Popular Content

Showing content with the highest reputation since 06/17/17 in all areas

  1. 6 points
    As announced earlier, we are changing our firewall strategy and will soon merge Emsisoft Internet Security with Emsisoft Anti-Malware, effective as of our next release in October. Instead of developing our own firewall module, we’re going to rely on the built-in Windows Firewall core that has proven to be powerful and reliable. Its only weak point is the fact that anyone can freely change the firewall configuration. In other words, if malware manages to run on the PC with sufficient administrator permissions, it’s able to allow itself to get through the firewall. To resolve this vulnerability, we’ve developed a new Firewall Fortification feature for Emsisoft Anti-Malware’s Behavior Blocker as part of our 2017.8 release. Firewall Fortification detects and intercepts malicious actions from non-trustworthy programs in real time before they can cause any damage. Behavior Blocker alert: Firewall manipulation All 2017.8 improvements in a nutshell Emsisoft Anti-Malware New: Firewall Fortification feature that blocks illegitimate manipulations of Windows Firewall rules. Improved: Forensics logging. Fixed: Rare program freezes on opening the forensics log, confirming of surf protection notifications and during malware detection. Fixed: Computer restart instead of computer shutdown executed, when set for a silent scan. Several minor tweaks and fixes. Emsisoft Enterprise Console Improved certificate handling to avoid connectivity issues. Several minor user interface improvements. Several minor tweaks and fixes. How to obtain the new version As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default. New users please download the full installer from our product pages. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great, well-protected day! View the full article
  2. 3 points
    It means that the tests done by AV-C and AV-T have a clear image of how they think AV software should work. The problem arises when your product doesn't fit the mould. Then you get penalized for not doing what everyone else does, even though what everyone else does may not be in the best interest of the user, to begin with. Best example: Snooping around in your encrypted connections, which literally every AV vendor screwed up at least once in the past and probably will continue to happen, exposing users to potentially greater risks than most malware does. For starters, the test sets aren't nearly as representative anymore. When we participated in AV-T and AV-C both tested with less than 200 samples a month on average. 200 samples out of literally tens of millions. The exact selection isn't clear and not representative of what users deal with either. None of them tests with PUPs for example, even though a simple look at any tech support community will tell you, that it is probably by far the biggest problem users are dealing with. So no, neither of those test scores represents real-life performance and it becomes blatantly obvious when you go to places like Bleeping Computer, GeeksToGo, Trojaner Board, Malekal, and all those other communities where people infected by malware show up for help and look at what products these victims used at the time they became infected. Then you will notice that a lot of these products with perfect scores don't look nearly as perfect in real-life conditions. The reason for this discrepancy is quite simple: Most AV vendors will specifically optimise their products for these tests. The most severe cases are where vendors end up outright cheating and detecting the test environments which then results in a change of behaviour of the product (think Dieselgate, but with anti-virus). But there are many ways you can game these tests. For example: you can try to figure out the threat intel feeds the companies use, then just buy those same threat intel feeds so you have all samples in advance you can track their licenses and supply different signatures to them or use your cloud to treat those test systems differently some particularly shady organisations literally also sell you their sample and malicious URL feed, so you can just outright buy the samples and URLs your product will get tested on later What you end up with as a result is a product that is optimised really really well for the exact scenario they are being tested under using the exact type of URLs and samples these testers use, but that is utterly useless when it comes to anything else. We just really don't want to create this type of product. So when we were asked whether we wanted to continue to participate this year, we discussed the matter internally, looked at what we get out of these tests (meaning: whether these tests have a discernable impact on our revenue) and decided that they are simply not worth it and that the tens of thousands of Euros we spent on them every year would be better spent on extending our team and building new ways of keeping our customers safe.
  3. 2 points
    https://www.bleepingcomputer.com/news/google/google-will-block-third-party-software-from-injecting-code-into-chrome/ Our Surf Protection works by filtering DNS requests made by running applications. Since EAM doesn't use network filter drivers, it has to achieve this using code injection. Now that Chromium is blocking code injection by third-party applications, our Surf Protection will not work with it until we are able to make some changes. My recommendation is to install uBlock Origin and uBlock Origin Extra (both work in Google Chrome and Vivaldi) to supplement until we can get our Surf Protection working in Chrome again. uBlock Origin is a free content blocker that not only blocks ads, but also used the extensive blacklists of malicious domains available from Malware Domain List and Malware Domains to block malicious content. Note: Vivaldi 1.15 (the current stable version) is based on Chromium 65 with backported security fixes from Chromium 66, 67, and 68. Vivaldi 2.0 is based on Chromium 69, and is currently available in testing builds. Anyone with the stable version of Vivaldi installed will not be effected by this issue. Anyone using a Vivaldi 2.0 snapshot will also experience this issue with Surf Protection. Also note: Due to the added protection of an ad blocker, we recommend uBlock Origin (with uBlock Origin Extra for Chromium based browsers like Google Chrome, Vivaldi, and Opera) regardless of whether or not our Surf Protection is working with your web browser. Anti-Virus/Anti-Malware does not block ads by default (doing so can break some websites), and the companies that sell online advertising do not do a good enough job of preventing their ads from being abused by their clients, and there have been many cases of serious threats in advertisements even on legitimate websites. Please be aware that there is another content blocker called "uBlock". This is not the same thing as uBlock Origin, and is not recommended. The main reason for recommending uBlock Origin is due to its performance and memory usage being better than popular ad blockers (AdBlock, Adblock Plus, AdGuard, etc). If you wish to use one of those instead, then please feel free to do so, however I do not know if they are configured to use Malware Domain List and Malware Domains by default and recommend checking their configuration to ensure they are offering the same level of protection as uBlock Origin. If they are not configured to use these lists of malicious websites, then you should be able to add them through FilterLists.com. Note that this site was down at the time I posted this, so I was not able to check and verify that, however this site lists almost every popular filter list for ad and content blockers and it should include important blacklists like these.
  4. 2 points
    Emsisoft Anti-Malware is compatible with the Windows update. We also just published an update that sets the compatibility flag for all users of the beta, stable and delayed update feed. Keep in mind, that Microsoft uses the same flag for all anti-virus vendors. That means if you are using multiple anti-viruses or anti-malware applications, you are risking one of those products, like Emsisoft Anti-Malware, flagging the system as compatible, even though one of your other products is not compatible. There is, unfortunately, nothing we can do to prevent this as Microsoft does not account for the scenario of multiple security products being installed on the same system. This is the perfect example why we are recommending against using multiple security products in parallel. For further information, feel free to stop by our blog.
  5. 2 points
    I think you have made your point of view crystal clear for everyone, iwarren. Do we really nede more posts?
  6. 1 point
    The programs that computer manufacturers pre-install is based on corporate contracts. Not all of those programs are free from annoyances or other potentially unwanted behavior. Many technicians will remove OEM software from new computers when they set them up for a client for this reason.
  7. 1 point
    The GUI in EAM doesn't display how many days remain on your license key when you have a subscription license (this type of license key isn't considered to have an expiration date since it will auto-renew). You should be able to see when it will automatically renew in My.Emsisoft.
  8. 1 point
    It looks as if you have a subscription licence that will auto-renew when the licence expires, hence why it shows 'abonnement' under status. What does it show on the overview screen ? My licence is a fixed 1-year licence and the overview screen shows that my licence ends in 189 days. I don't know if you're able to do this, but if I hover the mouse over the '189 days' green text, the tooltip shows the licence end date - perhaps yours just shows 'abonnement' ? Failing that, as your licence is a subscription, maybe you can determine when it's due for renewal by checking the email that you would have received when you ordered it ?
  9. 1 point
    the Ransomware need decryptor.... they removed shadow volume copy, so wont be able to restore and also encrypt the original file, so no point of using data recovery tool. Please suggest
  10. 1 point
    DrWeb can decrypt some files that STOP-Decrypter cannot decrypt, only in another way. Only .pdf encrypted files and all the Office documents .doc, xls, docx, xlsx, ppt, pps, etc … Unfortunatly with this way can't will decrypt photo, video, audio and many files with other extensions. If free test decrypt these files will successful, the fees requested by Dr.Web experts 150 EUR for Rescue Pack (Personal decryptor + 2-year DrWeb Security Space protection). There is no alternative to receiving this service. If the test-decrypt will fails, no payment will be required. Tell me, if this way suits you, I will let you know what files you need to collect for this. I do not participate in this process and do not provide any help except this information. I not having any financial benefit and is not involved in this decryption service at all.
  11. 1 point
    Some info on this here andrey https://borncity.com/win/2019/08/14/windows-updates-kb4512506-kb4512486-drops-error-0x80092004/ Do you have KB4474419 and KB4490628 installed?
  12. 1 point
    Ach, so they are. I just c&p them out of the OP's report and looked them up separately. I wonder why the OP had two copies?
  13. 1 point
    I expect that's not possible, because EAM requires Windows to be running, and what's more it might need to be Windows on amd/intel cpus. What cpu and OS does the TV run?
  14. 1 point
    Hi Damaxx, can you share the decryptor. Wanted try it will work for my files or not.....
  15. 1 point
    EAM doesn't work on XP or Vista now. System requirements are :- For Windows 7/8.1/10, 32 & 64 bit
  16. 1 point
  17. 1 point
    [!] No keys were found for the following IDs:[*] ID: kdKoug7mCqSlGVQyBnLCBiCVzGFqKASgYnaVFcph (.roldat )Please archive these IDs and the following MAC addresses in case of future decryption:[*] MAC: 8C:16:45:3D:C1:B6[*] MAC: B2:FC:36:27:0F:23[*] MAC: B0:FC:36:27:0F:23[*] MAC: B0:FC:36:27:0F:23[*] MAC: B0:FC:36:27:0F:24This info has also been logged to STOPDecrypter-log.txt
  18. 1 point
    Some of them may be recoverable. I've asked the creator of STOPDecrypter whether or not he's already seen your post here. If he has, I imagine he's already contacted you. If he hasn't, then he may still contact you once he has a chance to look over your information. His screen name on our forums is Demonslay335.
  19. 1 point
    OK. Let us know if you're able to recover anything, that way we know whether or not to continue recommending trying file recovery software.
  20. 1 point
    The cheapest option for you would be the 3-PC license key, even if you only have 2 computers. You're not required to have a 3-PC license key though, so if you prefer to buy two 1-PC license keys (one for each computer) then feel free to do so, however note that the total cost of doing so is usually more than a 3-PC license key.
  21. 1 point
    Hi Gawg Thanks for your comments. I'll try a reboot first when future problems arise.
  22. 1 point
    You can technically just remove all entries from your hosts file using Notepad. Just delete everything except the " localhost" entry if there is any. Lines starting with "#" are comments by the way. Pretty much. We are not an ad blocker, no. You use uBlock Origin which is pretty much the best adblocker you can get. So you are well covered in that area already. Correct. When you try to click the link, it will block access to the site. But I do understand that a lot of people would like to know before they click, which is why we consider adding it. Interestingly enough WOT got in trouble for the very same thing that some AVs are doing with their extension. You can always set up your own DNS server locally or in a cheap VPS box online. DNS also can be tunneled via various secure protocols (DNS-over-HTTPS for example). Those use methods that provide k-anonymity. Firefox in addition also sends "fake" requests if I remember correctly so the hoster of the block list does not know whether that was a website you actually surfed to or a random request. If you are so concerned, just host your own VPN. Get a cheap VPS with bitcoin at njal.la for example, host OpenVPN and your own DNS server on it and there will be no link between you and the VPS. It's serious overkill though.
  23. 1 point
    Hallo Wolfgang, vielen Dank dass Sie unseren Support kontaktiert haben. Eine Infektion durch die offizielle Version vom VLC Player bei der Installation oder beim Update sollte sich ausschließen lassen. Sie haben Chip erwähnt, Ihrem Beitrag entnehmen ich aber dass Sie den Chip Installer nicht verwendet haben als Sie VLC Player installiert haben? Wie Sie bereits festgestellt haben könnte man sagen es wird einem damit einfach gemacht auch andere Dinge als das Programm zu installieren welches man eigentlich herunterladen wollte. Daher sollten Programme immer direkt vom Hersteller bezogen werden, damit sollten sich dann auch Zwischenfälle ausschließen lassen, wird in einer offiziellen Software einmal eine Infektion gefunden sollten vertrauenswürdige Hersteller auch dafür sorgen dass alle Nutzer informiert werden. Wenn eine Plattform wie Chip.de verwendet werden soll um Software zu beziehen, würde ich persönlich empfehlen Ausschau nach einem Link "Manuelle Installation" zu halten; damit wird dann der Installer des Herstellers heruntergeladen, und nicht der Chip Installer über den dann wiederum z.B. VLC Player heruntergeladen und am System installiert werden soll. Ein einfaches Rezept zur Säuberung eines Systems welche für Jedermann und in alle Fälle gut funktioniert lässt sich vermutlich nicht finden. Etwa ist die Anleitung welche @onegasee59 freundlicherweise erwähnt hat schon in ein sehr brauchbares Format gebracht worden. Gerne sind wir Ihnen bei der manuellen Bereinigung behilflich, lassen Sie mich bitte wissen wenn Sie gerne eine Anleitung zum Erstellen der benötigten Log-Dateien haben würden die wir benötigen damit wir Sie damit unterstützen können. Wenn Software vom Hersteller des eigenen Vertrauens bezogen wurde sollte man davon ausgehen können dass Update-Aufforderungen legitim sind wenn diese eindeutig von diesem Programm stammen. Verhaltensverstöße bzw. Aktionen die auf einmal von einem Programm am System durchgeführt werden sollen können schon von Sicherheitssoftware aufgespürt werden - etwa mit einer Technologie wie unserer Verhaltensanalyse; vorausgesetzt es wurde keine Ausnahme-Regel für das Programm erstellt. Man sollte sich da System genauer ansehen, wir helfen Ihnen gerne dabei, mit eine Anleitung die dann für Jedermann funktionieren würde können wir aber leider nicht dienen. Darauf lässt sich leider keine Antwort finden wenn man nicht vorher einen genaueren Blick auf das System geworfen hat. Dazu werden wiederum diverse Tools verwendet die detaillierte Informationen über den Systemzustand und verschiedene wichtige Bereiche im System auflisten. Entweder muss dann wiederum mit anderen Werkzeugen nachgesehen werden bzw. werden die Informationen dazu genutzt um dann Malware die am System gefunden wird gezielt zu entfernen. Es tut mir Leid dass meine Antworten für Sie nicht genauer ausfallen können oder ich mit einer Anleitung dienen kann die dann vielen Nutzern sofort auf einfache Weise helfen könnte. Für Ihre Fragen und Anliegen stehe ich gerne weiter zur Verfügung.
  24. 1 point
    I have received 2 phone calls regarding this issue. Is this legitimate?
  25. 1 point
    My computer was also infected by .udjvu and all files were encrypted. My wife is a Teacher and all her documents are now encrypted by .udjvu My only option is to install a new Hard Disc on the computer and make a fresh start. I will keep the encrypted Hard Drive in case someone in the future manages to decrypt .udjvu Please let us know if something comes up. Thanks, Andreas. _openme.txt DSC01680.JPG.udjvu DSC01682.JPG.udjvu
  26. 1 point
    Please upload an encrypted file or ransom note to ID-Ransomware and copy/paste the results here for one of the experts to look at. https://id-ransomware.malwarehunterteam.com
  27. 1 point
    In this case I don't think VirusTotal would have shown us detecting it if you did the URL scan, but if you did a search for the domain then you'd get to see a list of scanned files at that domain (among other things): https://www.virustotal.com/#/domain/img1.wsimg.com VirusTotal doesn't always show us detecting a malicious URL, even when it's in our database and EAM detects it. Our malware analysts have noticed this as well, however we're not sure why it happens.
  28. 1 point
    You can only delete files from Pastebin if you have an account and were logged in when you created the pastes. If you were not logged in to an account, then they will only be deleted if you selected the option to delete them after a certain period of time when you created the pastes. It looks like all three pastes have already been removed, so I assume you already figured out how to do it. FYI: @Wagner you can find the links to your pastes by going to the top of the forums, clicking on the icon near the upper-right that looks like an envelope, and selecting the conversation where you sent them to me from the list. There's also a link at the bottom of the list to go to your inbox, where you can see all private conversations that you have created or are taking part in.
  29. 1 point
    They posted that 30 days ago. Just keep an eye on BleepingComputer, and if there are any new developments then they should announce it.
  30. 1 point
    That is possible, however keep in mind that Cry36 has been around for some time without any real progress being made in decryption, so please note that it may take a little while for security researchers and/or law enforcement to finally get their hands on the private keys to decrypt your files.
  31. 1 point
    FYI: This does appear to be a new variant of the Nemesis ransomware, which Cry36 is a variant of as well. An affiliate/reseller for Dr.Web is claiming that Dr.Web is capable of decrypting the files (or at least figuring out the private key to use to decrypt them), and selling the service on BleepingComputer's forums. Note that Dr.Web will provide this service for free to anyone who has a license for their business Anti-Virus software. They have a form to request this service available at this link. Edit: Please see the note in the post at this link about Dr.Web not being able to decryt this ransomware, and your current options for recovering files.
  32. 1 point
    Run it again and see if it finds anything (if nothing is found, it will display a message about no traces found). If it find anything, allow it to remove it, and then allow it to restart your computer. If it finds nothing, then I recommend deleting everything from the Emsisoft Anti-Malware folder except for the Quarantine and Logs folders (you can delete those as well if you don't want to keep quarantined files and logs). You can find the Emsisoft Anti-Malware folder in the following location: C:\Program Files\Emsisoft Anti-Malware
  33. 1 point
    So... is that specific webpage meant to show no file name, no file size etc?
  34. 1 point
    Seems to me like it might be a bug with isthisfilesafe.com
  35. 1 point
    Yup, you're correct. OpenDNS has limited malicious/bad site blocking (they focus on long-lived stuff like botnets) and phishing protection. Quad9 uses a bunch of vendors' threat intelligence feeds to block malicious and phishing sites. Comodo is vague, but claim they use RBLs. They aren't RFC-compliant with regard to DNS TTLs. No idea whether they redirect on NXDOMAIN (I don't trust Comodo as a company, so I haven't used this svc) Norton uses their own threat intelligence feeds to block phishing, malicious sites, etc, but last I checked, they redirect instead of returning NXDOMAIN, and partner with ask.com for that monetization stuff (yuck).
  36. 1 point
    @DuroTech I can understand the sadness that you feel now that you are no longer able to use EAM and perhaps even XP now. Over the years many softwares change and users move on .. it is the nature of things. (Online Armor was also one of my favourite all time apps ! ) It was in 2015 that Emsisoft first announced their intention to cease support for EAM and EEK on XP and Vista in 2016 https://blog.emsisoft.com/2015/06/24/support-for-windows-xp-and-vista-will-end-april-2016/ I think it is to their credit that they have continued to supply definition updates for a further 2 years after the product support ended. It may be they need those severs now for other things, we have to remember Emsisoft is not a huge company with unlimited resources. Win 10 isn't that bad and EAM works great on it. and don't forget we are always here to offer help and advice if you do decide to continue using EAM.
  37. 1 point
    Actually, if I remember right, protection stays paused after a reboot regardless of how the system restart. If you right-click on the Emsisoft icon in the System Tray and go to Protection status you can disable all protection without the little notice in the UI that says protection is paused. It's fairly normal for it to happen. How long protection appears to be off during startup/login depends on the computer, and how many services/drivers/startup items/scheduled tasks/etc. need to load. It looks like we had a bit of a misunderstanding here. Lets just try not to let things get too out of hand, OK?
  38. 1 point
    It should be made clear, perhaps, that running EAM on its own is sufficient protection for the average user whose surfing habits can be considered normal. If you surf in "uncharted waters" and/or if your level of paranoia is above average, however, a layered approach to security is something that should be taken into consideration.
  39. 1 point
    You will need to reinstall Firefox and Chrome. Let's take a fresh look. Run fresh scans with Emsisoft Emergency Kit (EEK) and FRST, attach the new EEK and FRST scans to your reply. Be sure to let me know how things are running.
  40. 1 point
    Hello, Thank you for reporting this issue. To see if this is caused by Emsisoft products, please disable all Emsisoft real time protection guards (right click the tray icon and select "pause protection" > "disable for 10 minutes"). If this fixes the issue then Emsisoft may be blocking the application. If this does not change anything this problem is likely not related to Emsisoft.
  41. 1 point
    With EAM it would normally be a2service.exe and EmDmp.exe (the latter being our crash report tool), however I would believe that depends on whether or not you use the Enterprise Console to manage EAM from another computer/server (CommService.exe is used when EAM is connected to the Enterprise Console).
  42. 1 point
    Andrey, Download AdwCleaner and save it on your desktop. Close all open programs and Internet browsers (you may want to print our or write down these instructions first). Double click on adwcleaner.exe to run the tool. Click on the Scan button. After the scan has finished, click on the Clean button. Confirm each time with OK. You will be prompted to restart your computer. A text file will open in Notepad after the restart (this is the log of what was removed), which you can save on your desktop. Attach that log file to your reply by clicking the More Reply Options button to the lower-right of where you type in your reply. NOTE: If you lose that log file for any reason, you can find it at C:\AdwCleaner on your computer. Copy the below code to Notepad; Save As fixlist.txt to your Desktop. HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 1 HKU\S-1-5-21-149952328-3242030133-408642457-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-149952328-3242030133-408642457-1000\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-149952328-3242030133-408642457-1000\...\Policies\Explorer: [NoCDBurning] 1 HKU\S-1-5-21-149952328-3242030133-408642457-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-149952328-3242030133-408642457-1000\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-149952328-3242030133-408642457-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-149952328-3242030133-408642457-1000\...\Policies\Explorer: [NoThumbnailCache] 1 HKU\S-1-5-21-149952328-3242030133-408642457-1000\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1 HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = URLSearchHook: [S-1-5-21-149952328-3242030133-408642457-1000] ATTENTION => Default URLSearchHook is missing AlternateDataStreams: C:\ProgramData\TEMP:07BF512B [152] AlternateDataStreams: C:\Users\Все пользователи\TEMP:07BF512B [152] Close Notepad. NOTE: It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST64 and press the Fix button just once and wait. If the tool needed a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Attach it to your reply. Note: If the tool warns you about an outdated version please download and run the updated version.
  43. 1 point
    Hello @soilentgreen With EAM installed: Left-Click Start > Settings > Update and Security > "Windows Defender" (in left-side column) > Click On "Turn On Windows Defender Antivirus > "Firewall & Protection" should say "no action needed" OR Right-Click Start Button > "Search" > "Contol Panel" > "System and Security" > "Windows Defender Firewall" [Handy to right-click on Control Panel and Pin to Task Bar if you like the old-style Win Control Panel.]
  44. 1 point
    Hi, @Galaxy Damit die "Verlinkung" aktiviert wird, muss man nach Eingabe des Namens @Name warten bis die zugehörige Person unter dem Namen angezeigt wird und diese anwählen. Das Problem mit dem editieren ist reproduziert und ich gebe das so weiter. Mit freundlichen Grüßen Kathrin
  45. 1 point
    License conversion should have been done an hour or two ago (from the time I am posting this), and EIS should convert to EAM as soon as it downloads the 2017.9 update. You can force that to happen sooner by manually updating if you would like to.
  46. 1 point
  47. 1 point
    Our server administrator tried to update our forums on Wednesday morning, and there were some problems that necessitated restoring from a backup, so any messages posted during that time are gone. I thought I had seen a reply from David to this topic Wednesday morning, however it looks like any staff replies disappeared after the backup was restored. I'm glad to hear that David was able to help you sort out the issue.
  48. 1 point
    Kein Problem Danke
  49. 1 point
    I would believe our developers are still looking in to it, however thus far we have been assuming it is an issue with Windows 10 since certain Windows tools still read the firewall status correctly.
  50. 1 point
    Hello, a2guard.exe is the visible protection process (to put it simple, the Emsisoft icon you see in the system tray). However actual protection drivers start a lot earlier. For example epp.sys (the Emsisoft Protection Platform driver) starts very early in the Windows boot process in order to ensure a protected system even when no user is logged in yet and no other programs have been started.
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up