Search the Community

Showing results for tags 'Closed'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • Feedback, comments, and suggestions
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 746 results

  1. I just started playing around with the new "My Emsisoft Cloud Console". My first experiences have been quite positive. 🙂 Two little things that I would like to suggest for improvement: 1) I use only one policy for the whole network (i.e. workspace). This is why I delete all computer groups except "New Computers" (which cannot be deleted). I then set all required policy settings/options on the highest possible level, which is the "root" group called "Workspace". These settings are then of course inherited by the "New Computers" group (and possibly some other groups that I might add later). The problem is that whenever you re-visit the "Protection Policies" section by clicking in the navigation bar on the left hand side, the view defaults to the "New Computers" group. So if I'm not very careful, I'll change settings in this group instead of the root group "Workspace". It would be nice if the selection could default to "Workspace" whenever you re-visit the Protection Policies section. 2) Using the Enterprise Console, it was easy to see at a glance if the settings on some client PCs deviated from the original policy setting (the overview in EEC then shows a little round arrow next to the policy name in the "Computer Policy" column). In the cloud console, you must have a detailed look at the settings of each client PC to see if there is anything different to the original policy. It would be very helpful to be able to see policy vs. current client settings differences directly on the overview dashboard. (please bring back the round arrow 😉) Furthermore, there are some minor cosmetic issues: - When clicking on the menu of the root protection group "Workspace", the menu item "Clone" is not greyed out. It is clickable, but (as expected) nothing happens. It should be greyed out like the rest of this group's menu items. - Some German translations don't fit into the UI (mostly on buttons) - When using browser zoom (I use 120% by default) some lines around some UI fields get cut off And two final questions: - I was wondering what the setting "Detect registry policy settings" in the Scanner Settings section does (see attached screenshot). -Why does my license vanish from the "Licenses --> Personal Licenses" section after assigning it to a workspace ? Is this by design? This seems confusing to me... What happens if I delete a workspace - will the license be returned to the "Personal Licenses" section? What about client PCs that are NOT associated with the workspace - will they have licensing problems (I don't want to add all my PCs to the workspace)? Thanks for the great job so far! Raynor
  2. Need help removing malware/infections I tried deleting / quarantining , but it did not work. scan_150830-193019.txt
  3. Hello, We have a large number of clients currently connected to an on-prem EEC instance. We've done a small pilot and are seriously looking at moving all of them to ECC in the near future. I have a couple of topics to discuss: 1. We have discovered that on existing clients, if the user navigates to Settings and clicks on "Connect to MyEmsisoft", they are automatically connected and show up in the Workspace almost immediately. Neat! I assume it knows to connect to the workspace because the license key in their software is attached to that workspace. Can I get confirmation on that? We have command line access to almost all of the computers and they are using that same key. Is there a command that we can push to the computers en masse that will disconnect them from EEC and connect them to ECC basically to simulate them pressing the "Connect to MyEmsisoft" button? 2. It seems that the "Alternative message or URL for news section" policy in ECC isn't applying to clients put into that policy group. All the other policies appear to be applying properly. Wondering if there are some character or length limitations or maybe a bug? Thanks!
  4. Just got it. All seems well here on Win 7 x64 Pro
  5. Auto updated OK on Win 10 (I think) Can I ask why you never give any info anymore on what has been changed or fixed? It's quite difficult to know if a fix has worked, or a new feature has not worked when you aren't even told what it is. Are we doing blind beta testing now?
  6. Just got it. No issues.
  7. Win 10 1809 EAM 9322 I cannot get the 'All Components' list in Forensics to work ( I don't use it ever, but thought I should report :) )
  8. Just got this update. What is in it?
  9. Updated smoothly with no major issues - just wanted to say thanks for changing the Date column width in the Forensics Log - it's so much better now that both the date and the time are shown by default 😂
  10. The notification which shows when you hover over update to 9322 bleeds through everything.
  11. Hello, For the last week everyday, I have been getting a notification from windows defender saying it quarantined a file it found in the Windows/Temp directory. Different antivirus and anti malware programs have been run, some report blocking files from that same folder, some don't find anything, some say it found something different every time. I am trying to attach the files required. Addition.txt FRST.txt scan_190310-201749.txt
  12. Win 10 1809 I have a machine upstairs that I use every couple of days. I updated it this morning to build 9204. After reading here about an issue https://support.emsisoft.com/topic/30517-update-to-version-2019109204-disabled-windows-startup/ I went upstairs to allow it to update to new build 9207 but had a look first and 'start with Windows' was unticked. However it had no problem updating or starting with Windows so I wonder if it is cosmetic? It is still unticked so I will restart machine and see what happens. Here are debug logs in case they help a2start_20190201090648(7192).zip
  13. i got ransomware .kroput attack so i need too to fix my files please regards _readme.txt pass.xlsx.kroput
  14. Hi, I'm a customer of Emsisoft antimalware. Recently, I've received an email from facebookmail security about an attempted log in to my facebook account from an intruder. I verified that this mail was legitimate from facebook itself. Furthermore, I've noticed via TCPView that svchost.exe has an established connection to this IP Address 117.18.237.29 (apparently EdgeCast Networks Asia Pacific Network) which I closed. I added a custom rule into Emsisoft Antimalware to block connections to this IP address, and attempts to connect to 117.18.237.29 would be blocked every time I booted the desktop & successively after. I'm not tech-savvy and would like to seek expert help. Addition.txt FRST.txt scan_190311-100110.txt
  15. Please help me decrypting my files. My external harddrives are also infected. What should I do??! Please help! Thank you so much! Addition.txt FRST.txt scan_190228-235252.txt
  16. Idlebuddy virus and when i tried to uninstall thru EMSIsoft it says theres a high risk of crashing the computer because these viruses are imbedded deeply
  17. I scanned my computer, but can not quarantine or delete idling buddy services, Please help! Thank You Emsisoft Anti-Malware - Version 2019.2n settings: Scan type: Malware Scan Objects: Rootkits, Memory, Traces, Files Detect PUPs: On Scan archives: Off Scan mail archives: Off ADS Scan: On File extension filter: Off Direct disk access: Off Scan start: 3/3/2019 10:48:14 PM C:\Program Files (x86)\IdlingBuddy\IdlingBuddyService.exe Application.CoinMiner (A) [296887] Scanned 80284 Found 1 Scan end: 3/3/2019 10:50:14 PM Scan time: 0:02:00
  18. Win 10 1809. Beta update installed ok. Not keen at all on the collapsible Settings part of the GUI which is like that every time you reboot. Why have you done that??
  19. hi i have contacted in the past as well for this persistent infection in my windows 10 and windows 7 pc i dont remember the last login so created this new one. i have seen that this virus malware etc comes when i connect to internet, even if i have installed alll known antiviruses. only outpost firewall detects it saying unsigned kernel mode driver is about to beinstalled i chose to deny but system still gets infected some how. here is how other antiviruses react to it. kaspersky- protection gets disabled altogether. usb scanner does not detect any thing malwarebytes- protection gets disabled, and even the chamleon is not able to get it working again. norton does not detect anything emsisoft detected download manager trying to download some malware with the original file being downloaded simultaneously. eset secuirty just gets ddisabled . tried all usb scanners as well avast avira kaspersky norton nothing found. tried rootkit scanners as well nothing found. the issue came on win 10 so formatted and installed win 7 but same issue on it as well. system becomes use less either the internet will not connect or if connected system cpu usage will be 100%. so installed ubuntu dual boot with windows and run the windows 7 in vmware in it. even on clean install in vmware it gets infected as the sytem goes online with any of the combinations of antivirus and firewalls (outpost or tinywall or comodo) All windows 7 and 10 systems were fully updated. Some one suggested that it is a network malware. Also some one stole my 50GB data when i was using my previous ISP. they did not do anything asked them to provide details of what was downlaoded they never reverted back so switched ISP. emsisoft is somehow not disabled but it does not detect anything either, i have now spyshelter, osarmor and voodoshield , tinywall no one detects anything or stops kernel mode driver install or from getting infected. when i check my ip in browser it one times said DOD united states. i checked it is department of defense usa?? am i part of some bot network? or has some one hijacked my ip i dont know. now i have to use snapshots in vmware machine as i go online it gets infected and i revert back to snapshot to get it working again. Also the vmware tools show error when it gets infected saying vmware tools are not installed. i ran sigverif in windows+r and it does not detect any unsigned driver. I think i have rootkit which comes from internet every time i connect even on a clean install pc. and then it some how by passes all the firewalls and downloads more malware which are undetected and make system unusable, taskmanager antivrius says you dont have access or file not found etc when run. Also when i log into gmail it says logged in from 1 more location that has same ip and browser as mine. this is my past post i have been using vmware since then and use trial version of every antivirus available. but no one stops or detects anything. pls help,
  20. Gen:Variant.Graftor.Elzob.192 c;\windows\syswow64\msi.dll jak to naprawic
  21. Hello, hoping someone has some knowledge to impart on me. I have an external drive WD mybook, probably 4 or 5 years old. I've had it plugged into my pc the entire time never on any other machine. last night I tried to view some old pictures and videos and I had a prompt tell me I don't have permission to access the files. Also, prompted me to access the account settings to make changes. as far as I can see all the users listed have full access to everything, so there is nothing to adjust. I do see that an odd account is listed - Account Unknown S-1-5-21... I ran bitdefender to scan the hard drive and it does so, however comes back with a long list of password protected files it could not scan. I never used a password to protect any files which makes me believe there may be an infection that caused this. I can manually find some of the password protected files and I can delete them but there are also a few that I can not delete because, again I do not have permission. from the same password protected files that could not be scanned, there are files, such as ($Recycle.bin-S-1-5-21...) that I can not track down at all. I went on the remove the hard drive from my pc and plugged it into a MacBook, to my surprise I was able to view all of the same pictures and videos the PC would not give me access to so I don' think the hard drive itself has any issues. I feel like something has dug into my pc and hidden itself in these password protected files.
  22. MY Windows PC has also get infected as the screen of the system has turned blue and the system is not booting after restarting. It is showing ERROR CODE 0XC0000428 in the interface and I really do not know how would I fix that.
  23. My computer (desktop) has been infected for quite some time. After one of Microsoft Wndows 10 updates that turned off all my protection the machine got infected. That was close to 2 years ago. I have been working on getting rid of the many infections manually and with a few killers. I recently ran across EEK and us4ed it and I used FRST as outlined in hopes this will finally get my desktop back in action. When fully infected I could not run anything. After I did some cleaning I was able to get into safe mode. but the infections would not allow me to change anything, delete or remove any files it presented me with an error box stating that I did not have permission to do that or when I attempted to run various malware and virus killers or start any anti-virus program. It stated it was already running. I am hoping that you can assist me in remedying my situation at hand with my desktop. I have attached the reports from EEK and FRST as outlined. I thank you in advance for your assistance. Addition.txt FRST.txt scan_190130-155741.txt
  24. Windows 8.1, 64 bit The beta correctly identifies that I don't as yet have the browser security extension installed on my default browser (which is Firefox), but I have to go looking in Settings to see that. I still don't get a warning (when I start Firefox) saying that the extension is not installed there - should that still happen? I do (still) get the warning when I start Chrome.
  25. Upon attempting to quarantine 4 suspicious files found during a scan, I got a message stating: "Removing these items bears an unusually high risk of crashing your operating system during automatic cleaning, as these threats are embedded deeply. The malware removal experts at the Emsisoft Support will guide you through a safe removal of these threats." Accordingly, I am attaching the requested log files as per the forum posting instructions, and await your instructions. scan_190124-135355.txt Addition_24-01-2019 14.11.35.txt FRST_24-01-2019 14.11.35.txt