Jump to content

Search the Community

Showing results for tags 'Closed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







  1. Auto updated okay on Win 10. Are there supposed to be different colours here?
  2. I was getting this some time back and don't know how it got solved. Now it's back. Emsisoft scan finds it, I quarantine it and the next time E scans it's back again. Over and over. I just ran EEK and the item in question was not found. But that is probably because I had just finished a scan which found it and quarantined it. scan_181118-225318.txt FRST.txt Addition.txt
  3. I think I have an infection and would like guided help to remove. Please see attached as requested and let me know the next steps. Thank you in advance emergency scan 181113-174933.txt
  4. HP EnVY TS 17 Notbook PC Has an I7 4700 processor and 16 GB ram. This machine should be running real fast. However it seems to be really slow. After running a full clean up using Techsuite (which includes EMSI soft removal tools) I was ready to give it back to the client..AFter a reboot it started running real slow again. I ran the techsuite software again and removed 17 new items. The only thing the machine had done was site idle on the internet. Attached is the EEK report. The FRST 64 bit would run until I pressed scan, then it would crash. (I verified the machine is running 64 bit windows 10 home) Thanks, scan_181029-172340.txt
  5. The first hours with 2018.10.1.9026 show improvement with connection issue. The next 48h will show if all kind of issues around network connections have been fixed with this beta. So far it looks like a big improvement.
  6. Updated smoothly. I see you've made changes to grid columns. In my forensic log, the 'handles' for altering column width are almost invisible on the column headers, because the handles are white and the surrounding column title background areas are pale grey. Really it's easier to find them by drifting the mouse across where they should be and waiting for the pointer to change. Ironically the handles (or at least column separators) are much easier to see if one highlights a row; then the highlighted text is shown in black on blue and the separator is (still) white, but of course not draggable... but at least you know where the handles should be above that (if eg you highlighted row 1). Resizing the window horizontally occasionally leaves the 'Clear' button outwith the display area, albeit adding a horizontal scroll bar. It's not easy to tell which changes will add the scroll bar and which will just redraw the whole window in a smaller area. When I first started experimenting I couldn't drag the 'Component' column wide enough to see the whole of a "User <machinename>\<username>" value. It's as if there's minimum widths for other columns that limit how big one column can be dragged if the other columns are already at their narrowest settings. Later on, after having dragged the window to its full width then narrowed it again, I was able to make the 'Component' column wide enough.
  7. Upgraded ok... W8.1 64-bit laptop screen res is 900 x 1600 But display of the log is worse. If I drag the log window as wide as possible, then drag it narrower, a horizontal scroll bar appears (though how wide it is has varied in my experiments - sometimes when the window is maybe 2/3 of its full width, the scroll bar is about 95% of the smaller window's width, implying it cannot be scrolled sideways very much). Once a scrollbar is presented, actually dragging the bar sideways shows that the full display is no longer accessible. That is I'm seeing truncation of the rhs of what was previously displayed in the max-width window. I've also had the scroll-bar mysteriously vanish from the display while the window is much smaller than full-width.
  8. Win 10 1809 EAM 9018 After boot (fast start disabled) accessing the BB window I had to drag down the little pull down thing to show all items in list. However the window would not show all items until I had clicked in it.
  9. Why does my Windows 10 registry have strange characters ? Are they dangerous? Can I delete them? Computer\HKEY_CURRENT_USER\꿸๧饸๧鞀๧_ Computer\HKEY_CURRENT_USER\ Є뭔烐厡Ʋo Computer\HKEY_CURRENT_USER\†Ѐ䘭ᇈ Computer\HKEY_CURRENT_USER\* Computer\HKEY_CURRENT_USER\;
  10. Hi Gays. Emsisoft hat ein Virus im Win-10 gefunden. Wie kann man entfernen (remove)? Bitte hilfe mir. Thanks all.
  11. Guys, what are the usual signs that your unit is infected?
  12. Windows 10 1809, EAM 8988 Each morning after boot and a cup of tea I open EAM logs and highlight the update line which says ''downloaded and installed 67 files in 45 seconds'' (example number) and select the View Details button. This morning there was no info there at all. I tried again. Then I tried from the logs icon on left side of GUI. Then suddenly they were all there. This has not happened before. I have attached debug logs where I noticed round 5.04 am there were quite a few of these in a2start logs. 05:04:02.611 6700 Warning: name "components[]" is not only name of "LogsPage.html" 05:04:02.611 6700 Warning: name "components[]" is not only name of "LogsPage.html" 05:04:02.611 6700 Warning: name "components[]" is not only name of "LogsPage.html" and some odd looking events in the a2service logs at the same time. a2start_20181025044852(3200).zip
  14. Do we still have some beta testers ??
  15. Since yesterday, my PC has been infected with the virus mentioned in the title of the topic, according to Windows Defender. I deleted a couple of programs that were installed along with the virus but after a couple of restarts, command prompts and unknown programs seem to start along with Windows. In addition, there is a bunch of exclusions for certain programs in folders with made up names that Windows Defender is unable to scan. I never excluded those folders myself. What is more, these said folders are located in the Program Files (x86), ProgramData, AppData\Local\Temp, WINDOWS\Temp folders of my PC. I refrain from logging in in various sites and apps I used to, at least without creating a new password, since I'm terrified that my personal data will be compromised through the malicious program. I do not know whether they've already been compromised or the worst is yet to come. I will stand by, waiting for further instructions as to how to proceed on the matter. Thank you in advance. scan_181011-012112.txt Addition.txt FRST.txt
  16. It was probably asked before but anyway.... In older versions we could auto adjust column width by double clicking on separators. This is not possible any more and it requires lots of time and nerves to adjust them properly. Any chance of bringing this functionality back?
  17. Windows 10 1809 - EAM 8988 Frank if I go to BB and select ''add application rule'' browse to notepad.exe, select it and choose blocked, I can still open notepad. When I do open notepad I get 2 entries in BB list one listed as monitored, and one listed as blocked See screenshot. (Also why does it say n/a when you go to add an application rule?)
  18. Emsi soft and other tools have cleaned this machine up, but because there are so many things out there that could hide, I thought I would run these logs by you to see if I missed anything. This computer's accounts were hacked about the same time Facebook was recently hacked. FRST-2018-10-10-1205.txt Addition-2018-10-10-1205.txt scan_181010-115115.txt
  19. Bonjour pouvez vous m'aider je n'arrive pas à supprimer un logiciel malveillant ,quand je le supprime il reviens toujours merci
  20. Hi, I'm running EAM on a Windows 7 machine. I've been getting scareware. EAM is not protecting against it coming in, but it does find the infection when I run a scan. It removes it and then later on it comes back. The file is found in <User>\Application Data\Local\Microsoft\Windows\INetCache\Low\IE. From what I've read, this infection is due to visiting a web site with a nasty java script. Question is how can I prevent the infection from coming back.
  21. Hello, I am not sure whether this is posted in the right place, since I am not sure that my laptop is infected at all. Since I don't know where else to turn to and since it might be related to Emsisoft Malware, I describe my problem here: Since about two weeks TLS 1.2 stopped working on my laptop. I switched it on one day and could not load any https pages anymore. I tried several browsers, all with the same symptoms. I disabled TLS 1.2 in IE11 and I could load most of the pages again as before. I can load them in IE, but not for example in Chrome which does not allow me to disable TLS 1.2. Some web pages like online banking etc. only allow access via TLS 1.2 and these are blocked for me now clearly telling me to update my browser to a safer version. Access is via Wifi, and all other devices going via that wifi don't have this issue. This includes one other laptop also protected by Emsisoft Malware and mobile phones. I switched off firewall and Emsisoft to check whether this might be a restriction from their side, but to no visible effect. I googled the Problem and followed several common pages recommending to clear SSL cache, browser history, cookies, whatever, but it didn't help. I even reinstalled Windows 10, but the Problem persisted. I am pretty sure that TLS 1.2 is at the heart of the Problem, that only my device is affected and that nomal settings resets don't seem to help. I wonder whether this could be some malware or virus so far undetected? Have you encountered such a case before? Any help or advice would be appreciated very much. Best regards, Jörg
  22. [email protected], variant graftor 183326 and 53843, variand strictor 83393 and 83319 and 58214
  23. Windows 10, version 2018.9.1.8968. Shortly after the slide that notified me EAM has been updated popped up, my Heroes of the Storm session started behaving strangely - mouse delays, inability to control cursor properly ingame. Things work fine outside of the game itself, and quitting EAM fixed the problem. Right now I have restarted EAM with all protections disabled.
  24. As of 2 days ago, my Steam installation no longer runs. Tonight I tried to launch Nvidia GEForce Experience to use Shadowplay to vidcap something, and it no longer runs either. I noticed a file in the EEK log that says it's whitelisted and comes from Intel, but I did not whitelist it and its name is vgnqwemqwejlk.exe or something equally inscrutable, which is one of the signs of malware. I have run sfc /scannow (no errors found) and reinstalled Steam and NVIDIA drivers/Experience and it doesn't help. I hope you can see something wrong in these scan logs- Thanks. Addition.txt FRST.txt scan_181005-191152.txt
  • Create New...