Elise

Hello, The posts you found are more than 5 years old. In terms of security software that means the information there is severely outdated. In the past years considerable changes have been made to our products and currently Emsisoft Anti-Malware protects against fileless malware. Fileless malware detection has nothing to do with the reputation settings you asked about; our behavior blocker routines were adapted to adequately detect and block fileless malware a few years ago.

Hello, No, Emsisoft Anti-Malware should be enough. It will detect keylogging attempts through it's behavior blocker. To be safe, especially against phishing attempts online it is recommended to also install the free Emsisoft Browser Security extension.

This is the wrong place to report such issues. You already reported it in the submission topic you made which is the correct forum for most detection issues. I replied to you there a bit earlier today. To avoid confusion I will lock this topic.

Hello, The short answer here is "no" (if no information was shared). It will depend on what they were playing on xBox, but it is possible for someone in a multiplayer game to see the IP address of other players. A simple lookup of that address will show your location. That is not an exact address, but just a general indicator (city/state). However that information does not give anyone the possibility to manipulate your internet access. Access is managed by your ISP, so if your internet was not working it probably was a coincidence. You could contact your ISP to see if they have any

It's a legitimate file, created by TLC (the owner of Alcatel). The McAfee detection is a false-positive.

Hello, Thank you for reporting this issue. Without an actual file there is nothing we can do to check this. My recommendation would be though to contact McAfee and ask them to check if this is a false-positive since it is their application detecting it.

No idea, probably a slow update connection. You could try to check if the browser is up to date via Help > About Chrome in the menu.

Does this happen after a restart (not standby) before you start the browser at all?

According to their manual you can uninstall it from Apps & Features: http://h10032.www1.hp.com/ctg/Manual/c06379792

This has not changed. The article also states clearly at the start:

RDP attacks are not really new, please see also this article from 2017: https://blog.emsisoft.com/en/28622/rdp-brute-force-attack/ As for software, I would always try out a program to see if it suits your needs, in case of brute force protection its usually the user/administrator, and not the software that makes the difference.

The short answer to that is: no. It can be broken by malware (as in: won't run) or blocked (a replacement is attempted but after a reboot the original bad file is back), but that is about it. That being said, malware doesn't need to manipulate it, if it can just circumvent it. If a system is infected and a replaced system file has sufficient permissions to fool Windows into thinking it is legitimate (this typically is rootkit-level), you can run SFC all you want and Windows will report everything is fine, while in fact you can have one or more infected system files. So running SFC is not

I will test this a bit next week, in the mean time you may want to check what the alert was for, because I highly doubt it was for 7zip and rather for the malware file(s).

It depends completely on how this script is executed; in a "normal" malware scenario it will be dropped or downloaded, which will lead it to be blocked.

Unfortunately I can't access that topic. I have checked the files and I suspect the issue is with the powershell script (mal.ps1). A script like that one is usually the result of being dropped by other malware or ending up on the system using exploit code, which will be blocked. To simulate that correctly in a test you would need to find out what malware dropped this script and run that instead.

Can you share the password as well?

Thank you for your feedback. Could you please send us the samples that weren't blocked so we can check out why they were able to encrypt files?

Generally speaking if you see (A) or (B) behind a detection name it is a signature detection. If it is not there and the detection is not from the Surf Protection (URLs), then it usually is a heuristics detection.

Yes, always use only one antivirus with real-time protection on to avoid conflicts. Windows 10 is smart enough to allow only one AV to be turned on though, so if you'd like to try the Emsisoft Anti-Malware trial, you could install it and it would automatically disable Windows Defender. Likewise if your trial were to expire, it would automatically turn on Windows Defender again.

Hello Peter, Good to hear everything went well. That box just is an offer to install the actual Emsisoft Anti-Malware program so the computer will be protected in real time. The emergency kit scanner only will scan a computer for malicious files, it doesn't offer any actual protection.

Merry Christmas to you both! Peter, it's completely normal to feel a bit confused when you are new to a forum, no need to apologize for that. If you have any other questions, please don't hesitate to ask!

You're welcome Peter.

Hello Peter, It does not matter where you save the EEK files. If you have them on your desktop for example, you can simply copy/paste them to a flash drive. To download it, open Emsisoft Anti-Malware on any device and make sure your flash drive is plugged in. Click in the left pane on Scan and then scroll down to Emergency Kit Maker. Select the platform version (most modern computers are x64 so if you're not sure just try that) and select the location to save the files by clicking on the ... button next to "Save to:". If you want to save the files to your flash drive it's recommended to c

I can't comment on recommendations given by different security products since I don't know what their reasoning behind it is. You'll have to ask them about it.

If only the service is enabled and windows otherwise is configured as default there is no way that this service running can allow anyone to connect to your computer's registry remotely. As far as I know you can only do that using this service if the computers are on the same network and visible to each other. If your computer is accessible to the entire internet that way you have much bigger problems than a possibility that an attacker might access your registry (they could get to all your files).