Jump to content

Most Liked Content

#113760 Is your Antivirus software tracking you?

Posted by Elise on 13 July 2014 - 09:41 AM

What I find interesting is that many security-conscious users do not consider this. Some people do everything to make sure no personal data is being collected by applying the most complicated security settings (both in Windows and third-party applications), but they do not consider even for a moment what their AV might transmit.

On the other hand I find it sad to see that programs that are supposed to protect you, and that are trusted by the ones using (and often paying for) them, in fact collect so much personal data. In my opinion if you commit to protecting a computer you should apply the rules to your own product as well.

Ironically, many PUP products are accused of collecting personal data and they all do their best to convince us that they really don't do this. There are cases where security products actually collect more data than the PUP programs they detect.

#59026 How to translate Emsisoft Anti-Malware and Emergency Kit into a new language...

Posted by Fabian Wosar on 27 September 2012 - 07:26 PM

Emsisoft Anti-Malware and Emergency Kit use a text file based translation system. Such language files have the extension .LNG and can usually be found in the Languages sub-directory of the installation directory (for example "C:\Program Files\Emsisoft Anti-Malware\Languages\"). Since a lot of strings are shared between the products, all products use the same language files. So there is no need to translate the language files of each product separately.

We maintain the English as well as the German translation ourselves, so we can guarantee that those files are always up to date and they therefore should be used to base new translations upon. To make sure that you have the latest languages files please run the online update before you start your translation.

The language files adhere to the Windows INI file standard and in general are made up of the following parts:
  • [Sections]
    Sections are enclosed in square brackets and are used to seperate various areas within the language files. Sections must not be translated.
  • //Comments
    Comments always start with two forward slashes. They are completely ignored by the application and can be used to keep notes. Translation of comments is completely optional.
    Note that all lately modified lines in en-us.lng are copied and commented too. They are just for reference to track modifications on the original file.
  • Key=Value
    The actual language strings are contained within the language file as key value pairs. The key part (which is the part before the equal sign) is used by the application to identify where the string is used and therefore must not be translated. The value part (everything after the equal sign) is the actual text displayed by the application and therefore must be translated.
  • Keep in mind that Language files are plain text files. So if you want to edit a file make sure you do so with a plain text editor like Notepad. Text processing software like Microsoft Word or Works will not work.
Creating a new translation
The first step in creating a new translation is to make a copy of the language file you want to base it upon (either "en-us.lng" or "de-de.lng"). The copy should use the ISO language code as a file name. If you want to translate the product into Dutch for example it should be named "nl-nl.lng". Keep in mind that while Emsisoft Anti-Malware is running you are unable to change any of the installation directory's content. To create the copy in the Languages directory and edit it you will have to close Emsisoft Anti-Malware first or alternatively disable the self protection in the Configuration section.

At the top of the file you will find a special section called "LanguageInfo". This section contains various information used by the application to determine how to parse and display the language file. The section contains the following values:
  • Version
    The product version number this translation is based upon. Keep in mind that this is always the Emsisoft Anti-Malware version number, as Emsisoft Emergency Kit is a stripped down Emsisoft Anti-Malware version.
  • Language
    The English name of the language this language file contains.
  • LanguageLocal
    The native name of the language.
  • Author
    The name of the author of this file. This should be your name if you create a new translation.
  • Email
    The email address of the author. This should be your email address if you create a new translation.
  • Date
    The date when this file was last edited. Make sure to update this value whenever you change the file.
The LanguageInfo section of the German language file for example looks like this:
author=Emsisoft GmbH
Once you have adjusted the LanguageInfo section of your new language file, you can start translating the other sections.

Updating an existing language file
Language files do change whenever new user interface controls or features are implemented. In these cases it is not necessary to translate the entire language file again. Instead you can just add the new values to an existing language file. To facilitate this process we have added an overview that shows you which languages aren't up-to-date and exactly which strings need translation:

Simply click on the language to see which strings are missing. The format of the returned strings is "[section] valuename=string". We recommend that you make translation updates on a copy of the file. This is to prevent the online update from overwriting your changes on the next update. You also might find the tool WinMerge very useful to highlight added and removed lines.

Testing your new or updated language file
To test your new or updated language file simply restart the application and select the language you added or updated from the language selection drop down menu.

Submitting your translation
Once you have created a new translation or updated an existing translation, feel free to submit it here in the forum. Just create a new thread for your language if it doesn't exist yet and attach your language file to it. If a thread for this particular language already exists, add your updated language file as a reply to the existing thread.

As a little thank you for your effort we are handing out free licenses for all our products to translators. This applies not only to full translations but to updates and corrections of existing translations as well :).

Reporting errors or problems with translations
If you find an error in a particular translation or if you run into any problems, please feel free to post them in the translation's forum thread.

#46011 Automatic game/full screen mode...

Posted by Fabian Wosar on 09 March 2012 - 11:24 PM

This feature has already been implemented in the current development version and will be available in the next version :).

#115340 a lot of False positives ?

Posted by Elise on 09 August 2014 - 04:30 PM

Hi G-hot,

All these files are detected as PUP/adware (Application/Adware prefix), this means they're not malicious, but may exhibit possible undesired behavior. For example, offer the installation of third-party toolbars or application during setup. For this reason these are not false-positives and detection will not be changed.

#113704 Is your Antivirus software tracking you?

Posted by stapp on 12 July 2014 - 07:21 AM

Only 2 av's were listed as the most privacy conscious... and Emsisoft was one of them





Emsisoft also comes out looking good. They send a bit more information when you encounter malicious files — for example, they’ll send suspicious executable files to the antivirus company — but they’ll never send a list of websites you visit or your documents over the Internet


#112593 License Key from 2.0.2 won't work in V9

Posted by Fabian Wosar on 25 June 2014 - 09:43 AM

Have a current license for and it is working fine. Downloaded V9 update and copy/pasted the key I received when I purchased V2 but V9 says it is invalid.

It appears you are mixing up Malwarebytes Anti-Malware (current version is and Emsisoft Anti-Malware (current version is Since Malwarebytes and Emsisoft are entirely different companies, the license keys aren't interchangeable. However, if you want I can send you a free 1 year license of our product :).

#111165 SVP FP AGAIN!

Posted by Siketa on 05 June 2014 - 09:11 PM

I'm also a customer, so what?


It seems you don't understand the way things work.

Each new version of unsigned application has to be manually added to AMN.

Emsi team is doing great job (I have bad experience with Comodo) but they can not trace all existing apps in the web!

Like I already recommended you, turn off behavior blocker module while installing known good software and then enable it again after the installation is finished.


It's that easy!

#108153 AV-Comparatives Real-World Protection Test March 2014

Posted by Fabian Wosar on 17 April 2014 - 05:21 PM

Great to see that FPs are decreasing.....

False positives didn't change compared to last year at all actually. We just had a lot of catching up to do. The false positive test set AVC compiled contains files, that even VT hasn't seen yet (which is quite an accomplishment) and that aren't even available online any longer. If you throw a product into that test for the very first time, it is bound to have higher false positives than other products who had the chance to scan earlier revisions of the collection before. That is a fact that AVC itself recognizes and is the reason why the false positive results for our product included a disclaimer.

My question is - why Emsisoft does not participate in these tests

They are simply too expensive and don't reach nearly as many people as AVC does. We may take part in those tests eventually, but in the end it comes down to either take part in this one test that most magazines don't really care about, or hire a new full time employee for a year.

It is no longer so good and colorful.
Whom to believe? Can do your own individual tests and see your scores?
I would recommend it just to do ....

CRDF is unreliable. The way it works is, that they query VT to see if they have seen a file before and if so, get the last scan results.

The problem with that approach is, that malware or files that have never been seen on VT, won't be included in the results, because CRDF does not submit any files to VT. One could argue that those are the most interesting ones as they are more likely to be new malware.

If files have been submitted before, no rescan is issued. That means, the scan results they use for the statistics can potentially be days or even weeks old.

Their sample set also contains a ton of PUPs. I can't talk for other companies, but we specifically asked VirusTotal not to enable the PUP detection. It just saves us a ton of hassle having to deal with PUP companies all day, as most of them just check if their crap is detected on VT. Out of curiosity I downloaded their samples for February and March a few weeks ago (12,756 files in total, 1,270 of which aren't PE EXE files) and just judging by the digital certificates and version info alone at least 6,800 of the remaining 11,486 executable files are PUPs.

We talked to CRDF in the past, to maybe provide some more details in their statistic, but in their opinion these statistics shouldn't be used by anyone, so they have no intention to fix them.

#80951 Кнопка "Лечить"?.. Не, не слышал!

Posted by Роман on 09 July 2013 - 01:38 PM

Здравствуйте! Всем известно, что данный продукт не умеет лечить.. А ставиться на чистую систему, для того, чтобы предотвратить её заражение. И с этой задачей продукт справляется на все 100%. Очень жаль, что Вы разочаровались в данном продукте.. Однако по своей архитектуре, по качеству обнаружения новых угроз и т.д этот продукт занимает нишу одного из лучших вендоров! За все время использования Эмсика, а это уже более 3х лет, я ни разу не пожалел о его приобретении. Верьте в себя и в свой антивирусный продукт! Всего Вам хорошего!

#56853 EAM v7 Beta new engine

Posted by Fabian Wosar on 29 August 2012 - 10:46 AM

I am not happy to see yet another company using Bitdefender, get´s easier for virus writer out there to bypass more and more products as so many are using Bitdefender.

This isn't really an issue in our case as we only use the Bitdefender scan engine and signatures and added all our improvements like anti-rootkit technology, behavior blocking, the Emsisoft scan engine etc. on top of it. So even if malware authors patch Bitdefender detections, it doesn't mean one of our other detection layers won't catch it.

To get an idea on how efficient our added technology actually is just take a look here:
Posted Image

#56090 Thanks

Posted by 0strodamus on 20 August 2012 - 02:29 AM

I just wanted to post a thank you to the entire Emsisoft crew for making Anti-Malware compatible with Malware Defender. I tried using version 5 over 2 years ago and couldn't get the two to play nice together. This weekend, I thought I would give it another go and I am excited that I have not had a single issue so far. I purchased a license last year during a special in the hope that I would someday be able to run these two excellent security products together. I am thrilled that I am now able to. You guys are killing the tests at MRG, I am impressed by the posts made here and at Wilders by Christian, Fabian, and the rest of the team, and will be sure to recommend this excellent program to all of my friends and family. I know you guys deal with a lot of headaches on a daily basis and I just wanted to tell you to keep up the good work you're doing because it is appreciated.

#44353 Rootkit Trojan Can't be Automatically Removed

Posted by tckqbq on 14 February 2012 - 08:15 PM

Here are the reports.

Also, received error report that C:\$mft is corrupt

#3093 a-squared Anti-Malware + txt file behaviour

Posted by Lynx on 15 November 2009 - 03:21 AM

Good morning, korben

First, instead of just shutting down whole Guard try separately disabling “onExecution Scan” scan only and then “Malware-IDS” only.

The reason for testing “onExecution” being disabled, despite that is a long shot:
In the past there were reports that opening large media files of certain type by double-clicking will cause scanning the media too with substantial delay.
But when I asked the user to test invoking the the Player 1st and after that opening the media file - that worked perfectly fast.
You answered already that “opening from inside” doesn't help. Still please test disabling “onExecution”.


Nobody insisting on deeper investigation, that's your choice but “cutting off net connection” is not all. That may not be the case, but if you are testing that - there are ways to check whether there still are attempts to “connect” if suspected...

Just out curiosity for testing you may try different free notepad.
Set association with .TXT and observe its behaviour

Here is one of the lists of Notepad Alternatives
Those have many additional features, most of them, if not all are multi-document.
You may not need all that, but that's just for testing or use it if that's working fine & fast.
You always can go back when & if the cause of the main problem was found.
Notepad ++ can be installed as Portable Application, so you don't mess with the Registry (just delete the folder later and that's all)

That's interesting and innovative method to solve “small problem” by getting new laptop and OS (we all should try that :) )

Just a reminder.
Since I mentioned temporary shutting down ThreadFire (TF) in order to test – if you will uninstall A-M from old PC in order to reinstall on a new system, you can save/leave TF, otherwise I would suggest not using it alongside with A-M.


P.S. 1) after having the morning coffee I looked back to the image you provided.
It is not the best quality, but most importantly that is the overall view
What was asked to look at is – drill deeper into Applications, etc. and see whether there are events at the time of running Notepad.

2) I had no time yet to find your uncle :D

#118982 Internal EurekaLog bug?

Posted by Fabian Wosar on 06 October 2014 - 04:46 PM

As long as you restart the guard process after it crashed, it shouldn't make a difference.

#115910 Request for adding aditional skins to Emsisoft Anti-Malware Version 9

Posted by Fabian Wosar on 18 August 2014 - 04:05 PM

In general we won't add skinning support to EAM or any of our products anytime soon. They are just bloat. We are an AV software, not an MP3 player ;).

#111648 Anti-Malware network

Posted by Fabian Wosar on 12 June 2014 - 03:37 PM

The Emsisoft Anti-Malware Network is essentially a cloud backend we developed to help our products do autonomous decisions. It's essentially a huge feed aggregator, combining various large information feeds we have access to and makes those information available to the client software. While it doesn't do any behavior analysis itself, it can use the behavior information collected by EAM as well as Online Armor to come up with a decision.

#110267 Please whitelist 3DMark

Posted by Elise on 22 May 2014 - 05:49 PM

I just verified this, yes it has been whitelisted. :) Please note that it can take a few hours before this change takes effect via the anti-malware network.

#109685 Game mode in version 9..

Posted by Tempus on 13 May 2014 - 08:02 AM

Hey Emsisoft , ...today I have a suggestion and a question (ooh nooo.. :D )


  1. It's probably too late for my suggestion?, for a new feature. But maybe you / Emsisoft would consider it for future releases of version 9.x ? I work a lot with Adobe's software, ( and game a lot when I find the time), and most of the time in fullscreen mode. So therefore I would like, or wish , Emsisoft to detect when full screen mode is used, and shift automatically to Gamemode, and exit it again, when user is leaving fullscreen. Quite often, I find that I have set Emsisoft anti malware in Gamemode for days. Because there's so many interruptions in the daily workflow . So for me it would be a great help if such a feature were implemented in EAM.

  2. Will this suggestion, which is from a good constructive thread I had, be incorporated in version 9? Please see this thread.  Game mode, post 6 and 7.




#109597 Cannot install Private Internet Access

Posted by Arief Prabowo on 12 May 2014 - 05:52 AM

Many thanks for reporting this, I will look into it.

However, this is a common behavior and not a real false positive. As you can see on your VT report, we don't detect this file as malware. The alert was generated by our Behavior Blocker. Behavior Blocker will generate alerts for specific actions that can be associate with malicious activity, but it does not always necessarily mean that the program is malware, user can always click Allow so the application can continue the process or even exclude it from protection if they sure the application is legit and safe.

You can also activate the Anti-Malware Network and community based alert reduction to help you to decide it. If there is enough data about that program, it will give you suggestion whether to allow or block it based on community database.

#107473 False Positives

Posted by Siketa on 11 April 2014 - 12:26 PM

...and download.mobogenie.com