stapp

Global Moderator
  • Content Count

    3067
  • Joined

  • Last visited

  • Days Won

    52

Everything posted by stapp

  1. You have already posted here https://support.emsisoft.com/topic/30704-kroput-new-ransomware-attack/?tab=comments#comment-191201
  2. It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with to this site here: https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply if you would like one of our experts to review them.
  3. I tend to just double-click on the Update entry when I want to see it Alan. I tend to do that with all the entries in the Forensic logs. Does it work for you?
  4. It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with to this site here: https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply if you would like one of our experts to review them.
  5. As there was no answer to the above question I am asking it again using build 9269 on Win 10 :) In EAM advanced settings, I turn off (untick) Start with Windows and restart (fast boot disabled) Upon restart there is no icon in taskbar but taskmanager shows EAM protection service running. Windows Security Center seems a bit unsure about what is happeneing. Then the Security Center says I have to open EAM to fix things. After I click on that message EAM is open and all is running normally and taskmanager shows all 3 EAM items. Can you say what exactly NOT starting with Windows does?? (also you have to remember to re-tick start with Windows)
  6. It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply if you would like one of our experts to review them
  7. It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ You can paste a link to the results into a reply if you would like one of our experts to review them.
  8. Please follow the steps here and attach the requested logs so that one of our experts can help you. https://support.emsisoft.com/announcement/2-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread/
  9. Perhaps also post the Fabar Recovery Scan Tool as requested here and attach the log so our experts can see it. https://support.emsisoft.com/announcement/2-start-here-if-you-dont-we-are-just-going-to-send-you-back-to-this-thread/
  10. Danke, Icewolf. Mein Deutsch ist schrecklich !! Wenn Sie den Cursor hier positionieren, werden Uhrzeit und Datum angezeigt.
  11. I had my browser open, EAM update slide appeared, I opened notepad which is pinned to my taskbar, and dismissed EAM update slide. Notepad was minimised back to the taskbar leaving the browser. EAM build 9269 on Windows 10.
  12. Siehe hier.. https://support.emsisoft.com/topic/30508-build-9204/?tab=comments#comment-190523
  13. It may help identify the ransomware.
  14. Did you try uploading the ransom note?
  15. No, the link to what it said here when you uploaded the files to it https://id-ransomware.malwarehunterteam.com
  16. Can you paste a link to the result?
  17. It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ You can then paste a link to the results into a reply so one of our experts can review them.
  18. It is recommended to upload a copy of the ransom note along with an encrypted file to ID Ransomware so that you can verify which ransomware you are dealing with: https://id-ransomware.malwarehunterteam.com/ You can then paste a link to the results into a reply if you would like one of our experts review them.
  19. Can I just clear something up. I have another machine with Win 10 and EAM, so I turned off 'start at Windows start up'' and re-booted machine. After boot there was no EAM in system tray. However in Task Manager Emsi Protection Service is shown as running and Windows Security Center shows it as being on. What exactly does turning off ''start at Windows start up''' do? Does it just turn off real time protection and remove sys tray icon?
  20. https://support.emsisoft.com/topic/30471-beta-9188/?tab=comments#comment-190459
  21. Even with ''start with Windows'' unticked EAM still starts at next boot. I've reported this in beta forum. Perhaps its a cosmetic issue?
  22. EAM still starts with ''start with windows'' unticked' after restarting my machine. Fast boot is disabled
  23. Win 10 1809 I have a machine upstairs that I use every couple of days. I updated it this morning to build 9204. After reading here about an issue https://support.emsisoft.com/topic/30517-update-to-version-2019109204-disabled-windows-startup/ I went upstairs to allow it to update to new build 9207 but had a look first and 'start with Windows' was unticked. However it had no problem updating or starting with Windows so I wonder if it is cosmetic? It is still unticked so I will restart machine and see what happens. Here are debug logs in case they help a2start_20190201090648(7192).zip