JeremyNicoll

Member
  • Content Count

    1368
  • Joined

  • Last visited

  • Days Won

    22

Everything posted by JeremyNicoll

  1. This is continuing to happen. With FF v66.0.5: https://crash-stats.mozilla.org/report/index/16d01845-4730-4d06-97ac-8810e0190523 WIth FF v67: https://crash-stats.mozilla.org/report/index/b81ca3cb-1b41-43bc-ab3d-3a1060190523 Looking for all reports of this at Mozilla, over a six-month period: https://crash-stats.mozilla.org/signature/?product=Firefox&signature=%400x0 | a2hooks64.dll | PathIterationProc&date=>%3D2018-11-23T09%3A18%3A00.000Z&date=<2019-05-23T09%3A18%3A00.000Z&_columns=date&_columns=product&_columns=version&_columns=build_id&_columns=platform&_columns=reason&_columns=address&_columns=install_time&_columns=startup_crash&_sort=-date&page=1 I think I'm only seeing reports from me (look at the 'Reports' tab at the URL above). But note that the default settings in Firefox are that these crash reports are only submitted if a user chooses to do so - and most users wouldn't know that a problem like this even exists. /I/ only know because I check the Firefox folders where unsubmitted reports accumulate, every week or two, and have started submitting the reports. I do not know what I was doing at the time that each of these problems occurred, because I don't have any sense that "Firefox is crashing". I did notice that all these reports mention the same location: [email protected] I tried googling for: "PathIterationProc" - and found exactly ONE hit. I don't think that helps.
  2. Ok. It IS true that no user is obliged to continue being a user. But you offer no straightforward way to renew a licence without the auto-renewal being turned on. You don't tell people that's what is happening until you ask them to agree it in the purchasing process (and one has to agree or the purchase doesn't go forward - that's not a choice). Your website does say at the foot of the page that the auto thing can be undone, but neither of the statements describing how are accurate. Perhaps you should THINK about how you'd feel if a company you deal with with forced this on you? All we're trying to get across to you is that you should give people an up-front choice of whether or not they want to be subscribed.
  3. > I would believe that's intentional. I'm fairly certain we don't offer more than 5-PC licenses for EAM Home. I can't see why. It's not the number of machines someone has that dictates whether they're a business user or not. Moreover if you do once get the spinner in place and decrement back to 3 or 4 pcs you have fewer than 5 and could still pay the wrong rate. > My understanding is that there is at least a link in the order confirmation e-mail to disable the subscription. Nope. > These days we're trying to get all license keys associated with accounts in MyEmsisoft to make it easier for people to manage their license keys. How much 'management' is required? My update didn't need me to login to MyEmsisoft at all. > That's because subscription licenses automatically renew, so there's no real expiration date. Maybe, but one of the emails said there was, and the GUI notification told me when the new expiry date was. Anyway, I remain surprised that a privacy-centred company like yourselves thinks a subscription model where a company store someone's card details without the user's permission is a good idea. Yes, I know I had to tick a box saying I agreed Ts&Cs and the subscription model... but that's not really a choice when the purchasing process does not offer a way to buy without ticking that, is it?
  4. Before renewing my existing licence I had a quick look at the "Buy" page on your website. There seems to be a fault with the way the page code works. The machine-count dropdown offers 1/3/5/5+ machines. If you click on 5+, it changes to a clickable spinner so you can choose 5/6/7/8... or reduce the count 5/4/3. BUT it also changes from Home EAM to Business EAM... and the per-machine rates are different. The only way I was able to get back to the Home rates was to reload the page. I think it would be possible for a potential Home purchaser to buy Business by mistake. Also it is not clear whether a Home user with more than 5 machines is obliged to pay Business rates, nor - if so, why. Moving on. The website page still says (at the bottom): " Auto-renewal ensures you don't end up defenseless when your license period runs out. When your license is about to expire, our online payment provider verifies that your payment details are still valid and automatically renews your subscription when the license ends. Please note that you can cancel auto-renewal at any time with just one click via the order confirmation email or directly on the purchase confirmation page after completing your order. " I didn't read that until now. I don't think hiding info about auto-renewal at the foot of the page is very transparent. There is NOTHING higher up to suggest that one is buying a subscription. And, worst of all, the two statements about cancelling auto-renewal are both wrong. Of course I knew about this because I've read other people's complaints here. I expected to see some reference to this in one of the three emails I was sent - but none say anything about cancelling it. Also, the "Your order on www.emsisoft.com: Product/subscription information" email had a sentence in particularly poor English: "In case you didn't already create a user account, we just made one for you and sent you the information in a second email.". Well, I didn't get an extra email, so I suppose that means I already have an account on MyEmsisoft. But nothing has explained why I might need to have such an account. The same email does more or less tell new users that they need to create one, before installing EAM. But there's nothing that says an existing user would need to. It could be a lot clearer. As I expected, EAM issued a notification telling me that my licence had updated. I see though (as others complained some months ago) that the GUI Overview screen tooltip still tells me the start and end dates of my (old) licence - it doesn't show the new expiry date. At least that info was in one of the emails I got. Do I still need to email [email protected] to get auto-renewal turned off?
  5. @Rouery - tell me, when you were previously attacked by viruses, were you using an anti-malware/virus program? And "hackers" - how did they get into your machine? Were you sensible, in other words? How you defend a new machine will depend a lot on how sensible you are.
  6. Plugging the first of your SHA1 hashes into the search field at VirusTotal finds their existing results page: https://www.virustotal.com/en-gb/file/a5b4aa8ac10f289291a7a494aab6382060628a23d3b471323d299e7d386ccc1c/analysis/ which shows that on the day that file (which doesn't have the exact same name as your one, but apparently has the exact same contents, according to the hash) was first seen and analysed by VirusTotal (5th May), eight anti-malware products, not including EAM, thought it was suspicious. I just downloaded from: https://www.polarisoffice.com/en/download a file named: PolarisOfficeInstaller_1553102723.exe - the same name as the file your screenshots show... but it does not have the SHA1 hash that your one does. I wonder why? Mine has: fb42449eab0d95ff76cb044a3e5cd5486b0061e2. When I uploaded my copy of the file to VirusTotal to be scanned, 14 products thought it was infected. See https://www.virustotal.com/en-gb/file/0709dfd4a10ae08c6507ee77d483aef19b4726e12d090a1fe8d6960109b4f13b/analysis/1557406501/ (note that I when I downloaded the file, I gave it a name starting with today's date: "20190509 PolarisOfficeInstaller_1553102723.exe" - but that will have made no difference to its contents.) The fact that 8 (for your file) and 14 (for mine) products think the installer contains malware would make me steer well clear of it. @GT500 - Maybe you can say whether the "hidden installation" warning is because the installer is running silently, or because it is also installing something as well as Polaris?
  7. ... and what happens if you unquarantine it and upload it to VirusTotal - does any other vendor think that .exe is infected? See: https://www.virustotal.com/en-gb/
  8. @GT500 - I've dug out one of the files which was detected; it's not itself a zip but contains parts of emails one of which contains a b64-encoded zip. Also, the full scan log from Saturday, one for a similar scan a month earlier showing just half the number of hits, and finally a scan today of the example file. I've PMed a URL to you.
  9. If what appears to be an email address (above your avatar - the "C" picture) really is your email address, that's a bad idea. The whole world can see it. Most people either use their name, or some sort of nickname.
  10. (I remember reading your question the last time you posted it - you're right, it definitely used to be here! Emsisoft have reorganised the forums a few times recently, and there's been at least one restore when the whole system got corrupted. Maybe your previous post got lost then.)
  11. What is Polaris Office and where did you download it from?
  12. EAM 2019.4.0.9412 under Win 8.1 64bit I do a Custom scan of all my disks every couple of weeks. There are files on them that I expect to see reported (eg zipped backups of old emails which contain dodgy attachments). Because full paths to successive backups change over time, I normally make a copy of the scan report and edit the paths shown in it to contain generic literals rather than specific date/time-stamps, then save that temporary copy and generate its hash. If the hash is the same as last time then the file's contents are the same and so the list represents an equivalent/known set of found files. Every so often the typical content of each line in the report changes slightly - usually its spacing, so my editing process removes extra spaces. And this time the lines also had " detected:" in them, but that's easy to cope with. Today I had a problem - in the first place the scan appeared to have found twice the number of hits that I expected. But it turns out that each hit is reported twice. For example: E:\Backups\DBfix\20181207\JN_SC_Backups\MessProAppData-SN130-20150315-0122-cpy\Groups\533\Bin0 -> [Subject: MoneyGram notification NTBTC01K98][Date: Tue, 10 Sep 2013 06:22:56 -0700 (PDT)] -> TRANSACT_NTBTC01K98.zip -> TSCT37DHH38-399.exe detected: Gen:Variant.Symmi.33694 (B) [krnl.xmd] E:\Backups\DBfix\20181207\JN_SC_Backups\MessProAppData-SN130-20150315-0122-cpy\Groups\533\Bin0 -> (REMOVED_NULLS) -> [Subject: MoneyGram notification NTBTC01K98][Date: Tue, 10 Sep 2013 06:22:56 -0700 (PDT)] -> TRANSACT_NTBTC01K98.zip -> TSCT37DHH38-399.exe detected: Gen:Variant.Symmi.33694 (B) [krnl.xmd] The second line is the same as the first one, except that it also contains: "(REMOVED_NULLS) -> ". Do we need both lines?
  13. Mozilla are working on a permanent fix, but in the meantime they have a temporary workaround available. Details at: https://www.ghacks.net/2019/05/04/your-firefox-extensions-are-all-disabled-thats-a-bug/
  14. Mozilla have support forums/maillists for Firefox etc which are useful to keep an eye on Firefox issues. See (for all lists): https://lists.mozilla.org/listinfo and for Firefox specifically: https://lists.mozilla.org/listinfo/support-firefox For any list you can 'read the archives' which includes stuff only recently posted.
  15. This is part of Firefox, provided by Mozilla. So you can trust it just as much as the whole of the rest of Firefox. Read more about it at: https://blog.mozilla.org/blog/2018/09/25/introducing-firefox-monitor-helping-people-take-control-after-a-data-breach/
  16. @GT500 Would using Scheduled Tasks to run something to REG ADD the relevant flags as soon as the system is booted, or maybe as the user logs on work? I suppose it depends when the EAM GUI code actually starts to execute?
  17. Post here: https://support.emsisoft.com/forum/6-help-my-pc-is-infected/ and follow the instructions at the top of that subforum.
  18. > I think I my system got hacked ... Then you need help from the part of the forum at: https://support.emsisoft.com/forum/6-help-my-pc-is-infected/ You'll need to follow the instructions mentioned at the top of that forum.
  19. Ransomware aside, you need to consider what you'd do if some other disaster struck your cloud provider(s). Or if all the employees in a particular country/region were inconvenienced by a huge internet outage. You mention that you use Dropbox, but also said that perhaps only some of you sync files to local PCs - surely someone in the business should dictate what company policy is for this? I presume that since this is business use you're not just relying on Dropbox's free (limited amount of storage) offering? So why would you not have everyone sync either every file, or at the least those that they are working on to their local machines? Then if there's some sort of disaster you probably have Dropbox's file copies AND up to 15 other sets of files. What you describe sounds awfully un-thought-out. It might be that you should consider doing what you do now for the active files... but make sure that daily/weekly backups are synced to everyone's machines. Whatever you do, you need a strategy that's been thought about.
  20. Are these Emsisoft files (eg settings or config files)? What sort of location is not being found? Which version of which OS? Have you just installed EAM? Did that work ok? Did you have some other antivirus/malware software before? Did you uninstall that first?
  21. > It sounds to me that storing all your important files in the cloud ... is therefore a good recommended idea ... As a Dropbox user, it's important to me that the files are all on my local disks as well. I wouldn't be anything like so happy if they were only on other people's servers. I first started using Dropbox when I had 3 PCs (though at the moment I have fewer) and its continuous syncing of files between the machines was a major benefit for me. However I deliberately didn't have all of my machines online at once... so if something went wrong with Dropbox possibly the offline machine's files wouldn't be affected. > Of course this assumes that you sufficiently trust your cloud storage provider, i.e. that they won't get hacked in a bad way, e.g. losing or sharing/exposing your files. Or have a catastrophic system failure, major fire, earthquake... I hope that some of my files' backups are stored across multiple data centres, but I don't know. As far as I'm concerned having some copies of many of my files on Dropbox's systems is useful but I certainly wouldn't want to rely solely on it. I am planning as I have a Rackspace account too (and am storing less there than I could for their new minimum monthly charge) to start uploading backups to them... when I find the time to do it. > ... if everyone stored all their files in the cloud, presumably this would greatly diminish the negative impact of ransomware criminals. Not if an infected machine can see and alter those files. And let's face it, having your everyday files in the cloud is not of much practical use (except for backup) unless you can see and alter them.
  22. For rolling-back multiple files (with Dropbox) I think one has to ask their support staff to do it. One minor annoyance I have with Dropbox is that if one wants to examine the contents of a set of previous versions of a file there doesn't seem to be a way to download a set (eg all versions from a specific day or week) at once. One has to do it one by one. And although their system clearly knows the date & time that a file changed, and displays it ... the download option doesn't insert the date/time stamp into the default filename... so if you do want to download multiple versions it's much more fiddly than it needs to be. Also, plain text files with uncommon extensions (eg a lot of mine are ".rex" or ".txtplain") are not classed as viewable online so have to be downloaded to be examined. I can understand that they only directly support common extensions - see: https://help.dropbox.com/files-folders/file-types-that-preview - but a "view as plain text" option would have been great. At some point I'm going to experiment with rclone - https://rclone.org/ - to see if I can write scripts for working with files held in Dropbox (or elsewhere, eg my Rackspace account). A quick look at the rclone documentation doesn't make it clear whether it supports access to old versions of files, though.
  23. I'm not sure about the free version of Dropbox, but the paid version has 'file versioning' which means that if a file has changed in the last n days, Dropbox will have the current version and the older one(s). The basic paid product stores all versions of files over the last 30 days, though you can pay more and have a year's worth stored. If you do have versioning, if some malware destroys files, then provided you notice this within n days, you should be able to recover the older versions alright (though you'd need to do that on a 'clean' machine). Not surprisingly, the versioning is automatic if you're running the Dropbox desktop client. If you don't do that and instead just upload files to online storage when you choose to, you're probably not going to be able to find older versions.
  24. As do I. I'm always amazed at the number of issues Stapp finds, suggesting she/he explores the whole GUI quite often. But I tend not to, just instead to recheck the behaviour of any section I had recently noticed wasn't working the way I expected. Of course any of us might stumble across something ...