valvaris

Level 2
Hello to all,

I by myself am an EmsiSoft user and after that I want to clarify the System in question is not mine!!!

1st - The User is not Computer-lyric this means NO real understanding and training on how to properly use the Internet and what to be aware of!

2nd - It could be that the System was already Infected before EmsiSoft IS 2017 install!

3rd - Lets get it on... :D

The Scenario:

User wants to use the Battle.net Launcher and after inputting the credentials the standard browser opens plus over a hundred tabs that got blocked by Adblock and NoScript! (Firefox) - No reaction from EmsiSoft IS 2017!!!

What does the User do? He Scanned his System for Malware with EmsiSoft with no detection and Hitman Pro also with no detection at all!

After that coz User is in panic! Comes to me...

System in Question:

OS: Windows 10 64bit - Active Lic. - Up-to-Date
AV: EmsiSoft Internet Security 2017
OnDemand Scanner: HitMan Pro - Current Version
UAC: Deactivated

My Steps:

1. DeepScan with EmsiSoft IS = No Detection
2. HitMan Pro EWS Scan = No Detection
3. Malwarebytes ADW Cleaner = Allot of malicious Reg. Entry's but none corresponding to that scenario
4. Zemana AntiMalware = Detection Fake Root Certificates that Hooked to Battle.net

After cleaning the System from Malware - Explained the User why UAC even exists in Windows and noticed that the User in question was Visiting malicious Sites plus using Software that are questionable!

Asked for what the User has the computer for and the User answered for "Online Banking" - "Social Media" and so on... To come to a close! Gave the User a shock of his life after explaining on how to manipulate Data and how to Spy. (Ethical way!) :D With his own System!

Hope the User pays more attention! But still should EmsiSoft not Detect Root Certificate manipulation?! (Fake Root Certs.)

Best regards
Val.
 
Last edited: