Search the Community

Showing results for tags 'Closed'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Malware Research Center
    • Help, my files are encrypted!
    • Help, my PC is infected!
    • Malware and Computer Security
    • Malware submissions
  • Company & Products
    • Customer Support
    • Beta Community
    • Feedback, comments, and suggestions
    • False positives
    • Emsisoft News
  • Other Languages
    • German Support - Deutscher Support
  • Private Zone

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 719 results

  1. Win 10 EAM build 8954 Did my usual malware scan when I get a new EAM build to check if it works okay. I keep an Eicar test file (eicar.com.txt) in root of C drive. Today the scan got to 99/100 percent before eicar came up in the scanning window and then appeared as a detection when the scan result came up. This is a change in behaviour as it always caught it during the scan before.. not at the end. Have you changed something in the scanner?
  2. My forensic logs don' t seem to be feeling very well I have tried dark mode, light mode, components, actions, but they all stay in little groups with the dates messed up. Nothing is in sequence order.
  3. Hi. Can you help me get rid of this virus pleas? Regards Peter Forensics_180925-093725.txt
  4. My computer has been infected by ransomware Virus.Win32.Swizzor!IK with links into Trace.Registry.VirusShield2009!A2 and back up into Trace.Registry.IMesh!A2 none of which the A-Squared can eliminate. Proposed was a phone number to call
  5. I am using GT500.org as my control site for testing. It is added in surf protection list as a custom entry. Unsandboxed I went to GT500 using 3 different browsers. Edge ..it said blocked but it was on screen. Opera 45.... it did nothing and I went there without issue. Seamonkey 2.46 I was blocked. Screenshots attached. gt.zip
  6. Thanks devs for this. I like it a lot
  7. Win 8.1; update here was smooth... except there was a systray popup describing creation of a new(?) service, which doesn't normally happen. Did it change its name, or something?
  8. had not this been removed?
  9. No updates at boot this morning and doing it manually it just says ...initializing. Debug logs for boot attached Of course it may be a server issue but thought I'd post just in case it wasn't. Also not able to send an email through the GUI about this. It said it couldn't due to a technical issue. a2start_20180912044229(7876).zip
  10. Please see here for first reported instance https://support.emsisoft.com/topic/29560-scan-problem-with-8668/?tab=comments#comment-184696 It has happened again today however it is not stuck on memory this time as in the details for 'still scanning'' it says the scan has finished.
  11. I'm confused by Christian's announcement a few minutes ago that the new GUI layout version of EAM has just been released... but with betas coming thick and fast, how on earth have you managed to choose a level of functionality that isn't already known to have problems? What build level is the new stable version?
  12. Tool tips missing.. Under BB list....Suspicious Programs Under File Guard.. Only scan files with specific extensions.
  13. Hello, after updating to 8906 beta 3, I clicked on "Custom scan" in "Scan & Clean" tab and got an error as you can see on the image. I sent a report and logs are included here. The issue was resolved after going to Custom scan via the standard menus. Also tried going to build 8843 stable and back to 8906 beta 3 again. Same results. After going back to 8943 stable, the UI got resized and covered almost whole screen (1920x1080). After updating to 8906 beta 3 the UI got much smaller and I had to resize it to see all tabs. Also it is pretty hard (at least for me) to grab the corners of the UI to resize it. Martin Edit: Sorry fot the language on the image, I am unable to make it speak english. Logs.zip
  14. When I expand the menu I get a large number next to the quarantine menu entry but nothing is in quarantine?
  15. Win 10 8894 Sent report Perhaps these logs may help? a2start_20180830092322(3208).zip
  16. Win 8.1, 64bit. Update seemed smooth. Tooltips work on minimised sidebar menu. The mysterious "5123" number next to Quarantine is no longer there - I hope that's expected! Logs appear to be sorted properly.
  17. Upgrade was smooth. I'm using W8.1, 64bit. In the layout on the Overview screen, when one hasn't clicked on the top-left menu icon, it's still possible to click on the mini icons down the lefhand side, but hard to know what they do. I mean... quarantine is possibly meant to look liek something in a cage, but looks to me more like a washing-machine... Maybe these mini icons should produce tooltips? The Support screen talks about getting help from the "?" at the top right, but it's no longer there. Thank-you for - finally - making the About option easier to find, and taking away the problems that clicking on "Emsisoft" could previously cause... but I see one still can't copy the current version number out of the About display. Now would be a fine time to add that facility!
  18. I am trying to use the anti-malware program to remove "idleBuddy" and I got this warning. Also, not sure if "idlebuddy" was removed with in this scan, considering that I already quarantined all the suspicious files, and the pop-up is still showing.
  19. Win 10 after autoupdate to 8894. I now have what looks like Pacman eating my EAM taskbar icon.
  20. Win 8.1, EAM 8839 In Protection - BB - if I type eg: 'ked' (without quotes) in the search field the display is filtered to show just the instances of 'KEDITW32.exe' (my text editor) that are running. If I then append some random chars to 'ked' making it eg 'kedjkl' the display does not change. But I seriously doubt that there are any entries that actually contain 'kedjkl', which I think is misleading. If I enter 'wav' in the search field I'm shown 7 programs, none of which have "wav" in any visible text. It's not just matching on "w" or "wa" though because as I entered "wav" I paused between chars. That's to say, with just "w" in the search field I see more than 60 entries, then with "wa" I see 12 entries, then with "wav" I see 7. I realise that "wav" might occur in some field that's not displayed to the user, but that's quite confusing if it is the case. So, suppose I then right-click one of the seven lines and choose "Open file location" or "File properties"... absolutely nothing happens. I've done this several times with different entries and regularly see nothing (and two of those seven lines are 'KEDITW32.exe" ones). But, if I go back to the display based on 'ked', selecting one of those programs DOES open the file location or show its properties.
  21. Update: After running EEK and FRST, the 2 quarantined copies of Trojan.Scam.MN (B)were gone. Only FRST remained in quarantine list and I deleted it. I searched PC for Trojan.Scam and got no results. If this is normal, you can close this case and I'll delete any remnants of EEK and FRST. Thanks. During regular scan EMSI Anti-Malware found 2 copies of Trojan.Scam.MN (B) and quarantined them see Original Scan-Forensics_180822-181418.txt. I requested deletion, but got message saying virus was deeply imbedded, and to come here for instructions how to delete. I ran EEK and scan seems clean (see attached log). I tried to run FRST, but it got quarantined (by EMSIsoft) while running. Message said it was it was trying to change Firewall settings. I didn't expect both to run per your instructions. I tried to follow all instructions exactly. Forensics_180822-173717.txt scan_180822-173117.txt
  22. I think we have the same problem with: Every time I close the Task Manager my cpu usage is high like 80% no programs started completely idle. The only thing I can see in Process Explorer constantly appearing and disappearing is this with a Processid that can change. Examples: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} or C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} .. I followed the guide and made some steps.. Please look at my JRT.txt and AdwCleaner[C00] I hope you can help me with this matter cause I really don't know what to do. I thought it's only a small problem... AdwCleaner[C00].txt JRT.txt Edited: Adding Uploaded Files - Emsisoft Emergency Kit log (C:\EEK\Reports\) FRST.txt Addition.txt EEK Reports Addition.txt FRST.txt scan_180822-222011.txt scan_180822-223620.txt
  23. Hi i have a persistent malware infection in win10x64 (latest updates till aug 2018) i have did clean install several times (i have other drive as well that has data which was not formatted) but after working for some time infection returns usually after reboots or installing software or doing windows update etc. following happens 1)avast antivirus does not detect any thing but continously uses around 10% CPU. 2)installed malwarebytes, but some times it works other times malware protection and ransomware protection turnf off by own and do not turn back on. 3)bitdefender antivirus does not detect any thing. 4)comodo antivirus also does not detect any thing but uses 25% cpu. 5)Avira antivirus also does not detect anything. if computer goes to sleep or if it is restarted, then the password of computer gets changed by malware i have to reset using 3 secret questions (win10x64). 6)if malwarebytes is able to work then ok otherwise taskmanager or any other app says you dont have permissions etc. Also System tries to go udp pot 137 log copy of outpost firewall blocked logs SYSTEM OUT UDP 131.253.61.86 137 SYSTEM OUT UDP 131.253.61.82 137 SYSTEM OUT UDP 131.253.61.64 137 SYSTEM OUT UDP 13.107.4.52 137 SYSTEM OUT UDP 104.27.128.190 137 SYSTEM OUT UDP 104.20.94.33 137 SYSTEM OUT UDP 74.125.24.188 137 hence now formatted system and reinstalled win10x64 (i have other drive as well that has data which was not formatted)and installed emsisoft antimalware, it also does not detect any thing. then read ur manual malware removal guide. ran Autoruns and the found detected viruses by virustotal. entries of virustotal show some files are infected but that has been detected by one antivirus company only. I copes all these files to a folder and zip them and ran analysis on virustotal https://www.virustotal.com/#/file/47b4b566e2de3e7f73a554073ba028a5b165f0918c8ec134aef9378aade196d9/details and hybridanalysis as well https://www.hybrid-analysis.com/sample/47b4b566e2de3e7f73a554073ba028a5b165f0918c8ec134aef9378aade196d9 , they said infected. uploaded on of the files to hybridanalysis.com and ran on win7x64 it also said infected. when i turn off emsisoft to check the above mentioned issues return back. what can i do now? how can i replace these infected files or if u can add this to ur virus database and remove it somehow. or tell me steps to do to get this resolved. regards. sparta Infected files.zip