also, not sure if "idlebuddy" was removed with in this scan, considering that I already quarantined all the suspicious files, and the pop-up is still showing.
  5. Win 10 after autoupdate to 8894. I now have what looks like Pacman eating my EAM taskbar icon.
  6. Win 8.1, EAM 8839 In Protection - BB - if I type eg: 'ked' (without quotes) in the search field the display is filtered to show just the instances of 'KEDITW32.exe' (my text editor) that are running. If I then append some random chars to 'ked' making it eg 'kedjkl' the display does not change. But I seriously doubt that there are any entries that actually contain 'kedjkl', which I think is misleading. If I enter 'wav' in the search field I'm shown 7 programs, none of which have "wav" in any visible text. It's not just matching on "w" or "wa" though because as I entered "wav" I paused between chars. That's to say, with just "w" in the search field I see more than 60 entries, then with "wa" I see 12 entries, then with "wav" I see 7. I realise that "wav" might occur in some field that's not displayed to the user, but that's quite confusing if it is the case. So, suppose I then right-click one of the seven lines and choose "Open file location" or "File properties"... absolutely nothing happens. I've done this several times with different entries and regularly see nothing (and two of those seven lines are 'KEDITW32.exe" ones). But, if I go back to the display based on 'ked', selecting one of those programs DOES open the file location or show its properties.
  7. Update: After running EEK and FRST, the 2 quarantined copies of Trojan.Scam.MN (B)were gone. Only FRST remained in quarantine list and I deleted it. I searched PC for Trojan.Scam and got no results. If this is normal, you can close this case and I'll delete any remnants of EEK and FRST. Thanks. During regular scan EMSI Anti-Malware found 2 copies of Trojan.Scam.MN (B) and quarantined them see Original Scan-Forensics_180822-181418.txt. I requested deletion, but got message saying virus was deeply imbedded, and to come here for instructions how to delete. I ran EEK and scan seems clean (see attached log). I tried to run FRST, but it got quarantined (by EMSIsoft) while running. Message said it was it was trying to change Firewall settings. I didn't expect both to run per your instructions. I tried to follow all instructions exactly. Forensics_180822-173717.txt scan_180822-173117.txt
  8. I think we have the same problem with: Every time I close the Task Manager my cpu usage is high like 80% no programs started completely idle. The only thing I can see in Process Explorer constantly appearing and disappearing is this with a Processid that can change. Examples: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} or C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} .. I followed the guide and made some steps.. Please look at my JRT.txt and AdwCleaner[C00] I hope you can help me with this matter cause I really don't know what to do. I thought it's only a small problem... AdwCleaner[C00].txt JRT.txt Edited: Adding Uploaded Files - Emsisoft Emergency Kit log (C:\EEK\Reports\) FRST.txt Addition.txt EEK Reports Addition.txt FRST.txt scan_180822-222011.txt scan_180822-223620.txt
  9. Hi i have a persistent malware infection in win10x64 (latest updates till aug 2018) i have did clean install several times (i have other drive as well that has data which was not formatted) but after working for some time infection returns usually after reboots or installing software or doing windows update etc. following happens 1)avast antivirus does not detect any thing but continously uses around 10% CPU. 2)installed malwarebytes, but some times it works other times malware protection and ransomware protection turnf off by own and do not turn back on. 3)bitdefender antivirus does not detect any thing. 4)comodo antivirus also does not detect any thing but uses 25% cpu. 5)Avira antivirus also does not detect anything. if computer goes to sleep or if it is restarted, then the password of computer gets changed by malware i have to reset using 3 secret questions (win10x64). 6)if malwarebytes is able to work then ok otherwise taskmanager or any other app says you dont have permissions etc. Also System tries to go udp pot 137 log copy of outpost firewall blocked logs SYSTEM OUT UDP 131.253.61.86 137 SYSTEM OUT UDP 131.253.61.82 137 SYSTEM OUT UDP 131.253.61.64 137 SYSTEM OUT UDP 13.107.4.52 137 SYSTEM OUT UDP 104.27.128.190 137 SYSTEM OUT UDP 104.20.94.33 137 SYSTEM OUT UDP 74.125.24.188 137 hence now formatted system and reinstalled win10x64 (i have other drive as well that has data which was not formatted)and installed emsisoft antimalware, it also does not detect any thing. then read ur manual malware removal guide. ran Autoruns and the found detected viruses by virustotal. entries of virustotal show some files are infected but that has been detected by one antivirus company only. I copes all these files to a folder and zip them and ran analysis on virustotal https://www.virustotal.com/#/file/47b4b566e2de3e7f73a554073ba028a5b165f0918c8ec134aef9378aade196d9/details and hybridanalysis as well https://www.hybrid-analysis.com/sample/47b4b566e2de3e7f73a554073ba028a5b165f0918c8ec134aef9378aade196d9 , they said infected. uploaded on of the files to hybridanalysis.com and ran on win7x64 it also said infected. when i turn off emsisoft to check the above mentioned issues return back. what can i do now? how can i replace these infected files or if u can add this to ur virus database and remove it somehow. or tell me steps to do to get this resolved. regards. sparta Infected files.zip
  10. That was pretty weird, first youtube opened by itself, then i was waiting if something else would happen and then the unity3d page where it downloads the program opened by itself, the sites seemed legit though. Emsisoft antimalware doesnt find anything. Farbar logs: FRST.txt Addition.txt
  11. Added a couple of rules yesterday set to "block and notify". Today they are set to "block silenty" Bug maybe? Win 7 x64 A side note; Had to take a big list file that i added off, took forever to enter a new rule. After set to defualt (host rules) it was faster.
  12. On Windows 10 I saw this in System Event viewer logs this morning. I rebooted just now and it shows again. I have FastBoot disabled. It doesn't show on Win 7. shutdown.txt
  13. Upgrade was smooth. Will test shutdown and report
  14. My sister's Win 10 Asus pc has been acting badly. I downloaded free Emsisoft. I have the paid version on my PC and know it's great. I ran a Malware scan and 4 suspicious files were found. When I tried to delete and then quarantine them, Emsisoft put up the message "removing these … high risk of crashing your system....contact support … " I'm attaching the logs from EEK and FRST. The culprits are: Gen:Variant.Strictor.83319(b) Gen:Trojan.Heur.FU.ju)@aSTEIDhl(B) Gen.Variant.Graftor.53846(B) Gen:Variant.Strictor.83393(B) FRST_23-07-2018 17.41.35.txt Addition_23-07-2018 17.41.35.txt
  15. Updated via autoupdater. Win 10 64bit All seems well. It took 37 seconds for EAM to restart itself after I press restart.
  16. Auto-updated to 8824 on Win 7 64 bit. Error shown in event viewer Faulting application name: a2service.exe, version: 2018.7.0.8824, time stamp: 0x5b5f47cb Faulting module name: a2engine.dll, version: 2018.7.0.306, time stamp: 0x5b55cbd3 Find attached debug logs, forensics txt and event viewer info a2service_20180802174336(3180).zip
  17. I see it says.. ''Settings/Advanced: checkbox 'Start on Windows startup' GUI issue after update to beta'' So it's right that I see after update ''Start on Windows startup has been changed to enabled'' in Forensics?
  18. Hi, I uninstalled emsisoft after I thought that I didn’t need it anymore, but I remembered that I still had files in quarantine when I uninstalled. What happened to these files? I’m worried that the malware was let loose on my computer again, especially since malwarebytes just alerted me of some PUPs...
  19. I saw after the update the scan performance has improved. It changed its default scan level. Now it is set to fast and when I ran some EICAR test files it didn't detect 7 out of 8. After setting de default option to balanced again it detected al 8. I was thinking that this could be the case of the new scan level, but also when you open the EICAR files it didn't detect any. Is this normal?
  20. The beta updated smoothly. Good start
  21. It's a bit unpredictable at times. When it first opens at default view you see Process...ID.. and Description. Company and Status are not visible unless you go full screen. If you then move Company and Status along to the left so they are visible in default view, Description gets truncated. But this truncation doesn't happenevery time. Thanks for allowing me to have full list of BB visible via dragdown on bottom right of BB panel.
  22. And I'm totally freaked out. 7/26/2018 4:35:54 PM Scanner detected Medium risk Malware "Adware.Linkury.CX (B)" 7/26/2018 4:36:44 PM Scanner detected High risk Malware "Adware.Linkury.CX (B)" logs.db3 FRST.txt Addition.txt scan_180726-163012.txt
  23. Just updated to 8750 No issues.
  24. I dont know what it was, but in case it was something malicious, here are farbar logs. Emsisoft antimalware and roguekiller and hitman pro dont find anything, malwarebytes also didnt find anything. Also i just got some firewall notification about onedrive, i dont know if it was legitimate onedrive thing or what, but windows said it prevented Microsoft onedrive and it asked do i allow it or not. The path of the program was C:\users\mstwd\appdata\local\microsoft\onedrive\onedrive.exe. Is that legit path and file? FRST.txt Addition.txt