Leaderboard


Popular Content

Showing content with the highest reputation since 11/13/17 in all areas

  1. 2 points
    Guten Tag, VIelen Dank für die unterstützenden Worte. Wie gesagt haben wir auch nicht vor, an unserer Linie etwas zu ändern. Ich hoffe, dass Emsisoft daher auch weiterhin Ihren Zuspruch erhalten wird. Mit freundlichen Grüßen Kathrin
  2. 2 points
    Ich kann EMSI-Soft nur bestärken bei dem bloatfreien Konzept zu bleiben. Jeder der Ahnung von der Materie hat, weiß dass diese extra Features Mist sind und nur die Angriffsfläche erhöhen. Siehe diverse Project Zero (google) Security-Bugs bei AV-Herstellern.... EMSISOFT scheinen der einzigen AV Hersteller mit Verstand zu sein, dem man sogar in diesem sensiblen Bereich die Achtung der Privatsphäre abnimmt. Das wissen genug Leute zu schätzen!
  3. 2 points
    Guten Tag, Wir haben mittlerweile mehrfach etabliert, dass Emsisoft nicht das Programm Ihrer Wahl ist. Sie haben sich bereits anderweitig ein Antivirus gesucht, dass auch noch dreißig weitere Funktionalitäten mitabdeckt. Fakt ist jedoch, dass viele Leute eben auch ein Antivirenprogramm suchen, dass nicht noch fünfzig Extras mitbringt, die man nicht will oder nicht braucht. Für diese Leute gibt es eben Emsisoft Anti-Malware und die meisten unserer Kunden sind mit der Tatsache, dass es eben 'nur' ein Rundumschutz für den Rechner ist und nicht mehr, zufrieden. Für all die angesprochenen Features - Passwortgenerator, Kinderschutz, etc - gibt es bereits gute Programme, die man sich bei Bedarf installieren kann. Viele Leute haben aber entweder keine Kinder oder wollen diesen den Zugang nicht beschränken, warum sollten wir diesen Leuten einen Kinderschutz mitinstallieren. Einige haben eben auch nicht RAM oder CPU im Überfluß, für diese Leute ist es noch ärgerlichr wenn das RAM durch ein AV belegt ist, dass aufgrund von ungenutzten Features die Ressourcen auffrisst. Fazit: Es gibt viele Antivirenprogramme, die die eierlegende Vollmilchsau sein wollen und versuchen alle Programme in einem zu vereinen. Es gibt User, die diesen Ansatz nicht mögen und nur ein Antivirenprogramm wollen. Nicht mehr. Für diese Leute gibt es, zum Beispiel Emsisoft Anti-Malware. Sie gehören nicht zu dieser Gruppe und das ist ok. Mit freundlichen Grüßen Kathrin
  4. 1 point
    Thanks for your reply, @Umbra Much appreciated.
  5. 1 point
    That's 207 days away, which is less than 7 months. Why is that so much less than the 10 month figure, which itself has only recently replaced "about a year"?
  6. 1 point
    Unless you are having problems, it is time to do the final steps. Now to remove most of the tools that we have used in fixing your machine: Download Delfix from here and save it to your desktop. Ensure Remove disinfection tools is checked. Also place a checkmark next to: Create registry backup Purge system restore Click the Run button. When the tool is finished, a log will open in notepad. I do not need the log. You can close Notepad. Empty the Recycle Bin You can delete and uninstall any programs I had you download, that you do not wish to keep on the system. To Remove EEK simple delete the EEK for in the of your System Drive, normally C:\EEK Run Windows Update and update your Windows Operating System. Articles to Read: How to Protect Your Computer From Malware How to keep you and your Windows PC happy Web, email, chat, password and kids safety How Did I Get Infected? That should take care of everything. Safe Surfing!
  7. 1 point
    If that's from our License Center (cc.emsisoft.com) then yes, it will show you the exact date that the license key needs to be activated by.
  8. 1 point
    Guten Tag Ragnaroek, Uns sind keine Probleme mit DNSCrypt bekannt. Unser Webschutz greift die DNS Anfragen bei den Prozessen ab, sodass wir keinen unverschlüselten DNS Verkehr brauchen um effektiv zu sein. Mit freundlichen Grüßën Kathrin
  9. 1 point
    Run a fresh scan with EEK. If it comes back clean then the folder was successfully deleted.
  10. 1 point
    Hi, Delete the following with RogueKiller ¤¤¤ Files : 3 ¤¤¤ [BitMiner.Gen0][Folder] C:\Users\User\AppData\Local\PCBooster -> Found
  11. 1 point
    Let's try a different tool. Download RogueKiller from https://www.fosshub.com/RogueKiller.html and save it to your desktop. • Double-click on setup.exe to install RogueKiller. Close all programs and disconnect any USB or external drives before running the tool. • Right-click RogueKiller.exe and select Run As Administrator to run the tool. • Once the Prescan has finished, click Scan. • Once the Status box shows "Scan Finished", click on the "Report" button and attach the scan log to your reply.
  12. 1 point
    It looks like a new variant of Cry36. I'll ask our malware analysts if they need any information about it.
  13. 1 point
    I'm not aware of any new developments in regards to this particular ransomware, however please note that if there is any news about a way to decrypt your files that it will more than likely be published on BleepingComputer's news feed: https://www.bleepingcomputer.com/
  14. 1 point
    Run AdwCleaner again and this time have it fix what ti finds.
  15. 1 point
    No that is not normal. Let's try resetting some areas of Windows to there defaults. There may be some slight differences between the instructions and the programs interface. Download Windows Repair by Tweaking.com http://www.tweaking.com/content/page/windows_repair_all_in_one.html to your desktop. Use the direct download link for the Portable version of Windows Repair by Tweaking.com · Double-click "tweaking.com_windows_repair_aio.zip" and extract the "Tweaking.com - Windows Repair" folder to your desktop. · Now open this folder and double-click "Repair_Windows.exe". · Click the "Repairs" tab on the far right. · Click the "Open Repairs" button (bottom right) Note: When asked if you would like to create a restore point. It is recommended just in-case something does not go as planned. · Click "Unselect All" · Put a checkmark in the following items: · 01 - Reset Registry Permissions · 02 - Reset File Permissions · 03 - Reset Service Permissions · 04 - Register System Files · 05 - Repair WMI · 10 - Remove Policies Set By Infections · 11 - Repair Missing Start Menu Icons Removed By Infections · 19 - Repair Volume Shadow Copy Service · 21 - Repair MSI (Windows Installer) · 22 - Repair Windows Snipping Tool · 26 - Restore Important Windows Services · 27 - Set Windows Services to Default Startup Note: Leave everything else unchecked · Put a checkmark in "Restart System When Finished" · Now click the "Start" button (bottom right)
  16. 1 point
    This is normal. First of all there's your browser. Each page you visit has a corresponding IP. Next think about Windows and other software checking for updates on a regular basis. On top of that email clients and the like will check for new messages as well. Then there are all kind of communication applications (skype, facebook messenger, and so on and so forth) that all will connect to a number of IPs to retrieve (or check for) messages. Think also about Microsoft's time synchronization and for example all kind of software license checks. These are just a few examples, but I think you can imagine why you'd always see a list of IP addresses your computer connects to/receives data from.
  17. 1 point
    You will need to reinstall Firefox and Chrome. Let's take a fresh look. Run fresh scans with Emsisoft Emergency Kit (EEK) and FRST, attach the new EEK and FRST scans to your reply. Be sure to let me know how things are running.
  18. 1 point
    I see,I will check out the link. Customer service here is top notch! Thanks again Elise
  19. 1 point
    Copy the below code to Notepad; Save As fixlist.txt to your Desktop. HKU\S-1-5-21-902657796-2216782368-3167530159-1000\...\Policies\Explorer: [NoToolbarsOnTaskbar] 0 HKU\S-1-5-21-902657796-2216782368-3167530159-1000\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-21-902657796-2216782368-3167530159-1000\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-902657796-2216782368-3167530159-1000\...\Policies\Explorer: [ClassicShell] 0 HKU\S-1-5-21-902657796-2216782368-3167530159-1000\...\Policies\Explorer: [NoBandCustomize] 0 HKU\S-1-5-21-902657796-2216782368-3167530159-1000\...\Policies\Explorer: [NoMovingBands] 0 HKU\S-1-5-21-902657796-2216782368-3167530159-1000\...\Policies\Explorer: [NoCloseDragDropBands] 0 GroupPolicy: Restriction - Chrome <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKU\.DEFAULT -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File BHO-x32: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-902657796-2216782368-3167530159-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File Task: {0B93607A-B270-4970-99C7-139A3B382A25} - System32\Tasks\BmHhCekqquvtRi => rundll32 "C:\Program Files (x86)\vknAtWNPMhpU2\lDWNyEUKlOAkx.dll",#1 Task: {5711B4D5-2D0F-4598-8863-00A1ED052CE1} - \jVVcebPoCjhHKmi -> No File <==== ATTENTION Task: {726A26AC-84F2-44E9-BCBA-4811CDA20D8F} - System32\Tasks\boQbXxbEJPaDgWztw => rundll32 "C:\Program Files (x86)\OGqwJxyzdjgEZIvrFER\ApKMsqP.dll",#1 Task: {B8B7346D-6D94-4396-B3C0-1F42E22904EC} - System32\Tasks\boQbXxbEJPaDgWztw2 => rundll32 "C:\Program Files (x86)\OGqwJxyzdjgEZIvrFER\ApKMsqP.dll",#1 Task: {DDB0F423-985C-4BFC-8085-E424545A5A2F} - System32\Tasks\jVVcebPoCjhHKmi2 => rundll32 "C:\Program Files (x86)\ExRIRmygU\DNEKOk.dll",#1 Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION Task: C:\Windows\Tasks\boQbXxbEJPaDgWztw.job => C:\Program Files (x86)\OGqwJxyzdjgEZIvrFER\ApKMsqP.dll Shortcut: C:\Users\User\Desktop\Gmаil.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\Desktop\Gоoglе Рhotos.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\Desktop\Диск Gоogle.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\Gmаil.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\Gооglе Photоs.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\YоuTube.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\Диск Gоogle (1).lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Приложения Chrome\Диск Gоogle.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gоogle Сhromе.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооgle Сhrоmе (2).lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооgle Сhrоmе.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Диспетчер задач Windows.lnk -> C:\Windows\System32\taskmgr.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох (2).lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gоogle Chrоme.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Gоogle Chrome.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.emorhc.bat (No File) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Моzilla Firefoх.lnk -> C:\Users\User\AppData\Roaming\Browsers\exe.xoferif.bat (No File) <==== Cyrillic C:\Program Files (x86)\ExRIRmygU\DNEKOk.dll C:\Program Files (x86)\ExRIRmygU C:\Program Files (x86)\OGqwJxyzdjgEZIvrFER\ApKMsqP.dll C:\Program Files (x86)\OGqwJxyzdjgEZIvrFER C:\Program Files (x86)\vknAtWNPMhpU2\lDWNyEUKlOAkx.dll C:\Program Files (x86)\vknAtWNPMhpU2 Close Notepad. NOTE: It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST64 and press the Fix button just once and wait. If the tool needed a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Attach it to your reply. Note: If the tool warns you about an outdated version please download and run the updated version.
  20. 1 point
    Does one need to disable Powershell completely? And is this even desirable or possible on Windows versions greater than 7? On my Windows 7 machine, I started a Powershell console w/administrative privileges and ran Set-Execution-Policy -Scope LocalMachine Restricted which disables running PowerShell scripts execution in any context. Individual Powershell commands are still allowed, of course, so Powershell-powered malware hasn't been entirely neutered, but this is a significant protection I think.
  21. 1 point
    Guten Tag, Vielen Dank für die Rückmeldung. Sie können uns die Datei in solchen Fällen auch bei Filesharer, zB wetransfer.com zukommen lassen. Oder, falls die Datei schon bei Virustotal hochgeladen wurde, reicht uns meist auch ein Link , beziehungsweise der Hash, um die Datei zu identifizieren. Mit freundlichen Grüßen Kathrin
  22. 1 point
    Hi It will be so nice if you add this feature like Eset file reputation or Kaspersky Security Network I know emsisoft analyze suspicious files in Emsisoft Anti-malware Network but it will be better if you add this feature to Right-click options like eset and Kaspersky, therefore user can see file reputation for each file manually
  23. 1 point
    Hallo, ein False Positiv kannst Du auch hier melden und die Datei als Anlage hinzu fügen. Forum False positives
  24. 1 point
    EAM *.7838 Windows 10 Pro 1703 OS Build 15063.540 x64 1. Execute malicious file (Locky variant) 2. Behavior blocker eventually detects suspicious activity, AMN query is performed, Bad reputation is returned, and the behavior blocker auto-resolves the file by terminating and sending to quarantine 3. The malicious process still appears in the behavior blocker list of actively running processes, but the process is not in active memory on the system 4. In the behavior blocker list, right-click on the process and select any of the context menu options and nothing happens (as expected) 5. Reboot system removes process from the behavior blocker active list 6. This same quirk happens when an active Bad reputation process, that just sits there and does nothing to trigger the behavior blocker, self-terminates Locky_Variant__diablo6.zip termsrv.zip
  25. 1 point
    Yes! that worked thank you Umbra
  26. 1 point
    You have to select "all files" in the search window.
  27. 1 point
    Powershell is a tough bird. I've got the same four powershell exe's blocked, but that won't stop it. Won't break anything for most users, but won't block it. There is also a DLL system.managament.autmation.dll that can fire off Powershell. Not sure extactly w here in windows it, I've got it blocked with wildcards. I've done a lot homework on powershell malware and there are two bottom lines. 1. If some can get the right script on your computer and it runs, it's game over. They own you. 2. The good news, is all of these infections were delivered by email, so if you good email control your are safe
  28. 1 point
    Thread Closed Reason: Resolved The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist. All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE if you don't we are just going to send you back to this thread.
  29. 1 point
    Hello dmcelhannon, My name is Kevin, and I will be helping you with fixing your problem. I would like to collect some more information before we get started with cleaning up the system. Take note of some guidelines for this support request: • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Furthermore, you should not be taking any advice relating to this computer from any other source throughout the course of this fix. • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken. • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean." We do not want to clean you part-way, only to have the system re-infect itself. • Do not start a new support ticket. The logs that you send me should be attached to your reply do not paste your logs directly into the reply. Read and follow these instructions carefully: NOTE: You will want to print these instructions for reference, as you will perform all scans with all browsers closed. Download to your Desktop: • Emsisoft Emergency Kit: https://www.emsisoft.com/en/software/eek/download/ • Farbar Recovery Scan Tool: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ NOTE: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system that will be the right version. NOTE: If you are unable to download the tools from the infected system, the tools can be saved to a USB flash drive and then transferred to the infected system. This is an information gathering stage. A removal procedure will be formulated once I review the contents of the logs. All scans are to be run in Normal Mode. Do not run anything in "Safe Mode", unless you are instructed to do so by myself. Do not force Safe Mode. Instructions on How to Boot to "Safe Mode" can be found at http://www.malwareteks.com/kb/SafeMode.php Let's get started: • Install and Run Emsisoft Emergency Kit (EEK): ◇ Double click EmergencyKitScanner.exe to install EEK ◇ When the installation of EEK is complete the Emergency Kit Scanner will run. ◇ Click "Yes" to Update Emsisoft Emergency Kit ◇ Under "Scan" click-on "Malware Scan". IMPORTANT: Do not quarantine or delete anything. We just want the scan log without anything being quarantined or deleted. ◇ Save the scan log somewhere that you can find it. ◇ Exit Emsisoft Emergency Kit. • Run Farbar Recovery Scan Tool (FRST): ◇ Double-click to run it. When the tool opens, click “Yes” to the disclaimer. ◇ Press Scan button. ◇ Farbar Recovery Scan Tool will produce the following logs: ▪ FRST.txt ▪ Addition.txt • Attach the following logs to your reply: ◇ Emsisoft Emergency Kit Scan log (C:\EEK\Reports\) ◇ FRST.txt ◇ Addition.txt
  30. 1 point
    Unless you are having problems, it is time to do the final steps. Now to remove most of the tools that we have used in fixing your machine: Download Delfix from here and save it to your desktop. Ensure Remove disinfection tools is checked. Also place a checkmark next to: Create registry backup Purge system restore Click the Run button. When the tool is finished, a log will open in notepad. I do not need the log. You can close Notepad. Empty the Recycle Bin You can delete and uninstall any programs I had you download, that you do not wish to keep on the system. To Remove EEK simple delete the EEK for in the of your System Drive, normally C:\EEK Run Windows Update and update your Windows Operating System. Articles to Read: How to Protect Your Computer From Malware How to keep you and your Windows PC happy Web, email, chat, password and kids safety How Did I Get Infected? That should take care of everything. Safe Surfing!
  31. 1 point
    Are there any plans of introducing an anti-malware for Mac in the near future? I'm very curious. We see more and more interest of our customers that are demanding a good mac protection software. Now we deliver Emsisoft for Windows but we can't for MAC OS. By canceling development of EIS is there now more of a possibility for a new product?
  32. 1 point
    It should be. I don't expect that it would provide any added protection beyond what Emsisoft Anti-Malware is capable of, and since it's Windows 10 it's entirely possible that Microsoft uses data from their Windows Defender cloud network as another form of "telemetry", in addition to all of the data Microsoft already collects from Windows 10 users.
  33. 1 point
    For best performance, yes. I'm not specifically familiar with how Microsoft's cloud protection technology works, however that sort of protection is usually handled by sending file information (file names, paths, hashes, etc) to a server that then compares it against a database of known software. The detection capabilities of such a system are typically limited, as advanced heuristics are difficult (if not impossible). We have a similar technology in Emsisoft Anti-Malware, however we use it primarily as an alert-reduction mechanism for our Behavior Blocker. We do also occasionally use to to help prevent false positives or to add detection for certain threats (the malicious version of CCleaner for instance), however for the most part anything that can exist on a "cloud" server can be bundled in a database update that an anti-virus software can download, so the most important detection rules would be in the database that gets downloaded and stored on your computer.
  34. 1 point
    Try this first, sometimes it works. Download and run MBAR according to this post: https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes/
  35. 1 point
    In theory there shouldn't be any actual security issues, however this is not something that is widely tested since running multiple anti-virus software is not recommended. It's only intended to be used if your computer doesn't have much RAM. The option moves most of the database into the pagefile to free up RAM, which means that when Emsisoft Anti-Malware needs part of the database that's been offloaded to the pagefile like this then Windows will have to move it back out of the pagefile and into RAM. This causes minor performance issues, as you have to wait for chunks of the database to be moved from the hard drive back into RAM before something can be scanned by the real-time protection. The memory usage optimization is off by default partially due to this, and partially due to the fact that most computers these days have tons of extra RAM (thus making the option mostly pointless).
  36. 1 point
    Thanks,I think I know how to set it all. Cheers.
  37. 1 point
    Potentially and theoretically. For example, if you are infected the 2 antiviruses may "fight" each other to quarantine the malware, or one may quarantine it and the other antivirus will scan the quarantine folder of the other and may try to remove the malware, causing unexpected errors, etc... Mostly when you suffer heavy slowdowns in your daily usage.
  38. 1 point
    This is expected behavior. Controlled Folder Access is a feature of Windows Defender and only works when Windows Defender is running. Note that Windows 10 automatically turns Windows Defender off when another Anti-Virus software is installed and turned on, which is why it does not work when Emsisoft Anti-Malware is installed. To bypass this, you can open Emsisoft Anti-Malware, click on Settings in the menu at the top, and disable the Windows Security Center integration so that Windows doesn't realize that Emsisoft Anti-Malware is installed. Please note that doing this is not recommended, as we do not test running Emsisoft Anti-Malware alongside Windows Defender on Windows 10, and since Microsoft has Windows disable Windows Defender automatically on Windows 10 when another Anti-Virus installed it is best to assume that they do not want people to run Windows Defender alongside other Anti-Virus software on Windows 10. If you do disable the Windows Security Center integration, then note that your computer may have performance problems, and may even freeze/hang.
  39. 1 point
    Hello, Thank you for reporting this issue. To see if this is caused by Emsisoft products, please disable all Emsisoft real time protection guards (right click the tray icon and select "pause protection" > "disable for 10 minutes"). If this fixes the issue then Emsisoft may be blocking the application. If this does not change anything this problem is likely not related to Emsisoft.
  40. 1 point
    Hi, Die Antwort von Kathrin begründet sich meines Erachtens wie folgt: Wenn ein AV-Programm mit Unterprogrammen vollgepumpt wird, dann bremsen dieses wiederum die Rechnerleistung aus und verbraucht auch noch RAM. Genau aus diesem Grund läuft EAM auf zwei meiner Systeme, weil man sich auf das wichtigste konzentriert. Systemschutz: Wenn Hacker die Webcam nutzen wollen, dann müssen sie das System irgendwie erreichen und das passiert durch ein Programm, Trojaner wird das genannt, welches sie dir zusenden, oder Du dir irgendwo runtergeladen hast und dann installierst. Und dieses Verhalten sollte EAM erkennen können ;-) Daher bedarf es keine weiteren integrierten Tools. Sicheres Banking: Alle Banken betreiben ihre Webseiten mit einem https:// Protokoll, erkennbar im Browser am Schloß und oder an der grünen URL Leiste z.B. im Firefox. Verwendet man ein Banking Programm wie "Starmoney" dann baut dieses Programm eine sichere Verbindung zum Bankserver auf, außerdem kann man dieses Programm mit einem Passwort schützen. Datensicherheit, Diebstahlschutz: Um Daten sicher zu archivieren, könnte man auf der Festplatte eine weitere Partition mit Passwort einrichten, welche man verschlüsselt, das funktioniert z.B. mit Windows 7 Ultimate sehr gut, ich nenne es mal Laufwerk [ D: "Meine Daten" ]. Darauf könnte man alle Dokumente, Bilder, Videos etc. speichern. Ist der Rechner aus und wird entwendet, dann kommt der Dieb nicht an die Daten! Wichtig ist aber auch, dass man sich eine externe Festplatte besorgt und darauf regelmäßig eine Datensicherung von Laufwerk D: macht. Dann ist man auf der sicheren Seite. Jugendschutz: Unter Windows 7 kann man für die Kinder ein gesondertes lokales Konto einrichten und entsprechend mit einem Kinderschutz versehen, einstellbar sind: Nutzungszeiten, Spielfreigaben und Programmeinschränkungen. Darüber hinaus können auch alle Konten mit einem Passwort versehen werden, welches ich sehr empfehle. Fazit: Man sieht also, das Betriebssystem bietet einem fast alle Möglichkeiten um es nach seinen eigenen Wünschen sicher zu konfigurieren, dazu bedarf es nicht immer extra Programme die zusätzlich das System belasten. MfG Icewolf ;-)
  41. 1 point
    Guten Tag, Den Vorschlag mit dem Schlüssel gebe ich gerne weiter. Ansonsten versuchen wir möglichst wenig bloatware in unser Programm zu installieren. Das heißt wir fügen ganz bewusst nicht mehr Programme hinzu um das Repertoire von 40 verschiedenen Programmen abzudecken, sondern verzichten auf eigenen Browser, eigenen Regcleaner, eigene Elternkontrllsoftware, etc. Mit freundlichen Grüßen Kathrin
  42. 1 point
    SurfRight (which makes the HitmanPro series of products) is one of our partners, and has used our scanning engine in their HitmanPro scanner and has even resold our Emsisoft Anti-Malware for many years, so they usually work to make their products compatible with ours.
  43. 1 point
    For the following ransomware, we have decrypters: Actively spreading ransomware: MRCR or Merry X-Mas Globe Globe 2 Globe 3 Nemucod Philadelphia Stampado Xorist Actively spreading ransomware, but the decrypter only works for older infections: Al-Namrood NMoreira LeChiffre PClock FenixLocker GlobeImposter Inactive ransomware: 777 Apocalypse ApocalypseVM AutoLocky BadBlock CrypBoss CryptInfinite CryptoDefense DMALocker DMALocker2 Fabiansomware Harasom HydraCrypt Gomasom KeyBTC Marlboro OpenToYou OzozaLocker Radamant
  44. 1 point
    Чтобы наша поддержка могла Вам быстро и эффективно оказать помощь, пожалуйста, следуйте следующим инструкциям. Общая информация Должна включать в себя: Название продукта, его версию. Эту информацию Вы можете найти в интерфейсе пользователя этого продукта Операционную систему, версию, сервис пак и разрядность (x64 или x86 бит). Эту информацию можно найти в "Свойствах" "Моего компьютера" Установлены ли в Вашей системе любые другие средства защиты (антивирусы, антишпионы, сканеры, файрволлы, песочницы) Дополнительная информация о баге или ошибке программы Подробно опишите проблему, при каких обстоятельствах она появляется. Вы также можете описать шаги, чтобы повторно вызвать эту ошибку. Дополнительная информация при несовместимости с другими программами Необходимо сообщить название программы или приложения, версию, и ссылку, где это приложение можно скачать. Дополнительная информация при возникновении "экрана смерти/синего крана" или внезапных перезагрузок Если у Вас Возникают "экраны смерти" или непредвиденные перезагрузки системы, найдите по пути дамп (обычно, C:WINDOWS\MINIDUMP) файл с расширением .dmp. Найдите файл, соответствующий времени "краха системы". Приложите файл к Вашему сообщению, с подробным описанием, в случае чего возникает "синий экран" или перезагрузка. Информация об ошибке в переводе Рассказать об ошибках и недочетах, замеченных в переводах продукции Emsisoft, а также на сайте http://emsisoft.ru, Вы можете сообщив на почту [email protected] Если продукт, то необходима следующая информация Название продукта, его версия Место/страница/вкладка/слово или предложение, где замечена ошибка Если сайт, то необходима следующая информация Ссылка на страницу сайта со словом или предложением, где замечена ошибка
  45. -1 points
    Sorry, aber, warum soll das dann einen schützen????warum baut man das nicht mit ein? ich verstehe die Politik nicht. Ist das denn so egal dass man da auch solche Sicherheit Tools nicht mit einbaut. Ich muss doch auf den Rechnern meiner Kinder eine Lösung haben das auch diese geschützt sind, ein ganz wichtiger Punkt in der heuten Zeit. Reg cleaner braucht man nicht, sicherer Browser schon, um eben eine sichere Verbindung zur Bank aufzubauen. Ich müsste doch auf den PCs der Kinder einstellen können, was für Seiten besucht werden dürfen, so was wie eine Alterskontrole. Verliert man seinen Lapp Top,hat man dann Pech?? Die 40 Programme sind ja jetzt nicht die Frage. Wir sprechen hier von EAM. Jetzt könnten Sie mir bitte erläutern wieso solche wichtigen Dinge nicht enthalten sind? Das sind nur Vorschläge. Danke für die Antwort.
  46. -1 points
    Auch Sorry bitte....Liest Du meine Beiträge auch ....dann verstehen wir uns einfach nicht. Macht ja nix, jeder hat seine Meinung. Ich habe es ja genau beschrieben. Und ich habe mehr als genug Ram und CPU-Leistung. Ich finde es so etwas abgespeckt, da kann man schon fast Malwarebytes oder andere Tools nutzen die fast die selbe Erkennung haben.