Leaderboard

  1. GT500

    GT500

    Emsisoft Employee


    • Points

      526

    • Content Count

      9446


  2. Fabian Wosar

    Fabian Wosar

    Emsisoft Employee


    • Points

      298

    • Content Count

      4403


  3. Kevin Zoll

    Kevin Zoll

    Emsisoft Employee


    • Points

      268

    • Content Count

      18417


  4. Elise

    Elise

    Emsisoft Employee


    • Points

      239

    • Content Count

      8117



Popular Content

Showing content with the highest reputation since 10/13/09 in all areas

  1. 7 points
    Official word is, "yes". We will give free license extensions to anyone who upgraded to Windows 10 and was unable to use the firewall. Once the issue has been resolved, please either submit a support ticket in our helpdesk system, or send a Private Message on the forums to me (English Support) or Thomas Ott (English/German Sales). Be sure to mention that you would like to have your license extended due to the Windows 10 issues and include in your message any license keys that were in use on a computer with Windows 10. Feel free to link to this forum post if you would like to.
  2. 6 points
    As announced earlier, we are changing our firewall strategy and will soon merge Emsisoft Internet Security with Emsisoft Anti-Malware, effective as of our next release in October. Instead of developing our own firewall module, we’re going to rely on the built-in Windows Firewall core that has proven to be powerful and reliable. Its only weak point is the fact that anyone can freely change the firewall configuration. In other words, if malware manages to run on the PC with sufficient administrator permissions, it’s able to allow itself to get through the firewall. To resolve this vulnerability, we’ve developed a new Firewall Fortification feature for Emsisoft Anti-Malware’s Behavior Blocker as part of our 2017.8 release. Firewall Fortification detects and intercepts malicious actions from non-trustworthy programs in real time before they can cause any damage. Behavior Blocker alert: Firewall manipulation All 2017.8 improvements in a nutshell Emsisoft Anti-Malware New: Firewall Fortification feature that blocks illegitimate manipulations of Windows Firewall rules. Improved: Forensics logging. Fixed: Rare program freezes on opening the forensics log, confirming of surf protection notifications and during malware detection. Fixed: Computer restart instead of computer shutdown executed, when set for a silent scan. Several minor tweaks and fixes. Emsisoft Enterprise Console Improved certificate handling to avoid connectivity issues. Several minor user interface improvements. Several minor tweaks and fixes. How to obtain the new version As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default. New users please download the full installer from our product pages. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great, well-protected day! View the full article
  3. 4 points
    Guten Tag, Wir haben mittlerweile mehrfach etabliert, dass Emsisoft nicht das Programm Ihrer Wahl ist. Sie haben sich bereits anderweitig ein Antivirus gesucht, dass auch noch dreißig weitere Funktionalitäten mitabdeckt. Fakt ist jedoch, dass viele Leute eben auch ein Antivirenprogramm suchen, dass nicht noch fünfzig Extras mitbringt, die man nicht will oder nicht braucht. Für diese Leute gibt es eben Emsisoft Anti-Malware und die meisten unserer Kunden sind mit der Tatsache, dass es eben 'nur' ein Rundumschutz für den Rechner ist und nicht mehr, zufrieden. Für all die angesprochenen Features - Passwortgenerator, Kinderschutz, etc - gibt es bereits gute Programme, die man sich bei Bedarf installieren kann. Viele Leute haben aber entweder keine Kinder oder wollen diesen den Zugang nicht beschränken, warum sollten wir diesen Leuten einen Kinderschutz mitinstallieren. Einige haben eben auch nicht RAM oder CPU im Überfluß, für diese Leute ist es noch ärgerlichr wenn das RAM durch ein AV belegt ist, dass aufgrund von ungenutzten Features die Ressourcen auffrisst. Fazit: Es gibt viele Antivirenprogramme, die die eierlegende Vollmilchsau sein wollen und versuchen alle Programme in einem zu vereinen. Es gibt User, die diesen Ansatz nicht mögen und nur ein Antivirenprogramm wollen. Nicht mehr. Für diese Leute gibt es, zum Beispiel Emsisoft Anti-Malware. Sie gehören nicht zu dieser Gruppe und das ist ok. Mit freundlichen Grüßen Kathrin
  4. 4 points
    Which for everything related to our core technologies (engine, behavior blocker, cleaning engine) would be me. Hi, nice to meet you! Next time someone looks strange at me for talking to myself I can now point them to this post and tell them you asked me to talk to me . Your argument is that we chose Bitdefender because it is "the best". Both Kaspersky as well as Avira consistently score higher in pure on-demand tests than Bitdefender does. If you consider PUP detection ESET is a superior contender as well. We considered all of them at one point or another but they were discarded for various reasons. The article is based on the submission we got through the "Submit information about detected Malware" option in all our products, which reports back meta data (infection names, number of infected objects) about all infections found by our products.
  5. 4 points
    Actually, there is a system behind it: My workstation computers are named after noble gases, like Krypton or Helium. Computers that I only use temporarily or belong to guests are named after transition metals like Titanium. Non-computer devices like smartphones are named after non-metals like Oxygen. All systems and VMs that are used for malware testing are named after radioactive elements like Uranium. Needless to say my WLAN and local workgroup is called "Periodic Table". And yes, I spent a significant amount of time coming up with that system and I am proud of it .
  6. 3 points
    It means that the tests done by AV-C and AV-T have a clear image of how they think AV software should work. The problem arises when your product doesn't fit the mould. Then you get penalized for not doing what everyone else does, even though what everyone else does may not be in the best interest of the user, to begin with. Best example: Snooping around in your encrypted connections, which literally every AV vendor screwed up at least once in the past and probably will continue to happen, exposing users to potentially greater risks than most malware does. For starters, the test sets aren't nearly as representative anymore. When we participated in AV-T and AV-C both tested with less than 200 samples a month on average. 200 samples out of literally tens of millions. The exact selection isn't clear and not representative of what users deal with either. None of them tests with PUPs for example, even though a simple look at any tech support community will tell you, that it is probably by far the biggest problem users are dealing with. So no, neither of those test scores represents real-life performance and it becomes blatantly obvious when you go to places like Bleeping Computer, GeeksToGo, Trojaner Board, Malekal, and all those other communities where people infected by malware show up for help and look at what products these victims used at the time they became infected. Then you will notice that a lot of these products with perfect scores don't look nearly as perfect in real-life conditions. The reason for this discrepancy is quite simple: Most AV vendors will specifically optimise their products for these tests. The most severe cases are where vendors end up outright cheating and detecting the test environments which then results in a change of behaviour of the product (think Dieselgate, but with anti-virus). But there are many ways you can game these tests. For example: you can try to figure out the threat intel feeds the companies use, then just buy those same threat intel feeds so you have all samples in advance you can track their licenses and supply different signatures to them or use your cloud to treat those test systems differently some particularly shady organisations literally also sell you their sample and malicious URL feed, so you can just outright buy the samples and URLs your product will get tested on later What you end up with as a result is a product that is optimised really really well for the exact scenario they are being tested under using the exact type of URLs and samples these testers use, but that is utterly useless when it comes to anything else. We just really don't want to create this type of product. So when we were asked whether we wanted to continue to participate this year, we discussed the matter internally, looked at what we get out of these tests (meaning: whether these tests have a discernable impact on our revenue) and decided that they are simply not worth it and that the tens of thousands of Euros we spent on them every year would be better spent on extending our team and building new ways of keeping our customers safe.
  7. 3 points
    Please note that Emsisoft Anti-Malware for Windows XP hasn't been updated (as in program updates) in over 2 years, and we never intended on continuing long-term database update support for it. In fact, we discontinued our own database updates for it over a year and a half ago, and those still running Emsisoft Anti-Malware on Windows XP have only been receiving BitDefender database updates. We've decided that it is time to stop redistributing those BitDefender updates for Windows XP, as all they are doing is giving those on Windows XP a false sense of security. In addition, it is extremely dangerous to continue using Windows XP. It has (for several years now) had well-known and major security vulnerabilities that Microsoft will never fix. These vulnerabilities make it trivial to infect a Windows XP system, and there is no security software in the world that is capable of preventing it. We can not, in good conscience, continue to provide any support for this version of Windows, as we announced on December 31st, 2015: https://blog.emsisoft.com/2015/12/02/why-we-believe-its-not-ethical-to-sell-antivirus-software-for-windows-xp-any-longer/ We highly recommend that you upgrade to a newer Operating System that is still supported. It doesn't matter if that's a newer version of Windows, or something free like Linux or BSD, as long as you'll be receiving security updates from whoever makes it. New vulnerabilities are discovered almost every day for every major Operating System (Windows, Linux, BSD, MacOS, Android, etc) so it is absolutely critical that you are able to receive security updates from whoever made the Operating System to help keep you and your data safe.
  8. 3 points
    Wenn alle Features eingebaut würden, die Galaxy wünscht, dann würde ich EAM sofort deinstallieren. Ich mag das Programm so wie es ist und hoffe, das bleibt auch so.
  9. 3 points
    Is this working OK now for everyone else? If it is, then there's no need for any more logs. All we needed was a traceroute to send to our CDN provider to help in identifying the server that was having the issue, and I managed to get one of those the other day.
  10. 3 points
    @achtsam Es wird eher langsam Zeit, dass Du deinen privaten Kreuzzug einstellst. Das nimmt ja wirklich paranoide Züge an.
  11. 3 points
    Hello, a2guard.exe is the visible protection process (to put it simple, the Emsisoft icon you see in the system tray). However actual protection drivers start a lot earlier. For example epp.sys (the Emsisoft Protection Platform driver) starts very early in the Windows boot process in order to ensure a protected system even when no user is logged in yet and no other programs have been started.
  12. 3 points
    For the following ransomware, we have decrypters: Actively spreading ransomware: MRCR or Merry X-Mas Globe Globe 2 Globe 3 Nemucod Philadelphia Stampado Xorist Actively spreading ransomware, but the decrypter only works for older infections: Al-Namrood NMoreira LeChiffre PClock FenixLocker GlobeImposter Inactive ransomware: 777 Apocalypse ApocalypseVM AutoLocky BadBlock CrypBoss CryptInfinite CryptoDefense DMALocker DMALocker2 Fabiansomware Harasom HydraCrypt Gomasom KeyBTC Marlboro OpenToYou OzozaLocker Radamant
  13. 3 points
    Today, we've received information that our Dutch team member Rob R. passed away yesterday afternoon, after suffering from an unexpected heart attack last Wednesday. Rob was our lead software tester and we always admired him for his special eye to track down the most tricky bugs. He joined our team more than five years ago by voluntarily sending over a brand new and complete Dutch translation of our software. Shortly after he initiated our efforts in offering physical delivery of our software on CD boxes and USB sticks. He also demonstrated a great interest in testing security software which recently led him to becoming our lead tester for Emsisoft Anti-Malware and Emsisoft Internet Security. Rob will truly live on in our memories as a valued team member and friend.
  14. 3 points
    Hardik587 You are indeed becoming most wearisome. There is an old expression among diehard Texans. "No matter how much you kick a dead horse it won't get up" This is exactly what you are doing.
  15. 3 points
    Hello, please send me your license key via PM (personal message). I will add some days to your key as a sign of goodwill.
  16. 2 points
    Hi Marshall. Not sure, but I do know that I recognize the URL of "MVPS Hosts" and I recognize the list. I don't recognize the list attached to MVPS Hosts (Domains). To view the list, click the blue "Details", "View" & "Original" buttons - see image. Sorry I couldn't offer a better explanation.
  17. 2 points
    Hallo Moreau, vielen Dank für Ihre positive Rückmeldung. Immer wieder gerne und vielen Dank für die freundliche Kommunikation. Ich wünsche Ihnen einen guten Start in die (noch fast) neue Woche!
  18. 2 points
    Hello RodPaulo! Over the last three months, we gradually rolled out new infrastructure for our behavior blocker as part of the monthly feature updates. We decided to introduce this new tech gradually as to avoid headaches when switching everything at once. In addition, just the infrastructure on its own had major benefits like fixing several long-standing compatibility issues with products like Kaspersky, Avast, AVG and some other products, that rendered systems unusable as no process could be started on systems running both EAM and their product in real-time. The rollout itself was pretty smooth and we didn't see anything unusual in our telemetry or continuous daily testing either. However, it turned out that there was a rare race condition with certain malware obfuscators that caused some 32-bit processes to not be monitored correctly on Windows 10 64-bit systems. AV-C did report the issue to us as part of their normal report at the end of March and we fixed and released it as an update during the 2018.3 lifecycle very shortly after, but by then we already had racked up a couple of misses in the April test period as well. You may also be interested in the AV-C business test series factsheet they just published, available here: https://www.av-comparatives.org/wp-content/uploads/2018/05/avc_biz_2018_03_factsheet_en.pdf
  19. 2 points
    Other companies have 10 to 100 times the number of employees we do. Having one person there that fixes bugs in Windows Insider builds isn't much of an issue there. However, us doing that would mean ~30% of all development time disappears to keep a couple of hobbyists happy who use a system that is not intended for use in production systems on their production system. We do include insider builds in our QA runs, so we know if or what is broken so we can fix it in time for a release. But unless something is fundamentally broken, risking system security or stability, we won't fix bugs specific to insider builds before a release to web is close.
  20. 2 points
    Guten Tag, Bei Schwachstellen in einer Software ist es eigentlich immer am Besten wenn der Softwarehersteller die Schwachstelle behebt. Er ist der einzige, der Zugriff auf den Quellcode hat und diesen direkt verändern kann. Selbst der Patch von Microsoft ist ein wenig eine Krücke in diesem Sinne, da er nur den Zugriff verhindert und nicht wirklich die Schwachstelle behebt. Intel hat jedoch angekündigt innerhalb einer Woche eine Patch zu veröffentlichen und spätestens bis Ende Januar für alle zur Verfügung zu stellen. Emsisoft kann hier nicht dasselbe leiste wie Microsoft oder Intel, da wir weder den Quellcode von Windows noch für die Intelprozessoren haben. Wir werden jedoch, wie immer, unsere Verhaltensanalyse und den Dateiwächter mit allen Signaturen ausrüsten um Malware die diese Schwachstelle nutzen will zu blockieren. Besser ist es jedoch so schnell wie möglich sämtliche Sicherheitsupdates zu installieren. Ein Antivirenprogramm ist keine Alternative zu Sicherheitupdates. Mit freundlichen Grüßen Kathrin
  21. 2 points
    The holiday season is not only a great opportunity to spend time with loved ones, but also to look back at the year gone by. For us at Emsisoft, we could finally take a brief moment to realize just how busy 2017 has been for the team and the wider security industry: from major ransomware outbreaks that took most (Emsisoft customers excluded) by surprise to constant product evolution to guarantee the best possible malware protection for our customers, this year has been anything but uneventful. Better surf protection: Both online and in the water Prevention is worth a pound of cure, so raising awareness of online security issues has always been close to our hearts. Back in November 2016 we started out with the world’s first surf protection research using drones and high technology drifters, teaming up with Surf Life Saving New Zealand to map currents and further understand threats and dangers that await unsuspecting surfers under the surface. The campaign results exceeded our highest expectations: not only was the project widely covered in media outlets across the country, but the insight gained formed the basis for future projects and was even presented at a conference sponsored by the World Health Organization. As our CEO Christian Mairoll put it: Whether online or in the water, Emsisoft always aims to observe dangerous environments, analyze specific threats and most importantly prevent dangerous situations that surfers suffer from everyday. Ransomware outbreaks take many by surprise Ransomware attacks are nothing new for our team, but the sheer size and speed of two major outbreaks this year caught many off guard. In May, Wannacry ransomware took advantage of the NSA shadow broker exploits to rapidly spread to hundreds of thousands of machines, including major corporations in Europe and beyond. A mere month later, Petya used the same exploits to wreak havoc across high-profile businesses in dozens of countries and exposed, despite repeated warnings from security experts, the general lack of basic protective measures, including up-to-date operating systems, regular backups and the use of reputable anti-malware software. Our customers were safe from these attacks thanks to Emsisoft Anti-Malware’s multi-layered protection. Yet it’s events like these that remind us of the need to constantly improve our technology and awareness to stay one step ahead of cybercriminals. Emsisoft evolves to stay ahead of malware Malware attacks of this nature require an immediate response. Luckily, one of our main advantages over many competitors is our ability to adapt quickly. Starting in January, we introduced a new product versioning scheme that aligns with our development month and laid the foundation to bring protection and usability features to our customers faster than ever, rather than waiting for a major release. Making great protection even better Our customers choose Emsisoft first and foremost for one reason: to be protected from all types of malware threats. It’s a job we take seriously, which is why we have launched a number of improvements throughout 2017. Our personal highlights: We made our Behavior Blocker even more capable, detecting malware and ransomware threats that try to disable antivirus software. We promoted our existing ransomware protection into a dedicated “Anti-Ransomware” layer. We added Double Pulsar exploit mitigation in response to the increase in ransomware outbreaks. This doesn’t include the countless under-the-hood changes to the Surf Guard to detect even more phishing scams and the performance improvements we have launched month after month to ensure your protection does not get in the way of your day. Keeping things simple Simplicity is one of our core values here at Emsisoft, and the product team made it a clear focus to deliver against it in 2017. We looked at all aspects of our software and listened to a lot of customer feedback to learn how we can make things better, faster, and simpler. The result was a raft of new and improved features that we released over the last 12 months, including: a simplified user permissions system based on 2 groups; a brand-new feature to exclude specific programs from scanning and protection; an extended Forensic Log to better reproduce malware-related events on your machine; an auto-resolve mode for the behavior blocker to reduce user-dependencies; email notifications. Merging Emsisoft Internet Security with Emsisoft Anti-Malware But perhaps the biggest change in terms of our product development has been the merging of Emsisoft Internet Security with Emsisoft Anti-Malware in October this year. What may have seemed like a sudden decision was the result of a careful evaluation of our core competencies, the realities of a changing malware landscape and the preparation for things to come. To ensure customers dependent on a firewall would receive a comparable level of protection, we released a Fortification feature for the Windows Firewall to ensure that malware will not be able to tamper with it. Business-grade security that just works As we’ve touched on earlier, this year in particular exposed just how devastating ransomware attacks can be for companies both large and small if they do not have reliable endpoint protection in place. We always believed that sophisticated, enterprise-level endpoint protection does not need to be complex, and we have continued to refine the experience of our business customers, whether that’s enhanced Emsisoft Enterprise Console connection features or new MSI setup files for time-efficient group policy deployment in larger Windows networks. Our efforts did not go unnoticed either, as independent test lab AV-Comparatives praised our business solution for its ease of use, clean design and fast deployment capabilities in this year’s Business Security Report 2017. Combined with a stellar malware protection rate powered by Emsisoft Anti-Malware, we walked away with the “Approved Business Product Award” for the second year running. The feedback that counts: yours While it’s great to get recognized with industry awards for our malware protection performance, it’s the messages we receive from our customers and partners that put a smile on our faces and give us the motivation to get up in the morning to fight the good fight. I wanted to take a moment of your time and let you know that there just isn’t a better anti-malware company than Emsisoft. Your dedication to the world of online protection is the best in the business. I have 100% confidence in Emsisoft to keep me safe on line no matter what. It’s just something I never have to think about. Joel Gardner, Switzerland Emsisoft is about security. Looks good, works good, is light and what is most important, Emsisoft is about trust. My is over 8 years as paid customer, without any single security PC problem. Franky via Twitter Another gold star for Emsisoft! I’ve been with you since a-squared, and it’s always been prompt, professional and excellent service all the way, not to mention the superb software solutions. These days, companies that care are unfortunately few and far between. Douglas Sharp, Germany I own a brick and mortar retail computer repair shop. We have sold hundreds if not thousands of copies of Emsisoft through our retail business. I have to say Emsisoft works so well that I feel like it may be hurting our repair business. Our customers like it and that’s what matters. David Gentry, Lantean Systems LLC, USA What lies ahead in 2018? Ransomware once again dominated the year, and we are expecting this trend to continue into 2018. Wannacry and Petya attacks made sure that even the most technophobic among us have at least a basic level of awareness. But they also laid bare the ample opportunities for cyber crime as too many business still don’t have credible security strategies in place. We covered the emergence and increasing sophistication of Ransomware-as-a-Service (RaaS) business models, allowing anyone with malicious intentions to execute their own ransomware attack and share the ill-gotten gains with the RaaS creators. Given the ease of using these services and the proliferation of cryptocurrencies, we at Emsisoft expect the ransomware campaigns to continue unabated into the new year. The other trend to keep an eye on is also connected to the rise of digital currencies: Cryptomining. Online criminals and even some „legitimate“ websites are experimenting with the use of crypto-miners to extract revenue from users. Whether it will evolve into a legitimate alternative to the established ad model or remain mostly a tactic by malware authors remains to be seen. Whatever the outcome, as long as cryptocurrencies continue to rise, we expect to come across increasingly sophisticated variants. But what will Emsisoft look like in 2018? We plan to continue our efforts to declutter Emsisoft Anti-Malware to make it the easiest to use protection software on the market. Our Malware Lab is working relentlessly on a new malware detection and protection system that is going to raise the bar in the industry. In addition, our product development teams have started working on a major project a couple of months ago that is expected to be launched no earlier than mid 2018. We can’t wait to share more details as we get closer to the actual release and to hear what you think. But until then, you can count on Emsisoft to protect you from all the current and future threats that may lurk out there. Malware never sleeps, and nor do we. Have a brilliant, malware-free 2018! View the full article
  22. 2 points
    Thanks Umbra. I've also done step 2, and I suspect your right that is good enough.
  23. 2 points
    Just for fun (and reference) I took a screenshot of the visitor stats from my own private server. The screenshot is censored so it doesn't show IP addresses, the names of files visitors accessed, or what websites they were referred from. Here's a link if anyone wants to see it: https://www.gt500.org/images/http_stats.png This is just general statistics compiled from server logs, and you can actually get a little more information than what you see there from those logs. I guess what I'm trying to say is simply that if website owners really want to track you, they don't don't need Google or other analytics services to do it. Especially since there's no way to prevent the server from logging all of this data (since the servers do that automatically and have access to all of that data when your web browser loads anything from the server). If this is something you're concerned about then TOR, VPN's, and Virtual Machines are going to do you much more good than worrying about what "trackers" are being used by any individual webpage. TOR and VPN's help keep your IP address private and make it very difficult to determine where you actually are, and of course Virtual Machine's give a generic system for you to browse on and you can restore to a snapshot to reset everything to the condition it was in before you started browsing. Some things may be unique to your Virtual Machine, such as the combination of your CPU and the amount of RAM and disk space, so in theory it would still be possible to "fingerprint" it, however does it really matter if a website "fingerprints" a Virtual Machine (especially when they can't determine the geographical location)? Also note that "browser fingerprinting" isn't something that I tend to worry much about. It's unfortunate that it's possible, but it's also benign in the vast majority of cases, and the lengths you have to go to in order to prevent it are... well... more that I would be willing to do for something that isn't going to effect me enough for me to care. uBlock Origin blocks most advertising and tracking stuff, so the amount of money that advertisers can make by "fingerprinting" my browser and targeting me is minimal, and if the NSA wants to monitor me then I expect the only way to truly prevent that is to live in a lead box and never connect to the Internet again.
  24. 2 points
    Arbeite doch einfach selbst Deine Profilneurose auf, oder suche Dir professionelle Hilfe. Ich bin ziemlich sicher, daß das Sammeln von likes und dislikes Dir nicht wirklich weiterhelfen wird...
  25. 2 points
    Hello to you all, l don't know how some of you are going to react to my post but the end is what matters. On Friday morning we (company) where infected from the Cry36 Virus(Ransom). Our Server 2008R2 was with anti-virus and with Windows Update.. up to date.. At the time we had a external Hard drive connected to the server (the only one we had) since we didn't have a duplicate due the second one failed on us. Due to hard times here in Greece we thought that one hard drive was enough. Since our server was under repair with a raid problem we had an live backup. All our files where encrypted.. Most you will probably understand. We called local Police, Internet Crime Center Greece and Interpol. We had support for a number o techs, antivirus profs in Greece and around the world. We had no choice but to gamble with the hackers. They asked for $800 in bit coin. We had nearly every day email exchange with them. The process to obtain bit coin was a long and stressing time. The amount of money we where loosing day by day was nightmare. After 8 days we had the bit coin, we transferred them to the people responsible and in 15min we had the unlock.exe we our ID and a password from Greece to US. They even gave us instructions and warnings not to damage the files. We got all our files back!!!!!!!!!!!!!! Yes we did the wrong thing and payed. In the end we lost a lot of money and lived 10 days of hell!!!!! The virus was infected from a personal email...
  26. 2 points
    For reinstallation media, always use the Media Creation tool to ensure as much updates as possible are included (this is generally a good idea because it also reduces the amount of updates you'll have to install after installation): https://www.microsoft.com/en-gb/software-download/windows10 As for the rest, the vulnerability is/was in the SMB (server message block) protocol, which is not something an average home user requires, if you are concerned you can just reinstall Windows without network connection, go to Programs and Features > Turn Windows Features On and Off and in the populated list locate SMB1, uninstall this before continuing.
  27. 2 points
    The secure connection (HTTPS vs HTTP) has nothing to do with whether or not the website is secure. It has to do with whether or not your connection to the website is secure, which is intended to prevent snooping on communication between you and the server more than it is anything else. Man-in-the-middle attacks can still expose the contents of secure connections, but if a website is configured correctly then it is extremely difficult to do that. A hacker can compromise a website and replace legitimate downloads with infected copies, and this has happened before (ClassicShell and AmmyAdmin are a couple of examples). With popular software (7-Zip for instance) there shouldn't be a BB alert, since it would be trusted by our Anti-Malware Network. With less popular software, it does become more problematic, however a user can search for the SHA-1 hash provided in the alert and try to find information about the file in question.
  28. 2 points
    Fabian who works on the decrypters has been ill recently, but we are looking into this. Please be patient. Regards, Sarah
  29. 2 points
    Vielen Dank für die Antwort. Ein Lösegeld ist geflossen, aber die Entschlüsselung funktioniert nicht sauber. Am Ende der meisten Dateien bleiben Codereste übrig, die natürlich die Funktion des Systemes stark einschränken und die ganze Aktion ist für die Katz. Ich kann die Dateien teilweise per Hand bereinigen, aber das ist keine Lösung. Sollte eine saubere Entschlüsselung möglich sein, wäre ich sehr dankbar, da sonst alle Patientendaten einfach mal weg sind. Das wäre ein Totalschaden. Im Moment setze ich das System neu auf und versuche die Oracledatenbank wiederherzustellen und brauchbar zu machen. Wenn es von Interesse ist, kann ich die Entschlüsselungsdatei zur Verfügung stellen. Aber bei diesem Trojaner ist eine Zahlung sinnlos.
  30. 2 points
    That would help in this particular instance (alerts during an uninstall), however every rule that exists can decrease performance, so rules are generally not kept if they are not needed.
  31. 2 points
    Hi CBMan, Thank you for your suggestion. As the idea seems fair to me, I added your suggestion in our tracker. Will be discussed soon and then we will decide if discard or work on it. Thanks again, Orlando
  32. 2 points
    The following innovations make Online Armor 5.5 our best firewall ever: Integration of Anti-Malware Network: Unknown programs are immediately cross-checked against the cloud. The Online Database contains around 4 million entries and relies on the intelligence of the cloud. Programs considered harmless are automatically permitted, while annoying pop-up windows and alerts are omitted. So you can totally focus on your work! New cloud-based scan: Our cloud scan, already used in Emsisoft MalAware, has been included in Online Armor. Even if there is no record of a file in the Anti-Malware Network, more than 7 million signatures mean that malware can be recognized reliably to keep your PC safe. Improved license and update system: Software updates are downloaded and installed way quicker. Moreover, Online Armor relies on the license system used for other Emsisoft products. Access our Customer Center to find and manage the licenses for all your Emsisoft products in one place. Your Online Armor license key will be automatically transferred to the new system as soon as you use version 5.5 for the first time. Unnecessary key resets when reinstalling your OS are a thing of the past. New pricing system rewards your loyalty: The 1-year license is 25 % cheaper if renewed once the initial 1-year period has expired and will be a further 5 % cheaper for every additional year you renew it. Long-term customers can thus benefit from discounts of up to 50 %. Fine tuning: We have added news popups that keep you up to date with the latest Emsisoft news and fixed several potential incompatibilites, e.g. in combination with Ad Muncher or WinCrypt. As well as countless minor changes for improved user experience and best protection. To get the latest version, just run an online update or alternatively uninstall and reinstall the latest setup package from the official Emsisoft Online Armor product page. If you are using Online Armor FREE earlier than 5.0, please uninstall this version and download the new one. Introductory offer: Pack of 3 for the price of 1 = 45 % discount! Limited offer until February 14th, 2012: Buy a 1-year license now for Emsisoft Online Armor Firewall for 3 PCs at a special price: Instead of US $73.- only US $40.-. Buy here
  33. 2 points
    Zum AV-C Test: Bei dem Test gab es ein Problem mit dem Testsetup. Es ist nicht ganz klar ob entweder das automatische Testsystem von AV-C oder EAM versagt hat. Allerdings gab es 13 Samples die als nicht erkannt klassifiziert wurden. Weder AV-C noch wir konnten das Problem reproduzieren, weshalb nach einem Nachtest alle "misses" in "user decisions" umgeklariert wurden. Allerdings ist auch die Klassifizierung irrefuehrend. Das Problem ist, dass unsere Cloud die meisten Anfragen automatisch haette beantworten koennen. Allerdings wurden alle Nachtests ohne Cloud durchgefuehrt, weil wir halt schummeln und alle Dateien in der Cloud haetten Blacklisten koennen und AV-C keine Moeglichkeit hat, unsere Cloud zum Zeitpunkt des Originaltests zurueck zu drehen. Fehlalarme wurden durch Setups verursacht die Double Signed sind. EAM hatte in dem Fall Probleme die digitalen Signaturen korrekt zu erkennen. Das Problem wurde mittlerweile allerdings behoben.
  34. 2 points
    Thanks, works great, thanks for all the feedback in this thread and for getting it sorted.
  35. 2 points
    Actually, as I am reading some information I was sent about the changes to Game Mode, we no longer check for fullscreen applications periodically, so there should no longer be GPU spikes regardless of the state of the above option. We now check if it is appropriate to display notifications in a completely different way, which shouldn't have any bearing on GPU activity or clock speed. There's also an option in the settings for Notifications to toggle displaying notifications when in Game Mode.
  36. 2 points
    We published our fix as a beta update a couple of minutes ago. So if you are affected by it, switching the update feed to Beta under Settings/Updates should get you the new build.
  37. 2 points
    Hallo Thomas, vielen Dank für die ganzen Informationen, ich bin begeistert von der Reaktion des Supportteams hier im Forum, bei Avast hat es Tage gedauert und die ganzen Moderatoren haben sich schon nicht mehr ins Forum getraut grade bei dem Thema Win 10 Update erst 6 Monate nach Veröffentlichung von Win 10 ..... und das für zahlende Kunde... der Witz daran die Consumer Version ist von Anfang an win 10 kompatibel ... Egal das Thema ist Geschichte aber es ärgert mich immer noch ;-) Es freut mich auch schon direkt ein Key im Postfach zu haben ich mach mich an die Arbeit zu testen, der Großteil aller Fragen ist schon von dir beantwortet worden eine Wichtige wär für mich noch das Thema Rückmeldung der Updates und Notebooks extern. 6) Wie bekommen Notebook Clients Updates die nur selten im Netzwerk sind vielleicht 2-10 mal im Jahr ? Wie kommen die Informationen von den Clients zurück in die Console wird eine VPN Verbindung benötigt ? Gibt es dazu ein Best practice? Ich hoffe ihr geht immer mehr in die Richtung Business Lösung mit einer sehr guten Console und guten Support könnt ihr da ganz viele Kunden generieren mache da gerne Werbung für wenn ich mit eurem Produkt zufrieden bin. Fangt bitte nur nicht an die alle anderen AV Hersteller alles in die Cloud zu packen das sehe ich bei dem Thema AV sehr kritisch wenn dann jmd. mal an den Account kommt. Klar ne art proxy für Rückmeldung andere Clients ist ja ok aber die komplette Kontrolle der Console sollte immer im geschützten Netzwerk bleiben! Irgendwie freu mich mich jetzt aufs testen Gruß Zwergenmeister
  38. 2 points
    Generell basiert der Mechanismus des Quarantaene Rescans darauf, dass wir Elemente in der Quarantaene nach jedem Update neu scannen. Sollte eine Datei dann ploetzlich nicht laenger erkannt sein, gehen wir davon aus, dass es sich um einen Fehlalarm handelte. Wir justieren Erkennungen konstant. Entsprechend kann es vorkommen, dass insbesondere bei Erkennungen, die von generischen Signaturen ausgeloest wurden, selbst kleine Modifikationen dazu fuehren, dass ein bestimmtes Sample einer Malware Familie nicht laenger erkannt wird. Falls man generell nicht moechte, dass EAM oder EIS die Quarantaene bei jedem Update neu scanned, dann kann man unter Einstellungen/Allgemein den Quarantaene-Scan von "Automatisch" auf "Kein erneutes Scannen" aendern. Haette sie definitiv. Tesla ist im Grunde nicht wirklich neu. Die ersten Versionen gehen auf Mai diesen Jahres zurueck. Das hier wuerde passieren, wenn man versucht TeslaCrypt auf einem von EAM or EIS geschuetzten PC auszufuehren: Sollte man die Cloud Unterstuetzung deaktiviert haben oder in dem unwahrscheinlichen Falle, dass die Cloud das Sample noch nicht kennt, dann bekommt man folgende Warnungen zu sehen: Erst nachdem man jede dieser Warnhinweise ignoriert und die weitere Ausfuehrung erlaubt hat, wird ueberhaupt irgendeine Datei auf dem PC verschluesselt.
  39. 2 points
    Isabelle, I am going to have you run 2 tools that target Adware and Junkware in general. Download AdwCleaner and save it on your desktop. Close all open programs and Internet browsers (you may want to print our or write down these instructions first). Double click on adwcleaner.exe to run the tool. Click on the Scan button. After the scan has finished, click on the Clean button. Confirm each time with OK. You will be prompted to restart your computer. A text file will open in Notepad after the restart (this is the log of what was removed), which you can save on your desktop. Attach that log file to your reply by clicking the More Reply Options button to the lower-right of where you type in your reply. NOTE: If you lose that log file for any reason, you can find it at C:\AdwCleaner on your computer. Download Junkware Removal Tool and save it on your desktop.Run the tool by double-clicking it. The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log is saved to your desktop and will automatically open. Attach the JRT log file to a reply by clicking the More Reply Options button to the lower-right of where you type in your reply.
  40. 2 points
    I know, that is why I only counted signature updates. Whenever you see an exact signature count in the change log above, one of our signatures was updated. Sorry, what you ask is impossible. It should be obvious to anyone, that if you have a scan engine that already detects 95% of all malware out there, that the other engine can't suddenly detect more than that without causing gross redundancy. In general we can choose to waste hundreds of megabytes of RAM on hundreds of thousands of systems to keep duplicate signatures around so you feel validated in your purchase, or we can choose not to do that, not to waste everyone's resources. To be honest, that's not even a choice really.
  41. 2 points
    You can go ahead and have EEK safely delete: Value: HKEY_USERS\S-1-5-21-3104866962-3908348715-1408370962-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A) Value: HKEY_USERS\S-1-5-21-3104866962-3908348715-1408370962-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)Everything else looks good.Unless you are having problems, it is time to do the final steps. Now to remove most of the tools that we have used in fixing your machine: Download Delfix from here and save it to your desktop. Ensure Remove disinfection tools is checked.Also place a checkmark next to:Create registry backupPurge system restoreClick the Run button.When the tool is finished, a log will open in notepad. I do not need the log. You can close Notepad.Empty the Recycle Bin Download to your Desktop: - CCleaner Portable UnZip CCleaner Portable to a folder on your Desktop named CCleanerRun CCleanerOpen the CCleaner Folder on your Desktop and double click CCleaner.exe (32-bit) or CCleaner64.exe (64-bit) Click "Options" and choose "Advanced" Uncheck "Only delete files in Windows Temp folders older than 24 hours" Then go back to "Cleaner" and click the "RunCleaner" button. Exit CCleaner. Turn off System restore to flush all your restore points then turn system restore back on. See How To Enable and Disable System Restore.You can delete and uninstall any programs I had you download, that you do not wish to keep on the system. Run Windows Update and update your Windows Operating System. Install and run the , this will inspect your system for software that is out-of-date and in need of updating. Update anything program/application detected as being out-dated. Articles to read: How to Protect Your Computer From Malware How to keep you and your Windows PC happy Web , email, chat, password and kids safety 10 Sources of Malware Infections That should take care of everything. Safe Surfing!
  42. 2 points
    You have to be careful if you are behind a router. You may just be testing that.
  43. 2 points
    I appreciate the honesty but I hope you understand that a bug like this needs to be fixed on top priority. It prevents the download of critical updates unless the Firewall is deactivated but deactivating the firewall can make the system vulnerable. I mean an issue as critical as this should be treated as soon as possible.
  44. 2 points
    Good morning. Can we expect to get a fix for the updates not working soon, please? Having to disable the firewall to get updates seems an important bug to me. Thanks in advance and best regards, François
  45. 2 points
    I don't have any insight in the test-methodology apart from what the article states, but a few observations make me doubt the relevancy of this test: The test compares a number of different products: antirootkit scanners and anti-malware scanners. This makes no sense to me. TDSSkiller is an excellent Antirootkit scanner in my opinion, but it is a limited tool, you cannot compare this with a anti-malware scanner like EEK or MBAM because its simply a different product. The tested malware is for the most part very, very old and not seen in the wild anymore, even though the article states 2015 and "in the wild" in the title. To give a few examples: Alureon/TDL3/4 hasn't been around "in the wild" for at least 3 years (and thats estimating it very loosely) The article listed is from 2010 (!) http://contagiodump.blogspot.gr/2011/02/tdss-tdl-4-alureon-32-bit-and-64-bit.html?m=1 The same goes for ZeroAccess/Max++. The latest usermode version of that rootkit was active in 2013 and after the botnet was taken down for a large part, there has been no re-emergence of this malware. However, its kernelmode version was quite a bit older, this was last seen in 2011. Sure, its interesting to see how products perform against such rootkits, but how useful is it? Those rootkits were "retired" for a very good reason, they can no longer infected today's OS versions. Finally, I'm not one to make accusations, but I don't like "sponsored by..." tests. I'm fully willing to believe that Zemana was indeed the best product to remove all these infections, but I just think its not the best strategy for any testing lab to let a sponsor also participate in the tests, just to avoid any possible doubt as to the objectiveness of the test results.
  46. 2 points
    Here's how to reset the Global Firewall Rules to factory defaults: Open Emsisoft Internet Security. Click on Settings in the menu at the top. Click on the Factory defaults button near the upper-right. Make sure that only the option labeled Global firewall rules is selected. Click the OK button to apply the changes.
  47. 2 points
    I personally don't care which company within the Emsisoft program detects a pup. I just want it detected.
  48. 2 points
    If a license key for Emsisoft Anti-Malware is remapped more than 5 times in a day, then our system will lock out any further remaps for 24 hours. If you contact support, we can clear the mapping history manually if needed. In your case, this shouldn't end up being an issue.
  49. 2 points
    In general the behavior blocker ignores most scripting hosts, as it is not possible to distinguish which actions are triggered by the script and which are triggered by the scripting host. The File Guard however does trigger when trying to execute the scripts you uploaded.
  50. 2 points
    Online Armor covers all these applications except the "Behavior Blocker" part. Behavior blockers and HIPS in the same product are pretty much mutually exclusive. They essentially both refer to the same underlying technology. The only difference is the way decisions are made on whether or not to allow a certain action. A HIPS will ask the user, while a behavior blocker tries to figure everything out on its own. Given that it should be obvious why those modes are mutually exclusive and why running both at the same time makes little sense: You can't both ask a user about everything and not asking him and figuring it out internally on your own at the same time. You can install two different products (one HIPS, one behavior blocker) at the same time, but the only thing you achieve will be that you have to allow things twice. So either go with a HIPS or with a behavior blocker. But not both.
  • Newsletter

    Want to keep up to date with all our latest news and information?

    Sign Up