Leaderboard

  1. GT500

    GT500

    Emsisoft Employee


    • Points

      502

    • Content Count

      9296


  2. Fabian Wosar

    Fabian Wosar

    Emsisoft Employee


    • Points

      291

    • Content Count

      4711


  3. Kevin Zoll

    Kevin Zoll

    Emsisoft Employee


    • Points

      268

    • Content Count

      18456


  4. Elise

    Elise

    Emsisoft Employee


    • Points

      237

    • Content Count

      7338



Popular Content

Showing content with the highest reputation since 10/13/09 in all areas

  1. 7 points
    Official word is, "yes". We will give free license extensions to anyone who upgraded to Windows 10 and was unable to use the firewall. Once the issue has been resolved, please either submit a support ticket in our helpdesk system, or send a Private Message on the forums to me (English Support) or Thomas Ott (English/German Sales). Be sure to mention that you would like to have your license extended due to the Windows 10 issues and include in your message any license keys that were in use on a computer with Windows 10. Feel free to link to this forum post if you would like to.
  2. 6 points
    As announced earlier, we are changing our firewall strategy and will soon merge Emsisoft Internet Security with Emsisoft Anti-Malware, effective as of our next release in October. Instead of developing our own firewall module, we’re going to rely on the built-in Windows Firewall core that has proven to be powerful and reliable. Its only weak point is the fact that anyone can freely change the firewall configuration. In other words, if malware manages to run on the PC with sufficient administrator permissions, it’s able to allow itself to get through the firewall. To resolve this vulnerability, we’ve developed a new Firewall Fortification feature for Emsisoft Anti-Malware’s Behavior Blocker as part of our 2017.8 release. Firewall Fortification detects and intercepts malicious actions from non-trustworthy programs in real time before they can cause any damage. Behavior Blocker alert: Firewall manipulation All 2017.8 improvements in a nutshell Emsisoft Anti-Malware New: Firewall Fortification feature that blocks illegitimate manipulations of Windows Firewall rules. Improved: Forensics logging. Fixed: Rare program freezes on opening the forensics log, confirming of surf protection notifications and during malware detection. Fixed: Computer restart instead of computer shutdown executed, when set for a silent scan. Several minor tweaks and fixes. Emsisoft Enterprise Console Improved certificate handling to avoid connectivity issues. Several minor user interface improvements. Several minor tweaks and fixes. How to obtain the new version As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default. New users please download the full installer from our product pages. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great, well-protected day! View the full article
  3. 4 points
    Guten Tag, Wir haben mittlerweile mehrfach etabliert, dass Emsisoft nicht das Programm Ihrer Wahl ist. Sie haben sich bereits anderweitig ein Antivirus gesucht, dass auch noch dreißig weitere Funktionalitäten mitabdeckt. Fakt ist jedoch, dass viele Leute eben auch ein Antivirenprogramm suchen, dass nicht noch fünfzig Extras mitbringt, die man nicht will oder nicht braucht. Für diese Leute gibt es eben Emsisoft Anti-Malware und die meisten unserer Kunden sind mit der Tatsache, dass es eben 'nur' ein Rundumschutz für den Rechner ist und nicht mehr, zufrieden. Für all die angesprochenen Features - Passwortgenerator, Kinderschutz, etc - gibt es bereits gute Programme, die man sich bei Bedarf installieren kann. Viele Leute haben aber entweder keine Kinder oder wollen diesen den Zugang nicht beschränken, warum sollten wir diesen Leuten einen Kinderschutz mitinstallieren. Einige haben eben auch nicht RAM oder CPU im Überfluß, für diese Leute ist es noch ärgerlichr wenn das RAM durch ein AV belegt ist, dass aufgrund von ungenutzten Features die Ressourcen auffrisst. Fazit: Es gibt viele Antivirenprogramme, die die eierlegende Vollmilchsau sein wollen und versuchen alle Programme in einem zu vereinen. Es gibt User, die diesen Ansatz nicht mögen und nur ein Antivirenprogramm wollen. Nicht mehr. Für diese Leute gibt es, zum Beispiel Emsisoft Anti-Malware. Sie gehören nicht zu dieser Gruppe und das ist ok. Mit freundlichen Grüßen Kathrin
  4. 4 points
    Which for everything related to our core technologies (engine, behavior blocker, cleaning engine) would be me. Hi, nice to meet you! Next time someone looks strange at me for talking to myself I can now point them to this post and tell them you asked me to talk to me . Your argument is that we chose Bitdefender because it is "the best". Both Kaspersky as well as Avira consistently score higher in pure on-demand tests than Bitdefender does. If you consider PUP detection ESET is a superior contender as well. We considered all of them at one point or another but they were discarded for various reasons. The article is based on the submission we got through the "Submit information about detected Malware" option in all our products, which reports back meta data (infection names, number of infected objects) about all infections found by our products.
  5. 4 points
    Actually, there is a system behind it: My workstation computers are named after noble gases, like Krypton or Helium. Computers that I only use temporarily or belong to guests are named after transition metals like Titanium. Non-computer devices like smartphones are named after non-metals like Oxygen. All systems and VMs that are used for malware testing are named after radioactive elements like Uranium. Needless to say my WLAN and local workgroup is called "Periodic Table". And yes, I spent a significant amount of time coming up with that system and I am proud of it .
  6. 3 points
    Please note that Emsisoft Anti-Malware for Windows XP hasn't been updated (as in program updates) in over 2 years, and we never intended on continuing long-term database update support for it. In fact, we discontinued our own database updates for it over a year and a half ago, and those still running Emsisoft Anti-Malware on Windows XP have only been receiving BitDefender database updates. We've decided that it is time to stop redistributing those BitDefender updates for Windows XP, as all they are doing is giving those on Windows XP a false sense of security. In addition, it is extremely dangerous to continue using Windows XP. It has (for several years now) had well-known and major security vulnerabilities that Microsoft will never fix. These vulnerabilities make it trivial to infect a Windows XP system, and there is no security software in the world that is capable of preventing it. We can not, in good conscience, continue to provide any support for this version of Windows, as we announced on December 31st, 2015: https://blog.emsisoft.com/2015/12/02/why-we-believe-its-not-ethical-to-sell-antivirus-software-for-windows-xp-any-longer/ We highly recommend that you upgrade to a newer Operating System that is still supported. It doesn't matter if that's a newer version of Windows, or something free like Linux or BSD, as long as you'll be receiving security updates from whoever makes it. New vulnerabilities are discovered almost every day for every major Operating System (Windows, Linux, BSD, MacOS, Android, etc) so it is absolutely critical that you are able to receive security updates from whoever made the Operating System to help keep you and your data safe.
  7. 3 points
    Wenn alle Features eingebaut würden, die Galaxy wünscht, dann würde ich EAM sofort deinstallieren. Ich mag das Programm so wie es ist und hoffe, das bleibt auch so.
  8. 3 points
    Is this working OK now for everyone else? If it is, then there's no need for any more logs. All we needed was a traceroute to send to our CDN provider to help in identifying the server that was having the issue, and I managed to get one of those the other day.
  9. 3 points
    @achtsam Es wird eher langsam Zeit, dass Du deinen privaten Kreuzzug einstellst. Das nimmt ja wirklich paranoide Züge an.
  10. 3 points
    Hello, a2guard.exe is the visible protection process (to put it simple, the Emsisoft icon you see in the system tray). However actual protection drivers start a lot earlier. For example epp.sys (the Emsisoft Protection Platform driver) starts very early in the Windows boot process in order to ensure a protected system even when no user is logged in yet and no other programs have been started.
  11. 3 points
    Today, we've received information that our Dutch team member Rob R. passed away yesterday afternoon, after suffering from an unexpected heart attack last Wednesday. Rob was our lead software tester and we always admired him for his special eye to track down the most tricky bugs. He joined our team more than five years ago by voluntarily sending over a brand new and complete Dutch translation of our software. Shortly after he initiated our efforts in offering physical delivery of our software on CD boxes and USB sticks. He also demonstrated a great interest in testing security software which recently led him to becoming our lead tester for Emsisoft Anti-Malware and Emsisoft Internet Security. Rob will truly live on in our memories as a valued team member and friend.
  12. 3 points
    Hardik587 You are indeed becoming most wearisome. There is an old expression among diehard Texans. "No matter how much you kick a dead horse it won't get up" This is exactly what you are doing.
  13. 3 points
    Hello, please send me your license key via PM (personal message). I will add some days to your key as a sign of goodwill.
  14. 2 points
    > Thanks how do I turn off the notification please ? See: Settings - Notifications - Browser Security verifications
  15. 2 points
    I could only confirm David's post - on both my computers with Comodo (Win 7 64 bit, SSD HDD - as this probably had some impact on that unpleasant EAM behaviour) I switched to stable version and all seem to work. So yes, the problem with Comodo on some comps is probably over. I want to add my two cents to discusion above. I work with computer more than 25 years. A lot years ago I worked as programmer. This is all over now (even as I sometimes write a few lines of code in php and MySQL). My main work is with graphics software, but for a few of my customers I do also some kind of computer servis. Not that I'm any expert in LAN's or such but I could help individual users with some computer problems. So my computer knowledges are a little bit above standard. Usually I could help myself with any and all hardware or software troubles, but this time it was very frustrating and it took me a lot of precious time (which I should have spent differently) to revert my work and home computers back to working state. And it was because of EAM "no user asking" PROGRAM update (unfortunately it even didn't create system restore point - why this isn't standard upon bigger program update is above my understanding). This is why I ask you for avoiding such program behaviour. I understand your points but you should hear our opinions also. Maybe it's not wise to let some users decide about something they don't understand but I don't ask you to do this. You can let default EAM settings on stable version update but I'd appreciate the possibility for some of us to switch off this behaviour. Why couldn't you add to setup/actualization menu two choices: 1) update program without asking user 2) update program only after user confirmation? First choice could be the default one - I don't care. This would be enough. And (not only) after this experience I'd immediately switch it to the "update program only after user confirmation". And a few words to Neneduty post: no, I won't uninstall ANY of my programs only because ANY antivirus software couldn't work with it. All programs are in my computers for good reasons (this is true especially for Comodo firewall). This could end that Emsisoft (or any other antivirus producer for that reason) could ask me not to use my graphics programs, because they could be in conflict with EAM (btw. there was situation Adobe Acrobat didn't start because of conflict with EAM one time - I resolved it with Emsisoft help then - fortunately Emsisoft helpdesk didn't want me to uninstall it :-) ). Antivirus software is in any computer to help not to be infected by computer virus; it's not there to block users to work with their programs... Any other debate about this is ridiculous. Uffff. Enough from me.
  16. 2 points
    Hello RodPaulo! Over the last three months, we gradually rolled out new infrastructure for our behavior blocker as part of the monthly feature updates. We decided to introduce this new tech gradually as to avoid headaches when switching everything at once. In addition, just the infrastructure on its own had major benefits like fixing several long-standing compatibility issues with products like Kaspersky, Avast, AVG and some other products, that rendered systems unusable as no process could be started on systems running both EAM and their product in real-time. The rollout itself was pretty smooth and we didn't see anything unusual in our telemetry or continuous daily testing either. However, it turned out that there was a rare race condition with certain malware obfuscators that caused some 32-bit processes to not be monitored correctly on Windows 10 64-bit systems. AV-C did report the issue to us as part of their normal report at the end of March and we fixed and released it as an update during the 2018.3 lifecycle very shortly after, but by then we already had racked up a couple of misses in the April test period as well. You may also be interested in the AV-C business test series factsheet they just published, available here: https://www.av-comparatives.org/wp-content/uploads/2018/05/avc_biz_2018_03_factsheet_en.pdf
  17. 2 points
    Emsisoft Anti-Malware ist vollständig mit dem Windows Update kompatibel. Wir haben ausserdem grade ein Update für alle Nutzer des Beta, Stable und Delayed Update Trees veröffentlicht, dass den entsprechenden Kompatibilitätsmarker in der Registry platziert. Wir möchten an dieser Stelle zu bedenken geben, dass Microsoft den selben Kompatibilitätsmarker für alle Anti-Virus und Anti-Malware Anwendungen verwendet. Sollten also mehr als ein Anti-Virus oder Anti-Malware Programm in Benutzung sein, besteht das Risiko das eine der Anwendungen, wie Emsisoft Anti-Malware z.B., das System als kompatibel markiert, obwohl eines der anderen installierten Sicherheitsprodukte nicht kompatibel ist. Es gibt für uns leider keine Möglichkeit dies zu verhindern oder abzufangen, da Microsoft die Verwendung mehrerer Schutzprogramme auf dem selben System schlicht nicht vorsieht. Dies ist übrigens ein perfektes Beispiel dafür, wieso wir seit Windows 10 von der parallelen Verwendung mehrerer Sicherheitsprogramme abraten. Weitere Informationen, gibt es auch in unserem Blog.
  18. 2 points
    Emsisoft Anti-Malware is compatible with the Windows update. We also just published an update that sets the compatibility flag for all users of the beta, stable and delayed update feed. Keep in mind, that Microsoft uses the same flag for all anti-virus vendors. That means if you are using multiple anti-viruses or anti-malware applications, you are risking one of those products, like Emsisoft Anti-Malware, flagging the system as compatible, even though one of your other products is not compatible. There is, unfortunately, nothing we can do to prevent this as Microsoft does not account for the scenario of multiple security products being installed on the same system. This is the perfect example why we are recommending against using multiple security products in parallel. For further information, feel free to stop by our blog.
  19. 2 points
    Thanks Umbra. I've also done step 2, and I suspect your right that is good enough.
  20. 2 points
    Just for fun (and reference) I took a screenshot of the visitor stats from my own private server. The screenshot is censored so it doesn't show IP addresses, the names of files visitors accessed, or what websites they were referred from. Here's a link if anyone wants to see it: https://www.gt500.org/images/http_stats.png This is just general statistics compiled from server logs, and you can actually get a little more information than what you see there from those logs. I guess what I'm trying to say is simply that if website owners really want to track you, they don't don't need Google or other analytics services to do it. Especially since there's no way to prevent the server from logging all of this data (since the servers do that automatically and have access to all of that data when your web browser loads anything from the server). If this is something you're concerned about then TOR, VPN's, and Virtual Machines are going to do you much more good than worrying about what "trackers" are being used by any individual webpage. TOR and VPN's help keep your IP address private and make it very difficult to determine where you actually are, and of course Virtual Machine's give a generic system for you to browse on and you can restore to a snapshot to reset everything to the condition it was in before you started browsing. Some things may be unique to your Virtual Machine, such as the combination of your CPU and the amount of RAM and disk space, so in theory it would still be possible to "fingerprint" it, however does it really matter if a website "fingerprints" a Virtual Machine (especially when they can't determine the geographical location)? Also note that "browser fingerprinting" isn't something that I tend to worry much about. It's unfortunate that it's possible, but it's also benign in the vast majority of cases, and the lengths you have to go to in order to prevent it are... well... more that I would be willing to do for something that isn't going to effect me enough for me to care. uBlock Origin blocks most advertising and tracking stuff, so the amount of money that advertisers can make by "fingerprinting" my browser and targeting me is minimal, and if the NSA wants to monitor me then I expect the only way to truly prevent that is to live in a lead box and never connect to the Internet again.
  21. 2 points
    Arbeite doch einfach selbst Deine Profilneurose auf, oder suche Dir professionelle Hilfe. Ich bin ziemlich sicher, daß das Sammeln von likes und dislikes Dir nicht wirklich weiterhelfen wird...
  22. 2 points
    From (very) humble beginnings in a Windows XP Service Pack update, the Windows Firewall has evolved into a capable security tool. Today, its performance is on par with – if not better than – any modern third-party desktop firewall on the market. In light of this, and after a lot of careful consideration, the Emsisoft team made a very conscious decision to rely on the Windows Firewall moving forward, which ultimately led to us merging Emsisoft Internet Security with Emsisoft Anti-Malware. This will allow us to concentrate our efforts on building a bulletproof product while using our Behavior Blocker technology to further strengthen the already rock-solid Windows Firewall. To put it simply, using Windows Firewall in conjunction with Emsisoft Anti-Malware will provide better protection for our users, and that is our number one objective above all else. Since our announcement of the Emsisoft Internet Security and Emsisoft Anti-Malware merger, we have received a lot of positive feedback. However, we also got a lot of questions. We want to take the time to answer the most frequently asked questions in a bit more detail: So are you going to remove the firewall completely? The answer to that question is not as simple as it may seem at first. Firewalls are usually divided into two parts: A so-called packet filter, which usually deals with incoming packets and is therefore often called an inbound firewall; and an application filter that deals with applications wanting to access the network or internet, which is why it is often also referred to as an outbound firewall. Emsisoft Anti-Malware has always had an application filter as part of its Behavior Blocker and that will continue to be true. The difference between the outbound firewall in Emsisoft Anti-Malware and Emsisoft Internet Security is that the former makes decisions autonomously, while the later, at least in theory, allowed you to also use your manual rules. In practice, the default for Emsisoft Internet Security was to automatically allow all outbound connections and the majority of all our users never changed it. Why did you make the change? Was Emsisoft Internet Security less secure than the Windows Firewall? No. All firewalls on modern versions of Windows are based on the same technologies provided by Microsoft. In addition, inbound firewalls in particular are incredibly straightforward to implement, as they only block or allow access based on simple rules. That is why there is absolutely no difference in protection provided between any of the inbound firewalls on the market, including the Windows Firewall. However, the Windows Firewall does have some benefits: Support for Windows Networking like Home Groups is a lot better in the Windows Firewall out of the box. There is no need to tweak any rules manually as was often the case for Emsisoft Internet Security. It is easier to use. This is mostly because third-party applications will take care of creating all necessary firewall rules for you. That is not an option that Emsisoft Internet Security could provide, as most software vendors don’t care about third-party firewalls. The Windows Firewall also provides much better compatibility. Third-party software vendors usually test their products with the Windows Firewall as it is part of Windows, but almost never test their product’s compatibility with aftermarket firewall products. Last but not least, the Windows Firewall also provides a lot more configuration possibilities to expert users and allows for much more complex rulesets than the inbound firewall offered as part of Emsisoft Internet Security. But there are also a couple of disadvantages, which is where Emsisoft Anti-Malware 2017.8 comes in: Intelligent outbound firewall: The outbound firewall part of the Windows Firewall will by default allow every application to connect. This behaviour is actually identical with Emsisoft Internet Security, which also allowed any application to connect to the network or the internet unhindered by default. While both products can be manually configured to block programs from accessing the internet, most users don’t want to deal with this responsibility. This is where the intelligent outbound firewall that is part of our Behavior Blocker comes in, which will prevent malicious applications from communicating with the internet automatically while not getting in the way of benign applications. Enhanced malware protection: The Windows Firewall on its own does not provide any protection against more sophisticated attempts to bypass its outbound firewall through advanced techniques like code injection. Code injection essentially allows malware to take over a trusted program in order for its internet communication to pass through the firewall unhindered. Again, the Behavior Blocker in Emsisoft Anti-Malware is incredibly good at detecting and preventing these kinds of attacks. Windows Firewall Fortification: The functions Windows Firewall provides to software vendors to automatically create rules for their applications in the Windows Firewall for ease of use are also pretty much unprotected. That means that malware can and does create rules for itself automatically. In version 2017.8, we extended our Behavior Blocker technology to protect the exposed Windows Firewall functions from malicious usage. This gives you control over which of your applications are allowed to create Windows Firewall rules for you and which aren’t. This is what we refer to as “Windows Firewall Fortification”. To sum things up, for inbound filtering, the Windows Firewall is just as solid a choice as any other firewall product on the market, including Emsisoft Internet Security. It provides better compatibility and is easier to use for the majority of users. Its drawbacks mostly revolve around its outbound filtering capabilities, which are perfectly complemented by the enhanced Behavior Blocker that is part of Emsisoft Anti-Malware 2017.8 and later. Where can I find the new Windows Firewall Fortification options? The new options are part of the Emsisoft Anti-Malware Behavior Blocker. As such, you can find them under Protection/Application Rules: In addition, whenever the Behavior Blocker sees any application it doesn’t know to be trustworthy attempting to create new firewall rules or change the firewall status, it will attempt to auto-resolve the situation by blocking the attempt: If you have auto-resolve disabled, it will simply ask. Where can I find the “advanced configuration possibilities” you talk about? My Windows Firewall only has a couple of options! The default dialog to configure the Windows Firewall can be incredibly deceptive at first. The advanced configuration dialog is stashed away behind an innocuous looking link in the normal Windows Firewall configuration dialog: Windows Firewall dialog with link to Advanced settings Clicking that link will expose the real configuration of the Windows Firewall where you have full access to all the rules it adheres by. That looks awfully complicated. Are there easier methods? There exist a slew of additional applications that sit on top of the Windows Firewall and attempt to enhance it by making rule creation and management easier. Some of the most popular are: TinyWall (Free) – http://tinywall.pados.hu/ Windows Firewall Control (Freemium) – https://www.binisoft.org/wfc.php Glasswire (Paid) – https://www.glasswire.com/ That being said, we think that the majority of users probably won’t find these tools to be necessary. That is also why we decided against creating our own Windows Firewall front-end and focus our development efforts on improving the complementary and enhanced technology in our Behavior Blocker instead. So what do you recommend I should do? We strongly believe that the combination of Emsisoft Anti-Malware and the Windows Firewall is the best option for almost every user. For the past 12 years while developing our product, we used this exact combination in all of our internal performance evaluations of our technology. Our malware research team works hard to make sure that even the most advanced threats are blocked immediately across all our products. So yes, Emsisoft Anti-Malware blocks the same malware that Emsisoft Internet Security blocks out of the box – no configuration, paying extra or jumping through hoops needed. If you do feel the need to make sure that certain legitimate applications can’t access the internet, the Windows Firewall does offer the ability to do so via its Advanced Settings. If you find that method to be too inconvenient, going with one of the many front-ends may be an option for you. We do know that a small minority of Emsisoft Internet Security users believe that the Windows Firewall must have backdoors implemented by Microsoft to allow them to spy on their users. In all our research, we haven’t found one and neither have hundreds of other security professionals that constantly review Windows for possible backdoors and vulnerabilities. We also think it is important to keep in mind that every single firewall product for Windows Vista and later uses the very same frameworks to implement packet and application filtering. There is no difference between the Windows Firewall, Emsisoft Internet Security and any other third party firewall from a technical point of view. If Microsoft were to backdoor their products to allow unhindered communication, this backdoor would probably be part of the Windows Filter Platform or the NDIS Lightweight Filter Framework, which are the underlying technologies all firewall products are built upon, and affect every firewall product equally. If you still prefer to use a firewall product other than the Windows Firewall, we recommend you contact the software company creating your new firewall product of choice beforehand to ask them whether they implement their own firewall or rely on the Windows Firewall as well. Most firewalls and internet security suites dropped their own implementation in favour of the Windows Firewall many years ago. So we suggest you ask them first to make sure you don’t end up with a Windows Firewall front-end instead. Do you have more questions? Post them in the comments and we’ll answer them. Have an excellent (malware-free) day! View the full article
  23. 2 points
    You don't need an account on the website; you just copy & paste the licence code into the application. Keep the details in case you need them again.
  24. 2 points
    Local is your machine, "this end" of a conversation. Remote is whatever machine's at the other end.
  25. 2 points
    I think you have made your point of view crystal clear for everyone, iwarren. Do we really nede more posts?
  26. 2 points
    Hello to you all, l don't know how some of you are going to react to my post but the end is what matters. On Friday morning we (company) where infected from the Cry36 Virus(Ransom). Our Server 2008R2 was with anti-virus and with Windows Update.. up to date.. At the time we had a external Hard drive connected to the server (the only one we had) since we didn't have a duplicate due the second one failed on us. Due to hard times here in Greece we thought that one hard drive was enough. Since our server was under repair with a raid problem we had an live backup. All our files where encrypted.. Most you will probably understand. We called local Police, Internet Crime Center Greece and Interpol. We had support for a number o techs, antivirus profs in Greece and around the world. We had no choice but to gamble with the hackers. They asked for $800 in bit coin. We had nearly every day email exchange with them. The process to obtain bit coin was a long and stressing time. The amount of money we where loosing day by day was nightmare. After 8 days we had the bit coin, we transferred them to the people responsible and in 15min we had the unlock.exe we our ID and a password from Greece to US. They even gave us instructions and warnings not to damage the files. We got all our files back!!!!!!!!!!!!!! Yes we did the wrong thing and payed. In the end we lost a lot of money and lived 10 days of hell!!!!! The virus was infected from a personal email...
  27. 2 points
    For reinstallation media, always use the Media Creation tool to ensure as much updates as possible are included (this is generally a good idea because it also reduces the amount of updates you'll have to install after installation): https://www.microsoft.com/en-gb/software-download/windows10 As for the rest, the vulnerability is/was in the SMB (server message block) protocol, which is not something an average home user requires, if you are concerned you can just reinstall Windows without network connection, go to Programs and Features > Turn Windows Features On and Off and in the populated list locate SMB1, uninstall this before continuing.
  28. 2 points
    The secure connection (HTTPS vs HTTP) has nothing to do with whether or not the website is secure. It has to do with whether or not your connection to the website is secure, which is intended to prevent snooping on communication between you and the server more than it is anything else. Man-in-the-middle attacks can still expose the contents of secure connections, but if a website is configured correctly then it is extremely difficult to do that. A hacker can compromise a website and replace legitimate downloads with infected copies, and this has happened before (ClassicShell and AmmyAdmin are a couple of examples). With popular software (7-Zip for instance) there shouldn't be a BB alert, since it would be trusted by our Anti-Malware Network. With less popular software, it does become more problematic, however a user can search for the SHA-1 hash provided in the alert and try to find information about the file in question.
  29. 2 points
    Das Problem ist, dass keine Schutzsoftware Dir helfen kann. Wenn der Server aufgemacht wird, was bei TeamXRat, die Malware die dahinter steckt, der Fall ist, kann der Angreifer die Software einfach beenden oder die Malware erlauben. Ich hab die Malware kurz ueberflogen und sie sieht entschluesselbar aus. Falls das Loesegeld also noch nicht bezahlt wurde, dann kann ich mal schauen was ich tun kann.
  30. 2 points
    That would help in this particular instance (alerts during an uninstall), however every rule that exists can decrease performance, so rules are generally not kept if they are not needed.
  31. 2 points
    Hi CBMan, Thank you for your suggestion. As the idea seems fair to me, I added your suggestion in our tracker. Will be discussed soon and then we will decide if discard or work on it. Thanks again, Orlando
  32. 2 points
    The following innovations make Online Armor 5.5 our best firewall ever: Integration of Anti-Malware Network: Unknown programs are immediately cross-checked against the cloud. The Online Database contains around 4 million entries and relies on the intelligence of the cloud. Programs considered harmless are automatically permitted, while annoying pop-up windows and alerts are omitted. So you can totally focus on your work! New cloud-based scan: Our cloud scan, already used in Emsisoft MalAware, has been included in Online Armor. Even if there is no record of a file in the Anti-Malware Network, more than 7 million signatures mean that malware can be recognized reliably to keep your PC safe. Improved license and update system: Software updates are downloaded and installed way quicker. Moreover, Online Armor relies on the license system used for other Emsisoft products. Access our Customer Center to find and manage the licenses for all your Emsisoft products in one place. Your Online Armor license key will be automatically transferred to the new system as soon as you use version 5.5 for the first time. Unnecessary key resets when reinstalling your OS are a thing of the past. New pricing system rewards your loyalty: The 1-year license is 25 % cheaper if renewed once the initial 1-year period has expired and will be a further 5 % cheaper for every additional year you renew it. Long-term customers can thus benefit from discounts of up to 50 %. Fine tuning: We have added news popups that keep you up to date with the latest Emsisoft news and fixed several potential incompatibilites, e.g. in combination with Ad Muncher or WinCrypt. As well as countless minor changes for improved user experience and best protection. To get the latest version, just run an online update or alternatively uninstall and reinstall the latest setup package from the official Emsisoft Online Armor product page. If you are using Online Armor FREE earlier than 5.0, please uninstall this version and download the new one. Introductory offer: Pack of 3 for the price of 1 = 45 % discount! Limited offer until February 14th, 2012: Buy a 1-year license now for Emsisoft Online Armor Firewall for 3 PCs at a special price: Instead of US $73.- only US $40.-. Buy here
  33. 2 points
    Ich kann diesen beinahe hysterischen Umgang mit dem Virenschutz ohnehin nicht nachvollziehen. Ich vertraue Emsisoft, weil es im Unterschied zu sehr vielen anderen nicht spioniert und keinen Crap mitinstalliert bzw. anbietet. Das ist fast ein - und mir persönlich sehr wichtiges - Alleinstellungsmerkmal. Außerdem arbeiten an der Software Menschen, da kann es durchaus vorkommen, daß jemand temporär mal ein Brett vorm Kopf hat, es urlaubsbedingt oder aus anderen Gründen (Todesfall) zu personeller Unterbesetzung kommt oder man kurz hinter einer Erkennungsrate herhinkt, weil da jemand bei XXX einen Geistesblitz hatte oder besonders empathisch war. In solchen Fällen wird dann schnellstmöglich "aufgeholt". Folglich kein Problem und bei jedem Hersteller so vorkommend. Außerdem soll und kann jeder Schutz ja auch nur "Spitzen kappen". In erster Linie ist bei jeder Maschine derjenige gefragt, der davor sitzt, also brain.exe. In Grunde hat dieses permanente Vergleichen der Tests mit etwas Abstand betrachtet so'n Beigeschmack von Pimmellängevergleichen - oder auch dieser Anspruch, daß Deutschland gefälligst die Goldmedaillen holen muß, das ist eine verzerrte Sicht aus der gleichen Ecke. Gelassenheit und ehrliche Fairness, daran mangelt's immer häufiger. Und das obwohl das ständige "cool" doch in aller Munde ist...
  34. 2 points
    We have made a workaround for the above mentioned incompatibility. If you are experiencing the above behavior, please try the following build (no need to uninstall first). HitmanPro.Alert 3.1.7 Build 357 PreRelease Changelog Fixed incompatibility with Emsisoft Internet Security 11.0.0.6131Download http://test.hitmanpro.com/hmpalert3b357.exe Please let me know if this update fixes the incompatibility.
  35. 2 points
    just click the 'more reply options' button and attach any file to your post.
  36. 2 points
    I would only recommend one Sandboxing program, Sandboxie. I have used it for years, and it works fine with Emsisoft products. When you install it, Sandboxie will detect the presence of Emsisoft products and ask you if you want to enable compatibility settings. You would want to do this. Any questions, feel free to ask. Pete
  37. 2 points
    I know, that is why I only counted signature updates. Whenever you see an exact signature count in the change log above, one of our signatures was updated. Sorry, what you ask is impossible. It should be obvious to anyone, that if you have a scan engine that already detects 95% of all malware out there, that the other engine can't suddenly detect more than that without causing gross redundancy. In general we can choose to waste hundreds of megabytes of RAM on hundreds of thousands of systems to keep duplicate signatures around so you feel validated in your purchase, or we can choose not to do that, not to waste everyone's resources. To be honest, that's not even a choice really.
  38. 2 points
    Upgrade from EIS 10.0.0.5735 to EIS 11.0.0.5847 (Beta) I currently have for the 'Advanced Firewall Settings' to "Ask" to allow incoming/outgoing firewall rules. (all 4 options are set to Ask) Application Rules did not Update after Upgrade ----------------------------------------------------------- After the upgrade/restart i deleted the custom rules to allow ports 80/443 and yet it still allowed the connection even after restarting firefox and did not prompt me to allow it again either. So I went to Settings -> "Factory Defaults" this seemed to do the trick, and this time asked me to allow the port connections 80 / 443. Real-Time Firewall Blocking ------------------------------------ At first I allowed port 80 / 443, and then tried adding a BLOCK TCP/UDP 0-65535 (below to the first rule) i could still browse successfully (where before in v10, 0-65535 was over-riding everything) However then i removed the rules, then tried this time to "block" the connections, except it was still allowing the connection, even though 80 / 443 were blocked. It wasn't until I restarted firefox that the blocking rule took effect. so it appears real-time firewall blocking of the application is not quite working. Real-time Application Blocking (or Suggestion) ------------------------------------------------------------------- Another issue ,prevalent in v10 also, is when you block an application in Application Rules or Behaviour Blocker, it does not close the application once blocked, it just prevents it from running the next time. Where in v9 i remember it used to close the application immediately once blocked. Automatic Custom Montioring (Suggestion) ------------------------------------------------------------------- Even though I have automatic firewall settings set to "Ask" about trustworthy applications, the behaviour blocker still sets everything to "All Allowed", so each time I do say.. a Factory Reset or new install, I have to reset each application to "Custom Monitoring" if I want to be confronted with potential behavioural threats. The behavioural blocking is the pride and joy of EIS, so I think it should be an option in "Advanced Firewall Settings" to set "All Allowed" to "Custom Monitoring" by default. Which will warn you about code injection and such. Automatic Behavior Blocking Template(Suggestion) ----------------------------------------------------- Also think you should be able to create something like a Template that applies to all applications by default, for example.. "Block Backdoor Related Activity" "Block Spyware Related Activity" could be set by default, based on your template you created. More Detailed Information About Intrusions (Suggestion) ---------------------------------------------------------------------------------- I mentioned in the previous suggestion about behavioural blocking, and how it warns you about code injection and potential intrusions. These errors can come from system applications, for example... when changing personalize settings, a message appears saying Explorer.exe wants to change something, or when Firefox tries to run a program from the downloads menu, it will say something along the lines that Firefox is acting like a trojan or something to that nature. These are scenarios where it was likely a false detection, but was warning of a potential problem, which is great! However, there are also scenarios where Explorer.exe or Firefox.exe may be doing something it shouldn't, and yet the options are to Allow something potentially bad, or Block, which closes the application, not really knowing what you just blocked. So what i'd really love to see.... is the offending command, i believe v9 had it right... when it popped up the behaviour, it gave you much more verbose input, like Explorer.exe -> Shell32.dll -> hotdog.dll -> somethingweird.exe then i could tell the difference between, a simple desktop entry being modified, or of an actual threat that needs to be dealt with. So would really really love to see an option in "Advanced rule settings" for [ X ] verbose behaviour messages Application Rules & Behavior Rules Merging (Suggestion) ---------------------------------------------------------------------- I think v9 also had it right in this case.... all of the application rules were all in one neat tidy window, maybe i'm a little daft, but i don't quite understand why these two are seperated, and why some applications will show up in Behavior Blocker and not in Application Rules, and if i want one in the other, i have to create the rule myself. Then tediously set everything to Custom Monitored, to get it to monitor its behavior. Theming (Suggestion) ---------------------------- I know i've said this before, but i'll say it again... i'd love to have an option to theme/skin the EIS application, maybe to something with more neutral colors. Insights ---------- If everything gets automatically allowed, then its only passively protecting the system for the sake of letting Windows run smoothly, The goal here is easy to use security, i think its important not to let security take a back seat for the sake of making it easy to use. In the Blog you make mention that everything should be kind of behind the scenes without much intervention and fiddling around with settings, however I think a lot of people don't really mind the extra popups as long as they know their system is actually being protected. Special Thanks -------------------- I'd like to thank the emsisoft team for their dedication and hard work on this amazing application. I hope everything i've said has not been discouraging but has inspired you to keep working to make this program even better. Keep up the good work, and please tell Santa about everything on my wish list.
  39. 2 points
    We don't have an ETA for the stable release of version 11. Hopefully it won't be too long.
  40. 2 points
    You must have had Beta Updates enabled as EIS 11 is still beta, and that kind of problems can happen with Betas Remedy. Uninstall 11 and then install 10 again and make sure that "Beta Updates" is disabled (unchecked)
  41. 2 points
    A summary of the improvements in version 11 can be found in our blog as usual: http://blog.emsisoft.com/2015/10/24/a-sneak-peek-on-emsisofts-version-11-series/ Keep in mind that it is currently only available via the Beta updates option.
  42. 2 points
    I appreciate the honesty but I hope you understand that a bug like this needs to be fixed on top priority. It prevents the download of critical updates unless the Firewall is deactivated but deactivating the firewall can make the system vulnerable. I mean an issue as critical as this should be treated as soon as possible.
  43. 2 points
    Good morning. Can we expect to get a fix for the updates not working soon, please? Having to disable the firewall to get updates seems an important bug to me. Thanks in advance and best regards, François
  44. 2 points
    Looks like my system is still the fastest: Emsisoft Internet Security - Version 10.0 Last update: 4/12/2015 12:05:17 AM User account: Krypton\Fabian Scan settings: Scan type: Malware Scan Objects: Rootkits, Memory, Traces, Files Detect PUPs: On Scan archives: Off ADS Scan: On File extension filter: Off Advanced caching: Off Direct disk access: Off Scan start: 4/12/2015 12:06:09 AM C:\Users\Fabian\AppData\Roaming\tmpUQC0.exe detected: Trojan.MSIL.Inject (A) Scanned 74807 Found 1 Scan end: 4/12/2015 12:06:27 AM Scan time: 0:00:18 This is the first scan after a cold boot. Later scans go down to 11 seconds .
  45. 2 points
    Hi Legend, You bring up a good question, but unfortunately there isn't one answer here. That is because a lot of definitions are being used for the same term. See for example also Fabian's explanation here. For Emsisoft you can just say its about the same thing, just a different term. Behavior blocking or IDS both can have user interaction, its the fact that the program is able to recognize a certain intrusion or behavior that counts, after that its the user or program settings that decide what is actually done with it. The issue is, IDS implies already something malicious is going on. That is sometimes misleading, because not each alert is generated by malware. Behavior blocking covers it better IMO, because it suggests it is behavior that causes an alert, which doesn't necessarily mean this behavior is also malicious (and here community based input plays a role, in Emsisoft products you usually will see that plain malware will be auto-blocked by community input (90% of the users blocked it, so EAM will block it) while questionable or even legitimate programs will respectively prompt for action or be automatically allowed. That system isn't 100% fail safe, but will help quite a bit reducing alerts. Advanced heuristics is really a very general term as well. In most cases (as explained also in the post I linked you to above) it implies some sort of emulation is going on. That sounds quite good, but malware can also protect itself against this type o emulation (and refuse to be executed when it detects emulation for example). Yes, EAM does not use emulation. Again, this is really a generalization, each security program may have their own definitions of these terms and/or use this in their own way. EAM's behavior blocker works quite well as you can also see by observing for example AVC's real world protection tests. In EAM9 some additional functionality has been added (static is nice, but that doesn't mean we're not continuously working to find new ways to block malware as early as possible ). I hope this answers your questions (and didn't cause more confusion).
  46. 2 points
    In general the behavior blocker ignores most scripting hosts, as it is not possible to distinguish which actions are triggered by the script and which are triggered by the scripting host. The File Guard however does trigger when trying to execute the scripts you uploaded.
  47. 2 points
    This isn't really an issue in our case as we only use the Bitdefender scan engine and signatures and added all our improvements like anti-rootkit technology, behavior blocking, the Emsisoft scan engine etc. on top of it. So even if malware authors patch Bitdefender detections, it doesn't mean one of our other detection layers won't catch it. To get an idea on how efficient our added technology actually is just take a look here:
  48. 2 points
    Here are the reports. Also, received error report that C:\$mft is corrupt
  49. 2 points
    Good morning, korben First, instead of just shutting down whole Guard try separately disabling “onExecution Scan” scan only and then “Malware-IDS” only. The reason for testing “onExecution” being disabled, despite that is a long shot: In the past there were reports that opening large media files of certain type by double-clicking will cause scanning the media too with substantial delay. But when I asked the user to test invoking the the Player 1st and after that opening the media file - that worked perfectly fast. You answered already that “opening from inside” doesn't help. Still please test disabling “onExecution”. ======= Nobody insisting on deeper investigation, that's your choice but “cutting off net connection” is not all. That may not be the case, but if you are testing that - there are ways to check whether there still are attempts to “connect” if suspected... Just out curiosity for testing you may try different free notepad. Set association with .TXT and observe its behaviour Here is one of the lists of Notepad Alternatives Those have many additional features, most of them, if not all are multi-document. You may not need all that, but that's just for testing or use it if that's working fine & fast. You always can go back when & if the cause of the main problem was found. Notepad ++ can be installed as Portable Application , so you don't mess with the Registry (just delete the folder later and that's all) That's interesting and innovative method to solve “small problem” by getting new laptop and OS (we all should try that ) Just a reminder. Since I mentioned temporary shutting down ThreadFire (TF) in order to test – if you will uninstall A-M from old PC in order to reinstall on a new system, you can save/leave TF, otherwise I would suggest not using it alongside with A-M. Cheers! P.S. 1) after having the morning coffee I looked back to the image you provided. It is not the best quality, but most importantly that is the overall view What was asked to look at is – drill deeper into Applications, etc. and see whether there are events at the time of running Notepad. 2) I had no time yet to find your uncle
  50. 2 points
    Wow! That would be small thing to forget "ThreatFire"... you mean (?) And?... Please tell if you found the cause related to that. ====== most likely redundant info below Anyway since I prepared some after reading your previous reply I will post it ... even if nothing applies it may help in other situations ======= I am not sure I can see how that related to A-M at the moment from the description, except you are saying that disabling the guard helps. I am not using Vista but I hope that H_D may help to provide Properties info for the standard Notepad and you can do the same. a side note: that may not relate but still … If you search out there there are reports for Vista slow file opening (notepad included) but as I briefly noticed that was in time of SP1 Any reasons that you are still using SP1 but not SP2? You didn't answer the question about the size of files you are opening and whether that matters? Can you try to open any other file with Notepad like .log/ .ini. Will you experience the same effect? Are you using any add-ons / typing enhancements for Notepad? Well, again not really A-M related but there are several things that improve file opening and in Notepad in particular: - try to uncheck Word Wrapping – that really reduces opening time, but for big files. - In Explorer / File Options / View Tab find and uncheck "automaticaly search for network folders and printers " Have you ever connected this PC to the LAN? There is a weird thing: when you do the above some associations for opening files can be changed for network names “\\” in the Registry and another interesting article comes to mind (but I cannot find it right now) programs' network rules could be set that they are accessing particular IP addresses and when PC is disconnected that is still happening until that times out. Therefore, there is a delay that could be around 30 seconds before the file opens normally. You may check if there are network activities when you are opening files with Notepad. Any logged events in the System/Application Event viewer at the moments when you are using Notepad? You can clean IDS Log and check what is logged there as well at that time. Not much help and no more ideas at this point. My regards
  • Who's Online   0 Members, 0 Anonymous, 38 Guests (See full list)

    There are no registered users currently online

  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up