Jump to content

Search the Community

Showing results for tags 'Closed'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







  1. My Desktop icons and taskbar periodically just disappear, leaving only my wallpaper image visible. The only way I have found to recover (without a power-off/on hard boot) is to bring up Task Manager and log off, then log back on at which point my Desktop is restored. "Windows Explorer has Stopped Working" keeps popping up in mid-session, the only recovery option being to Restart Windows Explorer, thereby losing whatever I had been working on. I have run sfc /scannow to see if any Windows files were corrupt, but it reports no problems found. The only common factor I can find in the various "solutions" found on various sites for both of these issues is Malware, so here I am, on bended knee- "Help me, Obi-Wan Kenobi, you're my only hope!" Logs are attached, please help. Thanks. Addition.txt FRST.txt scan_200417-182828.txt
  2. My 23rd day with trouble; Apps don't install, or they crash after a few seconds. Apart from that, the system is 100% stable. No "traditional bluescreen"/system crash. I am far from an expert in many fields, but I have fixed all kind of computer problems myself, since 1983, within a day or two. This time I'm really stuck. Latest: MS Defender now (not shown before) report "HackTool: Win32/AutoKMS, 10.04.2020 17:46 (Active)" - "Start Actions - Hacktool: Win32/keygen ....High". I'm unsure what Defender did about it. I try to follow this : https://malwaretips.com/blogs/remove-hacktool-win32-autokms/ , but MBSetup.exe crash as soon as "Installing" starts. Only the two M.2's installed/connected, Everything I have tried to install the past weeks is licensed software, and/or free software. (Emissoft, EaseUS Todo Backup, EaseUS Partition Master, Macrium Reflect, Faststone image viewer/capture (free, but I have licenses for both) ++ Online scan (F-secure, Eset): Downloading install file OK, but installing (as adimin or not) leads to crash within 5-30 secs, during installation or performing the task. I reboot a lot. Secure boot is set to UEFI, boot manager on M.2 as the only boot option. More info, written earlier today: Many of the installed programs also crash (when I restore old images) Usually Werfault.exe report something like "Instruction ...referred memory at address..... Memory could not be read /...could not be written." All Microsoft programs works OK (Outlook, Excell, Notepad...). Edge, Chrome, Emisosoft, EaseUs Partition Master and some other program work OK. Installers for online scans (Eset, F-secure) crash. EEK crash It doesn't matter if I start anything normally, or as admin. I have also had a lot of these errors WDDMStatus, AliyunWrapExe, NVIDIA Web Helper, AISuite3, SearchProtocolHost, DipAwayMode, acrobat_sl, unins000, epm0, FXC_ProxyProcess ++, but not so many of these lately. I have made several clean install of Windows Pro 10/64. Problems persists. Install image from july 2019. Problems persists. Update Windows. Problems persists. Roll back Windows build 1909. Problems persists. 4 x 16 RAM, Corsair . Have tried 2x16 GB in slot A1/2, or only B1/B2. I have run several memory tests. BIOS, HWInfo and laser thermometer show low temperatures. OCCT stress test OK. HWInfo report CPU 2.2 GHz in "security mode". 3.7 GHz otherwise. I now run with only two M.2's installed. All HDD's USB's are disconnected. ASUS ROG Crosshair Hero VII Wifi (july 2019). Replaced a few days ago with ASUS X570-PRO AMD Ryzen 7 2700x Samsung M.2 (2016) replaced with Samsung M.2 SSD 970 EVO+. Clean install of OS. Problems persist. Update Win, problems persist. Install image from july 2019 (no problems), problems persist. GPU Nvidia GeForce GTX 1660 Ti. Tried both "Gamer-driver" and "Studio-driver". Now unable to reinstall/change driver. I also started a thread at Tom's hardware March 23rd (https://forums.tomshardware.com/threads/lot-of-programs-installers-crash-lot-of-werfault-exe.3584615/#post-21660305 )
  3. Win 10 1909 via autoupdater. No issues so far. Took a little while for readings to settle down after beta update but they are fine now.
  4. I ran Emsisoft and received the message that it was unable to remove "C:\Program Files (x86)\IdeaBadaga\IdeaBadaga.exe" I then ran the required 3 tools as your forum requests. I have the 3 files but no idea how to "attach" them here. Any help is appreciated! (This is for my mother-in-law's computer in case the different email matters - hers is ********* KATIE scan_200408-134044.txt Addition.txt FRST.txt
  5. Hello, I am trying to help my father with a virus on his computer. Your tool detected the subject trojan and I am following your guide on how to get support for the removal. Please find the attached files requested. Thank you, Stu Addition.txt FRST.txt scan_200406-040502.txt
  6. hi all, i'm back, android emulated on my Windows of my two computers on MEmu are infected by the malicious apps on/of that link: https://www.breakingnews.fr/technologie/supprimez-ces-applications-android-desagreables-qui-peuvent-se-connecter-a-vos-comptes-google-et-facebook-des-maintenant-220819.html which infected the two pc, memu, hijacked and hacked my gmail accounts, because of that infections &bbugs, camtasia/snagit freezes and crash, i have licenses of eset drive security installed on 3 usb disks: -the 4gb Kingston privacy datatraveller vault -the 40GB portableapps datashur -and my winsows to go workspace 64 Gb Kingston workspace with portabilized Windows (my 3RD pc) its partnership with clevx, only eset license i have is drivesecurity, this forums and disinfection here is accepted.possible for eset drivesecurity license detenders ? eset, avg & emsisoft installed have also two bugs on two others devices (ray) : the 64 GB SD Card & the Acer R1 Series Monitor: i have bug on acer r1 series monitor on desktop pc:if/when i turn on the screen it's takes between 10 minutes & 1 hour to turn on the screen (longtime black screen with at certains time a energy star logo) the 64 GB sd infected it's impossible to take with sony cybershot my important video the april 10Th:"database error" my DNS is Comodo TrustConnect THanks...
  7. Via manual updates Win 10 1909 running EAM binary (10100 !!) Can you give a clue as to any of the fixes?
  8. Installed via autoupdates on Win 10 1909. GUI seems to behave a bit better By the way, how many times during a malware scan should it say 'enumerating files' ?
  9. I just reported a problem in the main forum, of a2start going mad when the last update got installed about 25 minutes ago. See: https://support.emsisoft.com/topic/33020-a2start-suddenly-very-busy/It occurs to me that -.10078 is maybe stil only a beta? (How is one meant to know?) Debug logging was on throughout this - do you want the logs?
  10. Win 10 1909 with all updates. Updated beta enabled 10048 to 10065 without issue. Did a malware scan and again Defender caught eicar first (debug logs and screenie attached) There is no trace of eicar on machine now even though I selected for Defender to allow it. Can confirm that right-click delete now works on EEK folder using Win10 Downloaded and installed EEK again. I noticed in Forensics that it says ''detect pups has been changed to enabled'' It didn't ask me about that!! Logs.zip
  11. Win 10 1909 all updates. Autoupdated without issue. Noticed that whenever I choose Settings.... Permissions, it shows Updates as underlined in the GUI. It may correct itself perhaps after a reboot. Just looking around at the moment. What do you mean by 'Setting the Administrator password''? Do you mean that setting wasn't working as expected in some cases?
  12. Hi, My windows 10 PC is infected and I followed your guidelines. I installed emergency kit but was unable to run emergency application as malware prevented it from running. Please find attached three .txt files. Two from Farbar Recovery Scan Tool produced the following logs: FRST.txt Addition.txt And I was able to run rogue killer, log file from that is attached too. Thanks for your help, appreciate. Addition.txt FRST.txt as_B931.tmp.txt
  13. Is there any beta testing being done for IMac computers
  14. Hi there! My computer is infected. I have rootkit Wdf34078.sys Please help me. I can't delete it. What can I do? My name Gönczi László from Humgary. Thank you, have a good day.
  15. Win 10 1909 Updated to new beta.. no issues with update. 1.....Did a malware scan and something odd happened. EEK always catches my eicar.txt file in downloads. This time it didn't, instead during the EEK scan Windows Defender notified me and I told it to allow it (see screenshot). EEK scan then did not catch the eicar file in the scan. Does it pick up on Defender allowing it? 2..... Why is there a Emsisoft folder in ProgramData? It is called Updates and has only BD definitions listed in there but both files are empty. It does not get deleted with the other things in C\EEK obviously. 3.... When will I be able to use right-click delete on the C\EEK folder without being told it in in use? (I am using new beta 10048) I just tested the deletion and ended up having to use sc delete epp Logs of scan attached plus WD screenie. logs.zip
  16. I've got a threat called Win32/Packed.VMProtect.ABO I want to know if it's actually harmful or it's the default for the antiviruses to see it as a threat scan_200313-154937.txt Addition.txt FRST.txt
  17. I updated my 100025 version through the beta updates.. no problem. Did a malware scan with 100032... no problem. Thought I'd check out doing a clean install of 100032 to check license issue fix... problem C/EEK would not delete. First I had deleted shortcut to it from my desktop. Then went to C/EEK right-click delete. It got to a certain point and said it couldn't delete as it was still in use. I did a restart of machine to 'unlock' it. It still wouldn't delete. So I ran Emsiclean and deleted EEK through it and did the requested restart of the machine. After restart C/EEK was still there. So I right-click deleted it again and this time it went. I shall install 100032 as a clean install now and report in another post.
  18. Is there any problem in my computer now after I've restored my data scan_200228-214808.txt FRST.txt Addition.txt
  19. Win 10 1909 via autoupdates. No problems so far.
  20. Beta update went in well. I like the way the GUI is now, it's much easier to navigate. I may be wrong, but doing a manual scan seemed to go from 4 of 5 to finish very quickly. On EAM it goes to 5 of 5 and takes a little while there. Not sure what logs would show this, have attached a couple anyway. logs.db3 scan_200226-073709.txt
  21. Auto update of Win 10 1909 went okay.
  22. hi all., we are new in the forum of antivirus, if i import videos with camtasia the application freeze, it causes i can't produce and upload in youtube with camtasia in MEmu android emulator on pc a notification "MEmu (rocket cleaner) 99.0 mb" appears repetitively but rocket cleaner is malicious app installed on MEmu whichs causes hacking of Google accounts, the speed clean and G5 Gamebox malicious android apps on MEmu virtual android on windows more info here: https://www.breakingnews.fr/technologie/supprimez-ces-applications-android-desagreables-qui-peuvent-se-connecter-a-vos-comptes-google-et-facebook-des-maintenant-220819.html En bref Dans MEmu tous ça à piraté le pc, camtasia freeze et comme on est français et sur forum antivirus multilingue the traduction i installed google translate: salut à tous., nous sommes nouveaux dans le forum des antivirus, si j'importe des vidéos avec camtasia, le freeze de l'application, ça fait que je ne peux pas produire et télécharger sur youtube avec camtasia dans l'émulateur Android MEmu sur PC, une notification "MEmu (Rocket Cleaner) 99,0 Mo" apparaît de manière répétitive mais Rocket Cleaner est une application malveillante installée sur MEmu, ce qui provoque le piratage des comptes Google, speed clean et G5 Gamebox malveillantes applications android sur MEmu virtual android sur windows Plus d'infos ici: https://www.breakingnews.fr/technologie/supprimez-ces-applications-android-desagreables-qui-peuvent-se-connecter-a-vos-comptes-google-et-facebook-des-maintenant-220819.html [/blue] avanquest uninstalled & thanks/merci...
  23. I've posted my logs and got confirmation that I was clean, reinstalled windows from usb after I've upgraded the bios and shredded the harddisk signed in to microsoft and chrome account Is there anyway the virus has came back especially it asked for my one drive? FRST.txt Addition.txt scan_200224-121009.txt
  24. I don't know if this is the right place for suggestions, but here goes. Maybe it would be nice that when looking at the Behavior Blocker tab, processes that are verified by the Anti-Malware Network get a check mark, or some other form of visual indication that they are verified. Currently to check if a process is verified by the Anti-Malware Network you have to right click the process, select "File properties" from the context menu, and scroll down in the text box. I think it would be really nice if the reputation was visible at a glance.
  25. Win 10 64bit 1909... EAM beta 9977 As well as a Reflect image, I also have a little USB stick which, every so often, I copy and paste my docs, downloads and pictures to. It is sort of an emergency backup of files which I keep in a drawer. On this PC I have 5 eicar items which I keep to test the scanner. The scanner always tells me it has detected them but never quarantines them. I have report only selected in scanner settings. I have attached what EAM usually does and finds from a scan report. Today I selected documents, downloads and pictures in C\ users\ username (room) and chose copy. Then with my usb stick plugged in and opened I selected paste. EAM quarantined 2 items. (screenie attached) The 2 items were from Downloads. Why did it do that when I had it set to report only ? Was it because it wasn't a scan but a copy and paste? The Zip files in Downloads were not quarantined. The eicar.com.txt in root of C was also not quarantined. scan_200125-054319.txt
  • Who's Online   0 Members, 1 Anonymous, 48 Guests (See full list)

    • There are no registered users currently online
  • Create New...