Leaderboard

  1. GT500

    GT500

    Emsisoft Employee


    • Points

      115

    • Content Count

      9695


  2. stapp

    stapp

    Global Moderator


    • Points

      23

    • Content Count

      3063


  3. JeremyNicoll

    JeremyNicoll

    Member


    • Points

      21

    • Content Count

      1396


  4. Frank H

    Frank H

    Emsisoft Employee


    • Points

      15

    • Content Count

      1424



Popular Content

Showing content with the highest reputation since 06/25/18 in all areas

  1. 3 points
    It means that the tests done by AV-C and AV-T have a clear image of how they think AV software should work. The problem arises when your product doesn't fit the mould. Then you get penalized for not doing what everyone else does, even though what everyone else does may not be in the best interest of the user, to begin with. Best example: Snooping around in your encrypted connections, which literally every AV vendor screwed up at least once in the past and probably will continue to happen, exposing users to potentially greater risks than most malware does. For starters, the test sets aren't nearly as representative anymore. When we participated in AV-T and AV-C both tested with less than 200 samples a month on average. 200 samples out of literally tens of millions. The exact selection isn't clear and not representative of what users deal with either. None of them tests with PUPs for example, even though a simple look at any tech support community will tell you, that it is probably by far the biggest problem users are dealing with. So no, neither of those test scores represents real-life performance and it becomes blatantly obvious when you go to places like Bleeping Computer, GeeksToGo, Trojaner Board, Malekal, and all those other communities where people infected by malware show up for help and look at what products these victims used at the time they became infected. Then you will notice that a lot of these products with perfect scores don't look nearly as perfect in real-life conditions. The reason for this discrepancy is quite simple: Most AV vendors will specifically optimise their products for these tests. The most severe cases are where vendors end up outright cheating and detecting the test environments which then results in a change of behaviour of the product (think Dieselgate, but with anti-virus). But there are many ways you can game these tests. For example: you can try to figure out the threat intel feeds the companies use, then just buy those same threat intel feeds so you have all samples in advance you can track their licenses and supply different signatures to them or use your cloud to treat those test systems differently some particularly shady organisations literally also sell you their sample and malicious URL feed, so you can just outright buy the samples and URLs your product will get tested on later What you end up with as a result is a product that is optimised really really well for the exact scenario they are being tested under using the exact type of URLs and samples these testers use, but that is utterly useless when it comes to anything else. We just really don't want to create this type of product. So when we were asked whether we wanted to continue to participate this year, we discussed the matter internally, looked at what we get out of these tests (meaning: whether these tests have a discernable impact on our revenue) and decided that they are simply not worth it and that the tens of thousands of Euros we spent on them every year would be better spent on extending our team and building new ways of keeping our customers safe.
  2. 2 points
    I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future. All you have to do now is give us some time, and we'll do what we can for you.
  3. 2 points
    That's an offline ID. Support for it should be added to STOPDecrypter soon, and once that happens it should be possible for you to decrypt your files.
  4. 2 points
    I've been told that the time window for being able to figure out keys for .kiratos has ended, however I will go ahead and pass this on to the developer of STOPDecrypter so that he can archive it just in case he's able to figure out the decryption key at some point in the future.
  5. 2 points
    Hi Marshall. Not sure, but I do know that I recognize the URL of "MVPS Hosts" and I recognize the list. I don't recognize the list attached to MVPS Hosts (Domains). To view the list, click the blue "Details", "View" & "Original" buttons - see image. Sorry I couldn't offer a better explanation.
  6. 2 points
    Hi Marshall. To add the MVPS Hosts list to uBlock Origin, perform the following steps (see images for more details): (1) Go to the following link: https://filterlists.com/ (2) Enter "130" in the page field. (3) Click the blue "Details" button on the "MVPS Hosts" line. (4) Click the blue "Subscribe" button. You're all done! The MVPS Hosts file should now be added to uBlock Origin in your browser. To check you can look at the uBlock Origin "Options" page by right-clicking the uBlock Origin icon in your browser, as per images. Hope this helps. Best Regards, Steen
  7. 2 points
    Personally I think following the tests is a waste of time. If you are really concerned then you will need to make the effort to do your own testing. that is what I did. Also the tests don't tell you a thing about the nature of the company. I will stick with Emsisoft because I think it's the best
  8. 2 points
    Hallo Moreau, vielen Dank für Ihre positive Rückmeldung. Immer wieder gerne und vielen Dank für die freundliche Kommunikation. Ich wünsche Ihnen einen guten Start in die (noch fast) neue Woche!
  9. 2 points
    > Thanks how do I turn off the notification please ? See: Settings - Notifications - Browser Security verifications
  10. 2 points
    Hello, This is legitimate. You can read more about it here: https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/
  11. 2 points
    FYI: https://blog.emsisoft.com/en/32110/emsisoft-anti-malware-2018-9-beta/
  12. 2 points
    https://www.bleepingcomputer.com/news/google/google-will-block-third-party-software-from-injecting-code-into-chrome/ Our Surf Protection works by filtering DNS requests made by running applications. Since EAM doesn't use network filter drivers, it has to achieve this using code injection. Now that Chromium is blocking code injection by third-party applications, our Surf Protection will not work with it until we are able to make some changes. My recommendation is to install uBlock Origin and uBlock Origin Extra (both work in Google Chrome and Vivaldi) to supplement until we can get our Surf Protection working in Chrome again. uBlock Origin is a free content blocker that not only blocks ads, but also used the extensive blacklists of malicious domains available from Malware Domain List and Malware Domains to block malicious content. Note: Vivaldi 1.15 (the current stable version) is based on Chromium 65 with backported security fixes from Chromium 66, 67, and 68. Vivaldi 2.0 is based on Chromium 69, and is currently available in testing builds. Anyone with the stable version of Vivaldi installed will not be effected by this issue. Anyone using a Vivaldi 2.0 snapshot will also experience this issue with Surf Protection. Also note: Due to the added protection of an ad blocker, we recommend uBlock Origin (with uBlock Origin Extra for Chromium based browsers like Google Chrome, Vivaldi, and Opera) regardless of whether or not our Surf Protection is working with your web browser. Anti-Virus/Anti-Malware does not block ads by default (doing so can break some websites), and the companies that sell online advertising do not do a good enough job of preventing their ads from being abused by their clients, and there have been many cases of serious threats in advertisements even on legitimate websites. Please be aware that there is another content blocker called "uBlock". This is not the same thing as uBlock Origin, and is not recommended. The main reason for recommending uBlock Origin is due to its performance and memory usage being better than popular ad blockers (AdBlock, Adblock Plus, AdGuard, etc). If you wish to use one of those instead, then please feel free to do so, however I do not know if they are configured to use Malware Domain List and Malware Domains by default and recommend checking their configuration to ensure they are offering the same level of protection as uBlock Origin. If they are not configured to use these lists of malicious websites, then you should be able to add them through FilterLists.com. Note that this site was down at the time I posted this, so I was not able to check and verify that, however this site lists almost every popular filter list for ad and content blockers and it should include important blacklists like these.
  13. 1 point
    Here is the note: YOUR FILES ARE ENCRYPTED !!! TO DECRYPT, FOLLOW THE INSTRUCTIONS: To recover data you need decrypt tool. To get the decrypt tool you should: 1.In the letter include your personal ID! Send me this ID in your first email to me! 2.We can give you free test for decrypt few files (NOT VALUE) and assign the price for decryption all files! 3.After we send you instruction how to pay for decrypt tool and after payment you will receive a decryption tool! 4.We can decrypt few files in quality the evidence that we have the decoder. DO NOT TRY TO DO SOMETHING WITH YOUR FILES BY YOURSELF YOU WILL BRAKE YOUR DATA !!! ONLY WE ARE CAN HELP YOU! CONTACT US: [email protected] ATTENTION !!! THIS IS YOUR PERSONAL ID WICH YOU HAVE TO SEND IN FIRST LETTER: QY 5P 3f /+ iC qr bq AU SA VT XU Q5 Xf SH 7F ac tv SM WB qk gm bU +K /2 0X o4 Zy S9 JW Zx 5s NH ZI Sj sZ sQ /B Cf J1 fd pU oi aZ j5 gb gf 3h oG 4P +a QU yn es Hd 8k F5 Xq zX Ew ZA r8 nV y0 4z B6 JA Hy NM l0 ZD hO v0 2h PK X7 vj 6g 5J yO be Fs b6 FW +R X/ Bp kd so 1Z jo nF ti EF ut 49 /o wV Ky dX YG PK cR n1 nd 39 Qr uj 7U JN gS MS HJ jI mx bn Sv b4 mS q6 CH 6H Vs d5 m/ Xg 4X al b8 X4 kx +4 he y5 mu dJ mc aT Mv rf GM 1Z Z9 Fp tx N8 2L ZA vt +l fe 38 a3 w1 3/ Ks Fm br L/ TC I9 8I ax rZ fD Wy jo Vm wT 4X Fy rd bo 34 qW PA CM zn c8 42 lb qj ML v/ WP Za pL Fe kJ VC 5P +A CJ bD 2q fp am +u N/ Xl xI 1N N3 Qs oz AR d5 kW n5 7u si n+ Oy DE ML mi SD M1 t5 c1 a7 As Wu g7 ME kd Qh /T X+ jW r9 h8 9f bX 6D G+ 2N 0v Bi Vd tY pP 1c w1 fu dE 5m Zr Sz Ak z5 FX IO BG 1F Ly zk Ri s5 5D nu nt fc 3Q 8B aA ez tM NV cx b7 5T Y+ ES Xi 7R /N zl rJ O8 xP +u mW kF Sj QJ UT /H o0 Vw 2q +/ Z5 w1 wo ry 3G I3 fL RZ wx cO S7 VJ Eh jg FA YB U5 ux 6H +c Zn dG D2 oS gh VR kG xW 4f xq 8K Ya EA Hx cf D/ iD 75 zs MF fo yz 94 69 fr FW MN Kd LK Th 0=
  14. 1 point
    The offline ID and Key for .muslat has been added to STOPDecrypter. Just download a fresh copy of STOPDecrypter, and it should be able to decrypt any files that were encrypted using the offline key for the .muslat variant of STOP/Djvu.
  15. 1 point
    EAM doesn't work on XP or Vista now. System requirements are :- For Windows 7/8.1/10, 32 & 64 bit
  16. 1 point
  17. 1 point
    @kevinliangts I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future. All you have to do now is give us some time, and we'll do what we can for you.
  18. 1 point
    The problem with that, as JeremyNicoll mentioned, is that debug logging needed to be on when the issue happened otherwise it won't tell us anything about it. Since debug logging is turned off by default due to slight performance degradation and the amount of disk space it can waste, you would have had to turn it on manually before the issue occurred.
  19. 1 point
    https://blog.emsisoft.com/de/33459/neu-in-2019-5-verbesserte-myemsisoft-uebersicht-beta/
  20. 1 point
    "Opt in " 1 click, " Opt out " 1 click, so convenience is the same either way. For people who like not to having to renew every year its fine, but, many people are unaware of this, you know how people are, they just click click click without reading a dam thing. Many people will be receiving invoices they are not expecting and this is how the slimy companies get them. Not saying Emsisoft is one of these, on the contrary Emsisoft is one of the best, if not the best, for integrity and customer service. I just don't like opt out. If you continue on this route then you need a page to pop up with 4 inch letters explaining what is happening so that there is no way anyone can miss it.
  21. 1 point
    That is more than likely a variant of the STOP ransomware. ID Ransomware can confirm that, and can let you know if STOPDecrypter can recover your files. Here's a link to ID Ransomware: https://id-ransomware.malwarehunterteam.com/ If STOPDecrypter can't recover your files, then note that it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter
  22. 1 point
    That is more than likely a variant of the STOP ransomware. ID Ransomware can confirm that, and can let you know if STOPDecrypter can recover your files. Here's a link to ID Ransomware: https://id-ransomware.malwarehunterteam.com/ If STOPDecrypter can't recover your files, then note that it can still be used to get information that may be able to help the creator of STOPDecrypter figure out your decryption key. Here's a link to instructions on how to get this information with STOPDecrypter: https://kb.gt500.org/stopdecrypter Actually, Demonslay335 told me earlier today that he already helped you, so you should be good to go. If you need anything else, then please let us know.
  23. 1 point
    I think the window for figuring out they keys for .hrosas expired Friday night, and the window for .verasto expired a day or two before that. Assuming Demonslay335 replied to your private message, then I assume you sent him the MAC address you posted here as well? If so, then he'll archive it for future reference (by which I mean "in case he's able to figure the decryption key out at some point in the future").
  24. 1 point
    Some of them may be recoverable. I've asked the creator of STOPDecrypter whether or not he's already seen your post here. If he has, I imagine he's already contacted you. If he hasn't, then he may still contact you once he has a chance to look over your information. His screen name on our forums is Demonslay335.
  25. 1 point
    You also can uploading a copy of every ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ But the result will be the same link to the forum BleepingComputer, because requests of the victims are initially collected there. Demonslay335 will also receive your information if you leave it here.
  26. 1 point
    Hello. Yes, there was a malfunction and some messages could be lost. Fortunately, the forum was promptly restored. Your files are encrypted with the new STOP Ransomware variants with extensions .verasto and .hrosas This STOP Ransomware successfully, to our general pity, attacks users around the world already a 1,5 year... Decrypting files in some cases is possible with the efforts of Demonslay335 (developer STOP Decrypter). You need to read important information on the link.
  27. 1 point
    Hmmm. Well - it wasn't me. Maybe I accidentally violated an Emsisoft Forum policy inadvertently? DECRYPTION TESTS WERE SUCCESSFUL!!! If anyone is reading this into the future, I would say that you should heed GT500's advice to check out Bleeping Computer - and reach out to Amigo-A because he understands the product that decrypted for me. The advice on this forum started me on the path to a solution. I can't thank everyone here enough!
  28. 1 point
    mahmo In this case, we only help the victims who were attacked by this Ransomware and simplify data collection to Michael (dev STOPDecrypter). Now STOP Ransomware is the most active malware and crypto-ransomware. Masshtab of spread - for all countries.
  29. 1 point
    Hello, Here are some example files Let me know if you need something more.
  30. 1 point
    If you do not know how to find the MAC (physical) address, then look at the screenshot there. Write only the address of the network card you used to access the Internet at the time you received the infection (wired or wireless (W-Fi)). Do not write both addresses! Determine exactly. This is not difficult. It is necessary for you more, than for the developer of STOPDecrypter. Such common errors lead to the fact that files cannot be decrypted.
  31. 1 point
    This wasn't about malware. This was about serious vulnerabilities in processors that could have exposed information from any running process. This information could include anything you had open at the time the vulnerabilities were exploited. Financial information, password databases, browser history, etc. And it is exploitable from within a web browser, so all you'd have to do is visit a malicious website. As I said, I highly recommend leaving the mitigations turned on. Microsoft's latest patch for the Spectre v2 mitigations (released March 1st) does help with performance issues.
  32. 1 point
    The Behavior Blocker will catch the payload. While it does have some exploit protection, it isn't intended to provide a full range of exploit protection, and thus will only catch certain exploits.
  33. 1 point
    With notification turned in in EAM setting I was offered the option to install it via clicking on the slide info. (No need to have a Microsoft account to get this from the store in case anyone is wondering) Installed and running
  34. 1 point
    FYI: I've been told that Michael will more than likely no longer be able to help. If your files were encrypted recently enough, then the STOPDecrypter may still be able to recover them. If the ID the ransomware gave you matches the one at the following link, then Michael's STOPDecrypter will be able to recover your files: https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-tro-djvu-rumba-openmetxt-support-topic/page-31#entry4673086
  35. 1 point
  36. 1 point
    hey, here's the blog post about it: https://blog.emsisoft.com/en/32517/new-in-2018-12-safe-web-browsing-with-emsisoft-browser-security/
  37. 1 point
    Ist hier mit IE 11 unter WIN 8.1 und WIN 10 jeweils 64bit und 32bit kein Problem. Ebenso kein Problem mit Edge unter WIN 10 und Firefox unter WIN 8.1 und WIN 10. Ich meine da musst Du schon selbst auf Deinem Windows beim IE 11 nach dem Problem suchen. Irgend ein Add-on für IE oder eines der berühmt/berüchtigten Zusatztools für Windows und/oder IE installiert? Das heißt ich würde mich an ein Windows bzw. IE-Forum wenden
  38. 1 point
    https://malwaretips.com/threads/emsisoft-browser-security.88869/ Pity it wasn't posted here as well.
  39. 1 point
    Please upload an encrypted file or ransom note to ID-Ransomware and copy/paste the results here for one of the experts to look at. https://id-ransomware.malwarehunterteam.com
  40. 1 point
    Was soll das bedeuten? Im Zweifel bedeutet das für Server eine andere Software einsetzen und EAM auf en Clients zu halten. Es wirkt eher wie eine verschwurbelte Preiserhöhung. Preis und einfache Oberfläche waren bis jetzt Hauptvorteile von EAM. Die Enterrpriseconsole ist auch kompakt. Komplexität und Featureflut haben wir ja bei der Konkurrenz genug. Preislich ist sicherlich noch etwas Luft, aber wenn jetzt noch eine Schulung für die Preis/Featureliste notwendig wird, dürfte es Akzeptanzprobleme geben. Da bin ich mal gespannt, wie die Spreizung zwischen Enterprise und Privat gestaltet wird. Gerade was Betatests angeht. Die Netzwerkverbindungs-Probleme mit 2018.9. ware da eine interssante Erfahrung.
  41. 1 point
    What version of Windows is this happening on? The icon stays where I placed it on Windows 10 x64 (1803).
  42. 1 point
    There's no /h or /r in the documentation. As for the rest, only /a would be useful when scanning a single file. /pup and /n cause a2cmd.exe to scan other things on the system. The reason none of them are working is due to their location in the command. Everything after & is considered another command, and won't be passed to a2cmd.exe. It's also outside of the trailing double-quote, and cmd.exe more than likely would not have processed it at all due to that.
  43. 1 point
    Upgrade was smooth. I'm using W8.1, 64bit. In the layout on the Overview screen, when one hasn't clicked on the top-left menu icon, it's still possible to click on the mini icons down the lefhand side, but hard to know what they do. I mean... quarantine is possibly meant to look liek something in a cage, but looks to me more like a washing-machine... Maybe these mini icons should produce tooltips? The Support screen talks about getting help from the "?" at the top right, but it's no longer there. Thank-you for - finally - making the About option easier to find, and taking away the problems that clicking on "Emsisoft" could previously cause... but I see one still can't copy the current version number out of the About display. Now would be a fine time to add that facility!
  44. 1 point
    At the moment we don't have any plans to bring back IsThisFileSafe.com. Since I imagine that the next question will probably be "will it be replaced by something else", please keep in mind that we don't generally talk about new products/features before we have a public beta ready.
  45. 1 point
    Confirmed in the 2 posts above yours. No problems for the last 5 hours. I would have reported it if there were problems
  46. 1 point
    Working with 2018.7.2.8843.
  47. 1 point
    I am looking for an anti-malware solution from a vendor that has a strong commitment to privacy and is against SSL/HTTPS Scanning (TLS interception), with no PUPs or unnecessary (heavy) tools. Hard to find. If Emsisoft can come up with such a product for MacOS, I would be more than happy.
  48. 1 point
    Guten Tag Skandal, Vielen Dank für die Informationen. Sie sind bisher der einzige, der dieses Problem meldet. Allerdings haben viele das Update wahrscheinlich auch noch nicht installiert. Ich würde Sie gerne einmal bitten Emsisoft zu deinstallieren und neu zu installieren um zu schauen ob das Problem damit gelöst werden kann: Öffnen Sie das Startmenü und klicken Sie auf Systemsteuerung, dort auf Programme und Funktionen. Wahlen Sie Emsisoft mit einem Rechtsklick aus und klicken anschließend auf deinstallieren. Wenn die Deinstallation fertig ist, starten Sie den Rechner bitte neu. Anschließend laden Sie bitte EmsiClean herunter:: https://dl.emsisoft.com/Emsiclean.zip Führen Sie das Programm aus, es sucht nach Überbleibseln von Emsisoftprogrammen und führt diese als Liste auf. Normalerweise können Sie sämtliche Einträge auswählen und entfernen. Ordner sind standardmäßig nicht ausgewählt und sollten nur gelöscht werden, wenn Sie dort keine persönlichen Dateien gespeichert haben. Wenn Sie die Dateien ausgewählt haben, klicken Sie auf "remove selected objects". Das Programm wird Sie bitten den Rechner nochmals neuzustarten. Schließen Sie vorher bitte alle Programme um einen Datenverlust zu verhindern. Anschließend können Sie Emsisoft Anti-Malware hier neu herunterladen und installieren: https://www.emsisoft.com/de/software/antimalware/ Mit freundlichen Grüßen Kathrin
  49. 1 point
    You targeted child port to which 99.999% of people would respond with "I don't care" [about my stuff being discoverable (my editorial)]. People always zoom in on this point. That's not the point. Change the target. You are a journalist working in Liberia and your laptop is seized by that "benevolent government". One of your colleagues got popped. Now do you care? I can think of umpteen similar situations and go on and on. Privacy is privacy... the bad comes with the good. What's the alternative? Bring back the little man, from the 30s, with the funny moustache and hair. He would love what we got. NO not Charlie Chaplin.
  50. 1 point
    I would believe our developers are still looking in to it, however thus far we have been assuming it is an issue with Windows 10 since certain Windows tools still read the firewall status correctly.
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up