JeremyNicoll

@bluescreen- whatever's in your "notes to emsisoft volunteers", we can't see them. Files uploaded to the forum are only accessible by Emsisoft staff, to avoid people accidentally sharing confidential information.

It''s the tooltip for that specific field though, in a part of the GUI where people would think - since it's the /Web/ Protection screen, that they are affecting browser security. Why mention regexes there if they are not applicable there? if regexes only currently work in /Browser Security/ but not in browser security, I think that subtlety will be lost on many people. Also, bear in mind that when I first looked at this, I'd just read /your/ announcement, which said: "New support for RegEx-based rules in Web Protection [,....]" which maybe made me read the tooltip slightly less cri

> Preview updates are released near the end of each month so that people can install them in advance of the normal Patch Tuesday to determine if there are any issues Microsoft don't emphasise enough that the "people" who might need to do this are not ordinary users. Instead they are developers who might benefit from some warning that what's coming at the next Patch Tuesday may break their applications (so get a chance to prepare fixes for their programmes before their customers are affected). It's also useful for systems administrators who can install the previews on test machine

@bluescreen ... > I can't reinstall Windows 7, because I accidentally put tape over the product key and can't read it anymore. I googled for "how find w7 product key" and found several sites describing ways to find it, not all requiring the physical label. For example: https://www.ionos.co.uk/digitalguide/server/configuration/how-to-find-a-windows-7-product-key/ says how to find it in the registry. I don't know if the method is correct or not, though.

KB4601050 isn't a Preview: see: https://support.microsoft.com/en-us/topic/february-9-2021-kb4601050-cumulative-update-for-net-framework-3-5-and-4-8-for-windows-10-version-2004-windows-server-version-2004-windows-10-version-20h2-and-windows-server-version-20h2-7d61f856-72ce-7f4c-7e43-76f8aadf2aca Is @dkds saying that /other/ updates are being re-offered? if Previews are being offered are they old ones, or ones previewing March's updates?

@Frank H The tooltip on the Web Protection page of the GUI (if you do an "Add rule" or "Edit rule") says that regexes are supported. Is that wrong, then?

Update seemed to go ok. Regexes: which engine?

Behaviour-based detection only happens if someone runs the malware /and/ EAM (or whatever anti-malware app someone uses) decides that what it is doing looks suspicious. You said at the start that you thought this one was "very obvious malware". What made you think that, other than the filename looking suspicious for an executable? Was that before or after running it? What did it do that made you sure it was malware? (And, did you do that in a sandbox?) Heuristics are informed guesswork. It means the anti-malware program is looking for code inside an executable that resembles other

What is "ONS"?

You need to post here: https://support.emsisoft.com/forum/6-help-my-pc-is-infected/ There's instructions at the top of that forum about the information you need to provide. Good luck!

Did you ask your teenager about the site? When I peeked at the site it looked to me as if it just has a generic front page, like any other hosted but not yet in-use domain. I also googled for it (ie for hits that might mention it, and found nothing in my brief examination). It's not impossible that there's specific page addresses at that domain that contain content. If one visits Virus Total and plugs the domain into their URL check, one gets shown that no anti-malware product currently flags the domain (though I don't know which of them would do if specific pages at that domain had b

Maybe it's nothing? Maybe your teenager had googled for info on how much alcohol there is in various drinks, or how drunk one can get how fast, and clicked a plausible looking link?

But why was anything quarantined? @stappsaid that EAM was configured just to /alert/.

@GT500 I think you're failing to answer the question: what's the point of being able to turn Silent Mode on/off, when that mode will do nothing because its various features have been turned off individually. Perhaps the GUI should disable the mode's on/off button when Silent Mode would achieve nothing?

No.