Jump to content

Leaderboard

  1. GT500

    GT500

    Emsisoft Employee


    • Points

      879

    • Content Count

      14232


  2. Kevin Zoll

    Kevin Zoll

    Emsisoft Employee


    • Points

      300

    • Content Count

      18856


  3. Fabian Wosar

    Fabian Wosar

    Emsisoft Employee


    • Points

      296

    • Content Count

      4407


  4. Elise

    Elise

    Emsisoft Employee


    • Points

      266

    • Content Count

      8439


Popular Content

Showing content with the highest reputation since 10/13/09 in Posts

  1. Note: It is recommended to make a backup of all important files before using the decrypter. Link to decrypter download page. <- The decrypter will tell you if your files are decryptable, whether you're dealing with an "old" or "new" variant of STOP/Djvu, and whether your ID is online or offline. Link to instructions for using the decrypter (PDF). Link to "file pair" submission form. Link to more information about the decrypter. <- Article at BleepingComputer.com Link to more detailed information about STOP ransomware (covers more than just STOP/Djvu). <
    9 points
  2. Official word is, "yes". We will give free license extensions to anyone who upgraded to Windows 10 and was unable to use the firewall. Once the issue has been resolved, please either submit a support ticket in our helpdesk system, or send a Private Message on the forums to me (English Support) or Thomas Ott (English/German Sales). Be sure to mention that you would like to have your license extended due to the Windows 10 issues and include in your message any license keys that were in use on a computer with Windows 10. Feel free to link to this forum post if you would like to.
    7 points
  3. As announced earlier, we are changing our firewall strategy and will soon merge Emsisoft Internet Security with Emsisoft Anti-Malware, effective as of our next release in October. Instead of developing our own firewall module, we’re going to rely on the built-in Windows Firewall core that has proven to be powerful and reliable. Its only weak point is the fact that anyone can freely change the firewall configuration. In other words, if malware manages to run on the PC with sufficient administrator permissions, it’s able to allow itself to get through the firewall. To resolve this vulnerability
    6 points
  4. Ransomware infections are unique in many ways. Most importantly, a lot of the natural instincts which are usually correct when dealing with malware infections can make things worse when dealing with ransomware. Please see the following steps as a guideline when dealing with your ransomware infection. Do not delete the ransomware infection The natural instinct of most users is first to remove the infection as quickly as possible. This instinct is, unfortunately, wrong. In most cases, we will require the ransomware executable to figure out what exactly the ransomware did to your files. Fi
    4 points
  5. Guten Tag, Wir haben mittlerweile mehrfach etabliert, dass Emsisoft nicht das Programm Ihrer Wahl ist. Sie haben sich bereits anderweitig ein Antivirus gesucht, dass auch noch dreißig weitere Funktionalitäten mitabdeckt. Fakt ist jedoch, dass viele Leute eben auch ein Antivirenprogramm suchen, dass nicht noch fünfzig Extras mitbringt, die man nicht will oder nicht braucht. Für diese Leute gibt es eben Emsisoft Anti-Malware und die meisten unserer Kunden sind mit der Tatsache, dass es eben 'nur' ein Rundumschutz für den Rechner ist und nicht mehr, zufrieden. Für all die angesp
    4 points
  6. Which for everything related to our core technologies (engine, behavior blocker, cleaning engine) would be me. Hi, nice to meet you! Next time someone looks strange at me for talking to myself I can now point them to this post and tell them you asked me to talk to me . Your argument is that we chose Bitdefender because it is "the best". Both Kaspersky as well as Avira consistently score higher in pure on-demand tests than Bitdefender does. If you consider PUP detection ESET is a superior contender as well. We considered all of them at one point or another but they were discarded for various re
    4 points
  7. Actually, there is a system behind it: My workstation computers are named after noble gases, like Krypton or Helium. Computers that I only use temporarily or belong to guests are named after transition metals like Titanium. Non-computer devices like smartphones are named after non-metals like Oxygen. All systems and VMs that are used for malware testing are named after radioactive elements like Uranium. Needless to say my WLAN and local workgroup is called "Periodic Table". And yes, I spent a significant amount of time coming up with that system and I am proud of it .
    4 points
  8. Everything is clear, except the parts that are in Russian. I'm going to send you a private message with some instructions.
    3 points
  9. It means that the tests done by AV-C and AV-T have a clear image of how they think AV software should work. The problem arises when your product doesn't fit the mould. Then you get penalized for not doing what everyone else does, even though what everyone else does may not be in the best interest of the user, to begin with. Best example: Snooping around in your encrypted connections, which literally every AV vendor screwed up at least once in the past and probably will continue to happen, exposing users to potentially greater risks than most malware does. For starters, the test sets ar
    3 points
  10. Please note that Emsisoft Anti-Malware for Windows XP hasn't been updated (as in program updates) in over 2 years, and we never intended on continuing long-term database update support for it. In fact, we discontinued our own database updates for it over a year and a half ago, and those still running Emsisoft Anti-Malware on Windows XP have only been receiving BitDefender database updates. We've decided that it is time to stop redistributing those BitDefender updates for Windows XP, as all they are doing is giving those on Windows XP a false sense of security. In addition, it is extremely
    3 points
  11. Wenn alle Features eingebaut würden, die Galaxy wünscht, dann würde ich EAM sofort deinstallieren. Ich mag das Programm so wie es ist und hoffe, das bleibt auch so.
    3 points
  12. Is this working OK now for everyone else? If it is, then there's no need for any more logs. All we needed was a traceroute to send to our CDN provider to help in identifying the server that was having the issue, and I managed to get one of those the other day.
    3 points
  13. @achtsam Es wird eher langsam Zeit, dass Du deinen privaten Kreuzzug einstellst. Das nimmt ja wirklich paranoide Züge an.
    3 points
  14. Hello, a2guard.exe is the visible protection process (to put it simple, the Emsisoft icon you see in the system tray). However actual protection drivers start a lot earlier. For example epp.sys (the Emsisoft Protection Platform driver) starts very early in the Windows boot process in order to ensure a protected system even when no user is logged in yet and no other programs have been started.
    3 points
  15. Today, we've received information that our Dutch team member Rob R. passed away yesterday afternoon, after suffering from an unexpected heart attack last Wednesday. Rob was our lead software tester and we always admired him for his special eye to track down the most tricky bugs. He joined our team more than five years ago by voluntarily sending over a brand new and complete Dutch translation of our software. Shortly after he initiated our efforts in offering physical delivery of our software on CD boxes and USB sticks. He also demonstrated a great interest in testing security software wh
    3 points
  16. Hardik587 You are indeed becoming most wearisome. There is an old expression among diehard Texans. "No matter how much you kick a dead horse it won't get up" This is exactly what you are doing.
    3 points
  17. Hello, please send me your license key via PM (personal message). I will add some days to your key as a sign of goodwill.
    3 points
  18. Do you mean this Minimalist? https://support.emsisoft.com/topic/33516-why/?
    2 points
  19. In theory it's possible. If private keys are released that be can use to decrypt files, or if someone finds a vulnerability in the way the ransomware encrypts files.
    2 points
  20. In the sample, that encrypts files with the .avdn extension, there is no code from the real MedusaLocker Ransomware. There is a small piece of code in the another sample that adds a 'random' extension to encrypted files, but this piece is not base. He is well defined by antivirus engines as Avaddon Ransomware.
    2 points
  21. DrWeb support usually do not use international names of ransomware.
    2 points
  22. Results of checking your files: https://id-ransomware.malwarehunterteam.com/identify.php?case=9da99e33569fe0af64a43b520f35bababd09ad3c https://id-ransomware.malwarehunterteam.com/identify.php?case=2e2e29f85fe2918c33683e2faeade22e51cf81ec https://id-ransomware.malwarehunterteam.com/identify.php?case=2f1a3356c8705f995285ab41e9456bc61f11d20e
    2 points
  23. I must say more precisely -> You trust Emsisoft Personally, I only help a little to unmask the ransomware.
    2 points
  24. Specialists of several companies (Emsisoft, DrWeb) are working on decryption of files that are encrypted by Avaddon. There are currently no decryptors and successful decryption methods without paying a pay for ransom.
    2 points
  25. Such tests aren't reliable. They aren't actually malicious, and may not be blocked by our Behavior Blocker like real ransomware would.
    2 points
  26. This is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
    2 points
  27. If you want to make sure the Behavior Blocker is working, there's a batch file in the ZIP archive at the following link that should trigger a detection when you run it: https://www.gt500.org/emsisoft/bb_test.zip Just extract it somewhere, double-click on the batch file, and let Emsisoft Anti-Malware quarantine it. If you don't allow it to be quarantined, then it won't work as an effective test anymore.
    2 points
  28. Hi @Kevin Zoll, Thanks for your comprehensive answer. Also I just read that informative post written by @GT500 I'm sure you'll find how to fix this issue someday As far as I can see for now, unfortunately, I think I should clean my driver from [useless] exe.topi files and go on... Thank you again.
    2 points
  29. In most cases, those features should work without the need to keep most of the software that computer manufacturers pre-install. If you're not certain about what software should be kept or removed, then there are third-party softwares that can help (Decrapifier for instance, and for a while there was a ridiculous batch file that techs were using that could do it).
    2 points
  30. I've forwarded your ID and MAC addresses to the creator of STOPDecrypter so that he can archive them in case he is able to figure out your decryption key at some point in the future. All you have to do now is give us some time, and we'll do what we can for you.
    2 points
  31. That's an offline ID. Support for it should be added to STOPDecrypter soon, and once that happens it should be possible for you to decrypt your files.
    2 points
  32. FYI: https://blog.emsisoft.com/en/32110/emsisoft-anti-malware-2018-9-beta/
    2 points
  33. Hello RodPaulo! Over the last three months, we gradually rolled out new infrastructure for our behavior blocker as part of the monthly feature updates. We decided to introduce this new tech gradually as to avoid headaches when switching everything at once. In addition, just the infrastructure on its own had major benefits like fixing several long-standing compatibility issues with products like Kaspersky, Avast, AVG and some other products, that rendered systems unusable as no process could be started on systems running both EAM and their product in real-time. The rollout itself was
    2 points
  34. The holiday season is not only a great opportunity to spend time with loved ones, but also to look back at the year gone by. For us at Emsisoft, we could finally take a brief moment to realize just how busy 2017 has been for the team and the wider security industry: from major ransomware outbreaks that took most (Emsisoft customers excluded) by surprise to constant product evolution to guarantee the best possible malware protection for our customers, this year has been anything but uneventful. Better surf protection: Both online and in the water Prevention is worth a pound of cure, so raising
    2 points
  35. Hello to you all, l don't know how some of you are going to react to my post but the end is what matters. On Friday morning we (company) where infected from the Cry36 Virus(Ransom). Our Server 2008R2 was with anti-virus and with Windows Update.. up to date.. At the time we had a external Hard drive connected to the server (the only one we had) since we didn't have a duplicate due the second one failed on us. Due to hard times here in Greece we thought that one hard drive was enough. Since our server was under repair with a raid problem we had an live backup.
    2 points
  36. Both products are based on the same code, but server operating systems require a different (more expensive) license key.
    2 points
  37. The secure connection (HTTPS vs HTTP) has nothing to do with whether or not the website is secure. It has to do with whether or not your connection to the website is secure, which is intended to prevent snooping on communication between you and the server more than it is anything else. Man-in-the-middle attacks can still expose the contents of secure connections, but if a website is configured correctly then it is extremely difficult to do that. A hacker can compromise a website and replace legitimate downloads with infected copies, and this has happened before (ClassicShell and AmmyAdmin
    2 points
  38. The following innovations make Online Armor 5.5 our best firewall ever: Integration of Anti-Malware Network: Unknown programs are immediately cross-checked against the cloud. The Online Database contains around 4 million entries and relies on the intelligence of the cloud. Programs considered harmless are automatically permitted, while annoying pop-up windows and alerts are omitted. So you can totally focus on your work! New cloud-based scan: Our cloud scan, already used in Emsisoft MalAware, has been included in Online Armor. Even if there is no record of a file in the Anti-Malware Netw
    2 points
  39. Yes, this is normal. It's possible that there may be something we can do to prevent the extra notification, so I'll talk to our QA team and see what they think about this.
    2 points
  40. We published our fix as a beta update a couple of minutes ago. So if you are affected by it, switching the update feed to Beta under Settings/Updates should get you the new build.
    2 points
  41. Generell basiert der Mechanismus des Quarantaene Rescans darauf, dass wir Elemente in der Quarantaene nach jedem Update neu scannen. Sollte eine Datei dann ploetzlich nicht laenger erkannt sein, gehen wir davon aus, dass es sich um einen Fehlalarm handelte. Wir justieren Erkennungen konstant. Entsprechend kann es vorkommen, dass insbesondere bei Erkennungen, die von generischen Signaturen ausgeloest wurden, selbst kleine Modifikationen dazu fuehren, dass ein bestimmtes Sample einer Malware Familie nicht laenger erkannt wird. Falls man generell nicht moechte, dass EAM oder EIS die Quarantaene b
    2 points
  42. I know, that is why I only counted signature updates. Whenever you see an exact signature count in the change log above, one of our signatures was updated. Sorry, what you ask is impossible. It should be obvious to anyone, that if you have a scan engine that already detects 95% of all malware out there, that the other engine can't suddenly detect more than that without causing gross redundancy. In general we can choose to waste hundreds of megabytes of RAM on hundreds of thousands of systems to keep duplicate signatures around so you feel validated in your purchase, or we can choose n
    2 points
  43. Hallo Marian, Testberichte die sich mit unseren Softwareprodukten befassen können gesammelt unter http://www.anti-malware-testberichte.de/ eingesehen werden. Die Entscheidung "nur" an den AV-Comparatives und VirusBulletin - Tests als große Testanbieter teilzunehmen hatte rein wirtschaftliche Gründe. Wir investieren unsere begrenzten Ressourcen in die weitere Entwicklung unserer Produkte anstatt durch weitere Tests Bestätigungen unserer Leistungsfähigkeit zu generieren.
    2 points
  44. You must have had Beta Updates enabled as EIS 11 is still beta, and that kind of problems can happen with Betas Remedy. Uninstall 11 and then install 10 again and make sure that "Beta Updates" is disabled (unchecked)
    2 points
  45. Looks like my system is still the fastest: Emsisoft Internet Security - Version 10.0 Last update: 4/12/2015 12:05:17 AM User account: Krypton\Fabian Scan settings: Scan type: Malware Scan Objects: Rootkits, Memory, Traces, Files Detect PUPs: On Scan archives: Off ADS Scan: On File extension filter: Off Advanced caching: Off Direct disk access: Off Scan start: 4/12/2015 12:06:09 AM C:\Users\Fabian\AppData\Roaming\tmpUQC0.exe detected: Trojan.MSIL.Inject (A) Scanned 74807 Found 1 Scan end: 4/12/2015 12:06:27 AM Scan time: 0:00:18 This is the first scan after a cold boot. Later scans go
    2 points
  46. We have offered it to some of our business contacts and we definitely wouldn't charge too much. But it's not only about compiling a set of code files. The product requires some online backend infrastructure that can't be developed within a few days. A good part of its power relies on the server side databases and algorithms that require ongoing maintenance and improvements. To be future proof, the product also requires some code changes. Just to name a few: IPv6, full unicode support, Windows 8 driver model changes, etc. These all are doable but not trivial I'm afraid. Only a very small number
    2 points
  47. Hello, Jenn Welcome to the Emsisoft Support Forums. My name is Kevin, and I will be helping you fixing your problems. Please change your user name to something that is not your email address. All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread also read the Emsisoft Support Forums Terms of Use To Highlight a few:
    2 points
  48. In general the behavior blocker ignores most scripting hosts, as it is not possible to distinguish which actions are triggered by the script and which are triggered by the scripting host. The File Guard however does trigger when trying to execute the scripts you uploaded.
    2 points
  49. This isn't really an issue in our case as we only use the Bitdefender scan engine and signatures and added all our improvements like anti-rootkit technology, behavior blocking, the Emsisoft scan engine etc. on top of it. So even if malware authors patch Bitdefender detections, it doesn't mean one of our other detection layers won't catch it. To get an idea on how efficient our added technology actually is just take a look here:
    2 points
  50. Wow! That would be small thing to forget "ThreatFire"... you mean (?) And?... Please tell if you found the cause related to that. ====== most likely redundant info below Anyway since I prepared some after reading your previous reply I will post it ... even if nothing applies it may help in other situations ======= I am not sure I can see how that related to A-M at the moment from the description, except you are saying that disabling the guard helps. I am not using Vista but I hope that H_D may help to provide Properties info for the standard Notepad and you can do the same. a
    2 points
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...