GT500

Emsisoft Employee
  • Content count

    6317
  • Joined

  • Last visited

  • Days Won

    145

GT500 last won the day on January 13

GT500 had the most liked content!

Community Reputation

303 Excellent

About GT500

  • Rank
    Emsisoft Support
  • Birthday 22. Oct 1984

Contact Methods

  • Website URL
    https://helpdesk.emsisoft.com/

Profile Information

  • Gender
    Male
  • Location
    Fortville, IN, USA
  • Interests
    Computers, security, amino acids, fructose malabsorption, liberty, firearms, John Calvin, etc.

System Information

  • Operating System
    Windows 7 x64
  • Anti-Virus Software
    Emsisoft Anti-Malware

Recent Profile Visitors

39040 profile views
  1. Try using ID Ransomware to make certain that you're dealing with the same ransomware. If it is Globe, then ID Ransomware should list a bunch of different ransomwares that use the same encryption format that Globe uses (such as Apocalypse, if I am not mistaken). Try one of the other decryption tools for the other ransomwares that ID Ransomware lists, or try one for a different version of Globe, and see if you have better results. You may have to try several before you find one that works.
  2. The primary update server is in Germany (Time Zone is GMT +1), so if you are in North American and any files need to be re-downloaded rather than incrementally updated then you may see timestamps in the future (at least for your Time Zone). If you check for updates at least once every 12 hours, then that shouldn't be an issue unless new program files are downloaded. You can script having A2CMD check for updates using the Windows Task Scheduler if you'd like. Just be sure that the scheduled task is set to run as an admin ("Run with highest privileges" I would believe).
  3. Certain scan options (detect PUPs, scan for malware traces, etc) will automatically check certain areas on the system drive (C: in your case). If you want to avoid it, then turn off all the scan options on the left side under Scan Objects, turn off the option to detect PUPs on the right side, and then try running your scan.
  4. Before getting logs, our developers may want to see a memory dump. To do this you will need to go in to the Settings in EIS, and turn off the Self Protection (it'll be one of the option in the upper-left, right under Guard Settings). You will also need to add an exclusion for the program you are using to save the memory dump, otherwise it will freeze when it tries to save the dump. Exclusions is in the menu at the top in EIS, and there will be two lists (one for the anti-virus/scanning engines, and one for the Behavior Blocker/monitoring). You will need to exclude the program in both lists. If you system is 64-bit, then excluding Process Hacker is easier, so we'll try it. You can get it from this link. Just use the Add file and Add program buttons to the right of the exclusion lists to add the Process Hacker file that needs to be excluded (or just add the whole Process Hacker folder) to each list. Here's an example of the path to the file that needs to be excluded: C:\Users\<username>\Desktop\processhacker-2.39-bin\x64\ProcessHacker.exe If your system is 32-bit, then be sure to exclude the one in the x86 folder instead of the x64 folder. Once you've excluded Process Hacker, try to reproduce the problem you were having, and then launch Process Hacker and find a2service.exe in the list. Right-click on it, and select Create dump file to save the dump. Once it is saved, I recommend zipping it with something like 7-Zip or WinRAR to reduce the size, and then you should be able to attach it to a reply so that I can forward it to our developers. Digital signatures are there to provide a way to verify the safety of programs. They allow us to determine that a program came from a publisher that is trustworthy, and hasn't been modified since it was distributed by that publisher. If there is a malicious program that is digitally signed, then we generally blacklist the certificate so that any software that is signed with it will be automatically blocked by our Behavior Blocker. The "Allow once" button will allow it for the session (until the application is closed). I'll ask one of our sales representatives about this.
  5. That's correct, our products don't automatically scan removable media (USB flash drives, CD's, DVD's, etc). They just display a notification letting you know that your computer is protected even when using removable media. The notification is optional, and can be turned off at any time.
  6. Here's how to open a Private Window in Vivaldi (I don't think it does individual "Private Tabs" like Opera 12 did). Just click on the little Vivaldi "V" icon in the upper-left of the Vivaldi window, and follow the arrows in the screenshot below (note that the Vivaldi button in the screenshot is gray because I have an early preview version of Vivaldi 1.7 installed): When in a Private Window, Vivaldi won't save browser history, cookies, cache files, etc. It also won't use any already-existing cookies for tabs that are open in a Private Window, and extensions are automatically restricted to prevent them from running in Private Windows. If you want to change the settings for extensions, then click on the Vivaldi button, go to the Tools menu, and then select Extensions from the menu (you can also hold down the Ctrl and Shift keys on your keyboard, and then tap E to quickly open it). Below every extension is an option that says Allow in incognito (Google Chrome's way of referring to what Vivaldi calls a "Private Window"). If you want uBlock Origin's protection while using a Private Window, then simply enable that option.
  7. stapp is correct. We stopped supporting Windows XP and Windows Vista, starting from the end of April, 2016. While there are older versions of our software that will technically install and run on Windows XP and Vista, please note that they will not be able to adequately protect your computer.
  8. Would you be willing to send us debug logs for the update issue? If so, then here's what to do: Open Emsisoft Anti-Malware from the icon on your desktop. In the 4 little gray boxes at the bottom, move your mouse into the one that says Support, and click anywhere in that gray box. At the bottom, turn on the option that says Enable advanced debug logging. Either click on Overview in the menu at the top, or close the Emsisoft Anti-Malware window. Reproduce the issue you are having (enable the option to use SSL in Emsisoft Anti-Malware, and then try checking for updates). Once you have reproduced the issue, open Emsisoft Anti-Malware again, and click on the gray box for Support again. Click on the button that says Send an email. Select the logs in the left that show today's dates. Fill in the e-mail contact form with your name, your e-mail address, and a description of what the logs are for (if possible please leave a link to the topic on the forums that the logs are related to in your message). If you have any screenshots or another file that you need to send with the logs, then you can click the Attach file button at the bottom (only one file can be attached at a time). Click on Send now at the bottom once you are ready to send the logs. Important: Please be sure to turn debug logging back off after sending us the logs. There are some negative effects to having debug logging turned on, such as reduced performance and wasting hard drive space, and it is not recommended to leave debug logging turned on for a long period of time unless it is necessary to collect debug logs. Please note that if you have a lot of debugs logs, then you should not send all of them. There is a size limit, and currently there is no error if the message is rejected due to the size being too large. Normally we only need one copy of the 4 or 5 different logs that have been saved after the time you reproduced the issue (the list shows what time each log was saved). Those logs have the following names: Security Center Protection Service Real-Time Protection Firewall Logs database (contains the logs you can view in Emsisoft Anti-Malware by clicking on Logs at the top of the window).
  9. I have received your logs, and forwarded them to our QA Manager.
  10. If you look in your C: drive, there should be a folder named EEK. Simply delete this folder, and then try downloading a fresh copy of Emsisoft Emergency Kit from one of the following links: http://cdn.emsisoft.com/EmsisoftEmergencyKit.exe http://dl.emsisoft.com/EmsisoftEmergencyKit.exe
  11. You're welcome.
  12. It should be safe to use Vivaldi for everyday browsing and for online banking. Just be mindful of the extensions you install, and if you don't trust some of them then make sure they can't run in private tabs/windows, and then just open a private window to do your banking in.
  13. You can turn the proxy server option off, as it is no longer necessary. As for the SSL option, I would be curious to know if the issue only happens while it is turned on. If that is the case, then our developers may want to see some debug logs to try to find out why.
  14. The Fiddler log shows an error mapping the Machine Key generated for your computer to your license key, but it also shows the update process proceeding normally after trying again to check for updates. Is the problem still occurring?
  15. Opera 12, or Opera 43? If it's the latter, then you may want the uBlock Origin extension (if you don't already have it) to add some extra protection. If you are using Opera 12, then you may want to check out Vivaldi, which is made by a new company started by co-founder and former CEO of Opera Software Jon von Tetzchner as a replacement for Opera 12. You can use the uBlock Origin extension from the Chrome extensions store in Vivaldi, as well as most other extensions available on the official Chrome extensions store.