Incredimail Trojan Problem

  birdface 10:37 16 Sep 10
Locked

Just as a forefront I think Incredimail is going downhill rather quickly downloading programs you don't want and never asked for.
But as it is free I suppose they have to make money somehow.

Now Anyone use Emisoft and also use Incredimail.
Emisoft always tries to stop certain bits of Incredimail from downloading.
It does not matter how many times you delete and install Incredimail and Emisoft the same trojan problems come up.
Spyware for one but the most serious is Trojan downloader and as I have removed it cannot remember the name Banaload !ik or something like that.
Now this has been going on for months and no other security program finds any problems.
Normally with false positives Emisoft will restore them on the next update but at the moment it is still reporting them as trojan downloader.
Emisoft has actually stopped incredimail from working a few time and I have had to go in and allow it to run certain files for it to run properly.
Just wondering if anyone else using Emisoft gets the same problems.

  Nontek 11:16 16 Sep 10

I use Incredimail, but not emisoft - I use MSE and have no problems with either!

  birdface 11:50 16 Sep 10

It seems it is only Emisoft that picks it up I also use MSE but don't know if it works as it has never found anything.
latest update for incredimail is a bit of a pain.
Along with the programs that you dont want it gives you a full size page of what it does and that appears every time you switch on.
It is getting that bad that I have made Windows live my default web browser now.
But need someone with Emisoft to see if they are getting the same problem.

  Nontek 12:00 16 Sep 10

I agree your comments about the latest Incredimail - I have remained with the original version 1, staying well clear of Version 2 onwards!!

  numskull 12:19 16 Sep 10

They are releasing a version of Incredimail next week where premium users can hide the Home folder.

  birdface 14:40 16 Sep 10

This is just a bit of what I get from Emisoft.


IDS log

Date PID Source Event Behavior/Infection
16/09/2010 14:34:50 0 TrackingCookie Terminated by User incredimail.com
16/09/2010 14:31:08 0 TrackingCookie Terminated by User incredimail.com
16/09/2010 14:31:04 3948 C:\PROGRAM FILES\INCREDIMAIL\BIN\IMAPP.EXE Allowed by Rule Behavior.TrojanDownloader
16/09/2010 14:31:04 3948 C:\PROGRAM FILES\INCREDIMAIL\BIN\IMAPP.EXE Allowed by Rule Behavior.Spyware
16/09/2010 14:12:05 2752 C:\Program Files\Internet Explorer\iexplore.exe Blocked by Rule ssl.google-analytics.com
16/09/2010 10:04:32 3848 C:\PROGRAM FILES\INCREDIMAIL\BIN\IMAPP.EXE Allowed by Rule Behavior.CodeInjector
16/09/2010 10:04:22 0 TrackingCookie Terminated by User incredimail.com
16/09/2010 10:04:18 3848 C:\PROGRAM FILES\INCREDIMAIL\BIN\IMAPP.EXE Allowed by Rule Behavior.TrojanDownloader
16/09/2010 10:04:18 3848 C:\PROGRAM FILES\INCREDIMAIL\BIN\IMAPP.EXE Allowed by Rule Behavior.Spyware
15/09/2010 23:34:13 3032 C:\PROGRAM FILES\INCREDIMAIL\BIN\IMAPP.EXE Allowed by Rule Behavior.CodeInjector
15/09/2010 23:34:01 0 TrackingCookie Terminated by User incredimail.com
15/09/2010 23:33:58 3032 C:\PROGRAM FILES\INCREDIMAIL\BIN\IMAPP.EXE Allowed by Rule Behavior.TrojanDownloader
15/09/2010 23:33:58 3032 C:\PROGRAM FILES\INCREDIMAIL\BIN\IMAPP.EXE Allowed by Rule Behavior.Spyware

  birdface 15:17 16 Sep 10

I should add before anyone gets alarmed I believe they are all false positives but like I said they usually fix their false positives on the next update.
This has been going on for months now and no other program detects any problems.
I must have deleted it about 4 times in the last month to see if it made any difference but nothing.
Thats why I need someone that uses Emisoft to see if they get the same problems.

This thread is now locked and can not be replied to.

Surface Pro (2017) vs Surface Pro 4

Where HTML5 is headed next

MacBook Pro v Surface Pro 5