Jump to content

GT500

Member
  • Posts

    14249
  • Joined

  • Days Won

    458

Everything posted by GT500

  1. I don't think anything is supposed to be visible. EAM sends the same data to our systems when configured to be locally managed that it does when it's not even connected to the Emsisoft Management Console. I'll ask QA to be certain. Is this what you're trying to use? Those Windows Update files don't download via HTTPS, and HTTPS may not be configured for the domain "download.windowsupdate.com". You need to disable or uninstall HTTPS Everywhere to be able to download those files. This is an excellent example of HTTPS Everywhere breaking things because you should not try to force HTTPS on websites that are not configured for it.
  2. I think it's supposed to be implied that the subscription can be canceled after the ordering process is finished. After all, you can't cancel something that hasn't started yet. Again, that assumes that subscription-only services are illegal in the UK. If they aren't, then our subscriptions are more than likely not in violation of any laws. Of course we'll have to reserve judgement for that to those who understand UK law better, such as the agencies tasked with enforcing those laws.
  3. There's a decrypter for an older variant of this ransomware, however I don't think it will work for any encryptions that happened since June: https://www.bleepingcomputer.com/ransomware/decryptor/ech0raix-ransomware-decryptor-restores-qnap-files-for-free/ There's more information about the ransomware and how to protect your NAS for further infections at the following link: https://www.bleepingcomputer.com/news/security/ongoing-ech0raix-ransomware-campaign-targets-qnap-nas-devices/
  4. Your files will only be decryptable if you have working file pairs. Traducción proporcionada por Google: Sus archivos solo se podrán descifrar si tiene pares de archivos que funcionen.
  5. This is a newer variant of STOP/Djvu. Fortunately your ID is an offline ID, however we don't yet have the private key for it. I recommend running the decrypter once every week or two so that you can see when we've been able to add the private key for your variant. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  6. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  7. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/ As for removing the ransomware, it's easy to remove, and most Anti-Virus software can detect it. Emsisoft Emergency Kit and detect and remove it: https://www.emsisoft.com/en/tools/emergencykit/
  8. That extension can break a lot of websites, and I do not recommend using it. On websites that do support HTTPS connections the extension is usually not required, and for websites and content loading from servers that don't have HTTPS configured the extension will essentially cause the connection to error out by trying to force it to use HTTPS. As far as I know it shouldn't be causing an issue with attachments on our forums though. I don't think EAM sends any information to Emsisoft Management Console when it's configured to only be managed locally, beyond the application rules and license info.
  9. Our store page should make it fairly clear that it's an auto-renewing subscription:
  10. That or extensions would be the only way to tweak such settings, assuming the browser would allow extensions to make such changes. I don't think most browsers even send that header by default, and I've never read anything about it before. I'm assuming that it's showing up in this "test" because when it is enabled or has a unique value it can be used for tracking.
  11. What about Adblock, Adblock Plus, uBlock Origin, Adguard, etc? Some filter lists for those can cause problems with attachments on our forums. Have you added the ports specified in the guide to your firewall and your router's port forwarding settings? Copied from the firewall setup guide: Devices running Emsisoft Anti-Malware with default Windows Firewall configurations should work automatically. If non-default firewall settings exist, it is best to add a whitelist entry for *.emsisoft.com. Precise server names if your firewall doesn’t allow wildcards like ‘ * ‘ are detailed in our Firewall Configuration Guide, with additional servers and ports listed below. Emsisoft Anti-Malware protected devices using Emsisoft Management Console without utilizing the Proxy Relay feature Add cloudbroker.emsisoft.com, TCP port 61614 out. Relay proxy configuration To utilize the relay proxy feature of Emsisoft Management Console on a specific device, the firewall must be adjusted on each device as follows: Emsisoft Anti-Malware protected devices using Emsisoft Management Console’s Proxy Relay feature, but not serving as the Proxy Relay Add ports 33500-33699 out to the chosen relay proxy device. Emsisoft Anti-Malware protected devices serving as an Emsisoft Management Console Proxy Relay Add ports 33500-33899 in for proxied device connections, and port 33700 in and out. Note that the Emsisoft Anti-Malware installation on the proxy relay can use itself to further reduce update traffic. In that case also allow ports 33500-33699 to the same machine address if needed, as above.
  12. I've asked QA about this, and forwarded your suggestion. Keep in mind that there are three different versions of a2cmd.exe, and they all work slightly differently. The online documentation is for the standalone version, and not the version that comes with EEK.
  13. Keep in mind that if we feel we are not in compliance with laws/regulations in a country we do business in, then we will certainly make any changes to our policies and procedures that we feel are necessary to keep us compliant with those laws/regulations.
  14. Official answers to these questions: No one appears to be aware of UK authorities contacting us, so they more than likely did not do so. Our management does not appear to have been aware of this investigation.
  15. Unfortunately that didn't appear to be the case, and the best solution to the problem was making subscriptions opt-out. Subscription services are against the law in the UK? Or is it just that some companies were abusing subscription services to secretly overcharge customers, prevent customers from canceling subscriptions, and refuse to offer refunds when customers complain? Many Anti-Virus software companies have moved to a subscription model by default. I would believe it's more common these days than expecting customers to renew manually, or opt-in to subscriptions when purchasing their license key. There was supposed to be an opt-out link in the e-mail confirmation, however those e-mails are rather lengthy and many people were not finding the opt-out link. That's why we moved it to MyEmsisoft.
  16. This is a newer variant of STOP/Djvu, and your ID is an online ID, so there is currently no way to decrypt your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  17. This is a newer variant of STOP/Djvu. If you have an offline ID, then once we can find the decryption key for this variant and add it to our database you should be able to recover your files. However, if you have an online ID (which is more likely) then it will not be possible to recover your files. There is more information at the following link: https://support.emsisoft.com/topic/32045-about-the-stopdjvu-decrypter/
  18. Unfortunately I can't find any information on it either. What does it say when you mouse over it? Is there a tooltip?
  19. That's probably your ad blocker. Try disabling it, refreshing the page, and then attaching the file again. Delete all existing Emsisoft Anti-Malware downloads from your Downloads folder, and try downloading a fresh copy of the installer. Also, be sure to follow the firewall configuration guide.
  20. /malware is a specific type of scan, and is intended to be used alone. It directs the scanner to scan specific locations (profile folder, certain locations in the Windows folder, certain application folders, etc) and has certain default options that it enables (which are the ones listed in your screenshot). It's the same as doing a "Malware Scan" in EEK. The parameter "/f=%SystemDrive%\" will scan all files on the system drive. This is not the same as what the other parameters direct the scanner to do. Please run the following command to create documentation for A2CMD and its parameters: a2cmd.exe /?>"%UserProfile%\Desktop\A2CMD_Manual.txt" Technically it only scans the System Drive, however if you want to add other drives to then you can do the following: a2cmd.exe /f=%SystemDrive%,D:,E: /rk /m /t /pup /a /n You can add as many drives as you want that way. Just separate them by commas. It's not necessary. You can use it if you want, but the command I posted was only the default options used by the Custom Scan in EEK. I don't think /ac is still a valid parameter. The scanner handles determining what to scan and what to skip automatically. You can't use the /f= and /malware scan together. They're completely different types of scans. I've also confirmed with QA that you can't use the /quarantine= and /d together as well.
  21. Our price is the same for auto-renewals. We're supposed to have a way in MyEmsisoft to disable auto-renewal of a subscription. We offer refunds up to (if I remember right) 90 days after purchase. Our store page says we have a 30-day money back guarantee. If anyone has any questions about our refund policy, they can contact our sales team and they can answer any questions. I don't know the answer to that, however I will ask for more information. Please keep in mind that sometimes contact between government authorities and businesses aren't publicly announced or mentioned if the business isn't in violation of any laws, and sometimes that contact is intended to be treated as confidential. I personally wasn't aware of the investigation. I don't yet know if our management was aware of it. When subscriptions were opt-in, a lot of people were buying license keys assuming they auto-renewed, and they were confused or even upset when it came time to renew their license and it wasn't happening automatically. We decided to make subscriptions opt-out, as it seemed like a large portion of our customer base expected them to be this way.
  22. What about Killer Networking? Is it throttling CommService.exe's network traffic? Also, I assume that TinyWall disabled the Windows firewall? BTW: If you haven't already, you may need to follow our firewall configuration guide at the link below: https://help.emsisoft.com/en/2323/emsisoft-management-console-user-guide/#firewallconfiguration
  23. I don't think using both parameters will work, however it might also be worth considering that if a file can't be quarantined that it probably can't be deleted either. /rebootallowed should be fine though. This command is the equivalent of the default options of the Custom Scan (the same as our old "Full Scan"), except that it will only scan the drive/partition that Windows is installed on unless you add other drives to it: a2cmd.exe /f=%SystemDrive%\ /rk /m /t /pup /a /n From what I am seeing, your command should do all of that, with the exception of deleting files if they couldn't be quarantined (I'd have to ask QA if that's possible).
  24. You should be able to find it in your account settings, under Security and Privacy. The settings there will be hidden until you enter your current password. Note: 2-Factor Authentication is only mandatory for certain types of accounts, and I don't know if the option is hidden for accounts that are not required to use it.
  25. OK. If it happens again, or you figure out how to get it to happen when you want to, then let us know.
×
×
  • Create New...