All Activity

This stream auto-updates     

  1. Today
  2. Elvalra58 Elvalra58 changed their profile photo
  3. Yesterday
  4. Eddie

    your computer is not protected

    Eddie replied to Eddie's topic in Emsisoft Anti-Malware

    Jeremy, thank you. I upgraded the tablet ( which had been stored away and not used for a while) from V 8 to now 10 Home Version 1809, OS Build 17763.316. I used the MS download tool and chose the upgrade option. The only AV on the system prior to me installing emsisoft was the default MS option. I think nowadays it's called Windows Security/ Windows Defender. As for Emsisoft, it is installed, I can run scans manually but it seems prevented from running as the first line of defence. At the moment I am relying on Windows Defender to catch any nasties.
  5. K1500SBC
    Seem to have been a victim of the attack mentioned above.... unfortunately the regular FenixLocker decrypter doesn't work with this one. Most likely culprit is Remote Desktop since I had it enabled. But I have included two files: original and encrypted one. Is there any tools out there that can decrypt this? Or at least one that is in the works? I lost a lot of files. Thank you https://id-ransomware.malwarehunterteam.com/identify.php?case=8f97bf424c3a5797fafb41fe43b6f9593e127d88 GreenScreen.dtx [email protected] !! Help to decrypt.txt
  6. K1500SBC K1500SBC joined the community
  7. nvzxcn nvzxcn joined the community
  8. JeremyNicoll started following Pause protection via a batch command? and your computer is not protected
  9. JeremyNicoll

    your computer is not protected

    JeremyNicoll replied to Eddie's topic in Emsisoft Anti-Malware

    I don't know the answer, but it might help others if you tell us exactly what version of Win 10 is now installed. Also, how did you do the Win 8 -> 10 upgrade? What anti-virus/malware application was installed on the Win 8 system? Did any of that survive the W8->10 upgrade?
  10. JeremyNicoll

    Pause protection via a batch command?

    JeremyNicoll replied to Bundaburra's topic in Emsisoft Anti-Malware

    If there is a batch way to do this (I don't know), how would you suggest it should be made secure so that malicious scripts cannot turn protection off against your will?
  11. Robbie van der Herp Robbie van der Herp changed their profile photo
  12. Paul Outerson Paul Outerson changed their profile photo
  13. Bundaburra
    I know I can pause EAM protection via the tray icon - Pause protection - but is there a batch command to do it? And re-enable later?
  14. Eddie
    Earlier today I upgraded a tablet from Win 8 to Win 10 and once done wanted to install Emsisoft. The installation seemed to go fine, the program is running but I am getting errors from Windows notification centre that both AV are off and I seem to be unable to turn on Emsisoft. If I click the turn on button in windows securities, Emsisoft shows up with Your computer is not protected. When I click the fis now button either nothing happens or it goes into the same page that comes up when I click the "no protection box" on the left. Here both behavioural blocker as well as file guard are off and resist any changes. What should I do?
  15. Christianto started following Emsisoft Browser Security & kasperky protection extension
  16. Christianto
    Hi.... I'm already installing kasperky protection extension on my chrome & firefox browser... I want to know....it is ok to add emsisoft browser security to My chrome & firefox browser? nb : i use kaskpersky Internet security in my computer sorry for my bad english...thx
  17. LBphotoGraphics LBphotoGraphics joined the community
  18. Jm2f2 Jm2f2 changed their profile photo
  19. MARCELO GAMITO MARCELO GAMITO changed their profile photo
  20. Tsunamilashes Tsunamilashes changed their profile photo
  21. quietman7 started following .[[email protected]].phobos INFECTION
  22. quietman7

    .[[email protected]].phobos INFECTION

    quietman7 replied to tsankov's topic in Ransomware First Aid

    Unfortunately, there is no known method that I am aware of to decrypt files encrypted by Phobos Ransomware without paying the ransom and obtaining the private keys from the criminals who created the ransomware unless they are leaked or seized & released by authorities. If feasible, your best option is to restore from backups, try file recovery software or backup/save your encrypted data as is and wait for a possible solution at a later time.
  23. Last week
  24. patrick s patrick s changed their profile photo
  25. tkscagirl tkscagirl changed their profile photo
  26. raffaellaa raffaellaa changed their profile photo
  27. tsankov started following .[[email protected]].phobos INFECTION
  28. tsankov

    .[[email protected]].phobos INFECTION

    tsankov replied to tsankov's topic in Ransomware First Aid

    Thanks for the replay. Here is the link with the result: https://id-ransomware.malwarehunterteam.com/identify.php?case=cce9e9c7dc76baa51ee3fd12d3ebf344af061bf4
  29. stapp

    .[[email protected]].phobos INFECTION

    stapp replied to tsankov's topic in Ransomware First Aid

    It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ You can then paste a link to the results into a reply if you would like one of our experts review them.
  30. tsankov
    Hi Everyone, New to this forum and hoping to get some help. My system was infected by ransomware and all affected files now have an extension .[[email protected]].phobos The usual text file says: All your files have been encrypted due to a security problem with your PC. If you want to restore them, write us to the e-mail [email protected] In case of no answer in 24 hours write us to theese e-mails: [email protected] If there is no response from our mail, you can install the Jabber client and write to us in support of [email protected] or [email protected] I've attached one of the affected files. Has anyone managed to develop a decryptor for the above. Your help and suggestions are greatly appreciated. Jim 19.09,8580960.pdf.ID-F4F623F6.[[email protected]].phobos
  31. tsankov tsankov joined the community
  32. pappa-jan pappa-jan changed their profile photo
  33. bikerentalsnainital bikerentalsnainital joined the community
  34. vishal started following GlobeImposter 2.0 Infection
  35. vishal

    GlobeImposter 2.0 Infection

    vishal replied to CSRTech's topic in Ransomware First Aid

    i wan a requited GlobeImposter 2.0 Ransomware.exe file if you have plz send me on my personal mail ID
  36. vishal vishal joined the community
  37. JeremyNicoll started following Emsisoft Commandline Scanner v. 2018.6.0.8734 files up to 2 GB
  38. JeremyNicoll
    This always slightly worries me. It suggests that a malicious executable could be packed as (in essence) a program which starts off with an instruction (or a handful, whatever's needed to make it legitimate loadable code) that says "jump forward a long way" followed by random junk, followed by the payload.
  39. cixteeny cixteeny joined the community
  40. MJmusicguy

    Vivaldi Web Browser and Emsisoft Browser Security

    MJmusicguy replied to MJmusicguy's topic in Emsisoft Anti-Malware

    Well I do not have data to disagree I will say that there is no viable reason for it not to to be recognized by the product as it is Chromium based and Emsisoft could set a precedent here im not asking all Chromium browsers to be green lighted just Vivaldi because marketshare may be low and may always stay low however you know as well as I do it is way ahead of competitors and has staying power
  41. GT500
    I am not aware of any Anti-Virus scanner that will scan files that are gigabytes in size. I would believe the maximum file size that our scanning engine supports is 100 MB, however this has been revised a number of times over the years, and may have changed.
  42. GT500
    I use Vivaldi as well, however (as is usual with Jon von Tetzchner's browsers) Vivaldi's market share is extremely low, and it can't be considered a mainstream/major browser. I was only able to find the following site that even listed market share for Vivaldi: NetMarketShare - Vivaldi = 0.11% Unfortunately Vivaldi's market share is so low that most browser usage stats don't even show it at all.
  43. GT500
    I'm glad to hear that the issue appears to be resolved now. If you need anything else, then please let us know.
  44. MJmusicguy started following Vivaldi Web Browser and Emsisoft Browser Security
  45. MJmusicguy
    as both a user of EAM and a Vivaldi tester I feel that Vivaldi needs to be "officially" recognized by Emsisoft as a browser EAM settings claim my default browser is not supported thus a option to install the exstention is not given yet is for all "major" browsers i realize i could jjust install it via the chrome store however thsa post is about recognition Vivaldi is probably the best and fastest growing alternative browser in recent years
  46. Alan_S
    Reporting that the situation hasn't occurred for me since the shower of incidents mid December. That's nearly 10 weeks. I haven't noticed any announcement that sounds like a fix, neither in the beta forum nor the Change Blog (though perhaps it's hidden under “Improved stability”) but something must have happened. It took over 6 months but, as the Bard of Avon said, “All's well that ends well”! Thank you all who have got this to happen!
  47. Schicki
    Hello all, how to proceed the check with files up to 2GB? specially videofiles (mxf, mov, mp4, avi). do you make only a header check? or anything else? or nothing
  48. Schicki Schicki joined the community
  49. Thomas Ott

    Hilfeverweis im Forum down

    Thomas Ott replied to onegasee59's topic in Hilfe, mein PC ist infiziert!

    Hallo und danke für die freundliche Rückmeldung. Wir haben zu Danken Ich wünsche ein schönes kommendes Wochenende!
  50. Thomas Ott

    EAM in der Taskleiste

    Thomas Ott replied to Klaus35's topic in German Support - Deutscher Support

    Hallo Klaus, vielen Dank für Ihre Rückmeldung. An dieser Stelle könnte man Log-Dateien mit einem Tool names FRST erstellen um dieses auf Auffälligkeiten zu prüfen. Bitte führen Sie einen Systemscan mit FRST (Farbar Recovery Scan Tool) durch wenn Sie wollen und senden Sie uns im Anschluss daran die zwei generierten Log-Dateien entweder an [email protected] oder via privater Nachricht an mich hier im Forum. Eine Anleitung dafür haben wir für Sie auf der folgenden Webseite zur Verfügung gestellt: https://help.emsisoft.com/de/1743/einen-scan-mit-frst-durchfuehren/ Möglicherweise wird von Emsisoft Anti-Malware und/oder Windows eine Warnung angezeigt wenn Sie versuchen die Log-Dateien zu erstellen. Bitte erlauben Sie in dem Fall alle Vorgänge damit die Logs vollständig geschrieben werden können. Zwischenzeitlich stehe ich für Ihre Anliegen gerne weiter zur Verfügung.
  51. Kevin Zoll

    jadro systemu jest zainfekowane

    Kevin Zoll replied to piotrk24's topic in Help, my PC is infected!

    Thread Closed Reason: Lack of Response PM either Kevin, Elise, or Arthur to have this thread reopened. The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on a system, other than the one they were written for, could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist. All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE if you don't we are just going to send you back to this thread
  52. GT500

    Ayuda!!! ransomware extensión .writeme

    GT500 replied to JOSE LUIS TIGUILA's topic in Ransomware First Aid

    If you'd like to keep an eye out for news about the ransomware that has encrypted your files, then BleepingComputer's news feed is a good resource, although I don't think they offer their news in languages other than English: https://www.bleepingcomputer.com/
  53. GT500
    Michael Gillespie has updated his STOPDecrypter for some of these newer variants of the STOP ransomware, however please note that in most cases it will only work if the ransomware was unable to contact its command and control server when it encrypted your files. There is more information available at the following links: https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-tro-djvu-rumba-openmetxt-support-topic/page-21#entry4667165 https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-tro-djvu-rumba-openmetxt-support-topic/page-23#entry4668025
  1. Load more activity

  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up