Jump to content

GT500

Member
  • Posts

    14249
  • Joined

  • Days Won

    457

Everything posted by GT500

  1. I doubt Emsisoft Anti-Malware is actually blocking anything. Your Twitch chat app is probably just failing to run properly when being hooked by an Anti-Virus software. Meaning it's probably a bug in the Twitch chat app that you're using. You have to exclude from scanning and monitoring to prevent hooks. Also please be sure to delete exclusions for entire drives, profile folders, TEMP folders, etc. when done testing. They expose your computer to significant risk. Most people don't have Twitch accounts, let alone two of them. Fortunately I think I still do, and will see if I can find some time to test this.
  2. Web Protection should work with any application on your computer, and any web browser that supports IOfficeAntiVirus or AMSI (Chromium supports IOfficeAntiVirus) will be able to request that Emsisoft Anti-Malware's File Guard scan a download before it finishes saving it. An easy way to test if file downloads are being scanned is to try downloading the EICAR test file: https://www.eicar.org/?page_id=3950 You should see a notification similar to the screenshot below when the download of the EICAR test file is blocked:
  3. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  4. If law enforcement is able to catch the criminals or otherwise gain access to their servers and release their private keys for use in decrypters, then we can add them to our database so that everyone can get their files back. Our recommendation is to save a backup of your encrypted files and keep it in a safe place in case decryption is possible at some point in the future. We also recommend keeping an eye on BleepingComputer's newsfeed, as they will usually report on new developments with ransomware decrypters: https://www.bleepingcomputer.com/ If you have an RSS feed reader, then they also have an RSS feed so that you don't have to manually check for news: https://www.bleepingcomputer.com/feed/
  5. Have you tried adding Streamlabs Chatbot to the exclusions in Emsisoft Anti-Malware? If not, then here are instructions on excluding a folder from scanning and monitoring: Open Emsisoft Anti-Malware. Click on the little gear icon on the left side of the Emsisoft Anti-Malware window (roughly in the middle). Click on Exclusions in the menu at the top. The exclusions section contains two lists (Exclude from scanning and Exclude from monitoring). Look for the box right under where it says Exclude from scanning. Click on the Add folder button right below the Exclude from scanning box. Navigate to the folder you would like to exclude, click on it once to select it, and then click OK. Scroll down to the box under Exclude from monitoring and click the Add folder button right below that box. Navigate to the folder you would like to exclude, click on it once to select it, and then click OK. Close Emsisoft Anti-Malware. Note: If a program is still running when you exclude its folder, then you will need to close it and reopen it for the exclusion to fully take effect. In some cases you will need to restart your computer before this will happen.
  6. In this case the host is just used for ads (and possibly tracking) by Google, and isn't a threat. It will probably be blocked by most ad blockers.
  7. Here's a screenshot showing the location of the search field in the Web Protection settings:
  8. This started happening due to an update to the Emsisoft Browser Security extension. It now blocks custom hosts in Emsisoft Anti-Malware. Unfortunately when a legitimate website attempts to load something (such as a script or an image) from a host that is blocked, Browser Security detects that and forwards the entire page to a block notification. We'll have to determine the best way to deal with this in the future, however for now the best workaround is to remove the blocked host from the custom rules in Web Protection settings.
  9. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  10. I was just told that you were referring to the following, which is just an indicator to let you know whether or not Windows Update is on or off:
  11. I don't think this is any more decryptable than GlobeImposter 2.0 is, however I will check with our malware analysts to be certain.
  12. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  13. No. There are no Windows Update controls in MyEmsisoft. There are program and database update controls for certain Emsisoft products, but that's it.
  14. Nothing beyond their initial reaction to this, which wasn't anything relevant to the discussion here. It was never really discussed with me, and even if it was we don't like to say things about future feature changes so that we don't disappoint anyone later if those features aren't quite what they expect.
  15. You're not going to be able to recover your photos.
  16. It won't be possible to update the online form for .ygkz or any other newer variants of STOP/Djvu. Newer variants use RSA keys, which are impervious to most forms of attack.
  17. That sounds like a feature update.
  18. Once Emsisoft Anti-Malware has finished installing, it will display a dialog with fields where you can log in to an account. There's a link in the lower-right corner you can click to enter a license key. You'll need to download an installer using one of the alternative download links in the following article, as that is the only way to download and install without an account: https://help.emsisoft.com/en/1597/download-installation/
  19. Unfortunately online ID's are rather common, especially in the first few days after a new variant has been released.
  20. It seems to only be the one for the .NET Framework that is installing automatically. The Cumulative Update Preview for Windows 10 is listed as optional, and is waiting for confirmation to download/install. As for why the .NET Framework preview updates are installing automatically, you may need to ask Microsoft via the Answers forum.
  21. This indicates that the issue is a custom rule in Emsisoft Anti-Malware. It could have been added manually, it could have been added when you clicked the option to always block it in a notification when there was a false positive, or it could have been listed in a HOSTS file that was imported (if you've imported a HOSTS file to supplement Web Protection rules). Here's some instructions on how to fix this: Open Emsisoft Anti-Malware. Click on Protection. Click on Web protection in the menu at the top. Search for the website that is being blocked. If you find it and it's a custom rule (these say "My own" under "Category"), then you can click on it once to select it, and then click the Remove rule button in the lower-right. If you want to edit the rule to change whether or not it is blocked, then just double-click on the website address in the list you want to edit, change the Implemented action to Don't block, and click OK to save it.
×
×
  • Create New...