Leaderboard

  1. GT500

    GT500

    Emsisoft Employee


    • Points

      557

    • Content Count

      9776


  2. Fabian Wosar

    Fabian Wosar

    Emsisoft Employee


    • Points

      298

    • Content Count

      4403


  3. Kevin Zoll

    Kevin Zoll

    Emsisoft Employee


    • Points

      270

    • Content Count

      18433


  4. Elise

    Elise

    Emsisoft Employee


    • Points

      240

    • Content Count

      8129



Popular Content

Showing content with the highest reputation since 10/13/09 in all areas

  1. 7 points
    Official word is, "yes". We will give free license extensions to anyone who upgraded to Windows 10 and was unable to use the firewall. Once the issue has been resolved, please either submit a support ticket in our helpdesk system, or send a Private Message on the forums to me (English Support) or Thomas Ott (English/German Sales). Be sure to mention that you would like to have your license extended due to the Windows 10 issues and include in your message any license keys that were in use on a computer with Windows 10. Feel free to link to this forum post if you would like to.
  2. 6 points
    As announced earlier, we are changing our firewall strategy and will soon merge Emsisoft Internet Security with Emsisoft Anti-Malware, effective as of our next release in October. Instead of developing our own firewall module, we’re going to rely on the built-in Windows Firewall core that has proven to be powerful and reliable. Its only weak point is the fact that anyone can freely change the firewall configuration. In other words, if malware manages to run on the PC with sufficient administrator permissions, it’s able to allow itself to get through the firewall. To resolve this vulnerability, we’ve developed a new Firewall Fortification feature for Emsisoft Anti-Malware’s Behavior Blocker as part of our 2017.8 release. Firewall Fortification detects and intercepts malicious actions from non-trustworthy programs in real time before they can cause any damage. Behavior Blocker alert: Firewall manipulation All 2017.8 improvements in a nutshell Emsisoft Anti-Malware New: Firewall Fortification feature that blocks illegitimate manipulations of Windows Firewall rules. Improved: Forensics logging. Fixed: Rare program freezes on opening the forensics log, confirming of surf protection notifications and during malware detection. Fixed: Computer restart instead of computer shutdown executed, when set for a silent scan. Several minor tweaks and fixes. Emsisoft Enterprise Console Improved certificate handling to avoid connectivity issues. Several minor user interface improvements. Several minor tweaks and fixes. How to obtain the new version As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default. New users please download the full installer from our product pages. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great, well-protected day! View the full article
  3. 4 points
    Guten Tag, Wir haben mittlerweile mehrfach etabliert, dass Emsisoft nicht das Programm Ihrer Wahl ist. Sie haben sich bereits anderweitig ein Antivirus gesucht, dass auch noch dreißig weitere Funktionalitäten mitabdeckt. Fakt ist jedoch, dass viele Leute eben auch ein Antivirenprogramm suchen, dass nicht noch fünfzig Extras mitbringt, die man nicht will oder nicht braucht. Für diese Leute gibt es eben Emsisoft Anti-Malware und die meisten unserer Kunden sind mit der Tatsache, dass es eben 'nur' ein Rundumschutz für den Rechner ist und nicht mehr, zufrieden. Für all die angesprochenen Features - Passwortgenerator, Kinderschutz, etc - gibt es bereits gute Programme, die man sich bei Bedarf installieren kann. Viele Leute haben aber entweder keine Kinder oder wollen diesen den Zugang nicht beschränken, warum sollten wir diesen Leuten einen Kinderschutz mitinstallieren. Einige haben eben auch nicht RAM oder CPU im Überfluß, für diese Leute ist es noch ärgerlichr wenn das RAM durch ein AV belegt ist, dass aufgrund von ungenutzten Features die Ressourcen auffrisst. Fazit: Es gibt viele Antivirenprogramme, die die eierlegende Vollmilchsau sein wollen und versuchen alle Programme in einem zu vereinen. Es gibt User, die diesen Ansatz nicht mögen und nur ein Antivirenprogramm wollen. Nicht mehr. Für diese Leute gibt es, zum Beispiel Emsisoft Anti-Malware. Sie gehören nicht zu dieser Gruppe und das ist ok. Mit freundlichen Grüßen Kathrin
  4. 4 points
    Which for everything related to our core technologies (engine, behavior blocker, cleaning engine) would be me. Hi, nice to meet you! Next time someone looks strange at me for talking to myself I can now point them to this post and tell them you asked me to talk to me . Your argument is that we chose Bitdefender because it is "the best". Both Kaspersky as well as Avira consistently score higher in pure on-demand tests than Bitdefender does. If you consider PUP detection ESET is a superior contender as well. We considered all of them at one point or another but they were discarded for various reasons. The article is based on the submission we got through the "Submit information about detected Malware" option in all our products, which reports back meta data (infection names, number of infected objects) about all infections found by our products.
  5. 4 points
    Actually, there is a system behind it: My workstation computers are named after noble gases, like Krypton or Helium. Computers that I only use temporarily or belong to guests are named after transition metals like Titanium. Non-computer devices like smartphones are named after non-metals like Oxygen. All systems and VMs that are used for malware testing are named after radioactive elements like Uranium. Needless to say my WLAN and local workgroup is called "Periodic Table". And yes, I spent a significant amount of time coming up with that system and I am proud of it .
  6. 3 points
    It means that the tests done by AV-C and AV-T have a clear image of how they think AV software should work. The problem arises when your product doesn't fit the mould. Then you get penalized for not doing what everyone else does, even though what everyone else does may not be in the best interest of the user, to begin with. Best example: Snooping around in your encrypted connections, which literally every AV vendor screwed up at least once in the past and probably will continue to happen, exposing users to potentially greater risks than most malware does. For starters, the test sets aren't nearly as representative anymore. When we participated in AV-T and AV-C both tested with less than 200 samples a month on average. 200 samples out of literally tens of millions. The exact selection isn't clear and not representative of what users deal with either. None of them tests with PUPs for example, even though a simple look at any tech support community will tell you, that it is probably by far the biggest problem users are dealing with. So no, neither of those test scores represents real-life performance and it becomes blatantly obvious when you go to places like Bleeping Computer, GeeksToGo, Trojaner Board, Malekal, and all those other communities where people infected by malware show up for help and look at what products these victims used at the time they became infected. Then you will notice that a lot of these products with perfect scores don't look nearly as perfect in real-life conditions. The reason for this discrepancy is quite simple: Most AV vendors will specifically optimise their products for these tests. The most severe cases are where vendors end up outright cheating and detecting the test environments which then results in a change of behaviour of the product (think Dieselgate, but with anti-virus). But there are many ways you can game these tests. For example: you can try to figure out the threat intel feeds the companies use, then just buy those same threat intel feeds so you have all samples in advance you can track their licenses and supply different signatures to them or use your cloud to treat those test systems differently some particularly shady organisations literally also sell you their sample and malicious URL feed, so you can just outright buy the samples and URLs your product will get tested on later What you end up with as a result is a product that is optimised really really well for the exact scenario they are being tested under using the exact type of URLs and samples these testers use, but that is utterly useless when it comes to anything else. We just really don't want to create this type of product. So when we were asked whether we wanted to continue to participate this year, we discussed the matter internally, looked at what we get out of these tests (meaning: whether these tests have a discernable impact on our revenue) and decided that they are simply not worth it and that the tens of thousands of Euros we spent on them every year would be better spent on extending our team and building new ways of keeping our customers safe.
  7. 3 points
    Please note that Emsisoft Anti-Malware for Windows XP hasn't been updated (as in program updates) in over 2 years, and we never intended on continuing long-term database update support for it. In fact, we discontinued our own database updates for it over a year and a half ago, and those still running Emsisoft Anti-Malware on Windows XP have only been receiving BitDefender database updates. We've decided that it is time to stop redistributing those BitDefender updates for Windows XP, as all they are doing is giving those on Windows XP a false sense of security. In addition, it is extremely dangerous to continue using Windows XP. It has (for several years now) had well-known and major security vulnerabilities that Microsoft will never fix. These vulnerabilities make it trivial to infect a Windows XP system, and there is no security software in the world that is capable of preventing it. We can not, in good conscience, continue to provide any support for this version of Windows, as we announced on December 31st, 2015: https://blog.emsisoft.com/2015/12/02/why-we-believe-its-not-ethical-to-sell-antivirus-software-for-windows-xp-any-longer/ We highly recommend that you upgrade to a newer Operating System that is still supported. It doesn't matter if that's a newer version of Windows, or something free like Linux or BSD, as long as you'll be receiving security updates from whoever makes it. New vulnerabilities are discovered almost every day for every major Operating System (Windows, Linux, BSD, MacOS, Android, etc) so it is absolutely critical that you are able to receive security updates from whoever made the Operating System to help keep you and your data safe.
  8. 3 points
    Wenn alle Features eingebaut würden, die Galaxy wünscht, dann würde ich EAM sofort deinstallieren. Ich mag das Programm so wie es ist und hoffe, das bleibt auch so.
  9. 3 points
    Is this working OK now for everyone else? If it is, then there's no need for any more logs. All we needed was a traceroute to send to our CDN provider to help in identifying the server that was having the issue, and I managed to get one of those the other day.
  10. 3 points
    @achtsam Es wird eher langsam Zeit, dass Du deinen privaten Kreuzzug einstellst. Das nimmt ja wirklich paranoide Züge an.
  11. 3 points
    Hello, a2guard.exe is the visible protection process (to put it simple, the Emsisoft icon you see in the system tray). However actual protection drivers start a lot earlier. For example epp.sys (the Emsisoft Protection Platform driver) starts very early in the Windows boot process in order to ensure a protected system even when no user is logged in yet and no other programs have been started.
  12. 3 points
    For the following ransomware, we have decrypters: Actively spreading ransomware: MRCR or Merry X-Mas Globe Globe 2 Globe 3 Nemucod Philadelphia Stampado Xorist Actively spreading ransomware, but the decrypter only works for older infections: Al-Namrood NMoreira LeChiffre PClock FenixLocker GlobeImposter Inactive ransomware: 777 Apocalypse ApocalypseVM AutoLocky BadBlock CrypBoss CryptInfinite CryptoDefense DMALocker DMALocker2 Fabiansomware Harasom HydraCrypt Gomasom KeyBTC Marlboro OpenToYou OzozaLocker Radamant
  13. 3 points
    Today, we've received information that our Dutch team member Rob R. passed away yesterday afternoon, after suffering from an unexpected heart attack last Wednesday. Rob was our lead software tester and we always admired him for his special eye to track down the most tricky bugs. He joined our team more than five years ago by voluntarily sending over a brand new and complete Dutch translation of our software. Shortly after he initiated our efforts in offering physical delivery of our software on CD boxes and USB sticks. He also demonstrated a great interest in testing security software which recently led him to becoming our lead tester for Emsisoft Anti-Malware and Emsisoft Internet Security. Rob will truly live on in our memories as a valued team member and friend.
  14. 3 points
    Hardik587 You are indeed becoming most wearisome. There is an old expression among diehard Texans. "No matter how much you kick a dead horse it won't get up" This is exactly what you are doing.
  15. 3 points
    Hello, please send me your license key via PM (personal message). I will add some days to your key as a sign of goodwill.
  16. 2 points
    That's an offline ID. Support for it should be added to STOPDecrypter soon, and once that happens it should be possible for you to decrypt your files.
  17. 2 points
    Hallo Moreau, vielen Dank für Ihre positive Rückmeldung. Immer wieder gerne und vielen Dank für die freundliche Kommunikation. Ich wünsche Ihnen einen guten Start in die (noch fast) neue Woche!
  18. 2 points
    https://www.bleepingcomputer.com/news/google/google-will-block-third-party-software-from-injecting-code-into-chrome/ Our Surf Protection works by filtering DNS requests made by running applications. Since EAM doesn't use network filter drivers, it has to achieve this using code injection. Now that Chromium is blocking code injection by third-party applications, our Surf Protection will not work with it until we are able to make some changes. My recommendation is to install uBlock Origin and uBlock Origin Extra (both work in Google Chrome and Vivaldi) to supplement until we can get our Surf Protection working in Chrome again. uBlock Origin is a free content blocker that not only blocks ads, but also used the extensive blacklists of malicious domains available from Malware Domain List and Malware Domains to block malicious content. Note: Vivaldi 1.15 (the current stable version) is based on Chromium 65 with backported security fixes from Chromium 66, 67, and 68. Vivaldi 2.0 is based on Chromium 69, and is currently available in testing builds. Anyone with the stable version of Vivaldi installed will not be effected by this issue. Anyone using a Vivaldi 2.0 snapshot will also experience this issue with Surf Protection. Also note: Due to the added protection of an ad blocker, we recommend uBlock Origin (with uBlock Origin Extra for Chromium based browsers like Google Chrome, Vivaldi, and Opera) regardless of whether or not our Surf Protection is working with your web browser. Anti-Virus/Anti-Malware does not block ads by default (doing so can break some websites), and the companies that sell online advertising do not do a good enough job of preventing their ads from being abused by their clients, and there have been many cases of serious threats in advertisements even on legitimate websites. Please be aware that there is another content blocker called "uBlock". This is not the same thing as uBlock Origin, and is not recommended. The main reason for recommending uBlock Origin is due to its performance and memory usage being better than popular ad blockers (AdBlock, Adblock Plus, AdGuard, etc). If you wish to use one of those instead, then please feel free to do so, however I do not know if they are configured to use Malware Domain List and Malware Domains by default and recommend checking their configuration to ensure they are offering the same level of protection as uBlock Origin. If they are not configured to use these lists of malicious websites, then you should be able to add them through FilterLists.com. Note that this site was down at the time I posted this, so I was not able to check and verify that, however this site lists almost every popular filter list for ad and content blockers and it should include important blacklists like these.
  19. 2 points
    Are there any plans of introducing an anti-malware for Mac in the near future? I'm very curious. We see more and more interest of our customers that are demanding a good mac protection software. Now we deliver Emsisoft for Windows but we can't for MAC OS. By canceling development of EIS is there now more of a possibility for a new product?
  20. 2 points
    I could only confirm David's post - on both my computers with Comodo (Win 7 64 bit, SSD HDD - as this probably had some impact on that unpleasant EAM behaviour) I switched to stable version and all seem to work. So yes, the problem with Comodo on some comps is probably over. I want to add my two cents to discusion above. I work with computer more than 25 years. A lot years ago I worked as programmer. This is all over now (even as I sometimes write a few lines of code in php and MySQL). My main work is with graphics software, but for a few of my customers I do also some kind of computer servis. Not that I'm any expert in LAN's or such but I could help individual users with some computer problems. So my computer knowledges are a little bit above standard. Usually I could help myself with any and all hardware or software troubles, but this time it was very frustrating and it took me a lot of precious time (which I should have spent differently) to revert my work and home computers back to working state. And it was because of EAM "no user asking" PROGRAM update (unfortunately it even didn't create system restore point - why this isn't standard upon bigger program update is above my understanding). This is why I ask you for avoiding such program behaviour. I understand your points but you should hear our opinions also. Maybe it's not wise to let some users decide about something they don't understand but I don't ask you to do this. You can let default EAM settings on stable version update but I'd appreciate the possibility for some of us to switch off this behaviour. Why couldn't you add to setup/actualization menu two choices: 1) update program without asking user 2) update program only after user confirmation? First choice could be the default one - I don't care. This would be enough. And (not only) after this experience I'd immediately switch it to the "update program only after user confirmation". And a few words to Neneduty post: no, I won't uninstall ANY of my programs only because ANY antivirus software couldn't work with it. All programs are in my computers for good reasons (this is true especially for Comodo firewall). This could end that Emsisoft (or any other antivirus producer for that reason) could ask me not to use my graphics programs, because they could be in conflict with EAM (btw. there was situation Adobe Acrobat didn't start because of conflict with EAM one time - I resolved it with Emsisoft help then - fortunately Emsisoft helpdesk didn't want me to uninstall it :-) ). Antivirus software is in any computer to help not to be infected by computer virus; it's not there to block users to work with their programs... Any other debate about this is ridiculous. Uffff. Enough from me.
  21. 2 points
    If you’re a regular reader, you’ve probably noticed that something has changed about our blog… That’s right: everything has changed. When we started the original blog more than a decade ago, little did we know how popular it would become. From a few hundred visits per month back in 2004 to more than 100,000 now, the Emsisoft Security blog has become a major destination for people looking for straight-talking security advice from our team of malware and online security experts. Sadly, while the actual articles have progressed in leaps and bounds since the early days, the blog page itself has received little love and was starting to feel inadequate for the breadth of content we are now offering our readers. We decided to change that and embarked on the biggest redesign of our blog ever. After lots of brainstorming and gathering feedback, we are excited to show you what we’ve been working on and hope that it will make discovering, exploring and sharing our content even better. So, go ahead and check out our redesigned security blog now, or read on about the exciting changes you can look forward to. See what’s new Without further ado, below are some key highlights from the many improvements we have made to your Emsisoft Blog experience: Home page Visitors to Emsisoft’s Blog will now be greeted by a clearly structured home page, with a prominent “Featured Article” chosen by the team to highlight the latest insights into online security. The page itself is divided into clear categories with a selection of the latest articles for each, so it’s easy to browse through each section and dive into those that you find most interesting. From the latest videos, to Protection Guides and Enterprise Security, there’s something for every security-conscious reader. Category pages All posts are now grouped into clear categories and can be accessed from any part of the blog using the new category menu. Each main category page has been designed with a clear purpose and provides an intuitive way to browse the most relevant articles. While the Emsisoft News articles are organized in a timeline, the Protection Guides are grouped by topic to allow you to find the most relevant information in one place. Go ahead, have a look around! Readability First and foremost, a blog should be a pleasure to read. Once you’ve found what you’re looking for, reading should be a pleasant, distraction-free experience. We have reduced the clutter around the actual article text and adjusted the layout and typeface, creating the feeling of reading a high-quality book, whether it’s on a desktop or on your mobile phone on the go. Quick Search Find any article in a matter of seconds with our new search function. With hundreds of online security articles published over the years, our completely new search functionality makes finding that one article about ‘ransomware payment methods’ a breeze. Simply click on the magnifying glass in the header to bring up the search box, start typing and results will appears instantly. Sharing Options To achieve our ultimate goal of a malware-free world, it’s critical to share our insights and security advice with as many people as possible. We’ve now made it easier than ever to share articles or even sections of articles via social media or email: simply click on your favorite social network on our new sharing menu on the left-hand side to share the whole article with your friends and colleagues, or select a particularly insightful sentence or paragraph and share it via the new context menu that appears. We want to hear from you This article only touches the surface of all the changes we’ve made for you in our new Emsisoft Security blog, and we plan to continue developing it over the coming months. As excited as we are about the improvements, ultimately we have made them for you, our readers and customers. Let us know what you think about the new design, the functionality and the reading experience. The post Welcome to the all-new Emsisoft Security Blog appeared first on Emsisoft | Security Blog. View the full article
  22. 2 points
    You can see this on several programs. Service and drivers are up, but GUI hasn't caught up. It's not a problem.
  23. 2 points
    According to several reports, the latest Windows 10 Update pushed on Jan. 3rd is supposed to address the "Meltdown" security problem. However, due to changes to Windows kernel, Microsoft didn't make the update available to users without the "ALLOW REGKEY", and directed users to confirm with AV vendors if their products are compatible with the latest update. So is the current version of EAM compatible with this update?
  24. 2 points
    Emsisoft Anti-Malware is compatible with the Windows update. We also just published an update that sets the compatibility flag for all users of the beta, stable and delayed update feed. Keep in mind, that Microsoft uses the same flag for all anti-virus vendors. That means if you are using multiple anti-viruses or anti-malware applications, you are risking one of those products, like Emsisoft Anti-Malware, flagging the system as compatible, even though one of your other products is not compatible. There is, unfortunately, nothing we can do to prevent this as Microsoft does not account for the scenario of multiple security products being installed on the same system. This is the perfect example why we are recommending against using multiple security products in parallel. For further information, feel free to stop by our blog.
  25. 2 points
    If you change the setting (for Malware hosts) on that screen (eg to Block silently) then all instances of malware-host alerts would become silent. That's not necessarily sensible - yes, fewer alerts, but also you'd be less aware of sites that maybe you shouldn't trust so much. If you see alerts for that specific malware host frequently, you could add a rule to treat it differently eg just silently blocking it. But again, you'd then not be warned that such sites had embeded links to that host. Is that wise?
  26. 2 points
    I think you have made your point of view crystal clear for everyone, iwarren. Do we really nede more posts?
  27. 2 points
    Hello, When it comes to surfing: keep it simple, a browser is only as safe as it's user. I'd advice against using any browser "security" that intercepts https traffic, for an explanation see here: http://blog.emsisoft.com/2017/02/09/https-interception-what-emsisoft-customers-need-to-know/ Choose the browser that suits you best en practice safe surfing (use an adblocker, use a password manager as alternative to using easy to guess or identical passwords), don't visit shady sites and if you're not sure about a site, scan the URL on http://www.virustotal.com Personally I use Google Chrome with uBlock origin, Lastpass, and a few small add-ons that help facilitate certain routine tasks. never had any browser-related security issues.
  28. 2 points
    That would help in this particular instance (alerts during an uninstall), however every rule that exists can decrease performance, so rules are generally not kept if they are not needed.
  29. 2 points
    Zum AV-C Test: Bei dem Test gab es ein Problem mit dem Testsetup. Es ist nicht ganz klar ob entweder das automatische Testsystem von AV-C oder EAM versagt hat. Allerdings gab es 13 Samples die als nicht erkannt klassifiziert wurden. Weder AV-C noch wir konnten das Problem reproduzieren, weshalb nach einem Nachtest alle "misses" in "user decisions" umgeklariert wurden. Allerdings ist auch die Klassifizierung irrefuehrend. Das Problem ist, dass unsere Cloud die meisten Anfragen automatisch haette beantworten koennen. Allerdings wurden alle Nachtests ohne Cloud durchgefuehrt, weil wir halt schummeln und alle Dateien in der Cloud haetten Blacklisten koennen und AV-C keine Moeglichkeit hat, unsere Cloud zum Zeitpunkt des Originaltests zurueck zu drehen. Fehlalarme wurden durch Setups verursacht die Double Signed sind. EAM hatte in dem Fall Probleme die digitalen Signaturen korrekt zu erkennen. Das Problem wurde mittlerweile allerdings behoben.
  30. 2 points
    Perhaps add to EAM an option to disable this feature? Not all of us are gamers ..............................
  31. 2 points
    hi, as you know Online Armor and the latest Emsisoft Internet security v9 can't be installed when Virtual box is present (it will generates a BSOD) ; so there is the procedure to to have them both. If Virtual Box is not installed yet (and was never installed) 1- Install OA/ EIS 2- install Vbox If Virtual Box was installed before but removed 2- open "Regedit" (via Run) 3- check this registry key : HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VBoxNetFlt 4- if it's still present, delete it 5- reboot (not necessary, but better if done) 6- install OA/EIS 7- install Vbox If Virtual Box is already installed 1- uninstall Vbox 2- open "Regedit" (via Run) 3- check this registry key : HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VBoxNetFlt 4- if it's still present, delete it 5- reboot (not necessary, but better if done) 6- install OA/EIS 7- install Vbox hope this will help you note: i did this procedure since ages so it really works ^^
  32. 2 points
    The option in the McAfee product that was showcased runs a scan on startup, which is wasteful of system resources and needlessly slows down computer startup without adding any extra protection. The protection in our products starts before the user has logged in to Windows, and if the option in the File Guard settings called "Protect the computer even if no user is logged in" is enabled (this is the default configuration), then our protection will be running and monitoring anything that is executing on the computer during at least part of the startup process.
  33. 2 points
    We have made a workaround for the above mentioned incompatibility. If you are experiencing the above behavior, please try the following build (no need to uninstall first). HitmanPro.Alert 3.1.7 Build 357 PreRelease Changelog Fixed incompatibility with Emsisoft Internet Security 11.0.0.6131Download http://test.hitmanpro.com/hmpalert3b357.exe Please let me know if this update fixes the incompatibility.
  34. 2 points
    Upgrade from EIS 10.0.0.5735 to EIS 11.0.0.5847 (Beta) I currently have for the 'Advanced Firewall Settings' to "Ask" to allow incoming/outgoing firewall rules. (all 4 options are set to Ask) Application Rules did not Update after Upgrade ----------------------------------------------------------- After the upgrade/restart i deleted the custom rules to allow ports 80/443 and yet it still allowed the connection even after restarting firefox and did not prompt me to allow it again either. So I went to Settings -> "Factory Defaults" this seemed to do the trick, and this time asked me to allow the port connections 80 / 443. Real-Time Firewall Blocking ------------------------------------ At first I allowed port 80 / 443, and then tried adding a BLOCK TCP/UDP 0-65535 (below to the first rule) i could still browse successfully (where before in v10, 0-65535 was over-riding everything) However then i removed the rules, then tried this time to "block" the connections, except it was still allowing the connection, even though 80 / 443 were blocked. It wasn't until I restarted firefox that the blocking rule took effect. so it appears real-time firewall blocking of the application is not quite working. Real-time Application Blocking (or Suggestion) ------------------------------------------------------------------- Another issue ,prevalent in v10 also, is when you block an application in Application Rules or Behaviour Blocker, it does not close the application once blocked, it just prevents it from running the next time. Where in v9 i remember it used to close the application immediately once blocked. Automatic Custom Montioring (Suggestion) ------------------------------------------------------------------- Even though I have automatic firewall settings set to "Ask" about trustworthy applications, the behaviour blocker still sets everything to "All Allowed", so each time I do say.. a Factory Reset or new install, I have to reset each application to "Custom Monitoring" if I want to be confronted with potential behavioural threats. The behavioural blocking is the pride and joy of EIS, so I think it should be an option in "Advanced Firewall Settings" to set "All Allowed" to "Custom Monitoring" by default. Which will warn you about code injection and such. Automatic Behavior Blocking Template(Suggestion) ----------------------------------------------------- Also think you should be able to create something like a Template that applies to all applications by default, for example.. "Block Backdoor Related Activity" "Block Spyware Related Activity" could be set by default, based on your template you created. More Detailed Information About Intrusions (Suggestion) ---------------------------------------------------------------------------------- I mentioned in the previous suggestion about behavioural blocking, and how it warns you about code injection and potential intrusions. These errors can come from system applications, for example... when changing personalize settings, a message appears saying Explorer.exe wants to change something, or when Firefox tries to run a program from the downloads menu, it will say something along the lines that Firefox is acting like a trojan or something to that nature. These are scenarios where it was likely a false detection, but was warning of a potential problem, which is great! However, there are also scenarios where Explorer.exe or Firefox.exe may be doing something it shouldn't, and yet the options are to Allow something potentially bad, or Block, which closes the application, not really knowing what you just blocked. So what i'd really love to see.... is the offending command, i believe v9 had it right... when it popped up the behaviour, it gave you much more verbose input, like Explorer.exe -> Shell32.dll -> hotdog.dll -> somethingweird.exe then i could tell the difference between, a simple desktop entry being modified, or of an actual threat that needs to be dealt with. So would really really love to see an option in "Advanced rule settings" for [ X ] verbose behaviour messages Application Rules & Behavior Rules Merging (Suggestion) ---------------------------------------------------------------------- I think v9 also had it right in this case.... all of the application rules were all in one neat tidy window, maybe i'm a little daft, but i don't quite understand why these two are seperated, and why some applications will show up in Behavior Blocker and not in Application Rules, and if i want one in the other, i have to create the rule myself. Then tediously set everything to Custom Monitored, to get it to monitor its behavior. Theming (Suggestion) ---------------------------- I know i've said this before, but i'll say it again... i'd love to have an option to theme/skin the EIS application, maybe to something with more neutral colors. Insights ---------- If everything gets automatically allowed, then its only passively protecting the system for the sake of letting Windows run smoothly, The goal here is easy to use security, i think its important not to let security take a back seat for the sake of making it easy to use. In the Blog you make mention that everything should be kind of behind the scenes without much intervention and fiddling around with settings, however I think a lot of people don't really mind the extra popups as long as they know their system is actually being protected. Special Thanks -------------------- I'd like to thank the emsisoft team for their dedication and hard work on this amazing application. I hope everything i've said has not been discouraging but has inspired you to keep working to make this program even better. Keep up the good work, and please tell Santa about everything on my wish list.
  35. 2 points
    You have to be careful if you are behind a router. You may just be testing that.
  36. 2 points
    Dear nine9s, Thank you for contacting our support. If you change hardware when your license key is still active our system will make no troubles if you simply install Emsisoft Anti-Malware on the new computer and activate it with your existing license key. If the old system should still be in use at this point you would need to remove Emsisoft Anti-Malware from the old computer before you use your existing license key to unlock the full version on the new system, otherwise no additional actions would be necessary. Thank you for using our software solutions! Should you have any further questions, please just let us know.
  37. 2 points
    A summary of the improvements in version 11 can be found in our blog as usual: http://blog.emsisoft.com/2015/10/24/a-sneak-peek-on-emsisofts-version-11-series/ Keep in mind that it is currently only available via the Beta updates option.
  38. 2 points
    It's been more than a week now since the issue was reported here. Is there a deadline to get this issue fixed?
  39. 2 points
    Similar issue here. I had strayed and had been using a trial of another product. Reinstalled the latest EMIS very early this AM - 3AM EST. Tonight I have been unable to download the 1 new Important Windows Update for 8.1. Have tried several times. Can see that there is zero incoming traffic. Finally get an error that Windows Update failed. I suppose it is possible that the issue is on the Microsoft side.
  40. 2 points
    At the moment it is not possible to delete multiple lines at once. I have made a suggestion internally to add it though.
  41. 2 points
    Dies ist die Kernaussage des m.M.n exzellenten Artikels auf der offiz. HP: http://blog.emsisoft.com/de/2015/06/26/antivirensoftware-schutz-fuer-ihre-dateien-aber-auf-kosten-ihrer-privatsphaere/ Ich finde, dieser wichtige Aspekt wird viel zu wenig gewürdigt, sei es in den Tests der ganzen Testinstitute, die meist nur nach Erkennung, Beseitigung und Performance unterteilen oder in den ganzen "Fach"zeitschriften wie computerbild oder chip, etc. Aber auch bei den Usern: Wenn ich mir anschaue, dass auf dem beliebtesten Donwload-Portal Deutschlands Avira über 400.000 Mal diesen Monat heruntergeladen wurde, dann muss man sich fragen, ob es den meisten Usern nicht schlichtweg egal ist, was mit Ihren Daten passiert oder sie wissen es erst gar nicht: Motto, Hauptsache, es ist umsonst. Erschwerend dazu kommt der Herdentrieb: Soviele User können sich ja gar nicht irren. Umsonst soll ja heute sowieso alles am besten sein; wer bezahlt die Malware-Analysten, die Developer, die an den Erkennungsroutinen und am Selbstschutz des Programms arbeiten, die normale Verwaltung und die angebundene Hardware/Server u.v.m? Das alles wird ausgeblendet. Wirklich umsonst ist heute fast nichts mehr, sei es Avast (in o.a. Artikel ja erwähnt), AVG (Toolbar) oder Avira - lange Jahre Ask-Toolbar in Verwendung, heute angeblich eine eigenständig entwickelte ("Hust"!). Hier bezahlt man m.M.n indirekt mit den persönlichen Daten. Ich finde, jede Software ist heute immer Vertrauenssache, das trifft vor allem auf AV Programme zu. In dem Kontext finde ich Emsisoft und seine Datenschutzpolitik klasse , neben der sehr guten Erkennung war das für mich das Hauptkriterium bei der Kaufentscheidung! Weiter so Emsisoft!
  42. 2 points
    As long as you restart the guard process after it crashed, it shouldn't make a difference.
  43. 2 points
    Supi, AdwCleaner bitte öffnen und Deinstallieren drücken. FRST samt Logfiles, sowie den Ordner C:\FRST, einfach löschen.
  44. 2 points
    Hi Legend, You bring up a good question, but unfortunately there isn't one answer here. That is because a lot of definitions are being used for the same term. See for example also Fabian's explanation here. For Emsisoft you can just say its about the same thing, just a different term. Behavior blocking or IDS both can have user interaction, its the fact that the program is able to recognize a certain intrusion or behavior that counts, after that its the user or program settings that decide what is actually done with it. The issue is, IDS implies already something malicious is going on. That is sometimes misleading, because not each alert is generated by malware. Behavior blocking covers it better IMO, because it suggests it is behavior that causes an alert, which doesn't necessarily mean this behavior is also malicious (and here community based input plays a role, in Emsisoft products you usually will see that plain malware will be auto-blocked by community input (90% of the users blocked it, so EAM will block it) while questionable or even legitimate programs will respectively prompt for action or be automatically allowed. That system isn't 100% fail safe, but will help quite a bit reducing alerts. Advanced heuristics is really a very general term as well. In most cases (as explained also in the post I linked you to above) it implies some sort of emulation is going on. That sounds quite good, but malware can also protect itself against this type o emulation (and refuse to be executed when it detects emulation for example). Yes, EAM does not use emulation. Again, this is really a generalization, each security program may have their own definitions of these terms and/or use this in their own way. EAM's behavior blocker works quite well as you can also see by observing for example AVC's real world protection tests. In EAM9 some additional functionality has been added (static is nice, but that doesn't mean we're not continuously working to find new ways to block malware as early as possible ). I hope this answers your questions (and didn't cause more confusion).
  45. 2 points
    If a license key for Emsisoft Anti-Malware is remapped more than 5 times in a day, then our system will lock out any further remaps for 24 hours. If you contact support, we can clear the mapping history manually if needed. In your case, this shouldn't end up being an issue.
  46. 2 points
    Hi und Herzlich Willkommen beim Emsisoft Support Forum! Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften) Starte jetzt FRST. Ändere ungefragt keine der Checkboxen und klicke auf Scan. Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop. Bitte beide Logfiles in der nächsten Antwort anhängen.
  47. 2 points
    Online Armor covers all these applications except the "Behavior Blocker" part. Behavior blockers and HIPS in the same product are pretty much mutually exclusive. They essentially both refer to the same underlying technology. The only difference is the way decisions are made on whether or not to allow a certain action. A HIPS will ask the user, while a behavior blocker tries to figure everything out on its own. Given that it should be obvious why those modes are mutually exclusive and why running both at the same time makes little sense: You can't both ask a user about everything and not asking him and figuring it out internally on your own at the same time. You can install two different products (one HIPS, one behavior blocker) at the same time, but the only thing you achieve will be that you have to allow things twice. So either go with a HIPS or with a behavior blocker. But not both.
  48. 2 points
    This isn't really an issue in our case as we only use the Bitdefender scan engine and signatures and added all our improvements like anti-rootkit technology, behavior blocking, the Emsisoft scan engine etc. on top of it. So even if malware authors patch Bitdefender detections, it doesn't mean one of our other detection layers won't catch it. To get an idea on how efficient our added technology actually is just take a look here:
  49. 2 points
    Here are the reports. Also, received error report that C:\$mft is corrupt
  50. 2 points
    Good morning, korben First, instead of just shutting down whole Guard try separately disabling “onExecution Scan” scan only and then “Malware-IDS” only. The reason for testing “onExecution” being disabled, despite that is a long shot: In the past there were reports that opening large media files of certain type by double-clicking will cause scanning the media too with substantial delay. But when I asked the user to test invoking the the Player 1st and after that opening the media file - that worked perfectly fast. You answered already that “opening from inside” doesn't help. Still please test disabling “onExecution”. ======= Nobody insisting on deeper investigation, that's your choice but “cutting off net connection” is not all. That may not be the case, but if you are testing that - there are ways to check whether there still are attempts to “connect” if suspected... Just out curiosity for testing you may try different free notepad. Set association with .TXT and observe its behaviour Here is one of the lists of Notepad Alternatives Those have many additional features, most of them, if not all are multi-document. You may not need all that, but that's just for testing or use it if that's working fine & fast. You always can go back when & if the cause of the main problem was found. Notepad ++ can be installed as Portable Application , so you don't mess with the Registry (just delete the folder later and that's all) That's interesting and innovative method to solve “small problem” by getting new laptop and OS (we all should try that ) Just a reminder. Since I mentioned temporary shutting down ThreadFire (TF) in order to test – if you will uninstall A-M from old PC in order to reinstall on a new system, you can save/leave TF, otherwise I would suggest not using it alongside with A-M. Cheers! P.S. 1) after having the morning coffee I looked back to the image you provided. It is not the best quality, but most importantly that is the overall view What was asked to look at is – drill deeper into Applications, etc. and see whether there are events at the time of running Notepad. 2) I had no time yet to find your uncle
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up