All Activity

This stream auto-updates     

  1. Past hour
  2. Ok, virustotal zeigt keinen Fund an! Es ist ein offizielles Intel Programm! No engines detected this file https://www.virustotal.com/gui/file/f856dbc345bde3ada5253f7ac0ef2711edfbb89880b174767f25371ffa668dd4/details Die Email habe ich gesendet!
  3. Hallo, Bitte laden Sie das Program hier rauf zum testen und geben Sie mir dan die Resultate an, dann gebe ich dies an unser Labor weiter. https://www.virustotal.com/gui/home/upload Schicken Sie mir auch dieses Log bitte: 1. Öffnen Sie Ihr Emsisoft-Produkt, unabhängig davon, ob es sich um Emsisoft Anti-Malware oder Emsisoft Emergency Kit handelt. 2. Klicken Sie auf den Link "Support" von Emsisoft Anti-Malware. Dies ist das Symbol für Chat-Sprechblasen unten links im Hauptbildschirm des Programms oder auf den Link "Benötigen Sie Unterstützung" in Emsisoft Emergency Kit. 3. Klicken Sie auf "E-Mail senden". Füllen Sie das Formular aus und verwenden Sie die gleiche E-Mail-Adresse, die Sie für diese Korrespondenz verwenden. Stellen Sie sicher, dass der Eintrag "Protokolldatenbank" auf der rechten Seite des Formulars markiert ist, und klicken Sie dann auf "Senden". Claude
  4. Hallo, nein leider nicht! Erst wenn ich den Schutz pausiere!
  5. Hallo, Richtig. Läuft das Program dann? Claude
  6. Today
  7. Hallo, ich meinte hier, passt das so?
  8. Hallo, Also bei den Ausnahmen under Einstellungen, nicht nur bei der Verhaltensanalyse unter Schutz, richtig? Claude
  9. Ich hab den ganzen Pfad eingetragen C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\
  10. Hallo, Haben Sie das Programm auch bein den beiden Ausnahmen drin unter Einstellungen? Claude Bader
  11. Hallo, das Intel Extreme Tuning Utility wird von Emsisoft geblockt! Leider kann ich nicht sehen was genau geblockt wird! In der Verhaltensanalyse habe ich den XTU Service als vertrauenswürdig eingestuft und wüsste jetzt nicht was noch geblockt wird! Wie kann ich das rausfinden was Emsisoft blockt?
  12. It is recommended that upload in 'ID Ransomware' the ransom note and the encrypted file. Your how_to_back_files.html file is corrupt. The identification result with such a file can annulled. You need find the same intact file on your computer and attach to your new message. Put it in the zip-archive, otherwise the protection of the site will cut all necessary out of it.
  13. stapp

    NEW beta 10149

    By the way.. no issues updating to 2004 Win 10 with EAM installed and running.
  14. Yes Sure .. tks Only upload encrypted .feenikss I have : https://id-ransomware.malwarehunterteam.com/identify.php?case=cc65ca50c62c2d7288e868a232d774179fcd380a Whit file how_to_back_files.html : https://id-ransomware.malwarehunterteam.com/identify.php?case=1946c6c4b01605f55c142e2286e0c65fe455de63 some advice? In attachement example of dll original and encrypted ( npgsql.dll, npgsql.dll.feenikss, and how_to_back_files.html) Regards npgsql.zip
  15. Thank you for the information GT500. I remember seeing you around on the Malwarebytes forums back in the day! I never made an account there but lurked almost daily between the years 2011 - 2016. Didn’t realize you also work for Emsisoft; what a happy surprise. I wasn’t aware of this API from Microsoft to have Windows recognize a security vendor and disable Windows Defender. That’s pretty interesting. I take it Microsoft protects access to this API so they can control which software vendors can utilize it? Otherwise fake AVs and crapware could potentially use the API to register their software and have Windows Defender disable itself? And if this is true, that would mean Microsoft is aware of Emsisoft at some level otherwise they wouldn’t have granted access to their API for EAM to use? Is all of this correct? And I take it your response means Emsisoft has no current plans to reach out for a spot on that list?
  16. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  17. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  18. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  19. If law enforcement is able to catch the criminals or otherwise gain access to their servers and release their private keys for use in decrypters, then we can add them to our database so that everyone can get their files back. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/
  20. You need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ Tradução fornecida pelo Google: Você precisa fazer o upload de pares de arquivos por meio de nosso formulário de envio on-line para que o decodificador possa ser "treinado" para descriptografar seus arquivos. Há mais informações no seguinte link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  21. No, we'd need the private key for your ID, and they keep that to themselves unless you pay the ransom.
  22. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  23. Criminals who create/distribute ransomware have been caught in the past, however I know of no instances where criminals connected to the STOP ransomware have been caught.
  24. The best way to check is to upload a ransom note and an encrypted file to ID Ransomware, as it should be 100% accurate at detecting GlobeImposter 2.0: https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply if you would like for me to review them.
  25. That appears to be the following ransomware: https://www.bleepingcomputer.com/news/security/lockbit-ransomware-self-spreads-to-quickly-encrypt-225-systems/ There's a discussion about this ransomware at the following link as well: https://www.bleepingcomputer.com/forums/t/716458/lockbit-ransomware-lockbit-lock2bits-support-topic/ There does not appear to be any way to decrypt files that have been encrypted by this ransomware.
  26. You need to upload file pairs via our online submission form so that the decrypter can be "trained" how to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  27. Being on that list has nothing to do with Windows Defender. Windows shuts that off automatically when a third-party Anti-Virus that implements a specific Microsoft API (unfortunately I don't remember the name) is installed, registered with the Security Center, and turned on. Since Emsisoft Anti-Malware (EAM) registers itself with the Windows Security Center and uses the necessary API, Windows Defender is turned off automatically when protection in EAM is on. If Windows fails to turn off Windows Defender, then that usually means EAM's registration with the Security Center failed or is corrupted, or the option to integrate with the Security Center in EAM's advanced settings is turned off. Unfortunately being on a list of security software providers doesn't mean much. The only thing that would allow us to stand out would be our company logo, and the actual marketing value from that would be minimal (especially with multiple free Anti-Virus products listed). The list appears to be in random order, so in theory we'd show up at the beginning every now and then, but with very little brand recognition the odds are that we'd just get overlooked for more popular solutions, or for ones that say "free" below their logo.
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up