blackscreen

Emsisoft Anti-Malware would not start. Now can't reinstall. Unsigned driver?

Recommended Posts

Hi,

I am not sure if my problem is related to malware or to a setting change or driver problem or software conflict. I am hoping you can help me figure it out.

I have been running Emsisoft Anti-Malware on an old Gateway desktop, Windows 7, 64-bit. I am the sole user of this computer and use a Homegroup only to use a wireless Kodak printer. There should be no remote access to this computer.

A couple of days ago I tried to install "Blackbird," a program that claims to reduce Windows telemetry/spying. While installing the program, I got a message from my computer that "The operation could not be completed because the file contains a virus." However, the installation program claimed to have installed successfully. Just as background, there was a period of time in the past when I used to get that message (about a file containing a virus) on my machine, and multiple clean scans eventually led an IT person to tell me that it was a false positive related to Windows. However, I hadn't seen the message in a long time.

Because the message was concerning, I decided to scan the computer with Malwarebytes Anti-Malware. The program quarantined two files with vague names that included the words "report malware" (I forgot exactly what they were). When I rebooted, I got a message from Emsisoft Anti-Malware that a "serious problem" was preventing the program from starting and reaching the service.

I did a system restore to the day before which claimed to be successful, but Emsisoft Anti-Malware again failed to start and gave the same message. I uninstalled Emsisoft Anti-Malware using Revo Uninstaller and also used EmsiClean, which said there were no remnants on the system. However, I have been unable to reinstall it using any method on your website. When I use the web installer, it installs to 99 percent and then goes backwards to zero before closing the installation program. Using the regular 64-bit installer or the .msi installer, I get a complaint that a driver is unsigned for the Emsisoft Protection Platform (epp.sys).

I did notice a user on your website wondering if eset security software might cause the driver signature complaint. I don't have eset software installed, but I do use the online scanner, and it may save files on my computer.

I ran Emsisoft Emergency Kit, Malwarebytes (again), and eset online scanner.  None found any malware. 

I wonder:

a. if I have malware related to the Blackbird installation

b.  if the Blackbird program has changed settings to prevent Emsisoft Anti-Malware from running or to prevent the computer from reading the signed driver.

c.  if the driver is unsigned

d.  if there are hardware problems on this old computer causing the whole thing

I think there are Blackbird files still on my computer, but the executable disappeared when I did the system restore.  I am not sure of the best way to remove any remaining files. Also, I still like the idea of a program like that and am wondering if there is any way to use something like that safely. I am wondering what happened.

Thanks in advance for any help you can give.

P.S. I ran Farbar and Emsiclean.  Logs are attached. 

scan_190808-143855.txt FRST.txt Addition.txt

Share this post


Link to post
Share on other sites

Out of curiosity, are you just using the freeware scanner in Malwarebytes Anti-Malware, or do you have it activated with a premium license key?

I don't really see any sign of an infection (at least not at first glance), but considering the message a file was more than likely detected by Emsisoft Anti-Malware (possibly through the IOfficeAntiVirus API) during the installation.

Share this post


Link to post
Share on other sites

Thank you for replying.   I use the free, on-demand scanner from Malwarebytes, and I don't enable any sort of monitoring.   Same for eset online scanner.   Emsisoft Anti-Malware is my regular antivirus and firewall, although I have used (and can't remember if it was on) Windows Firewall in addition because someone told me it was compatible, and an anti-spying program I used would automatically block telemetry updates through Windows Firewall.   I tend to be a little paranoid about spying (no special reason), and I probably should add that I have often inadvertently messed up my computer by turning off needed services and such.  What I had in place seemed to be working before the installation of Blackbird, though.

I have a long-term license for Emsisoft Anti-Malware and would really like to continue using it.  I haven't had a virus since I bought the program.   I am realy hoping you can help me figure out how to reinstall it. 

Thank you again very much.

Share this post


Link to post
Share on other sites

Ack!   Thank you.  I have turned on Windows Firewall.   I used to use Emsisoft Internet Security and I guess didn't realize the shift meant no firewall.   I guess it's good I have been running it sometimes, and I guess I was lucky during the times I wasn't. 

Thank you--I feel very stupid. 

Share this post


Link to post
Share on other sites
5 hours ago, blackscreen said:

I updated Windows and was able to install.  Thank you for your help, and sorry for the trouble.

I'm glad to hear that it's working now. Thanks for letting us know.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.