Emsisoft Employee
  • Content count

  • Joined

  • Last visited

  • Days Won


Umbra last won the day on December 20 2017

Umbra had the most liked content!

Community Reputation

27 Excellent

1 Follower

About Umbra

  • Rank
    Emsisoft Community Manager
  • Birthday 10/27/1974

Profile Information

  • Gender
  • Location
    France & Vietnam

Contact Methods

  1. Firewall Information

    Exclusions are a must-do with Comodo, all running EAM's processes must be in each comodo's exclusions modules.
  2. I had it too once, i set it to block , never saw it anymore.
  3. I'm also using Binisoft WFC , after looking at its rules panel, i have those rules enabled too when i disabled them in the past; Then i looked at my other machine without WFC , those rules are still disabled, so it clearly shows that WFC is responsible for it, i guess those are default WFC rules, indicated in Windows Firewall as WFC - (rule name) and probably added when WFC was updated.
  4. Happy New Year Everybody
  5. Hello @mesmerized I totally agree with @Elise advice, one antivirus is enough; the combo you proposed is totally redundant and will not afford you much more security. In the past i would advise you to keep Malwarebytes alongside Emsisoft, but now even them are becoming a standalone solution. Having 2 Antiviruses doesn't make much sense those days, however adding complementary security softs is common practice for the most paranoid of us (like me). But for the classic users, Emsisoft alone is enough, what matters the most are your computing practices. Having safe habits will greatly reduce the amount of threats you may encounter. By learning how your antivirus works, what options it has , will make you safer. The minimum required in my opinion for the classic "safe habit" user is an Antivirus like Emsisoft and an adblocker.
  6. @faybert thank you for your feedback, it is noted
  7. Disable PowerShell?

    SRP is indeed Software Restriction Policy, like Windows' Applocker (available in pro version) and some other 3rd party softs. Step 2 can be done with any default-deny type of softs (those allowing you to select a executable and block it from running) , EAM can block them too.
  8. CLOSED Beta 8311

    Sorry @Stapp and everybody, i didn't mean to offend anyone.
  9. CLOSED Beta 8311

    I dont know for others but to me it seems so easy to use, for example i have a customized Surf Protection HOST list, which block lot and lot of stuff which are all reported now in Forensic. So i just unticked SF, then all SF alerts disappear, which is convenient when i want to look for something else, then after i'm done, i reticked it, then they all reappear. I don't see any complexity in it, unless i'm too used to complicated things and i see it a child play
  10. Disable PowerShell?

    Yes because Powershell isn't dangerous by itself, and is needed sometimes by the system reason why you can't remove it (only the old version can); not saying on Win10, it will replace cmd very soon. So since the old v2 is vulnerable and often used as an attack vector, disabling its execution is enough.
  11. Disable PowerShell?

    @Peter2150 1- by restricting users to use it via Group policy 2- via SRP, blocking: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe 3- by uninstalling it windows/forum/windows_7-performance/how-to-uninstall-powershell-windows-7/c7077177-294d-4aed-8307-a1a554a56ae5?auth=1 i usually just do step 2, good enough for me.
  12. Prizes of Emsisoft

    hello @onbox There will be changes, so in the meantime, you can use this link from now on :
  13. About EAM detection

    To be simple, with Bitcoins you have 3 notions to understand: 1- bitcoins: are just encrypted datas associated with a value in money, any modification to it (exchange, sales, etc...) is added to the data bitcoin "code" called blockchain. 2- blockchain: when anything happen to the bitcoin (when you sell it, or buy something, etc...), information datas are verified, validated by the community then added on top of the bitcoin's code; this newly added code can be modified but previous infos are locked, so in case of issues you can check it as "history". 3- Miners: those a the "community" , since bitcoins system used heavy encryption and need lot of computing resources to check, validate and re-encrypt transactions; users could volunteer to give the system access to their machines (and getting a portion of bitcoins in return for their help), those days, people can use dedicated machines to process and encrypt the datas, so some sites uses their visitor machines to do it while getting the benefits. So basically, miners originally aren't dangerous by themselves, they just eat you computer' resources. Consider them as "annoyances"
  14. Yes i will do Indeed, Layered Protection is mostly a setup made by security geeks or at least people more security-aware than the others; Average Joe rarely bothers with it. If i go to uncharted territories, i rather use a VM or a Linux live CD