- Emsisoft Support Forums
- → Most Liked Content
Most Liked Content
Posted by Elise on 13 July 2014 - 09:41 AM
On the other hand I find it sad to see that programs that are supposed to protect you, and that are trusted by the ones using (and often paying for) them, in fact collect so much personal data. In my opinion if you commit to protecting a computer you should apply the rules to your own product as well.
Ironically, many PUP products are accused of collecting personal data and they all do their best to convince us that they really don't do this. There are cases where security products actually collect more data than the PUP programs they detect.
Posted by Fabian Wosar on 27 September 2012 - 07:26 PM
We maintain the English as well as the German translation ourselves, so we can guarantee that those files are always up to date and they therefore should be used to base new translations upon. To make sure that you have the latest languages files please run the online update before you start your translation.
The language files adhere to the Windows INI file standard and in general are made up of the following parts:
Sections are enclosed in square brackets and are used to seperate various areas within the language files. Sections must not be translated.
Comments always start with two forward slashes. They are completely ignored by the application and can be used to keep notes. Translation of comments is completely optional.
Note that all lately modified lines in en-us.lng are copied and commented too. They are just for reference to track modifications on the original file.
The actual language strings are contained within the language file as key value pairs. The key part (which is the part before the equal sign) is used by the application to identify where the string is used and therefore must not be translated. The value part (everything after the equal sign) is the actual text displayed by the application and therefore must be translated.
- Keep in mind that Language files are plain text files. So if you want to edit a file make sure you do so with a plain text editor like Notepad. Text processing software like Microsoft Word or Works will not work.
The first step in creating a new translation is to make a copy of the language file you want to base it upon (either "en-us.lng" or "de-de.lng"). The copy should use the ISO language code as a file name. If you want to translate the product into Dutch for example it should be named "nl-nl.lng". Keep in mind that while Emsisoft Anti-Malware is running you are unable to change any of the installation directory's content. To create the copy in the Languages directory and edit it you will have to close Emsisoft Anti-Malware first or alternatively disable the self protection in the Configuration section.
At the top of the file you will find a special section called "LanguageInfo". This section contains various information used by the application to determine how to parse and display the language file. The section contains the following values:
The product version number this translation is based upon. Keep in mind that this is always the Emsisoft Anti-Malware version number, as Emsisoft Emergency Kit is a stripped down Emsisoft Anti-Malware version.
The English name of the language this language file contains.
The native name of the language.
The name of the author of this file. This should be your name if you create a new translation.
The email address of the author. This should be your email address if you create a new translation.
The date when this file was last edited. Make sure to update this value whenever you change the file.
[languageinfo] version=184.108.40.206 language=German languagelocal=Deutsch author=Emsisoft GmbH firstname.lastname@example.org date=2012-09-26Once you have adjusted the LanguageInfo section of your new language file, you can start translating the other sections.
Updating an existing language file
Language files do change whenever new user interface controls or features are implemented. In these cases it is not necessary to translate the entire language file again. Instead you can just add the new values to an existing language file. To facilitate this process we have added an overview that shows you which languages aren't up-to-date and exactly which strings need translation:
Simply click on the language to see which strings are missing. The format of the returned strings is "[section] valuename=string". We recommend that you make translation updates on a copy of the file. This is to prevent the online update from overwriting your changes on the next update. You also might find the tool WinMerge very useful to highlight added and removed lines.
Testing your new or updated language file
To test your new or updated language file simply restart the application and select the language you added or updated from the language selection drop down menu.
Submitting your translation
Once you have created a new translation or updated an existing translation, feel free to submit it here in the forum. Just create a new thread for your language if it doesn't exist yet and attach your language file to it. If a thread for this particular language already exists, add your updated language file as a reply to the existing thread.
As a little thank you for your effort we are handing out free licenses for all our products to translators. This applies not only to full translations but to updates and corrections of existing translations as well .
Reporting errors or problems with translations
If you find an error in a particular translation or if you run into any problems, please feel free to post them in the translation's forum thread.
Posted by Elise on 09 August 2014 - 04:30 PM
All these files are detected as PUP/adware (Application/Adware prefix), this means they're not malicious, but may exhibit possible undesired behavior. For example, offer the installation of third-party toolbars or application during setup. For this reason these are not false-positives and detection will not be changed.
Posted by stapp on 12 July 2014 - 07:21 AM
Only 2 av's were listed as the most privacy conscious... and Emsisoft was one of them
Emsisoft also comes out looking good. They send a bit more information when you encounter malicious files — for example, they’ll send suspicious executable files to the antivirus company — but they’ll never send a list of websites you visit or your documents over the Internet
Posted by Fabian Wosar on 25 June 2014 - 09:43 AM
It appears you are mixing up Malwarebytes Anti-Malware (current version is 220.127.116.112) and Emsisoft Anti-Malware (current version is 18.104.22.16842). Since Malwarebytes and Emsisoft are entirely different companies, the license keys aren't interchangeable. However, if you want I can send you a free 1 year license of our product .
Have a current license for 22.214.171.1242 and it is working fine. Downloaded V9 update and copy/pasted the key I received when I purchased V2 but V9 says it is invalid.
Posted by Siketa on 05 June 2014 - 09:11 PM
I'm also a customer, so what?
It seems you don't understand the way things work.
Each new version of unsigned application has to be manually added to AMN.
Emsi team is doing great job (I have bad experience with Comodo) but they can not trace all existing apps in the web!
Like I already recommended you, turn off behavior blocker module while installing known good software and then enable it again after the installation is finished.
It's that easy!
Posted by Fabian Wosar on 17 April 2014 - 05:21 PM
False positives didn't change compared to last year at all actually. We just had a lot of catching up to do. The false positive test set AVC compiled contains files, that even VT hasn't seen yet (which is quite an accomplishment) and that aren't even available online any longer. If you throw a product into that test for the very first time, it is bound to have higher false positives than other products who had the chance to scan earlier revisions of the collection before. That is a fact that AVC itself recognizes and is the reason why the false positive results for our product included a disclaimer.
Great to see that FPs are decreasing.....
They are simply too expensive and don't reach nearly as many people as AVC does. We may take part in those tests eventually, but in the end it comes down to either take part in this one test that most magazines don't really care about, or hire a new full time employee for a year.
My question is - why Emsisoft does not participate in these tests
CRDF is unreliable. The way it works is, that they query VT to see if they have seen a file before and if so, get the last scan results.
It is no longer so good and colorful.
Whom to believe? Can do your own individual tests and see your scores?
I would recommend it just to do ....
The problem with that approach is, that malware or files that have never been seen on VT, won't be included in the results, because CRDF does not submit any files to VT. One could argue that those are the most interesting ones as they are more likely to be new malware.
If files have been submitted before, no rescan is issued. That means, the scan results they use for the statistics can potentially be days or even weeks old.
Their sample set also contains a ton of PUPs. I can't talk for other companies, but we specifically asked VirusTotal not to enable the PUP detection. It just saves us a ton of hassle having to deal with PUP companies all day, as most of them just check if their crap is detected on VT. Out of curiosity I downloaded their samples for February and March a few weeks ago (12,756 files in total, 1,270 of which aren't PE EXE files) and just judging by the digital certificates and version info alone at least 6,800 of the remaining 11,486 executable files are PUPs.
We talked to CRDF in the past, to maybe provide some more details in their statistic, but in their opinion these statistics shouldn't be used by anyone, so they have no intention to fix them.
Posted by Роман on 09 July 2013 - 01:38 PM
Здравствуйте! Всем известно, что данный продукт не умеет лечить.. А ставиться на чистую систему, для того, чтобы предотвратить её заражение. И с этой задачей продукт справляется на все 100%. Очень жаль, что Вы разочаровались в данном продукте.. Однако по своей архитектуре, по качеству обнаружения новых угроз и т.д этот продукт занимает нишу одного из лучших вендоров! За все время использования Эмсика, а это уже более 3х лет, я ни разу не пожалел о его приобретении. Верьте в себя и в свой антивирусный продукт! Всего Вам хорошего!
Posted by Fabian Wosar on 29 August 2012 - 10:46 AM
This isn't really an issue in our case as we only use the Bitdefender scan engine and signatures and added all our improvements like anti-rootkit technology, behavior blocking, the Emsisoft scan engine etc. on top of it. So even if malware authors patch Bitdefender detections, it doesn't mean one of our other detection layers won't catch it.
I am not happy to see yet another company using Bitdefender, get´s easier for virus writer out there to bypass more and more products as so many are using Bitdefender.
To get an idea on how efficient our added technology actually is just take a look here:
Posted by 0strodamus on 20 August 2012 - 02:29 AM
Posted by Lynx on 15 November 2009 - 03:21 AM
First, instead of just shutting down whole Guard try separately disabling “onExecution Scan” scan only and then “Malware-IDS” only.
The reason for testing “onExecution” being disabled, despite that is a long shot:
In the past there were reports that opening large media files of certain type by double-clicking will cause scanning the media too with substantial delay.
But when I asked the user to test invoking the the Player 1st and after that opening the media file - that worked perfectly fast.
You answered already that “opening from inside” doesn't help. Still please test disabling “onExecution”.
Nobody insisting on deeper investigation, that's your choice but “cutting off net connection” is not all. That may not be the case, but if you are testing that - there are ways to check whether there still are attempts to “connect” if suspected...
Just out curiosity for testing you may try different free notepad.
Set association with .TXT and observe its behaviour
Here is one of the lists of Notepad Alternatives
Those have many additional features, most of them, if not all are multi-document.
You may not need all that, but that's just for testing or use it if that's working fine & fast.
You always can go back when & if the cause of the main problem was found.
Notepad ++ can be installed as Portable Application, so you don't mess with the Registry (just delete the folder later and that's all)
That's interesting and innovative method to solve “small problem” by getting new laptop and OS (we all should try that )
Just a reminder.
Since I mentioned temporary shutting down ThreadFire (TF) in order to test – if you will uninstall A-M from old PC in order to reinstall on a new system, you can save/leave TF, otherwise I would suggest not using it alongside with A-M.
P.S. 1) after having the morning coffee I looked back to the image you provided.
It is not the best quality, but most importantly that is the overall view
What was asked to look at is – drill deeper into Applications, etc. and see whether there are events at the time of running Notepad.
2) I had no time yet to find your uncle
Posted by Fabian Wosar on 12 June 2014 - 03:37 PM
The Emsisoft Anti-Malware Network is essentially a cloud backend we developed to help our products do autonomous decisions. It's essentially a huge feed aggregator, combining various large information feeds we have access to and makes those information available to the client software. While it doesn't do any behavior analysis itself, it can use the behavior information collected by EAM as well as Online Armor to come up with a decision.
Posted by Tempus on 13 May 2014 - 08:02 AM
Hey Emsisoft , ...today I have a suggestion and a question (ooh nooo.. )
It's probably too late for my suggestion?, for a new feature. But maybe you / Emsisoft would consider it for future releases of version 9.x ? I work a lot with Adobe's software, ( and game a lot when I find the time), and most of the time in fullscreen mode. So therefore I would like, or wish , Emsisoft to detect when full screen mode is used, and shift automatically to Gamemode, and exit it again, when user is leaving fullscreen. Quite often, I find that I have set Emsisoft anti malware in Gamemode for days. Because there's so many interruptions in the daily workflow . So for me it would be a great help if such a feature were implemented in EAM.
- Will this suggestion, which is from a good constructive thread I had, be incorporated in version 9? Please see this thread. Game mode, post 6 and 7.
Posted by Arief Prabowo on 12 May 2014 - 05:52 AM
Many thanks for reporting this, I will look into it.
However, this is a common behavior and not a real false positive. As you can see on your VT report, we don't detect this file as malware. The alert was generated by our Behavior Blocker. Behavior Blocker will generate alerts for specific actions that can be associate with malicious activity, but it does not always necessarily mean that the program is malware, user can always click Allow so the application can continue the process or even exclude it from protection if they sure the application is legit and safe.
You can also activate the Anti-Malware Network and community based alert reduction to help you to decide it. If there is enough data about that program, it will give you suggestion whether to allow or block it based on community database.