EmsiSoft Internet Security 2017 - Report [Infected System]

Status
Not open for further replies.

valvaris

Level 6
Thread author
Verified
Well-known
Jul 26, 2015
263
Hello to all,

I by myself am an EmsiSoft user and after that I want to clarify the System in question is not mine!!!

1st - The User is not Computer-lyric this means NO real understanding and training on how to properly use the Internet and what to be aware of!

2nd - It could be that the System was already Infected before EmsiSoft IS 2017 install!

3rd - Lets get it on... :D

The Scenario:

User wants to use the Battle.net Launcher and after inputting the credentials the standard browser opens plus over a hundred tabs that got blocked by Adblock and NoScript! (Firefox) - No reaction from EmsiSoft IS 2017!!!

What does the User do? He Scanned his System for Malware with EmsiSoft with no detection and Hitman Pro also with no detection at all!

After that coz User is in panic! Comes to me...

System in Question:

OS: Windows 10 64bit - Active Lic. - Up-to-Date
AV: EmsiSoft Internet Security 2017
OnDemand Scanner: HitMan Pro - Current Version
UAC: Deactivated

My Steps:

1. DeepScan with EmsiSoft IS = No Detection
2. HitMan Pro EWS Scan = No Detection
3. Malwarebytes ADW Cleaner = Allot of malicious Reg. Entry's but none corresponding to that scenario
4. Zemana AntiMalware = Detection Fake Root Certificates that Hooked to Battle.net

After cleaning the System from Malware - Explained the User why UAC even exists in Windows and noticed that the User in question was Visiting malicious Sites plus using Software that are questionable!

Asked for what the User has the computer for and the User answered for "Online Banking" - "Social Media" and so on... To come to a close! Gave the User a shock of his life after explaining on how to manipulate Data and how to Spy. (Ethical way!) :D With his own System!

Hope the User pays more attention! But still should EmsiSoft not Detect Root Certificate manipulation?! (Fake Root Certs.)

Best regards
Val.
 
Last edited:

_CyberGhosT_

Level 53
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Aug 2, 2015
4,286
sounds like the infection that "your friend" had was not "on" the system per-say
that's why it was not picked up, and as for root certs, they are easily faked,
or legit ones stolen, and even sold. Remember nothing is 100% ;)
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top