Jump to content

Most Liked Content

#59026 How to translate Emsisoft Anti-Malware and Emergency Kit into a new language...

Posted by Fabian Wosar on 27 September 2012 - 07:26 PM

Emsisoft Anti-Malware and Emergency Kit use a text file based translation system. Such language files have the extension .LNG and can usually be found in the Languages sub-directory of the installation directory (for example "C:\Program Files\Emsisoft Anti-Malware\Languages\"). Since a lot of strings are shared between the products, all products use the same language files. So there is no need to translate the language files of each product separately.

We maintain the English as well as the German translation ourselves, so we can guarantee that those files are always up to date and they therefore should be used to base new translations upon. To make sure that you have the latest languages files please run the online update before you start your translation.

The language files adhere to the Windows INI file standard and in general are made up of the following parts:

  • [Sections]
    Sections are enclosed in square brackets and are used to seperate various areas within the language files. Sections must not be translated.
  • //Comments
    Comments always start with two forward slashes. They are completely ignored by the application and can be used to keep notes. Translation of comments is completely optional.
    Note that all lately modified lines in en-us.lng are copied and commented too. They are just for reference to track modifications on the original file.
  • Key=Value
    The actual language strings are contained within the language file as key value pairs. The key part (which is the part before the equal sign) is used by the application to identify where the string is used and therefore must not be translated. The value part (everything after the equal sign) is the actual text displayed by the application and therefore must be translated.
  • Keep in mind that Language files are plain text files. So if you want to edit a file make sure you do so with a plain text editor like Notepad. Text processing software like Microsoft Word or Works will not work.

Creating a new translation
The first step in creating a new translation is to make a copy of the language file you want to base it upon (either "en-us.lng" or "de-de.lng"). The copy should use the ISO language code as a file name. If you want to translate the product into Dutch for example it should be named "nl-nl.lng". Keep in mind that while Emsisoft Anti-Malware is running you are unable to change any of the installation directory's content. To create the copy in the Languages directory and edit it you will have to close Emsisoft Anti-Malware first or alternatively disable the self protection in the Configuration section.

At the top of the file you will find a special section called "LanguageInfo". This section contains various information used by the application to determine how to parse and display the language file. The section contains the following values:

  • Version
    The product version number this translation is based upon. Keep in mind that this is always the Emsisoft Anti-Malware version number, as Emsisoft Emergency Kit is a stripped down Emsisoft Anti-Malware version.
  • Language
    The English name of the language this language file contains.
  • LanguageLocal
    The native name of the language.
  • Author
    The name of the author of this file. This should be your name if you create a new translation.
  • Email
    The email address of the author. This should be your email address if you create a new translation.
  • Date
    The date when this file was last edited. Make sure to update this value whenever you change the file.

The LanguageInfo section of the German language file for example looks like this:

author=Emsisoft Ltd

Once you have adjusted the LanguageInfo section of your new language file, you can start translating the other sections.

Updating an existing language file
Language files do change whenever new user interface controls or features are implemented. In these cases it is not necessary to translate the entire language file again. Instead you can just add the new values to an existing language file. To facilitate this process we have added an overview that shows you which languages aren't up-to-date and exactly which strings need translation:

Simply click on the language to see which strings are missing. The format of the returned strings is "[section] valuename=string". We recommend that you make translation updates on a copy of the file. This is to prevent the online update from overwriting your changes on the next update. You also might find the tool WinMerge very useful to highlight added and removed lines.

Testing your new or updated language file
To test your new or updated language file simply restart the application and select the language you added or updated from the language selection drop down menu.

Submitting your translation
Once you have created a new translation or updated an existing translation, feel free to submit it here in the forum. Just create a new thread for your language if it doesn't exist yet and attach your language file to it. If a thread for this particular language already exists, add your updated language file as a reply to the existing thread.

As a little thank you for your effort we are handing out free licenses for all our products to translators. This applies not only to full translations but to updates and corrections of existing translations as well :).

Reporting errors or problems with translations
If you find an error in a particular translation or if you run into any problems, please feel free to post them in the translation's forum thread.

#113760 Is your Antivirus software tracking you?

Posted by Elise on 13 July 2014 - 09:41 AM

What I find interesting is that many security-conscious users do not consider this. Some people do everything to make sure no personal data is being collected by applying the most complicated security settings (both in Windows and third-party applications), but they do not consider even for a moment what their AV might transmit.

On the other hand I find it sad to see that programs that are supposed to protect you, and that are trusted by the ones using (and often paying for) them, in fact collect so much personal data. In my opinion if you commit to protecting a computer you should apply the rules to your own product as well.

Ironically, many PUP products are accused of collecting personal data and they all do their best to convince us that they really don't do this. There are cases where security products actually collect more data than the PUP programs they detect.

#48817 ¥akuza112's malware submissions

Posted by ¥akuza112 on 28 April 2012 - 02:11 AM

Java Drive by .jar file

Posted Image

File Info

Report date: 2012-04-28 03:03:39 (GMT 1)
File name: signedcryptosuite-jar
File size: 20878 bytes
MD5 Hash: 1b52adfc6ef974be633b3ce82bb35af7
SHA1 Hash: e0123af7329e12c7172dafc2bee83bee7614313f
Detection rate: 0 on 14 (0%)
Status: CLEAN


Asquared -
Avast -
Avira -
BitDefender -
ClamAV -
Comodo -
DrWeb -
Fprot -
IkarusT3 -
Panda -
STOPZilla -
TrendMicro -
VBA32 -

Scan report generated by


#46011 Automatic game/full screen mode...

Posted by Fabian Wosar on 09 March 2012 - 11:24 PM

This feature has already been implemented in the current development version and will be available in the next version :).

#128888 Emsisoft Online Armor support roadmap

Posted by Christian Mairoll on 31 March 2015 - 09:49 PM

The Emsisoft Online Armor product has been an integral part of our product portfolio for almost five years. It served us and our customers very well in complementing Emsisoft Anti-Malware with a rock solid standalone firewall. Emsisoft Online Armor’s biggest strength has always been its HIPS (Host based Intrusion Protection/Prevention System) components, which are meant to alert any potentially dangerous actions executed by programs on the operating system.

As the internet threat landscape changes over the years, our response to these new challenges needs to adapt as well. Security software needs to be even more powerful, yet less intrusive to avoid any unnecessary annoying alerts. That’s why we at Emsisoft believe that a smart Behavior Blocker, as incorporated in Emsisoft Anti-Malware and Emsisoft Internet Security, that watches the system as a whole, is significantly better than a HIPS, which sees each action on the system individually and therefore always causes much more alert popups by design. You can read more about the differences in this article.

For the above reason, we have decided to not spend any more development time on Emsisoft Online Armor, but instead focus on improving the award-winning protection of Emsisoft Anti-Malware and Emsisoft Internet Security, which we are certain have a great future ahead.

Sales end date and support roadmap

As of today, we have stopped selling Emsisoft Online Armor. New license activations will only be possible until the end of May 2015. The official end of technical support will be March 31, 2016. Though, we will still provide updates for critical issues that may be discovered until then. At the moment we can say with certainty that we will not add Windows 10 compatibility, since that requires several major changes to the codebase.

Free upgrade to successor Emsisoft Internet Security!

The official successor product of Emsisoft Online Armor is our recently released Emsisoft Internet Security. We are happy to exchange any actively used license keys of Emsisoft Online Armor to Emsisoft Internet Security for free. Please contact our support team for an individual swap offer. If the available upgrade options don’t satisfy you for any reason, we’ll of course offer a proportionate refund for the amount paid.

We would like to thank all users for their loyalty and their support over the past years with Emsisoft Online Armor and are looking forward to a malware-free future!

View the full article

#115340 a lot of False positives ?

Posted by Elise on 09 August 2014 - 04:30 PM

Hi G-hot,

All these files are detected as PUP/adware (Application/Adware prefix), this means they're not malicious, but may exhibit possible undesired behavior. For example, offer the installation of third-party toolbars or application during setup. For this reason these are not false-positives and detection will not be changed.

#113704 Is your Antivirus software tracking you?

Posted by stapp on 12 July 2014 - 07:21 AM

Only 2 av's were listed as the most privacy conscious... and Emsisoft was one of them





Emsisoft also comes out looking good. They send a bit more information when you encounter malicious files — for example, they’ll send suspicious executable files to the antivirus company — but they’ll never send a list of websites you visit or your documents over the Internet


#111165 SVP FP AGAIN!

Posted by Siketa on 05 June 2014 - 09:11 PM

I'm also a customer, so what?


It seems you don't understand the way things work.

Each new version of unsigned application has to be manually added to AMN.

Emsi team is doing great job (I have bad experience with Comodo) but they can not trace all existing apps in the web!

Like I already recommended you, turn off behavior blocker module while installing known good software and then enable it again after the installation is finished.


It's that easy!

#108153 AV-Comparatives Real-World Protection Test March 2014

Posted by Fabian Wosar on 17 April 2014 - 05:21 PM

Great to see that FPs are decreasing.....

False positives didn't change compared to last year at all actually. We just had a lot of catching up to do. The false positive test set AVC compiled contains files, that even VT hasn't seen yet (which is quite an accomplishment) and that aren't even available online any longer. If you throw a product into that test for the very first time, it is bound to have higher false positives than other products who had the chance to scan earlier revisions of the collection before. That is a fact that AVC itself recognizes and is the reason why the false positive results for our product included a disclaimer.

My question is - why Emsisoft does not participate in these tests

They are simply too expensive and don't reach nearly as many people as AVC does. We may take part in those tests eventually, but in the end it comes down to either take part in this one test that most magazines don't really care about, or hire a new full time employee for a year.

It is no longer so good and colorful.
Whom to believe? Can do your own individual tests and see your scores?
I would recommend it just to do ....

CRDF is unreliable. The way it works is, that they query VT to see if they have seen a file before and if so, get the last scan results.

The problem with that approach is, that malware or files that have never been seen on VT, won't be included in the results, because CRDF does not submit any files to VT. One could argue that those are the most interesting ones as they are more likely to be new malware.

If files have been submitted before, no rescan is issued. That means, the scan results they use for the statistics can potentially be days or even weeks old.

Their sample set also contains a ton of PUPs. I can't talk for other companies, but we specifically asked VirusTotal not to enable the PUP detection. It just saves us a ton of hassle having to deal with PUP companies all day, as most of them just check if their crap is detected on VT. Out of curiosity I downloaded their samples for February and March a few weeks ago (12,756 files in total, 1,270 of which aren't PE EXE files) and just judging by the digital certificates and version info alone at least 6,800 of the remaining 11,486 executable files are PUPs.

We talked to CRDF in the past, to maybe provide some more details in their statistic, but in their opinion these statistics shouldn't be used by anyone, so they have no intention to fix them.

#134565 Reset global firewall rules

Posted by GT500 on 09 July 2015 - 01:11 PM

Here's how to reset the Global Firewall Rules to factory defaults:
  • Open Emsisoft Internet Security.
  • Click on Settings in the menu at the top.
  • Click on the Factory defaults button near the upper-right.
  • Make sure that only the option labeled Global firewall rules is selected.
  • Click the OK button to apply the changes.

#134523 Emsisoft Anti-Malware & Emsisoft Internet Security released

Posted by Christian Mairoll on 08 July 2015 - 08:19 PM

Emsisoft Anti-Malware & Emsisoft Internet Security released. This is a maintenance release for improved usability, speed, detection and stability.

This update will require a reboot.

  • Improved: Logic for “Update rule” alerts.
  • Improved: File Guard has been enabled for network shares.
  • Improved: Consistency between Offline mode state and the corresponding text on the tray icon menu item.
  • Improved: Skipped Anti Malware Network lookup for trusted processes/files on File properties dialog.
  • Improved: Behavior Blocker panel’s grid filling procedure to avoid occasional hangs on GUI close.
  • Improved: Behavior Blocker panel’s process reputation.
  • Improved: Stability of the scheduler (scan/update).
  • Improved: Scheduled scans with setting “After online update” will only be executed after updates were received.
  • Improved: Synchronization when a scan task is waiting for another task to complete.
  • Improved: Behavior of scheduled scan task “Run now” button.
  • Improved: Scheduled scan When/What tabs: logical combinations of settings.
  • Improved: Stability of GUI termination while a scheduled scan is running.
  • Improved: Updater stability.
  • Improved: Auto-update will now start after 5 mins despite CPU load > 20%.
  • Improved: Automatic updates following a failed automatic update were executed too soon.
  • Improved: “Connection error” notifications will be shown for manual updates only.
  • Improved: License remap logic adjusted to correctly handle the modified Hardware ID caused by the Windows 10 update.
  • Improved: Quarantine file submission dialog.
  • Improved: Reboot notifications when the cleaning engine requires a reboot.
  • Improved: Surf Protection alert caption information.
  • Improved: Firewall stability and performance in Emsisoft Internet Security.
  • Fixed: Issue where some files were not updated during an update.
  • Fixed: Scanning/cleaning issue in Windows safe mode.
  • Fixed: Occasional crash of a2start when a certain malware type was detected during a scan.
  • Fixed: Occasional crash while opening File Properties in the Behavior Blocker panel.
  • Fixed: Issue where automatic updates were executed during Game Mode.
  • Fixed: Issue with the malicious items Quarantine counter on the Overview screen.
  • Fixed: Occasional crash: “Is not a valid integer value”.
  • Fixed: Occasional crash: “List index out of bounds”.
  • Fixed: Issue with double log items.
  • Fixed: Issue in a2cmd when using parameter “/q=Quarantine” or parameter “/la”.
  • Fixed: Issue where scheduled scans appeared as manual scans in the scan logs.
  • Fixed: Text and state of “New/Current Scan” menu item.
  • Fixed: Issue where the same malware file was displayed twice in the scan results list.
  • Fixed: Occasional BSOD in Emsisoft Internet Security.
  • Fixed: Issue where the Emsisoft Internet Security firewall erroneously blocked network traffic.
  • Fixed: Occasional network drops and blocked browsing in Emsisoft Internet Security.
  • Fixed: Refresh/update of the scan tray icon hint during a scan.
  • Fixed: An issue after a fresh installation where the last update was reported as 16618 days ago.
  • Fixed: Registry traces deletion procedure.

View the full article

#134027 Surf protection - Delete custom lines?

Posted by Fabian Wosar on 29 June 2015 - 12:59 PM

At the moment it is not possible to delete multiple lines at once. I have made a suggestion internally to add it though.

#133839 False Positive of our url

Posted by Jerky McDilerino on 25 June 2015 - 08:01 AM

Dear Emsisoft employees and moderators

   Please forgive my action, since this thread was not meant to be comment by other members. However, i want to point out that a company called YAC aka Yet Another Cleaner is stealing Malwarebytes database, so is same thing to Iobit product in the past. Therefore, the detection should be something else rather than malware. Here is the link that Malwarebytes complain, https://blog.malware...nother-stealer/. Also, i am against the company that stealing other company idea and put that into their product without any legal copyright or partnership. 

#133823 Malwarebytes acquired Junkware Removal Tool

Posted by Kevin Zoll on 24 June 2015 - 06:42 PM

Comments about Malwarebytes effectiveness do not belong on this forum.

This thread is closed.

#133793 Malwarebytes acquired Junkware Removal Tool

Posted by Peter2150 on 23 June 2015 - 10:33 PM

Malwarebytes is the king that all i have to say. 

 Then why are you here?

#131052 Suggestion regarding EAM/EIS tray icon

Posted by Jim Rockford on 06 May 2015 - 06:55 PM

This is not essential but a suggestion regarding the overall visual appearance of both Emsisoft Anti-Malware and Emsisoft Internet Security.


After looking at the current WinPatrol tray icon I was thinking that changing the Emsisoft icon in the tray in a similar way might be a good idea to make it more fitting to the looks of the GUI and the desktop icon.


What I mean is a square tray icon looking like the desktop icon, changing colour from green, when everything is o.k., to red, when something is wrong (see attached pictures to give you an idea). Plus more colours (like orange if user attention is needed) if necessary.


That way the design of the tray icon would match the design of the GUI and the desktop icon.


Let me know what you think. If you approve perhaps this could already be realised in version 10.

Attached Files

#130036 Emsisoft detects 100% in March edition of AV-Comparatives Real-World Protecti...

Posted by Fabian Wosar on 17 April 2015 - 01:27 PM

i wonder why, most of the products that uses Bitdefender engine get lower rates than Bitdefender if it is supposed they use the same engine...? and what does it means with user interaction? if emsi automatically blocks files (with the BB)

Bitdefender will always have slightly more up-to-date signatures for a few minutes after a new signature update is released, as updates have to be distributed to OEM partners first. On average our users get Bitdefender signature updates between 5 and 10 minutes after Bitdefender users. Given that the update interval in general is usually 1 hour, that is rarely a big deal. But it can explain minor variations in detections. Also keep in mind that Bitdefender may use cloud assisted technologies during on-demand scans as well, which can lead to varying results. We don't use any of Bitdefender's cloud features, as their privacy policy does not meet our own standards.


User interaction means, that we asked the user what he wants to do with the file instead of making the decision for him. For example:




Whenever we show a dialog like that instead of just quarantining the file automatically, it is counted as a user based decision and is only worth half the points. 

#129940 Emsisoft detects 100% in March edition of AV-Comparatives Real-World Protecti...

Posted by Christian Mairoll on 15 April 2015 - 11:25 PM

Antivirus testing organization AV-Comparatives published the first real-world protection test in its 2015 test series: March 2015. The detailed overall result reports (covering four months each) are released in July and December.

Emsisoft Anti-Malware prevents 100% of infections

For this test, AV-Comparatives used a test set of 410 live test cases (malicious URLs found in the field) consisting of working exploits (i.e. drive-by downloads) and URLs pointing directly to malware. In other words, mimicking the threats a typical user would experience in everyday life.



The graph above shows the test results against the “out-of-box” malware protection provided by Microsoft Windows, which in this case is Microsoft Security Essentials since AV-Comparatives ran this test under Microsoft Windows 7 Home Premium 64 Bit SP1.

Emsisoft detected all threats, and thereby received a 100% detection rate. In 0.7% of the cases Emsisoft Anti-Malware displayed an alert which recommends the user to block the threat instead of automatic removal, which is why AV-C counts these as “user dependent”. See the full fact sheet here.

View the full article

#129165 Why Not Sell Online Armor?

Posted by Christian Mairoll on 06 April 2015 - 12:16 AM

We have offered it to some of our business contacts and we definitely wouldn't charge too much. But it's not only about compiling a set of code files. The product requires some online backend infrastructure that can't be developed within a few days. A good part of its power relies on the server side databases and algorithms that require ongoing maintenance and improvements. To be future proof, the product also requires some code changes. Just to name a few: IPv6, full unicode support, Windows 8 driver model changes, etc. These all are doable but not trivial I'm afraid. Only a very small number of software developers have the required skills to code firewall drivers that don't crash all day long. Based on our experience firewall development is one of the most challenging areas of software development you can think about. Windows API documentation is generally poor and you have to expect to find bugs in Windows that Microsoft doesn't even know about (had a few cases in the last year).

#126249 what I love about EAM

Posted by presalequestion on 04 February 2015 - 04:53 PM

- no half baked featues, no bloatware  - I really want a strong and light AV software and not a password safe, tuneup program or some obscure "safe banking"

- no obscure ssl certificate checker

- no http trafic scanning slowing down you connection (since It's the same engine scanning the traffic, I don't see the difference to a real time scanner)

- not transferring urls for cloud checking (transfering the whole history, I consider this as malware)

- no browser plugins

- I understand what every feature in EAM does! Most AVs have just uncomplete marketing orientated descriptions for their features

- not perfect, but seems to care about privacy and avoids user data when not necessary

- the possibily to minimize it further with op-out from the anti malware network/community based alert reduction

- great support

- your primary goal seems to be really making a great AV product and not selling some half baked product due to advertising


I hope that it will stay this way :-) and keep on with your good work!


all the best