Jump to content

Most Liked Content

#59026 How to translate Emsisoft Anti-Malware and Emergency Kit into a new language...

Posted by Fabian Wosar on 27 September 2012 - 07:26 PM

Emsisoft Anti-Malware and Emergency Kit use a text file based translation system. Such language files have the extension .LNG and can usually be found in the Languages sub-directory of the installation directory (for example "C:\Program Files\Emsisoft Anti-Malware\Languages\"). Since a lot of strings are shared between the products, all products use the same language files. So there is no need to translate the language files of each product separately.

We maintain the English as well as the German translation ourselves, so we can guarantee that those files are always up to date and they therefore should be used to base new translations upon. To make sure that you have the latest languages files please run the online update before you start your translation.

The language files adhere to the Windows INI file standard and in general are made up of the following parts:
  • [Sections]
    Sections are enclosed in square brackets and are used to seperate various areas within the language files. Sections must not be translated.
  • //Comments
    Comments always start with two forward slashes. They are completely ignored by the application and can be used to keep notes. Translation of comments is completely optional.
    Note that all lately modified lines in en-us.lng are copied and commented too. They are just for reference to track modifications on the original file.
  • Key=Value
    The actual language strings are contained within the language file as key value pairs. The key part (which is the part before the equal sign) is used by the application to identify where the string is used and therefore must not be translated. The value part (everything after the equal sign) is the actual text displayed by the application and therefore must be translated.
  • Keep in mind that Language files are plain text files. So if you want to edit a file make sure you do so with a plain text editor like Notepad. Text processing software like Microsoft Word or Works will not work.
Creating a new translation
The first step in creating a new translation is to make a copy of the language file you want to base it upon (either "en-us.lng" or "de-de.lng"). The copy should use the ISO language code as a file name. If you want to translate the product into Dutch for example it should be named "nl-nl.lng". Keep in mind that while Emsisoft Anti-Malware is running you are unable to change any of the installation directory's content. To create the copy in the Languages directory and edit it you will have to close Emsisoft Anti-Malware first or alternatively disable the self protection in the Configuration section.

At the top of the file you will find a special section called "LanguageInfo". This section contains various information used by the application to determine how to parse and display the language file. The section contains the following values:
  • Version
    The product version number this translation is based upon. Keep in mind that this is always the Emsisoft Anti-Malware version number, as Emsisoft Emergency Kit is a stripped down Emsisoft Anti-Malware version.
  • Language
    The English name of the language this language file contains.
  • LanguageLocal
    The native name of the language.
  • Author
    The name of the author of this file. This should be your name if you create a new translation.
  • Email
    The email address of the author. This should be your email address if you create a new translation.
  • Date
    The date when this file was last edited. Make sure to update this value whenever you change the file.
The LanguageInfo section of the German language file for example looks like this:
author=Emsisoft GmbH
Once you have adjusted the LanguageInfo section of your new language file, you can start translating the other sections.

Updating an existing language file
Language files do change whenever new user interface controls or features are implemented. In these cases it is not necessary to translate the entire language file again. Instead you can just add the new values to an existing language file. To facilitate this process we have added an overview that shows you which languages aren't up-to-date and exactly which strings need translation:

Simply click on the language to see which strings are missing. The format of the returned strings is "[section] valuename=string". We recommend that you make translation updates on a copy of the file. This is to prevent the online update from overwriting your changes on the next update. You also might find the tool WinMerge very useful to highlight added and removed lines.

Testing your new or updated language file
To test your new or updated language file simply restart the application and select the language you added or updated from the language selection drop down menu.

Submitting your translation
Once you have created a new translation or updated an existing translation, feel free to submit it here in the forum. Just create a new thread for your language if it doesn't exist yet and attach your language file to it. If a thread for this particular language already exists, add your updated language file as a reply to the existing thread.

As a little thank you for your effort we are handing out free licenses for all our products to translators. This applies not only to full translations but to updates and corrections of existing translations as well :).

Reporting errors or problems with translations
If you find an error in a particular translation or if you run into any problems, please feel free to post them in the translation's forum thread.

#113760 Is your Antivirus software tracking you?

Posted by Elise on 13 July 2014 - 09:41 AM

What I find interesting is that many security-conscious users do not consider this. Some people do everything to make sure no personal data is being collected by applying the most complicated security settings (both in Windows and third-party applications), but they do not consider even for a moment what their AV might transmit.

On the other hand I find it sad to see that programs that are supposed to protect you, and that are trusted by the ones using (and often paying for) them, in fact collect so much personal data. In my opinion if you commit to protecting a computer you should apply the rules to your own product as well.

Ironically, many PUP products are accused of collecting personal data and they all do their best to convince us that they really don't do this. There are cases where security products actually collect more data than the PUP programs they detect.

#46011 Automatic game/full screen mode...

Posted by Fabian Wosar on 09 March 2012 - 11:24 PM

This feature has already been implemented in the current development version and will be available in the next version :).

#115340 a lot of False positives ?

Posted by Elise on 09 August 2014 - 04:30 PM

Hi G-hot,

All these files are detected as PUP/adware (Application/Adware prefix), this means they're not malicious, but may exhibit possible undesired behavior. For example, offer the installation of third-party toolbars or application during setup. For this reason these are not false-positives and detection will not be changed.

#113704 Is your Antivirus software tracking you?

Posted by stapp on 12 July 2014 - 07:21 AM

Only 2 av's were listed as the most privacy conscious... and Emsisoft was one of them





Emsisoft also comes out looking good. They send a bit more information when you encounter malicious files — for example, they’ll send suspicious executable files to the antivirus company — but they’ll never send a list of websites you visit or your documents over the Internet


#112593 License Key from 2.0.2 won't work in V9

Posted by Fabian Wosar on 25 June 2014 - 09:43 AM

Have a current license for and it is working fine. Downloaded V9 update and copy/pasted the key I received when I purchased V2 but V9 says it is invalid.

It appears you are mixing up Malwarebytes Anti-Malware (current version is and Emsisoft Anti-Malware (current version is Since Malwarebytes and Emsisoft are entirely different companies, the license keys aren't interchangeable. However, if you want I can send you a free 1 year license of our product :).

#111165 SVP FP AGAIN!

Posted by Siketa on 05 June 2014 - 09:11 PM

I'm also a customer, so what?


It seems you don't understand the way things work.

Each new version of unsigned application has to be manually added to AMN.

Emsi team is doing great job (I have bad experience with Comodo) but they can not trace all existing apps in the web!

Like I already recommended you, turn off behavior blocker module while installing known good software and then enable it again after the installation is finished.


It's that easy!

#108153 AV-Comparatives Real-World Protection Test March 2014

Posted by Fabian Wosar on 17 April 2014 - 05:21 PM

Great to see that FPs are decreasing.....

False positives didn't change compared to last year at all actually. We just had a lot of catching up to do. The false positive test set AVC compiled contains files, that even VT hasn't seen yet (which is quite an accomplishment) and that aren't even available online any longer. If you throw a product into that test for the very first time, it is bound to have higher false positives than other products who had the chance to scan earlier revisions of the collection before. That is a fact that AVC itself recognizes and is the reason why the false positive results for our product included a disclaimer.

My question is - why Emsisoft does not participate in these tests

They are simply too expensive and don't reach nearly as many people as AVC does. We may take part in those tests eventually, but in the end it comes down to either take part in this one test that most magazines don't really care about, or hire a new full time employee for a year.

It is no longer so good and colorful.
Whom to believe? Can do your own individual tests and see your scores?
I would recommend it just to do ....

CRDF is unreliable. The way it works is, that they query VT to see if they have seen a file before and if so, get the last scan results.

The problem with that approach is, that malware or files that have never been seen on VT, won't be included in the results, because CRDF does not submit any files to VT. One could argue that those are the most interesting ones as they are more likely to be new malware.

If files have been submitted before, no rescan is issued. That means, the scan results they use for the statistics can potentially be days or even weeks old.

Their sample set also contains a ton of PUPs. I can't talk for other companies, but we specifically asked VirusTotal not to enable the PUP detection. It just saves us a ton of hassle having to deal with PUP companies all day, as most of them just check if their crap is detected on VT. Out of curiosity I downloaded their samples for February and March a few weeks ago (12,756 files in total, 1,270 of which aren't PE EXE files) and just judging by the digital certificates and version info alone at least 6,800 of the remaining 11,486 executable files are PUPs.

We talked to CRDF in the past, to maybe provide some more details in their statistic, but in their opinion these statistics shouldn't be used by anyone, so they have no intention to fix them.

#122456 Do you have plans to develop more emsisoft Products?

Posted by Christian Mairoll on 03 December 2014 - 07:57 PM

The challenge in software industry is to find the best balance between being innovative (trying new, not yet proven things that may become the next big hype) and focusing on the core business and experience. I have to admit we at Emsisoft had times in the past when we thought we need to have a wider product spectrum, but it didn't really pay off as we lost focus on the core products. That's why we now try to concentrate our powers on what we do best: creating the most powerful, yet simplistic and easy to use anti-malware.

#122319 Emsisoft Anti-Malware & Internet Security released.

Posted by Christian Mairoll on 01 December 2014 - 04:09 PM

Emsisoft Anti-Malware & Emsisoft Internet Security released. This is maintenance release for improved usability, speed, detection and stability. 

  • Fixed an occasional Eurekalog crash.
  • Fixed a memory corruption issue.
  • Fixed ‘cannot connect to service’ issue.
  • Fixed a disappeared icon in the notification area.
  • Fixed some issues with scheduled scans.
  • Fixed a permissions/password related issue.
  • Fixed an occasional issue where actions were being denied by the behavior blocker although they were explicitly allowed.
  • Fixed a memory corruption issue in a2cmd.
  • Fixed an issue in Windows Safe mode.
  • Improved signatures download speed during installation.
  • Improved surfprotection notifications and handling.
  • Improved Updating mechanism.
  • Improved Surfprotection for windows XP.
  • Improved icon ‘last update’ information.
  • Improved WSC integration on vista.
  • Improved a2cmd /L parameter parsing and related folder creation.
  • Improved a2cmd /wl and /q parameter parsing.
  • Stability improvements.
  • GUI enhancements.

Emsisoft Internet Security: improved Firewall performance and stability.

View the full article

#120115 MRG Effitas Q2/2014 test

Posted by Siketa on 27 October 2014 - 07:50 AM



Well done, guys!


#118982 Internal EurekaLog bug?

Posted by Fabian Wosar on 06 October 2014 - 04:46 PM

As long as you restart the guard process after it crashed, it shouldn't make a difference.

#118326 Suggestion: Behavior Blocker Icon Color Change

Posted by mattg781 on 21 September 2014 - 05:21 PM

I made an image showing my idea. Hope this helps me explain my opinion better.


- move buttons around where the first one (best option) is more darkly colored (blue...etc) so the eyes gravitate to that button first.



#116438 Malware Infiziert und komme nicht mehr ins Internet

Posted by schrauber on 24 August 2014 - 08:04 PM

Supi, AdwCleaner bitte öffnen und Deinstallieren drücken. FRST samt Logfiles, sowie den Ordner C:\FRST, einfach löschen.

#116276 Introduction ( plan ) for new user ?

Posted by Tempus on 22 August 2014 - 11:58 AM

"Emsisoft" you have just wrote an Blog article named " How to scan and clean a computer with Emsisoft Emergency Kit" Why not write a similar article just named on how to use Emsisoft anti malware version 9. And then place a link, maybe in the installer or in the product, that direct a new user of Emsisoft towards this article. So that they get an easy introduction to the product, on how to scan, answer popups from behavior blocker, Scheduling a scan, and where to go when you have any doubt. Even though the product is very intuitive in its setup, then will an easy introduction of the most important key components for a new user, give them a even better impression of the product,.... I think.  The introduction could also be a link pointing towards a live Emsisoft youtube introduction video for a new user. ( or even a interactive playground, but that is just one of my more crazy ideas/dreams)


Nice weekend to all, =D

#115942 Malware Infiziert und komme nicht mehr ins Internet

Posted by schrauber on 18 August 2014 - 09:17 PM

allday savings (HKLM\...\C13DB9D9-D8B8-4E8F-B4ED-BCFCC8C284E7) (Version: 2.0.1 - allday savings) <==== ATTENTION
LPT System Updater Service (x32 Version: - LPT) Hidden <==== ATTENTION
Search-Results Toolbar (HKLM-x32\...\ilividtoolbargaw) (Version: - APN LLC) <==== ATTENTION
Wajam (HKLM-x32\...\Wajam) (Version: 2.12 (i2.4) - Wajam) <==== ATTENTION
WindowsMangerProtect20.0.0.502 (HKLM-x32\...\WindowsMangerProtect) (Version: - WindowsProtect LIMITED) <==== ATTENTION
Yahoo Community Smartbar (HKLM-x32\...\{6818F6FB-6270-4DE8-9827-40E852111F2A}) (Version: - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU\...\{44cd9a5d-138e-4764-b6f4-1bed50a72405}) (Version: - Linkury Inc.) <==== ATTENTION

Bitte das alles deinstallieren. Vor allem LPT, dann geht auch das Internet wieder.

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche, dann Löschen.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.
Zum Schluss bitte einen frischen Scan mit FRST machen und das Logfile anhängen.

#115910 Request for adding aditional skins to Emsisoft Anti-Malware Version 9

Posted by Fabian Wosar on 18 August 2014 - 04:05 PM

In general we won't add skinning support to EAM or any of our products anytime soon. They are just bloat. We are an AV software, not an MP3 player ;).

#115880 Request for adding aditional skins to Emsisoft Anti-Malware Version 9

Posted by TheGame on 18 August 2014 - 12:47 AM

Hi fellow Emsisoft Anti-Malware Version 9 users!


I have a suggestion about adding a few extra skins to the Emsisoft Anti-Malware Version 9 Program. As of right now, the only choice is a solid white color. The white color isn't bad but at times it can be a bit briight.


I think it would be nice if users have the option to change skins for Emsisoft Anti-Malware Version 9 such as perhaps a Dark Grey Skin, A Black Skin, or perhaps even some other color choices. Even adding the option to perhaps enable transparency in the program would be very nice where you could adjust the transparency of the program with perhaps a slider to determine how transparent you would like the skin to be,


I would really like to see some new skins implemented into EMsisoft Anti-Malware as the bright white just seems kinda plain and bright.


Thank you Emsisoft team for reading my post and I hope you will take my ideas into consideration.


Thank you!


P.S. Please see the attached screenshot if necessary to show how bright the white is, a choice of different skins such as Dark Grey, Black, and maybe a few other skin choies would be very nice in my opinion.

Attached Files

#115607 Emsisoft Anti-Malware released

Posted by Christian Mairoll on 13 August 2014 - 05:15 PM

Emsisoft Anti-Malware released. This is maintenance release for improved usability, speed, detection and stability. 

  • Redesigned setting storage system to avoid occasional data loss.
  • Improved lookup speed of surf protection feature.
  • Improved permissions system to allow only admins to reset factory defaults.
  • Improved guard sync system.
  • Fixed incorrect icon status color on software startup.
  • Fixed a few access violations and other potential crash bugs.
  • Internal code and resources cleanup to slightly reduce file size.
  • Reduced Anti-Malware Network lookup times.
  • Improved updater module for better stability and speed.
  • Improved restart and reboot routines in updater.
  • Added low screen resolution support.
  • Fixed incorrect scan type on scheduled scans.
  • Fixed a bug in host rules edit dialog.
  • Fixed a button focus issue.
  • Fixed a quarantine log issue.
  • Fixed a bug in real-time protection that may cause behavior alerts to be skipped.
  • Fixed a bug in tray icon context menu.
  • Fixed some minor GUI glitches.
  • Internal code optimizations.
  • Enhanced factory reset feature to reset logs and detection counter.
  • Outdated updates now triggers orange mode after 48h.
  • Enlarged click area of guards ON/OFF checkboxes on overview dialog.
  • Improved handling of reboot for software updates.
  • Improved handling of Anti-Malware Network notification popups.
  • Fixed failure of Anti-Malware Network lookups during online updates.
  • Added code to avoid multiple simultaneous starts of Emsisoft Commandline Scanner.
  • Fixed several Emsisoft Commandline Scanner display issues.
  • Fixed surf protection host list search feature.
  • Fixes tray icon guards state issue, visible on system boot, when “protect if no user logged on” is disabled.
  • Fixed several minor GUI issues.
  • General stability improvements.
  • Fixed problem with multiple browser tabs when clicking web URLs.
  • Fixed updater problem that causes occasional hangs.


View the full article

#113756 IDS, Behavior blocker, Heuristic, what is the difference?

Posted by Elise on 13 July 2014 - 08:47 AM

Hi Legend,
You bring up a good question, but unfortunately there isn't one answer here. :) That is because a lot of definitions are being used for the same term. See for example also Fabian's explanation here.

Is the IDS a mini behavior blocker that monitor system and network activities, but without user interaction?

For Emsisoft you can just say its about the same thing, just a different term. Behavior blocking or IDS both can have user interaction, its the fact that the program is able to recognize a certain intrusion or behavior that counts, after that its the user or program settings that decide what is actually done with it.

The issue is, IDS implies already something malicious is going on. That is sometimes misleading, because not each alert is generated by malware. Behavior blocking covers it better IMO, because it suggests it is behavior that causes an alert, which doesn't necessarily mean this behavior is also malicious (and here community based input plays a role, in Emsisoft products you usually will see that plain malware will be auto-blocked by community input (90% of the users blocked it, so EAM will block it) while questionable or even legitimate programs will respectively prompt for action or be automatically allowed. That system isn't 100% fail safe, but will help quite a bit reducing alerts.

Advanced heuristics is really a very general term as well. In most cases (as explained also in the post I linked you to above) it implies some sort of emulation is going on. That sounds quite good, but malware can also protect itself against this type o emulation (and refuse to be executed when it detects emulation for example).

And is a behaviour blocker like the one we have in Emsisoft, a more static blocker ( static block = without Heuristics detection) that will stop a program if it perform a specific action, that is defined by a set of rules, predefined by the coder/ developer.

Yes, EAM does not use emulation.

Again, this is really a generalization, each security program may have their own definitions of these terms and/or use this in their own way. EAM's behavior blocker works quite well as you can also see by observing for example AVC's real world protection tests. In EAM9 some additional functionality has been added (static is nice, but that doesn't mean we're not continuously working to find new ways to block malware as early as possible :)).
I hope this answers your questions (and didn't cause more confusion).