All Activity

This stream auto-updates     

  1. Past hour
  2. Hallo KlausOtto, frag doch einfach mal bei Emsisoft nach, ob Du die bereits vorhandene Lizenz für Windows um eine Mobilsecurity-Lizenz erweitern kannst. Normalerweise sind die Mitarbeiter von Emsisoft sehr flexibel bei Sonderwünschen. 😊
  3. Danke, Optimist, Schade, meine Lizenz läuft für EAM (PC) noch 190 Tage. Separat wird's ja wohl teurer. Klaus
  4. Today
  5. Hi @Marshall, Glad it worked for you, Take care, Steen
  6. Die Lizenz für Emsisoft Mobile Security kann zusammen mit einer Lizenz für Windows erworben werden. Hier kannst du die Preise anzeigen lassen: https://www.emsisoft.com/de/pricing/
  7. Ist in der Lizenz von EAM auch Emsisoft Mobile Security enthalten? wenn nein, wie teuer? Klaus
  8. @pmarty @xfifi What I notice is that none of the .exe files of the attacked drives/partitions were encrypted, and thus exe-files do not have the ‘.nampohyu’ extensions. They still are regular executable files and are not encrypted. I wonder if you could affirm this observation? Further, I have found the infected executables by a virus on very unexpected directories, including the recycle bin, as well as that not all executables were infected by a virus. There is no logic (to me) in the directories to search for. But when you use windows-explore you should be able to search all the sub-directories. You also could check if there were more drives/partitions infected. In my case they attacked 4 drives/partitions and leave 6 drives/partitions unchanged, I assume that they had no access to the other drives/partitions.
  9. Hi Charlie, yes, but that will be changed in a next EAM version. Yes, we will provide 2 easy ways to connect existing installs. One thing i need to stress is that a workspace must be seen as a customer area. That means that you can connect the devices of 1 customer to 1 workspace. You will have to contact our sales team to split your existing key into keys per customer. For security and permission related reasons, the architecture of the Cloud Console allows one license per workspace/customer. please note that Cloud Console is in beta stage, so bugs are expected. We will check and fix when needed. thanks ! Thanks
  10. For me, there is no .exe files for this virus. It's an intrusion from a remote script executed by the hackers. Samba server or FTP vulnerability via the Guest user in Synology.
  11. @Albert-S I can't find strange .exe files on My Synology NAS which where affected by .NamPoHyu virus Can you give some filenames or directories which I can search for with more accuracy? Thanks for your feedback about the Synology recovering possibility, what a pity...
  12. Hi @Razz Again thanks. I can add "MVPS HOSTS" in µBlock Origin without subscribing...
  13. Hi Marshall. Not sure, but I do know that I recognize the URL of "MVPS Hosts" and I recognize the list. I don't recognize the list attached to MVPS Hosts (Domains). To view the list, click the blue "Details", "View" & "Original" buttons - see image. Sorry I couldn't offer a better explanation.
  14. Hi @Razz Thanks for the explanations☺️ What is the difference between "MVPS HOSTS" and "MVPS Hosts (Domains)" ?
  15. It appears that the “.NamPoHyu” ransomware is often attacking Synology NAS systems. This comment therefore is only related to Synology NAS systems. 1. Regular data-recovery is a no go: decryption is the only way to restore data! As GT500 said the chances for regular data recovery are already very low, since it is more likely that the data is overwritten than it has been copied. However in this case regular data recovery software does not allow you to access the NAS drives directly. Therefore, the following has been suggested: I have contacted the Synology helpdesk and the bad news is that the disk format is ext4 or BTRFS which a regular PC can't read. Moreover, for the Synology system no data recovery software exist that can recover files or folders. 2. Block the guest - account I have good reasons to assume that the guest-account on the system is a potential problem. I therefore recommend the following: Enter the configuration screen, open Users, select Guest, edit, select: switch off this account immediately & do it directly (no delay). Basically I believe you don’t want unknown ‘guests’ on your NAS. If you have other accounts you working with and you are logged in by one of those accounts, I suggest you do the same with the admin account, too. For more info on NAS check this forum too.
  16. Yes. Therefore, I trust to Google the auto-translation of the text at my sites into English, because he knows more words and rules in English than I do. But I know more words, phrases, lexical rules, dialects and I have more vocabulary in Russian.
  17. TNX for this information Amigo
  18. Yesterday
  19. Phil, Download to your Desktop: Farbar Recovery Scan Tool NOTE: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. NOTE: If you are unable to download FRST from the infected system, FRST can be saved to and run from a USB flash drive. Run Farbar Recovery Scan Tool (FRST): Double-click to run it. When the tool opens click Yes to the disclaimer. NOTE: DO NOT change any of the default settings. If you do we will just close your logs and ask for new ones ran with FRST's default settings. Press the Scan button. Farbar Recovery Scan Tool will produce the following logs: FRST.txt Addition.txt Attach those logs to your reply.
  20. Hi Marshall. To add the MVPS Hosts list to uBlock Origin, perform the following steps (see images for more details): (1) Go to the following link: https://filterlists.com/ (2) Enter "130" in the page field. (3) Click the blue "Details" button on the "MVPS Hosts" line. (4) Click the blue "Subscribe" button. You're all done! The MVPS Hosts file should now be added to uBlock Origin in your browser. To check you can look at the uBlock Origin "Options" page by right-clicking the uBlock Origin icon in your browser, as per images. Hope this helps. Best Regards, Steen
  21. I did this and then rebooted but it didn't help. If I want to see the whole screen, I still have to drag the window around to see it all and I can't see it all at once then.
  22. It's not doing it now but when it did, it was doing it after several restarts. I was like you, I thought maybe restarting it would help it but it didn't. It's still working as it should now. Maybe it will keep it up.
  23. @GT500 Thank you for your concern and the good work. However, I did not post the file on the forum, because I thought it is not a good habit to spread a potential virus on this platform So I have attached it in an email to: [email protected] // subject: referring to ransom message of Albert-S (including some typo's) I have mentioned my concerns regarding this executable on the forum at Tuesday 3:30 PM, EUROPE. Hope it finds well now, did not ment to confuse ... Since you mentioned only autherized persons can download, I tried to add the file to this post. But I can't: my virus-scanner does not allow me
  24. Hello, We have a large number of clients currently connected to an on-prem EEC instance. We've done a small pilot and are seriously looking at moving all of them to ECC in the near future. I have a couple of topics to discuss: 1. We have discovered that on existing clients, if the user navigates to Settings and clicks on "Connect to MyEmsisoft", they are automatically connected and show up in the Workspace almost immediately. Neat! I assume it knows to connect to the workspace because the license key in their software is attached to that workspace. Can I get confirmation on that? We have command line access to almost all of the computers and they are using that same key. Is there a command that we can push to the computers en masse that will disconnect them from EEC and connect them to ECC basically to simulate them pressing the "Connect to MyEmsisoft" button? 2. It seems that the "Alternative message or URL for news section" policy in ECC isn't applying to clients put into that policy group. All the other policies appear to be applying properly. Wondering if there are some character or length limitations or maybe a bug? Thanks!
  25. Some of your posts have been edited, so I'm not sure if you posted it here and then removed the links later, or if you sent them via e-mail. Regardless, I didn't download any files from this topic in the last week. I must have missed that in your original post. Would it be possible for you to send those to me? You can do so in a private message, or by attaching the files to a post here (only authorized personnel can download file attachments, unless they are pictures/images).
  26. Yeah, that sounds about par for the course (assuming that means the same in Russian that it would in English).
  27. This may have been fixed by some changes we made to our licensing system, however it's also possible that a simple restart of the computer resolved it. If you ever encounter the problem again, then try restarting the computer again, and let me know if that helps.
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up