Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Lynx

  1. Glad that things were sorted out, suliman258 I was sure that you will be able to contact Emsisoft as suggested As for the language - yesterday evening I got a tip by PM from one of the moderators here and she was right Cheers!
  2. Good morning Georg, That is good that you got a response from Emsisoft Support - that was expected as much That's a bit strange though that some media playback became broken. It could be due to your attempts of removing quarantining entries, despite restoring of all entries from quarantine after my experiments above went fine As for searching in the Registry I would suggest using the following Tool since MS Regedit's Search is very annoying , time-consuming, etc. and many stuff can be just mistakenly missed (real PITA ) Download RegScanner by NirSoft You can use different search strings and filters... and the Search will be done properly and extremely fast. Here is one of the examples (using search-string from what you reported): Sure you can add ".avi" to the Search and /or lighten the criteria by highlighting only HKEY_CLASSES_ROOT & HKEY_LOCAL_MACHINE as base keys (at the right) I hope that may give you needed result My regards
  3. Thanks for the reply & some clarifications posted by you - you saved me some time I was preparing the case scenario with EEK. Since you posted I moved to EAM So, indeed submitting such items using "Right-click" from the detection window works perfectly traces removed from White-List & detected submitted successfully from the detection List ======= As for the submission from the Quarantine ... hhhmmmm... that raises the very old question that was asked really loooong time ago and was basically forgotten since nobody reported such incident since I have the links to similar requests in the past e.g. this one I looked into my Data Base and chats with the developers The answer at that time in the past was Well, I do not have any failure of Internet connection currently for sure ... but ... The items were temporarily Quarantined & the submission from there produces the very same message , which is doubtfully can be true Anyway re: you request - I'm 99.(999)% sure you should not worry If the matter is not fixed for a long time whether that was submission from the detection list or from the quarantine after multiple Re-scanning quarantine items after the updates - just White-List Since you've sent an e-mail - you will most likely receive a feedback Basically all described here Let's just wait for the reply from developers Cheers!
  4. Thanks for the reply, Georg Well, if you did perform the Deep Scan and you have only those Traces Stated and you are using legit DivX Player and the Codecs belong to that particular player - you are safe a side note: Sure, you know that you should not install any Codecs offered by some weird unknown Software. But in this case you can relax as far as I understand One of the cases where the detections of the Traces can be fired is When & IF the Software creates Registry Entries in some particular places known to be used by mal/spy-ware in the past. Sometimes that can be revised by the developers, sometimes it will stay "as is" As for the inability to send Traces in case you are doing that using "Right-click" & "Submit as false Alert" I have to try reproducing the similar here ... not with DivX player, since I don't need it and can watch any content possible I have many Traces White-Listed, so I will remove those from the list and will submit The thing is that I have to update EEK. That will take some time (not updated for a week - therefore I will receive ~ 90MB of data) will report back Meanwhile, 1) you can save the report and send that to the developers by e-mail referring to this thread Keep in mind if only Traces were flagged - you don't need to perform Deep Scan again - just run the Quick one (as in your initial post) - all Traces will be analyzed ; 2) please clarify - the report you posted is showing EAM ("Emsisoft Anti-Malware - Version 5.1" , but the request is in EEK section So the same inability of submitting was noticed wit EEK as well? (the latter should show "Emsisoft Emergency Kit - Version 1.0" 3) since you were using quarantine for the said entries , were submitting from Quarantine produced the same Message? Cheers!
  5. Hi Georg , welcome to te forum 1st, Traces are not necessarily dangerous Then, they indeed can reappear as soon as you use the Software that is placing the entries into the registry. So, it doesn't matter (at the moment when the security flagging them) whether you would quarantine/delete them It is important to know the associated Software that creates the Traces If you the security is not flagging the Software itself and/or you trust the Software - you can just safely White-List the flagged entries As a pure guess at this point - you are probably using Interactive Video On-line like DIVO, therefore those "divo" parts of the detection names In addition please read Spyware Traces in Detail article as part of Emsisoft Knowledge Base and search this and old forum for "Traces" and alike - you will find a lot of information I do not remember any "serious" threats were just "Traces" were reported in many requests But again, in order to find associated Software you probably need to perform Deep Scan and find whether some Software is flagged Say, if you read the existing adaware/malware List you will find Adware.Win32.DivoCodec Have you ever installed something like that? Sure, I hope that the developers will reply My regards
  6. Hi suliman258, I received your PM It does not really matter whether I will try to answer here or by PM Sorry, but none of your questions can be answered using "Yes"/"No" as you requested in PM Simple question again - what is your native language? In the past I was able to translate and give answers to users using Italian / French/ German / different Slavic languages/ etc. ... even Korean and Chines ! / Russian & Ukrainian are my native languages If Google is not enough try: - Babelfish - ImTranslator - there are many others Regarding the question number two (2), which is understandable, have you tried to send e-mail ([email protected]) to Christian Peters as it was suggested? Send the e-mail and post information about your coupon My regards
  7. Hi elbasha bisso, welcome to the forum The site you've posted is legit and Flash must be updated Please read this recent announcement & you can read the whole thread if you want. We are trying to report/discuss/ etc. all news re: Flash / FireFox / Java... at the same time your message in unclear What were the flaggings? What are you using? The whole EAM Suite or Mamutu; versions; are you accepting beta updates; are you using "Paranoid Mode"?... etc. Be more specific with details Please provide more detailed information about your System Environment as in Forum Posting Rules #2) My regards p.s. {added} the link you provided is the one for Firefox, Safari & Opera see http://support.emsisoft.com/topic/765-adobe-flash/page__view__findpost__p__4314 If you are using IE as well download & install IE ActiveX & sure the standalone one has to be updated There were no Alerts whatsoever by any security neither on XP with Mamutu beta nor on Win7 x64 where full EAM beta is in place ... both are set to "Paranoid Mode"
  8. Hi suliman258, It seems like I got the translation made by Google only for the 1st part of the question #1 and hopefully whole #2 If so, please read this thread regarding the activation of the license My regards p.s. You can state the language. It may happen that some users and the developers can help
  9. Thanks, Steve Yes, I'm aware of the "Removal" thread. I'll send you PM later Cheers!
  10. It seems that shutting down the program is unnecessary If and when you have Admin privileges you need just deactivate Self Protection Configuration > General Tab > temporarily uncheck "Activate self protection", then you can replace whole \Signatures\ folder At the same time I would not use that technique due to what was already written unless the developers' confirmation that possible discrepancies re: executable modules will not break the Software functionality/ cause crashes/ etc., which was explained by them in the past when similar requests were posted My regards
  11. Hi suliman258, Basically, the answer was given here So you can use \Signatures\ folder , but again - you have to be sure that the modules are in sync as well, as it was pointed In addition if the computers are networked you can read about EAM Update-Proxy My regards
  12. Thank you for the reply , Jump I'm glad that you're back to normal with EEK and some points above helped That's not a problem when users cannot "reply earlier" ... we all have a life in addition to security madness. The worth thing is when some users are thinking that somebody owe them something especially when we're talking about free Software Cheers! p.s. well, it would be nice if you could at least PM a bit more details re: since here "they" are ... "not sure you will be able to sign up for Netflix from your area" ... hmmm ... Who cares ?, I can find anything I want, but anyway
  13. Hi again Steve, 1st this time the link worked. Thanks as for <CVTMAINCTRL/NATIVEMAINENUM.DLL> in your initial message - different "slash" Then I posted about "enumS.dllS" scanning XP - 25 entries Now I Searched Win 7 x64 - 12 entries. At least you should have devenum.dll in \system32\ and in \SysWOW64\, have you? Well, anyway since you've resent file by e-mail, I'm sure you'll get an answer from the developers But in addition you can have a look at the Properties of NativeMainEnum.dll and other files in \CvtMainCtrl\ folder if any. That may help to find out the Software vendor; the component; and why it' needed on sys Startup/Reboot Finally, I would think twice in any case before quarantining any "enum.Dll", since whether it's FP or real threat it may need different way of removal - therefore you had issues on Reboot Cheers!
  14. Hi Steve, Please resend the flagged item to the developers by e-mail (I'm sure you know how) There are many system files here that ended with "enum.DLL", but nothing like what you posted. In addition the screencast link supplied is not accessible (probably you've made a typo) My regards p.s. Enum[eration] is a common procedure of naming values in different lists, say list of existing Devices What is flagged in your case can be very specific to you hardware/software configuration and the library belongs to the Software that only you have.
  15. Hi amomenit Please use one of the methods described in Submitting suspected False Positives for analysis otherwise it is impossible to give you an answer based just on the detection name without analyzing the file (the code) that you have there It's premature to "remove", but since the item belongs just to "Burning Studio", but not any system file was flagged - you can quarantine if you want Most likely you will not be able to use the Software though until the matter resolved My regards
  16. Hi stevan4, That question was asked many times Here is one of the answers by the developers that I found using Search That answer was given quite a while ago, but as far as I know the policy haven't changed since My regards
  17. Thanks for the reply , Jump Sending the report to the developers much appreciated works using the same Flash drive(s) that have enough space , I presume? Have you ever been successful using EEK on Vista in the past? If so that's very strange "Vista-issue". I've never seen such failure with config.ini Can you access the file on Vista computer in question? You can even attach the file here {added} then you can perform simple test that does not involve downloading updates, but will make changes to config.ini Say, on XP just go to Configuration and temporarily change some setting(s). For example: - Configuration>Update Tab - Tick "Install beta updates". Close EEK. Now you have "Beta=1" under [Download] section [Download] Languages=1 Help=0 Beta=1 What would happen if you do the same or try any other Config changes on Vista? I'm sure the developers will reply since the reports were sent via e-mail Cheers!
  18. Hi Jump, welcome to the forum After reading your request I've just downloaded the whole package and then ran manual update with no issues whatsoever Was it a fresh download or you were trying to update EEK that was on your Flash drive for a while? Then if the crash report window came up - it's better to send the report to the developers using offered option from the crash window GUI an update suggested after unzipping Successful Update My regards p.s. thanks Ray - that was a good move
  19. Hi Giovanni, It's recommended to update EAM-free edition and EEK as frequent as possible Currently if 50 (previously it was just 15) subsequent differential updates are missed - you'll get whole set of signatures which is ~ 86MB The differential updates are basically small - around 100KB or so in average. Could be bigger especially during signatures clean up, but that is quite rare and in that case you may receive, say 9MB (just an example - not a precise figure). In addition please read this request and the answer by Fabian Wosar My regards
  20. hehe! Posting at the same time (usual stuff) - I've added few words (see above) Neither the answer by ctrlaltdelete nor by me can be considered as "difficult" Just wait for the answers by the developers re: White Listing/ Scanner/ File Guard Cheers man - relax a bit!
  21. Thank you 4 the reply Illuminati,As it was pointed above and many times here (& there) - that depends ... 2 put is as simple as possible - that depends on: - specific Hardware/Software configurations as a default; - Hardware/Software configurations when you do upgrades BIOS/drivers/firmwares flashes/etc. ; - any upgrades of any Software related to the security in place. The latter can bring surprizes, so you have to be aware of that as well; - and so on & so forth "mutual exclusion" should not influence protection level taking into the account what was pointed above, plus the ability of any given security to provide strong self-protection If you've tested few different security Packages and were trying to shut those (sure considering your/users' experience) - you are the one & only cool B) judge In addition please re-read the questions posted above (or ask 4 the Russian translation ) Cheers!
  22. Thanks a lot ctrlaltdelete, That's kinda answer that was expected from Gurus like you Few PMs were sent to the Original Poster and to the developer(s). Unfortunately there were no replies from the developers as a result Despite I do understand that the concerns are still in place for many reasons, including the fact that both products are under Emsisoft management now - therefore, that's expected to be done - automatically in case both products are in place.What do you think? No question re: OA - that is the only way ... From EAM side the exclusion of mentioned <>.EXEs is not all that can be done (hope you understand what I mean), but ... probably enough You showed BB WhiteLiting. What about different settings of "OnAccess" and/or "OnExecution" ? How that correlates, when neither Scanner nor File Guard are ticked? Excuse my "ignorance", but that's again has to be clearly stated somewhere in the documentation Sure, (some) users can figure that out eventually, but can you point to the right direction where that is described "black on white", so any average user can comprehend? Cheers!
  23. Thanks for clarification, Tyler Hi JustMe,Well, just search for "Freestyle" game & most likely you'll find it As for "trying it" ... I doubt that would be the case with most of users here. I could be wrong, but I am not playing any PC games (probably bad example) Anyway, the question is legit and I hope that developers will reply Cheers!
  24. You are welcome, Tarnak I cannot see double post, but all is back 2 normal - Software updates & the Forum access Cheers!
  25. Hi Guys, Hello Tarnak, welcome to the forum Have a look at this request That was ~ 6AM here now it's ~ 7PM and updates are still not available I'm sure that it's just a temporary issue despite that lasts for quite a while this time compare to any previous delays We'll try to find out - don't panic My regards
  • Create New...