Jump to content

Leaderboard

  1. GT500

    GT500

    Emsisoft Employee


    • Points

      877

    • Content Count

      14248


  2. Kevin Zoll

    Kevin Zoll

    Emsisoft Employee


    • Points

      300

    • Content Count

      18856


  3. Fabian Wosar

    Fabian Wosar

    Emsisoft Employee


    • Points

      296

    • Content Count

      4407


  4. Elise

    Elise

    Emsisoft Employee


    • Points

      266

    • Content Count

      8452


Popular Content

Showing content with the highest reputation since 10/13/09 in all areas

  1. Note: It is recommended to make a backup of all important files before using the decrypter. Link to decrypter download page. <- The decrypter will tell you if your files are decryptable, whether you're dealing with an "old" or "new" variant of STOP/Djvu, and whether your ID is online or offline. Link to instructions for using the decrypter (PDF). Link to "file pair" submission form. Link to more information about the decrypter. <- Article at BleepingComputer.com Link to more detailed information about STOP ransomware (covers more than just STOP/Djvu). <
    9 points
  2. Official word is, "yes". We will give free license extensions to anyone who upgraded to Windows 10 and was unable to use the firewall. Once the issue has been resolved, please either submit a support ticket in our helpdesk system, or send a Private Message on the forums to me (English Support) or Thomas Ott (English/German Sales). Be sure to mention that you would like to have your license extended due to the Windows 10 issues and include in your message any license keys that were in use on a computer with Windows 10. Feel free to link to this forum post if you would like to.
    7 points
  3. As announced earlier, we are changing our firewall strategy and will soon merge Emsisoft Internet Security with Emsisoft Anti-Malware, effective as of our next release in October. Instead of developing our own firewall module, we’re going to rely on the built-in Windows Firewall core that has proven to be powerful and reliable. Its only weak point is the fact that anyone can freely change the firewall configuration. In other words, if malware manages to run on the PC with sufficient administrator permissions, it’s able to allow itself to get through the firewall. To resolve this vulnerability
    6 points
  4. Ransomware infections are unique in many ways. Most importantly, a lot of the natural instincts which are usually correct when dealing with malware infections can make things worse when dealing with ransomware. Please see the following steps as a guideline when dealing with your ransomware infection. Do not delete the ransomware infection The natural instinct of most users is first to remove the infection as quickly as possible. This instinct is, unfortunately, wrong. In most cases, we will require the ransomware executable to figure out what exactly the ransomware did to your files. Fi
    5 points
  5. Guten Tag, Wir haben mittlerweile mehrfach etabliert, dass Emsisoft nicht das Programm Ihrer Wahl ist. Sie haben sich bereits anderweitig ein Antivirus gesucht, dass auch noch dreißig weitere Funktionalitäten mitabdeckt. Fakt ist jedoch, dass viele Leute eben auch ein Antivirenprogramm suchen, dass nicht noch fünfzig Extras mitbringt, die man nicht will oder nicht braucht. Für diese Leute gibt es eben Emsisoft Anti-Malware und die meisten unserer Kunden sind mit der Tatsache, dass es eben 'nur' ein Rundumschutz für den Rechner ist und nicht mehr, zufrieden. Für all die angesp
    4 points
  6. Which for everything related to our core technologies (engine, behavior blocker, cleaning engine) would be me. Hi, nice to meet you! Next time someone looks strange at me for talking to myself I can now point them to this post and tell them you asked me to talk to me . Your argument is that we chose Bitdefender because it is "the best". Both Kaspersky as well as Avira consistently score higher in pure on-demand tests than Bitdefender does. If you consider PUP detection ESET is a superior contender as well. We considered all of them at one point or another but they were discarded for various re
    4 points
  7. Actually, there is a system behind it: My workstation computers are named after noble gases, like Krypton or Helium. Computers that I only use temporarily or belong to guests are named after transition metals like Titanium. Non-computer devices like smartphones are named after non-metals like Oxygen. All systems and VMs that are used for malware testing are named after radioactive elements like Uranium. Needless to say my WLAN and local workgroup is called "Periodic Table". And yes, I spent a significant amount of time coming up with that system and I am proud of it .
    4 points
  8. Everything is clear, except the parts that are in Russian. I'm going to send you a private message with some instructions.
    3 points
  9. It means that the tests done by AV-C and AV-T have a clear image of how they think AV software should work. The problem arises when your product doesn't fit the mould. Then you get penalized for not doing what everyone else does, even though what everyone else does may not be in the best interest of the user, to begin with. Best example: Snooping around in your encrypted connections, which literally every AV vendor screwed up at least once in the past and probably will continue to happen, exposing users to potentially greater risks than most malware does. For starters, the test sets ar
    3 points
  10. Please note that Emsisoft Anti-Malware for Windows XP hasn't been updated (as in program updates) in over 2 years, and we never intended on continuing long-term database update support for it. In fact, we discontinued our own database updates for it over a year and a half ago, and those still running Emsisoft Anti-Malware on Windows XP have only been receiving BitDefender database updates. We've decided that it is time to stop redistributing those BitDefender updates for Windows XP, as all they are doing is giving those on Windows XP a false sense of security. In addition, it is extremely
    3 points
  11. Wenn alle Features eingebaut würden, die Galaxy wünscht, dann würde ich EAM sofort deinstallieren. Ich mag das Programm so wie es ist und hoffe, das bleibt auch so.
    3 points
  12. Is this working OK now for everyone else? If it is, then there's no need for any more logs. All we needed was a traceroute to send to our CDN provider to help in identifying the server that was having the issue, and I managed to get one of those the other day.
    3 points
  13. @achtsam Es wird eher langsam Zeit, dass Du deinen privaten Kreuzzug einstellst. Das nimmt ja wirklich paranoide Züge an.
    3 points
  14. Hello, a2guard.exe is the visible protection process (to put it simple, the Emsisoft icon you see in the system tray). However actual protection drivers start a lot earlier. For example epp.sys (the Emsisoft Protection Platform driver) starts very early in the Windows boot process in order to ensure a protected system even when no user is logged in yet and no other programs have been started.
    3 points
  15. Today, we've received information that our Dutch team member Rob R. passed away yesterday afternoon, after suffering from an unexpected heart attack last Wednesday. Rob was our lead software tester and we always admired him for his special eye to track down the most tricky bugs. He joined our team more than five years ago by voluntarily sending over a brand new and complete Dutch translation of our software. Shortly after he initiated our efforts in offering physical delivery of our software on CD boxes and USB sticks. He also demonstrated a great interest in testing security software wh
    3 points
  16. Hardik587 You are indeed becoming most wearisome. There is an old expression among diehard Texans. "No matter how much you kick a dead horse it won't get up" This is exactly what you are doing.
    3 points
  17. Hello, please send me your license key via PM (personal message). I will add some days to your key as a sign of goodwill.
    3 points
  18. I can't make any guarantees that we'll leave a message here if someone does make a decrypter. It's probably best to follow BleepingComputer's ransomware news, as they are a reasonably reliable source for such news.
    2 points
  19. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/ There is no way to know for certain, however it is theoretically possible that someone may be a
    2 points
  20. Results of checking your files: https://id-ransomware.malwarehunterteam.com/identify.php?case=9da99e33569fe0af64a43b520f35bababd09ad3c https://id-ransomware.malwarehunterteam.com/identify.php?case=2e2e29f85fe2918c33683e2faeade22e51cf81ec https://id-ransomware.malwarehunterteam.com/identify.php?case=2f1a3356c8705f995285ab41e9456bc61f11d20e
    2 points
  21. I must say more precisely -> You trust Emsisoft Personally, I only help a little to unmask the ransomware.
    2 points
  22. Password protected archives work, as long as the password isn't posted with the link. Personally I prefer malicious files to be uploaded to VirusTotal and the link to the analysis posted, as we can download from VirusTotal but the average person who comes across our forums can't. Just keep in mind that all it takes to be allowed to download from VirusTotal is a premium account there, so technically anyone can get access to download files and thus you don't want to upload anything confidential there. We've started an analysis on it as well, however I don't think our malware
    2 points
  23. The Emsisoft Browser Security extension is now available on the Microsoft Addons store for Chromium Edge: https://microsoftedge.microsoft.com/addons/detail/jlpdpddffjddlfdbllimedpemaodbjgn Hopefully we'll be able to update EAM soon to check whether or not it's installed when you launch Chromium Edge.
    2 points
  24. Hello. This link can help! https://labs.bitdefender.com/2019/02/new-gandcrab-v5-1-decryptor-available-now/ Bitdefender Labs has made a decryption tool.
    2 points
  25. If you want to make sure the Behavior Blocker is working, there's a batch file in the ZIP archive at the following link that should trigger a detection when you run it: https://www.gt500.org/emsisoft/bb_test.zip Just extract it somewhere, double-click on the batch file, and let Emsisoft Anti-Malware quarantine it. If you don't allow it to be quarantined, then it won't work as an effective test anymore.
    2 points
  26. That's an offline ID. Support for it should be added to STOPDecrypter soon, and once that happens it should be possible for you to decrypt your files.
    2 points
  27. Hi Marshall. Not sure, but I do know that I recognize the URL of "MVPS Hosts" and I recognize the list. I don't recognize the list attached to MVPS Hosts (Domains). To view the list, click the blue "Details", "View" & "Original" buttons - see image. Sorry I couldn't offer a better explanation.
    2 points
  28. FYI: https://blog.emsisoft.com/en/32110/emsisoft-anti-malware-2018-9-beta/
    2 points
  29. Guten Tag, Bei Schwachstellen in einer Software ist es eigentlich immer am Besten wenn der Softwarehersteller die Schwachstelle behebt. Er ist der einzige, der Zugriff auf den Quellcode hat und diesen direkt verändern kann. Selbst der Patch von Microsoft ist ein wenig eine Krücke in diesem Sinne, da er nur den Zugriff verhindert und nicht wirklich die Schwachstelle behebt. Intel hat jedoch angekündigt innerhalb einer Woche eine Patch zu veröffentlichen und spätestens bis Ende Januar für alle zur Verfügung zu stellen. Emsisoft kann hier nicht dasselbe leiste wie Mic
    2 points
  30. Emsisoft Anti-Malware is compatible with the Windows update. We also just published an update that sets the compatibility flag for all users of the beta, stable and delayed update feed. Keep in mind, that Microsoft uses the same flag for all anti-virus vendors. That means if you are using multiple anti-viruses or anti-malware applications, you are risking one of those products, like Emsisoft Anti-Malware, flagging the system as compatible, even though one of your other products is not compatible. There is, unfortunately, nothing we can do to prevent this as Microsoft does not account for the s
    2 points
  31. If you change the setting (for Malware hosts) on that screen (eg to Block silently) then all instances of malware-host alerts would become silent. That's not necessarily sensible - yes, fewer alerts, but also you'd be less aware of sites that maybe you shouldn't trust so much. If you see alerts for that specific malware host frequently, you could add a rule to treat it differently eg just silently blocking it. But again, you'd then not be warned that such sites had embeded links to that host. Is that wise?
    2 points
  32. Local is your machine, "this end" of a conversation. Remote is whatever machine's at the other end.
    2 points
  33. The secure connection (HTTPS vs HTTP) has nothing to do with whether or not the website is secure. It has to do with whether or not your connection to the website is secure, which is intended to prevent snooping on communication between you and the server more than it is anything else. Man-in-the-middle attacks can still expose the contents of secure connections, but if a website is configured correctly then it is extremely difficult to do that. A hacker can compromise a website and replace legitimate downloads with infected copies, and this has happened before (ClassicShell and AmmyAdmin
    2 points
  34. Zum AV-C Test: Bei dem Test gab es ein Problem mit dem Testsetup. Es ist nicht ganz klar ob entweder das automatische Testsystem von AV-C oder EAM versagt hat. Allerdings gab es 13 Samples die als nicht erkannt klassifiziert wurden. Weder AV-C noch wir konnten das Problem reproduzieren, weshalb nach einem Nachtest alle "misses" in "user decisions" umgeklariert wurden. Allerdings ist auch die Klassifizierung irrefuehrend. Das Problem ist, dass unsere Cloud die meisten Anfragen automatisch haette beantworten koennen. Allerdings wurden alle Nachtests ohne Cloud durchgefuehrt, weil wir halt schu
    2 points
  35. Ich kann diesen beinahe hysterischen Umgang mit dem Virenschutz ohnehin nicht nachvollziehen. Ich vertraue Emsisoft, weil es im Unterschied zu sehr vielen anderen nicht spioniert und keinen Crap mitinstalliert bzw. anbietet. Das ist fast ein - und mir persönlich sehr wichtiges - Alleinstellungsmerkmal. Außerdem arbeiten an der Software Menschen, da kann es durchaus vorkommen, daß jemand temporär mal ein Brett vorm Kopf hat, es urlaubsbedingt oder aus anderen Gründen (Todesfall) zu personeller Unterbesetzung kommt oder man kurz hinter einer Erkennungsrate herhinkt, weil da jemand bei XXX eine
    2 points
  36. Actually, as I am reading some information I was sent about the changes to Game Mode, we no longer check for fullscreen applications periodically, so there should no longer be GPU spikes regardless of the state of the above option. We now check if it is appropriate to display notifications in a completely different way, which shouldn't have any bearing on GPU activity or clock speed. There's also an option in the settings for Notifications to toggle displaying notifications when in Game Mode.
    2 points
  37. Yes, this is normal. It's possible that there may be something we can do to prevent the extra notification, so I'll talk to our QA team and see what they think about this.
    2 points
  38. We have made a workaround for the above mentioned incompatibility. If you are experiencing the above behavior, please try the following build (no need to uninstall first). HitmanPro.Alert 3.1.7 Build 357 PreRelease Changelog Fixed incompatibility with Emsisoft Internet Security 11.0.0.6131Download http://test.hitmanpro.com/hmpalert3b357.exe Please let me know if this update fixes the incompatibility.
    2 points
  39. Generell basiert der Mechanismus des Quarantaene Rescans darauf, dass wir Elemente in der Quarantaene nach jedem Update neu scannen. Sollte eine Datei dann ploetzlich nicht laenger erkannt sein, gehen wir davon aus, dass es sich um einen Fehlalarm handelte. Wir justieren Erkennungen konstant. Entsprechend kann es vorkommen, dass insbesondere bei Erkennungen, die von generischen Signaturen ausgeloest wurden, selbst kleine Modifikationen dazu fuehren, dass ein bestimmtes Sample einer Malware Familie nicht laenger erkannt wird. Falls man generell nicht moechte, dass EAM oder EIS die Quarantaene b
    2 points
  40. I know, that is why I only counted signature updates. Whenever you see an exact signature count in the change log above, one of our signatures was updated. Sorry, what you ask is impossible. It should be obvious to anyone, that if you have a scan engine that already detects 95% of all malware out there, that the other engine can't suddenly detect more than that without causing gross redundancy. In general we can choose to waste hundreds of megabytes of RAM on hundreds of thousands of systems to keep duplicate signatures around so you feel validated in your purchase, or we can choose n
    2 points
  41. You must have had Beta Updates enabled as EIS 11 is still beta, and that kind of problems can happen with Betas Remedy. Uninstall 11 and then install 10 again and make sure that "Beta Updates" is disabled (unchecked)
    2 points
  42. Similar issue here. I had strayed and had been using a trial of another product. Reinstalled the latest EMIS very early this AM - 3AM EST. Tonight I have been unable to download the 1 new Important Windows Update for 8.1. Have tried several times. Can see that there is zero incoming traffic. Finally get an error that Windows Update failed. I suppose it is possible that the issue is on the Microsoft side.
    2 points
  43. Actually, I gave you evidence in form of the numbers from our internal statistics. In fact we gave that evidence 2 months ago already without anyone asking for it in form of a blog post. You just chose to ignore said evidence because it is just numbers and not a Youtube video. You also chose to ignore your own experience of EAM picking up various PUP related traces that Bitdefender failed to pick up. If you do have a few hours to kill, here are 1000 files that Kaspersky detects, that Bitdefender doesn't: b9e45effb58d54444f0b991f9a6ed7b48e987693b0fab9760df6acf0293e0c4e e37878ce17b6df6c
    2 points
  44. I personally don't care which company within the Emsisoft program detects a pup. I just want it detected.
    2 points
  45. Looks like my system is still the fastest: Emsisoft Internet Security - Version 10.0 Last update: 4/12/2015 12:05:17 AM User account: Krypton\Fabian Scan settings: Scan type: Malware Scan Objects: Rootkits, Memory, Traces, Files Detect PUPs: On Scan archives: Off ADS Scan: On File extension filter: Off Advanced caching: Off Direct disk access: Off Scan start: 4/12/2015 12:06:09 AM C:\Users\Fabian\AppData\Roaming\tmpUQC0.exe detected: Trojan.MSIL.Inject (A) Scanned 74807 Found 1 Scan end: 4/12/2015 12:06:27 AM Scan time: 0:00:18 This is the first scan after a cold boot. Later scans go
    2 points
  46. The value listed in msconfig is a registry value, so if you feel comfortable editing the Windows registry then yes you can change it. The entry you are seeing is for the Guard (the part of Emsisoft Anti-Malware that draws the System Tray icon and handles displaying notifications). It needs to wait for the service the be running before it tries to start, and since the server takes longer to load than it does it is best to have a small delay to prevent issues.
    2 points
  47. there is option all gamer need enter game mode automatically in full screen(games,movies,..) like bitdefender antivirus
    2 points
  48. Online Armor covers all these applications except the "Behavior Blocker" part. Behavior blockers and HIPS in the same product are pretty much mutually exclusive. They essentially both refer to the same underlying technology. The only difference is the way decisions are made on whether or not to allow a certain action. A HIPS will ask the user, while a behavior blocker tries to figure everything out on its own. Given that it should be obvious why those modes are mutually exclusive and why running both at the same time makes little sense: You can't both ask a user about everything and not aski
    2 points
  49. Good morning, korben First, instead of just shutting down whole Guard try separately disabling “onExecution Scan” scan only and then “Malware-IDS” only. The reason for testing “onExecution” being disabled, despite that is a long shot: In the past there were reports that opening large media files of certain type by double-clicking will cause scanning the media too with substantial delay. But when I asked the user to test invoking the the Player 1st and after that opening the media file - that worked perfectly fast. You answered already that “opening from inside” doesn't help. Still please
    2 points
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...