GT500

Emsisoft Employee
  • Content count

    7542
  • Joined

  • Last visited

  • Days Won

    206

GT500 last won the day on November 21

GT500 had the most liked content!

Community Reputation

392 Excellent

1 Follower

About GT500

  • Rank
    Emsisoft Support
  • Birthday 10/22/84

Contact Methods

  • Website URL
    https://helpdesk.emsisoft.com/

Profile Information

  • Gender
    Male
  • Location
    Fortville, IN, USA
  • Interests
    Computers, security, amino acids, fructose malabsorption, liberty, firearms, John Calvin, etc.

Recent Profile Visitors

42388 profile views
  1. Did I just find a BadUSB?

    I assume that's this mouse? https://www.microsoft.com/accessories/en-us/products/mice/arc-touch-mouse/rvf-00052
  2. Black friday

    There should be no differences between the license keys that are on sale and brand new license keys that you would normally buy from our online store. You have 10 months to activate the license key from the date of purchase, and the license period doesn't start until you activate it. You'll have to ask Ashampoo about their license terms, however with Emsisoft Anti-Malware all license keys have a 10-month grace period that they need to be activated within. That grace period cane be extended by our sales and support teams if it expires before you can use the license key. To my knowledge these are new license keys, which means your renewal discount will not apply to this new license key. That discount is on a per-license key basis, so it would not carry over to license keys purchased from this sale. Keep in mind that your renewal discount on your current license key will eventually reach 50% off on its own, so it might not be best to reset that discount with a new license key. Yes, you can.
  3. Update or logging problem

    Can we get fresh debug logs? Open Emsisoft Anti-Malware from the icon on your desktop. In the 4 little gray boxes at the bottom, move your mouse into the one that says Support, and click anywhere in that gray box. At the bottom, turn on the option that says Enable advanced debug logging. Either click on Overview in the menu at the top, or close the Emsisoft Anti-Malware window. Reproduce the issue you are having. Once you have reproduced the issue, open Emsisoft Anti-Malware again, and click on the gray box for Support again. Click on the button that says Send an email. Select the logs in the left that show today's dates. Fill in the e-mail contact form with your name, your e-mail address, and a description of what the logs are for (if possible please leave a link to the topic on the forums that the logs are related to in your message). If you have any screenshots or another file that you need to send with the logs, then you can click the Attach file button at the bottom (only one file can be attached at a time). Click on Send now at the bottom once you are ready to send the logs. Important: Please be sure to turn debug logging back off after sending us the logs. There are some negative effects to having debug logging turned on, such as reduced performance and wasting hard drive space, and it is not recommended to leave debug logging turned on for a long period of time unless it is necessary to collect debug logs. Please note that if you have a lot of debugs logs, then you should not send all of them. There is a size limit, and currently there is no error if the message is rejected due to the size being too large. Normally we only need one copy of the 4 or 5 different logs that have been saved after the time you reproduced the issue (the list shows what time each log was saved). Those logs have the following names: Security Center Protection Service Real-Time Protection Logs database (contains the logs you can view in Emsisoft Anti-Malware by clicking on Logs at the top of the window).
  4. .black extension

    From the extension, it appears to be a variant of GlobeImposer 2.0: https://id-ransomware.malwarehunterteam.com/identify.php?case=d17f6d40394a9f95e75dd4e6ded3eae5637511c0 In the case of ransomware like this, which uses secure encryption and generates new public/private keys for every computer it infects, usually there is no way to decrypt the files without getting the private key from the criminals who made the ransomware. You can try a tool such as ShadowExplorer, however ransomware like this usually deletes Volume Shadow Copies, so ShadowExplorer will usually find nothing. Even if the Volume Shadow Copies were not deleted, the odds of finding backup copies of files in them is pretty slim, since Windows would normally only leave backup copies of files in the Volume Shadow Copies if you were using Microsoft's own backup software for data backups (although sometimes the System Restore will save copies of files in the Volume Shadow Copies). http://www.shadowexplorer.com/ In cases where the Volume Shadow Copies are deleted, then note that ransomware doesn't generally delete them securely, so it might be possible to use a file undelete utility to undelete the old Volume Shadow Copies, and then use ShadowExplorer to recover files, however this isn't necessarily straightforward to do (the computer will need to be running from a bootable disk to have write access to the "System Volume Information" folder, or the hard drive will need to be connected to another computer), and even if you can recover the old Volume Shadow Copies, as mentioned above the odds of there being backup copies of important files in them are low to begin with. Note that you may need to find a local computer technician who can assist you with this if you do want to try it. Here's a link to a list of file recovery tools at Wikipedia: https://en.wikipedia.org/wiki/List_of_data_recovery_software#File_Recovery
  5. Black friday

    We don't have an official Black Friday sale (which is why it wasn't publicized via any of our normal marketing channels), however some of our affiliates did want to do a Black Friday sale, which is why some of them announced a sale. If you want to purchase a license key through one of our affiliates to take advantage of the sale, then feel free to do so.
  6. License expired, no it hasn't

    If you activate your license key again in Emsisoft Anti-Malware, does the issue come back?
  7. GlobeImposter 2.0

    Have you verified with ID Ransomware that it is GlobeImposter 2.0? https://id-ransomware.malwarehunterteam.com/ If it is GlobeImposter 2.0 then our decrypter won't work, as GlobeImposter and GlobeImposter 2.0 use different encryption.
  8. Based on what ID Ransomware is saying, this definitely looks like the Dharma ransomware. In the case of ransomware like this, which uses secure encryption and generates new public/private keys for every computer it infects, usually there is no way to decrypt the files without getting the private key from the criminals who made the ransomware. You can try a tool such as ShadowExplorer, however ransomware like this usually deletes Volume Shadow Copies, so ShadowExplorer will usually find nothing. Even if the Volume Shadow Copies were not deleted, the odds of finding backup copies of files in them is pretty slim, since Windows would normally only leave backup copies of files in the Volume Shadow Copies if you were using Microsoft's own backup software for data backups (although sometimes the System Restore will save copies of files in the Volume Shadow Copies). http://www.shadowexplorer.com/ In cases where the Volume Shadow Copies are deleted, then note that ransomware doesn't generally delete them securely, so it might be possible to use a file undelete utility to undelete the old Volume Shadow Copies, and then use ShadowExplorer to recover files, however this isn't necessarily straightforward to do (the computer will need to be running from a bootable disk to have write access to the "System Volume Information" folder, or the hard drive will need to be connected to another computer), and even if you can recover the old Volume Shadow Copies, as mentioned above the odds of there being backup copies of important files in them are low to begin with. Note that you may need to find a local computer technician who can assist you with this if you do want to try it. Here's a link to a list of file recovery tools at Wikipedia: https://en.wikipedia.org/wiki/List_of_data_recovery_software#File_Recovery
  9. Black friday

    I'll ask @Thomas Ott from our sales team to take a look at this so that he can let you know more about the sale.
  10. EAM and Glasswire v2

    There shouldn't be any WFP related issues now that Windows Vista is no longer officially supported. Also note that EAM does not yet use WFP, and while it is technically possible that it could in the future there shouldn't be conflicts due to the fact that such issues were mostly confined to Windows Vista and certain issues with WFP implementation on that version of Windows.
  11. I haven't heard any reports of conflicts. If there are any problems, then in most cases exclusions should resolve them.
  12. Offer High(er) Contrast UI?

    That you for the suggestion. I'll pass it on to our management.
  13. Surf protection hosts file improvements

    About how long is the delay when opening the Host Rules? There's a simple timer here if that makes it easier.
  14. Cannot create bin64\epp.sys

    You're welcome.