Jump to content

Most Liked Content

#59026 How to translate Emsisoft Anti-Malware and Emergency Kit into a new language...

Posted by Fabian Wosar on 27 September 2012 - 07:26 PM

Emsisoft Anti-Malware and Emergency Kit use a text file based translation system. Such language files have the extension .LNG and can usually be found in the Languages sub-directory of the installation directory (for example "C:\Program Files\Emsisoft Anti-Malware\Languages\"). Since a lot of strings are shared between the products, all products use the same language files. So there is no need to translate the language files of each product separately.

We maintain the English as well as the German translation ourselves, so we can guarantee that those files are always up to date and they therefore should be used to base new translations upon. To make sure that you have the latest languages files please run the online update before you start your translation.

The language files adhere to the Windows INI file standard and in general are made up of the following parts:

  • [Sections]
    Sections are enclosed in square brackets and are used to seperate various areas within the language files. Sections must not be translated.
  • //Comments
    Comments always start with two forward slashes. They are completely ignored by the application and can be used to keep notes. Translation of comments is completely optional.
    Note that all lately modified lines in en-us.lng are copied and commented too. They are just for reference to track modifications on the original file.
  • Key=Value
    The actual language strings are contained within the language file as key value pairs. The key part (which is the part before the equal sign) is used by the application to identify where the string is used and therefore must not be translated. The value part (everything after the equal sign) is the actual text displayed by the application and therefore must be translated.
  • Keep in mind that Language files are plain text files. So if you want to edit a file make sure you do so with a plain text editor like Notepad. Text processing software like Microsoft Word or Works will not work.

Creating a new translation
The first step in creating a new translation is to make a copy of the language file you want to base it upon (either "en-us.lng" or "de-de.lng"). The copy should use the ISO language code as a file name. If you want to translate the product into Dutch for example it should be named "nl-nl.lng". Keep in mind that while Emsisoft Anti-Malware is running you are unable to change any of the installation directory's content. To create the copy in the Languages directory and edit it you will have to close Emsisoft Anti-Malware first or alternatively disable the self protection in the Configuration section.

At the top of the file you will find a special section called "LanguageInfo". This section contains various information used by the application to determine how to parse and display the language file. The section contains the following values:

  • Version
    The product version number this translation is based upon. Keep in mind that this is always the Emsisoft Anti-Malware version number, as Emsisoft Emergency Kit is a stripped down Emsisoft Anti-Malware version.
  • Language
    The English name of the language this language file contains.
  • LanguageLocal
    The native name of the language.
  • Author
    The name of the author of this file. This should be your name if you create a new translation.
  • Email
    The email address of the author. This should be your email address if you create a new translation.
  • Date
    The date when this file was last edited. Make sure to update this value whenever you change the file.

The LanguageInfo section of the German language file for example looks like this:

author=Emsisoft Ltd

Once you have adjusted the LanguageInfo section of your new language file, you can start translating the other sections.

Updating an existing language file
Language files do change whenever new user interface controls or features are implemented. In these cases it is not necessary to translate the entire language file again. Instead you can just add the new values to an existing language file. To facilitate this process we have added an overview that shows you which languages aren't up-to-date and exactly which strings need translation:

Simply click on the language to see which strings are missing. The format of the returned strings is "[section] valuename=string". We recommend that you make translation updates on a copy of the file. This is to prevent the online update from overwriting your changes on the next update. You also might find the tool WinMerge very useful to highlight added and removed lines.

Testing your new or updated language file
To test your new or updated language file simply restart the application and select the language you added or updated from the language selection drop down menu.

Submitting your translation
Once you have created a new translation or updated an existing translation, feel free to submit it here in the forum. Just create a new thread for your language if it doesn't exist yet and attach your language file to it. If a thread for this particular language already exists, add your updated language file as a reply to the existing thread.

As a little thank you for your effort we are handing out free licenses for all our products to translators. This applies not only to full translations but to updates and corrections of existing translations as well :).

Reporting errors or problems with translations
If you find an error in a particular translation or if you run into any problems, please feel free to post them in the translation's forum thread.

#136485 Internet Security & Windows 10

Posted by GT500 on 05 August 2015 - 04:45 AM

Official word is, "yes". We will give free license extensions to anyone who upgraded to Windows 10 and was unable to use the firewall.

Once the issue has been resolved, please either submit a support ticket in our helpdesk system, or send a Private Message on the forums to me (English Support) or Thomas Ott (English/German Sales). Be sure to mention that you would like to have your license extended due to the Windows 10 issues and include in your message any license keys that were in use on a computer with Windows 10. Feel free to link to this forum post if you would like to.

#113760 Is your Antivirus software tracking you?

Posted by Elise on 13 July 2014 - 09:41 AM

What I find interesting is that many security-conscious users do not consider this. Some people do everything to make sure no personal data is being collected by applying the most complicated security settings (both in Windows and third-party applications), but they do not consider even for a moment what their AV might transmit.

On the other hand I find it sad to see that programs that are supposed to protect you, and that are trusted by the ones using (and often paying for) them, in fact collect so much personal data. In my opinion if you commit to protecting a computer you should apply the rules to your own product as well.

Ironically, many PUP products are accused of collecting personal data and they all do their best to convince us that they really don't do this. There are cases where security products actually collect more data than the PUP programs they detect.

#48817 ¥akuza112's malware submissions

Posted by ¥akuza112 on 28 April 2012 - 02:11 AM

Java Drive by .jar file

Posted Image

File Info

Report date: 2012-04-28 03:03:39 (GMT 1)
File name: signedcryptosuite-jar
File size: 20878 bytes
MD5 Hash: 1b52adfc6ef974be633b3ce82bb35af7
SHA1 Hash: e0123af7329e12c7172dafc2bee83bee7614313f
Detection rate: 0 on 14 (0%)
Status: CLEAN


Asquared -
Avast -
Avira -
BitDefender -
ClamAV -
Comodo -
DrWeb -
Fprot -
IkarusT3 -
Panda -
STOPZilla -
TrendMicro -
VBA32 -

Scan report generated by


#46011 Automatic game/full screen mode...

Posted by Fabian Wosar on 09 March 2012 - 11:24 PM

This feature has already been implemented in the current development version and will be available in the next version :).

#128888 Emsisoft Online Armor support roadmap

Posted by Christian Mairoll on 31 March 2015 - 09:49 PM

The Emsisoft Online Armor product has been an integral part of our product portfolio for almost five years. It served us and our customers very well in complementing Emsisoft Anti-Malware with a rock solid standalone firewall. Emsisoft Online Armor’s biggest strength has always been its HIPS (Host based Intrusion Protection/Prevention System) components, which are meant to alert any potentially dangerous actions executed by programs on the operating system.

As the internet threat landscape changes over the years, our response to these new challenges needs to adapt as well. Security software needs to be even more powerful, yet less intrusive to avoid any unnecessary annoying alerts. That’s why we at Emsisoft believe that a smart Behavior Blocker, as incorporated in Emsisoft Anti-Malware and Emsisoft Internet Security, that watches the system as a whole, is significantly better than a HIPS, which sees each action on the system individually and therefore always causes much more alert popups by design. You can read more about the differences in this article.

For the above reason, we have decided to not spend any more development time on Emsisoft Online Armor, but instead focus on improving the award-winning protection of Emsisoft Anti-Malware and Emsisoft Internet Security, which we are certain have a great future ahead.

Sales end date and support roadmap

As of today, we have stopped selling Emsisoft Online Armor. New license activations will only be possible until the end of May 2015. The official end of technical support will be March 31, 2016. Though, we will still provide updates for critical issues that may be discovered until then. At the moment we can say with certainty that we will not add Windows 10 compatibility, since that requires several major changes to the codebase.

Free upgrade to successor Emsisoft Internet Security!

The official successor product of Emsisoft Online Armor is our recently released Emsisoft Internet Security. We are happy to exchange any actively used license keys of Emsisoft Online Armor to Emsisoft Internet Security for free. Please contact our support team for an individual swap offer. If the available upgrade options don’t satisfy you for any reason, we’ll of course offer a proportionate refund for the amount paid.

We would like to thank all users for their loyalty and their support over the past years with Emsisoft Online Armor and are looking forward to a malware-free future!

View the full article

#115910 Request for adding aditional skins to Emsisoft Anti-Malware Version 9

Posted by Fabian Wosar on 18 August 2014 - 04:05 PM

In general we won't add skinning support to EAM or any of our products anytime soon. They are just bloat. We are an AV software, not an MP3 player ;).

#115340 a lot of False positives ?

Posted by Elise on 09 August 2014 - 04:30 PM

Hi G-hot,

All these files are detected as PUP/adware (Application/Adware prefix), this means they're not malicious, but may exhibit possible undesired behavior. For example, offer the installation of third-party toolbars or application during setup. For this reason these are not false-positives and detection will not be changed.

#113704 Is your Antivirus software tracking you?

Posted by stapp on 12 July 2014 - 07:21 AM

Only 2 av's were listed as the most privacy conscious... and Emsisoft was one of them





Emsisoft also comes out looking good. They send a bit more information when you encounter malicious files — for example, they’ll send suspicious executable files to the antivirus company — but they’ll never send a list of websites you visit or your documents over the Internet


#111165 SVP FP AGAIN!

Posted by Siketa on 05 June 2014 - 09:11 PM

I'm also a customer, so what?


It seems you don't understand the way things work.

Each new version of unsigned application has to be manually added to AMN.

Emsi team is doing great job (I have bad experience with Comodo) but they can not trace all existing apps in the web!

Like I already recommended you, turn off behavior blocker module while installing known good software and then enable it again after the installation is finished.


It's that easy!

#108153 AV-Comparatives Real-World Protection Test March 2014

Posted by Fabian Wosar on 17 April 2014 - 05:21 PM

Great to see that FPs are decreasing.....

False positives didn't change compared to last year at all actually. We just had a lot of catching up to do. The false positive test set AVC compiled contains files, that even VT hasn't seen yet (which is quite an accomplishment) and that aren't even available online any longer. If you throw a product into that test for the very first time, it is bound to have higher false positives than other products who had the chance to scan earlier revisions of the collection before. That is a fact that AVC itself recognizes and is the reason why the false positive results for our product included a disclaimer.

My question is - why Emsisoft does not participate in these tests

They are simply too expensive and don't reach nearly as many people as AVC does. We may take part in those tests eventually, but in the end it comes down to either take part in this one test that most magazines don't really care about, or hire a new full time employee for a year.

It is no longer so good and colorful.
Whom to believe? Can do your own individual tests and see your scores?
I would recommend it just to do ....

CRDF is unreliable. The way it works is, that they query VT to see if they have seen a file before and if so, get the last scan results.

The problem with that approach is, that malware or files that have never been seen on VT, won't be included in the results, because CRDF does not submit any files to VT. One could argue that those are the most interesting ones as they are more likely to be new malware.

If files have been submitted before, no rescan is issued. That means, the scan results they use for the statistics can potentially be days or even weeks old.

Their sample set also contains a ton of PUPs. I can't talk for other companies, but we specifically asked VirusTotal not to enable the PUP detection. It just saves us a ton of hassle having to deal with PUP companies all day, as most of them just check if their crap is detected on VT. Out of curiosity I downloaded their samples for February and March a few weeks ago (12,756 files in total, 1,270 of which aren't PE EXE files) and just judging by the digital certificates and version info alone at least 6,800 of the remaining 11,486 executable files are PUPs.

We talked to CRDF in the past, to maybe provide some more details in their statistic, but in their opinion these statistics shouldn't be used by anyone, so they have no intention to fix them.

#137157 Kompatibilität von EIS mit anderen AV´s

Posted by Christian Peters on 17 August 2015 - 10:12 PM




Konkret: Könnte EIS in Verbindung mit Avira Free oder Bitdefender Free eingesetzt werden?


Ja das ist kein Problem.


Vermieden werden sollte lediglich zwei Desktopfirewalls parallel zu installieren. Zum Beispiel Emsisoft Internet Security und Bitdefender Internet Security gleichzeitig zu installieren.


Sollten weitere Fragen bestehen kontaktieren Sie uns bitte erneut.

#137046 AV Comparative Phishing websites blocking test result

Posted by Fabian Wosar on 15 August 2015 - 07:30 PM

No, it isn't. Phishing sites usually have a very short half-life time, which clashes with the way the surf protection works. We usually only add phishing sites that are likely to stay up for at least an hour before the teams employed by banks and financial institutions managed to take the websites down. It is something we are looking into to improve in the future though.

#136374 Emsisoft's compatibility with other AVs

Posted by Fabian Wosar on 03 August 2015 - 11:25 AM

The only thing of the things you listed we don't implement because of compatibility concerns is exploit mitigation. In general we have no plans of introducing another "edition" of our products. It will be extremely confusing to all our users and will have a huge detrimental impact on development speed as it means another 2 code bases that have to be kept in sync and maintained.

#136300 boot:cidox-a rootkit detection by Anti-Malware and or EEK

Posted by Elise on 31 July 2015 - 08:11 PM

I don't have any insight in the test-methodology apart from what the article states, but a few observations make me doubt the relevancy of this test:

  •  The test compares a number of different products: antirootkit scanners and anti-malware scanners. This makes no sense to me. TDSSkiller is an excellent Antirootkit scanner in my opinion, but it is a limited tool, you cannot compare this with a anti-malware scanner like EEK or MBAM because its simply a different product.
  •  The tested malware is for the most part very, very old and not seen in the wild anymore, even though the article states 2015 and "in the wild" in the title.

To give a few examples: Alureon/TDL3/4 hasn't been around "in the wild" for at least 3 years (and thats estimating it very loosely)

The article listed is from 2010 (!) http://contagiodump....64-bit.html?m=1

The same goes for ZeroAccess/Max++. The latest usermode version of that rootkit was active in 2013 and after the botnet was taken down for a large part, there has been no re-emergence of this malware. However, its kernelmode version was quite a bit older, this was last seen in 2011.


Sure, its interesting to see how products perform against such rootkits, but how useful is it? Those rootkits were "retired" for a very good reason, they can no longer infected today's OS versions.


Finally, I'm not one to make accusations, but I don't like "sponsored by..." tests. I'm fully willing to believe that Zemana was indeed the best product to remove all these infections, but I just think its not the best strategy for any testing lab to let a sponsor also participate in the tests, just to avoid any possible doubt as to the objectiveness of the test results.

#134523 Emsisoft Anti-Malware & Emsisoft Internet Security released

Posted by Christian Mairoll on 08 July 2015 - 08:19 PM

Emsisoft Anti-Malware & Emsisoft Internet Security released. This is a maintenance release for improved usability, speed, detection and stability.

This update will require a reboot.

  • Improved: Logic for “Update rule” alerts.
  • Improved: File Guard has been enabled for network shares.
  • Improved: Consistency between Offline mode state and the corresponding text on the tray icon menu item.
  • Improved: Skipped Anti Malware Network lookup for trusted processes/files on File properties dialog.
  • Improved: Behavior Blocker panel’s grid filling procedure to avoid occasional hangs on GUI close.
  • Improved: Behavior Blocker panel’s process reputation.
  • Improved: Stability of the scheduler (scan/update).
  • Improved: Scheduled scans with setting “After online update” will only be executed after updates were received.
  • Improved: Synchronization when a scan task is waiting for another task to complete.
  • Improved: Behavior of scheduled scan task “Run now” button.
  • Improved: Scheduled scan When/What tabs: logical combinations of settings.
  • Improved: Stability of GUI termination while a scheduled scan is running.
  • Improved: Updater stability.
  • Improved: Auto-update will now start after 5 mins despite CPU load > 20%.
  • Improved: Automatic updates following a failed automatic update were executed too soon.
  • Improved: “Connection error” notifications will be shown for manual updates only.
  • Improved: License remap logic adjusted to correctly handle the modified Hardware ID caused by the Windows 10 update.
  • Improved: Quarantine file submission dialog.
  • Improved: Reboot notifications when the cleaning engine requires a reboot.
  • Improved: Surf Protection alert caption information.
  • Improved: Firewall stability and performance in Emsisoft Internet Security.
  • Fixed: Issue where some files were not updated during an update.
  • Fixed: Scanning/cleaning issue in Windows safe mode.
  • Fixed: Occasional crash of a2start when a certain malware type was detected during a scan.
  • Fixed: Occasional crash while opening File Properties in the Behavior Blocker panel.
  • Fixed: Issue where automatic updates were executed during Game Mode.
  • Fixed: Issue with the malicious items Quarantine counter on the Overview screen.
  • Fixed: Occasional crash: “Is not a valid integer value”.
  • Fixed: Occasional crash: “List index out of bounds”.
  • Fixed: Issue with double log items.
  • Fixed: Issue in a2cmd when using parameter “/q=Quarantine” or parameter “/la”.
  • Fixed: Issue where scheduled scans appeared as manual scans in the scan logs.
  • Fixed: Text and state of “New/Current Scan” menu item.
  • Fixed: Issue where the same malware file was displayed twice in the scan results list.
  • Fixed: Occasional BSOD in Emsisoft Internet Security.
  • Fixed: Issue where the Emsisoft Internet Security firewall erroneously blocked network traffic.
  • Fixed: Occasional network drops and blocked browsing in Emsisoft Internet Security.
  • Fixed: Refresh/update of the scan tray icon hint during a scan.
  • Fixed: An issue after a fresh installation where the last update was reported as 16618 days ago.
  • Fixed: Registry traces deletion procedure.

View the full article

#133839 False Positive of our url

Posted by Jerky McDilerino on 25 June 2015 - 08:01 AM

Dear Emsisoft employees and moderators

   Please forgive my action, since this thread was not meant to be comment by other members. However, i want to point out that a company called YAC aka Yet Another Cleaner is stealing Malwarebytes database, so is same thing to Iobit product in the past. Therefore, the detection should be something else rather than malware. Here is the link that Malwarebytes complain, https://blog.malware...nother-stealer/. Also, i am against the company that stealing other company idea and put that into their product without any legal copyright or partnership. 

#133823 Malwarebytes acquired Junkware Removal Tool

Posted by Kevin Zoll on 24 June 2015 - 06:42 PM

Comments about Malwarebytes effectiveness do not belong on this forum.

This thread is closed.

#133793 Malwarebytes acquired Junkware Removal Tool

Posted by Peter2150 on 23 June 2015 - 10:33 PM

Malwarebytes is the king that all i have to say. 

 Then why are you here?

#131052 Suggestion regarding EAM/EIS tray icon

Posted by Jim Rockford on 06 May 2015 - 06:55 PM

This is not essential but a suggestion regarding the overall visual appearance of both Emsisoft Anti-Malware and Emsisoft Internet Security.


After looking at the current WinPatrol tray icon I was thinking that changing the Emsisoft icon in the tray in a similar way might be a good idea to make it more fitting to the looks of the GUI and the desktop icon.


What I mean is a square tray icon looking like the desktop icon, changing colour from green, when everything is o.k., to red, when something is wrong (see attached pictures to give you an idea). Plus more colours (like orange if user attention is needed) if necessary.


That way the design of the tray icon would match the design of the GUI and the desktop icon.


Let me know what you think. If you approve perhaps this could already be realised in version 10.

Attached Files