JeremyNicoll

Post here: https://support.emsisoft.com/forum/6-help-my-pc-is-infected/ and follow the instructions at the top of that subforum.

> I think I my system got hacked ... Then you need help from the part of the forum at: https://support.emsisoft.com/forum/6-help-my-pc-is-infected/ You'll need to follow the instructions mentioned at the top of that forum.

Ransomware aside, you need to consider what you'd do if some other disaster struck your cloud provider(s). Or if all the employees in a particular country/region were inconvenienced by a huge internet outage. You mention that you use Dropbox, but also said that perhaps only some of you sync files to local PCs - surely someone in the business should dictate what company policy is for this? I presume that since this is business use you're not just relying on Dropbox's free (limited amount of storage) offering? So why would you not have everyone sync either every file, or at the least those that they are working on to their local machines? Then if there's some sort of disaster you probably have Dropbox's file copies AND up to 15 other sets of files. What you describe sounds awfully un-thought-out. It might be that you should consider doing what you do now for the active files... but make sure that daily/weekly backups are synced to everyone's machines. Whatever you do, you need a strategy that's been thought about.

Are these Emsisoft files (eg settings or config files)? What sort of location is not being found? Which version of which OS? Have you just installed EAM? Did that work ok? Did you have some other antivirus/malware software before? Did you uninstall that first?

> It sounds to me that storing all your important files in the cloud ... is therefore a good recommended idea ... As a Dropbox user, it's important to me that the files are all on my local disks as well. I wouldn't be anything like so happy if they were only on other people's servers. I first started using Dropbox when I had 3 PCs (though at the moment I have fewer) and its continuous syncing of files between the machines was a major benefit for me. However I deliberately didn't have all of my machines online at once... so if something went wrong with Dropbox possibly the offline machine's files wouldn't be affected. > Of course this assumes that you sufficiently trust your cloud storage provider, i.e. that they won't get hacked in a bad way, e.g. losing or sharing/exposing your files. Or have a catastrophic system failure, major fire, earthquake... I hope that some of my files' backups are stored across multiple data centres, but I don't know. As far as I'm concerned having some copies of many of my files on Dropbox's systems is useful but I certainly wouldn't want to rely solely on it. I am planning as I have a Rackspace account too (and am storing less there than I could for their new minimum monthly charge) to start uploading backups to them... when I find the time to do it. > ... if everyone stored all their files in the cloud, presumably this would greatly diminish the negative impact of ransomware criminals. Not if an infected machine can see and alter those files. And let's face it, having your everyday files in the cloud is not of much practical use (except for backup) unless you can see and alter them.

For rolling-back multiple files (with Dropbox) I think one has to ask their support staff to do it. One minor annoyance I have with Dropbox is that if one wants to examine the contents of a set of previous versions of a file there doesn't seem to be a way to download a set (eg all versions from a specific day or week) at once. One has to do it one by one. And although their system clearly knows the date & time that a file changed, and displays it ... the download option doesn't insert the date/time stamp into the default filename... so if you do want to download multiple versions it's much more fiddly than it needs to be. Also, plain text files with uncommon extensions (eg a lot of mine are ".rex" or ".txtplain") are not classed as viewable online so have to be downloaded to be examined. I can understand that they only directly support common extensions - see: https://help.dropbox.com/files-folders/file-types-that-preview - but a "view as plain text" option would have been great. At some point I'm going to experiment with rclone - https://rclone.org/ - to see if I can write scripts for working with files held in Dropbox (or elsewhere, eg my Rackspace account). A quick look at the rclone documentation doesn't make it clear whether it supports access to old versions of files, though.

I'm not sure about the free version of Dropbox, but the paid version has 'file versioning' which means that if a file has changed in the last n days, Dropbox will have the current version and the older one(s). The basic paid product stores all versions of files over the last 30 days, though you can pay more and have a year's worth stored. If you do have versioning, if some malware destroys files, then provided you notice this within n days, you should be able to recover the older versions alright (though you'd need to do that on a 'clean' machine). Not surprisingly, the versioning is automatic if you're running the Dropbox desktop client. If you don't do that and instead just upload files to online storage when you choose to, you're probably not going to be able to find older versions.

As do I. I'm always amazed at the number of issues Stapp finds, suggesting she/he explores the whole GUI quite often. But I tend not to, just instead to recheck the behaviour of any section I had recently noticed wasn't working the way I expected. Of course any of us might stumble across something ...

Thanks!

Win 8.1; Remote Management does get underlined here. Sometimes more than one item is underlined (though I can't quite pin down how that happens). I can open and close any of the sections by clicking their subject titles (on the horizontal bars down the screen), and doing that has no effect at all on which top word has an underline. If all five sections are closed, then I click a top section title, then close that section by clicking the section's own title below that, I end up with all the sections closed but one top line word underlined.

Aha! Same here. Can't click to select any of the "Actions" items.

There's no dump, and as it was with the previous version of FF and the crash data doesn't seem to show even what the URL of the page being viewed was, not much chance of recreating it. On the other hand if the offset into a2hooks64.dll is correctly reported it's maybe not hard to see how the code at that exact point could have attempted to access memory at 0x0.

Maybe changing the title of the "Date" column to something else, eg "When" or even just "Date & time" would be helpful too, not least because it might indicate to users who don't realise it's more than just a date, that it is.

Late last night I did one of my irregular clear-outs of mini-dumps etc and found an unsubmitted (to Mozilla) Firefox crash report. I submitted it then skimmed its details ... because I'd twice had something odd happen in Firefox yesterday. It turns out that the crash report is for FF v65.0.2 and says that that version had been in use for 3.5 weeks since it was installed, whereas my weird problems yesterday were with FF 66.0.2 which I'd only had in use for a few hours... so what I was doing yesterday is clearly irrelevant. The crash report though says the problem it had was an EXCEPTION_ACCESS_VIOLATION_EXEC at address 0x0, and showed the problem at [email protected] The version of that a2hooks64.dll is the same one as I have in use now (so presumably not changed for a while). I don't know if the crash report is of any use to you? I'll pm its location to @GT500 just in case it is.

(Win 8.1, 64 bit) - now that I know the steps... that's reproducible here too. But "the little notification popup" baffled me for a while. I only see it if a column in the log list view is too narrow for the whole hovered-over piece of text to be already visible.