RSLCS

Member
  • Content Count

    10
  • Joined

  • Last visited

Community Reputation

1 Neutral

About RSLCS

  • Rank
    Member
  • Birthday 02/20/1964

Contact Methods

  • Website URL
    http://rslcomputers.com/

Profile Information

  • Gender
    Male
  • Location
    Hamilton, Ohio
  • Interests
    Custom builder of desktop and server systems,
    amateur radio, software and owner of RSL Computer Solutions, LLC
  1. A few minutes ago I received the following email pretending to be from Emsisoft: Title: Invoice(s) due Email address used to send from in my case is: Emsisoft <[email protected]>; (Emsisoft via thealtar.info) Header info: Received: from CY4PR10MB1989.namprd10.prod.outlook.com (2a01:111:e400:7a4d::51) by BN6PR10MB1986.namprd10.prod.outlook.com with HTTPS via BN3PR03CA0091.NAMPRD03.PROD.OUTLOOK.COM; Mon, 19 Aug 2019 09:39:22 +0000 Received: from MWHPR10CA0050.namprd10.prod.outlook.com (2603:10b6:300:2c::12) by CY4PR10MB1989.namprd10.prod.outlook.com (2603:10b6:903:11a::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2178.18; Mon, 19 Aug 2019 09:39:21 +0000 Received: from SN1NAM01FT044.eop-nam01.prod.protection.outlook.com (2a01:111:f400:7e40::200) by MWHPR10CA0050.outlook.office365.com (2603:10b6:300:2c::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2178.16 via Frontend Transport; Mon, 19 Aug 2019 09:39:21 +0000 Authentication-Results: spf=none (sender IP is 173.201.192.186) smtp.mailfrom=thealtar.info; rslcomputers.com; dkim=none (message not signed) header.d=none;rslcomputers.com; dmarc=fail action=quarantine header.from=emsisoft.com;compauth=fail reason=000 Received-SPF: None (protection.outlook.com: thealtar.info does not designate permitted sender hosts) Received: from p3plwbeout14-03.prod.phx3.secureserver.net (173.201.192.186) by SN1NAM01FT044.mail.protection.outlook.com (10.152.65.225) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.2178.16 via Frontend Transport; Mon, 19 Aug 2019 09:39:20 +0000 Received: from p3plgemwbe14-06.prod.phx3.secureserver.net ([173.201.192.155]) by :WBEOUT: with SMTP id ze7lhNK5aCOgBze7lhwknU; Mon, 19 Aug 2019 02:38:49 -0700 X-SID: ze7lhNK5aCOgB Received: (qmail 27063 invoked by uid 99); 19 Aug 2019 09:38:49 -0000 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="utf-8" X-Originating-IP: 185.232.22.204 User-Agent: Workspace Webmail 6.9.59 Message-Id: <[email protected]mail14.godaddy.com> From: "Emsisoft" <[email protected]> X-Sender: [email protected] Reply-To: "Emsisoft" <[email protected]> To: Subject: Invoice(s) Due Date: Mon, 19 Aug 2019 02:38:45 -0700 Mime-Version: 1.0 X-CMAE-Envelope: MS4wfNBVZhrgbzXKdfKr1g3R1v01SOMJCYE71uYLEPOCW6VDE41cWKCv7iHHNTdC6CSMpKrRBN9gzyc6R+x1ZE9gEE58qyHEvRbUeO3sWK/Ri6lGI+ly5Vu5 2vf/q1wNG30vIoGlPuQpfq/tBA6juYsp/5fyBnkXgt9EfEXcSAhUtSyb2dhk8XxuyKhq0EaMYn1kljHRTU14NKeJP5MjPspAqxw= Return-Path: [email protected] X-MS-Exchange-Organization-ExpirationStartTime: 19 Aug 2019 09:39:20.6845 (UTC) X-MS-Exchange-Organization-ExpirationStartTimeReason: OriginalSubmit X-MS-Exchange-Organization-ExpirationInterval: 1:00:00:00.0000000 X-MS-Exchange-Organization-ExpirationIntervalReason: OriginalSubmit X-MS-Exchange-Organization-Network-Message-Id: 76c22b4c-30f7-46be-477e-08d724891cb3 X-EOPAttributedMessage: 0 X-EOPTenantAttributedMessage: dff0cfe4-0774-41ed-a299-d72b333064a1:0 X-MS-Exchange-Organization-MessageDirectionality: Incoming X-Matching-Connectors: 132106811607365733;();(30aae98b-e46d-47eb-c8af-08d3b25b0f82,ff47d72d-0fa9-4508-46b6-08d429cf5cf9,4aa9d499-1c82-4814-693f-08d51fe40331) X-Forefront-Antispam-Report: CIP:173.201.192.186;IPV:NLI;CTRY:US;EFV:NLI;SFV:SPM;SFS:(10001);DIR:INB;SFP:;SCL:5;SRVR:CY4PR10MB1989;H:p3plwbeout14-03.prod.phx3.secureserver.net;FPR:;SPF:None;LANG:en;CAT:SPM; X-MS-Exchange-Organization-AuthSource: SN1NAM01FT044.eop-nam01.prod.protection.outlook.com X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 76c22b4c-30f7-46be-477e-08d724891cb3 X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(5600148)(711020)(4605104)(4710121)(4712094)(1403117)(71702078)(7193020);SRVR:CY4PR10MB1989; X-MS-TrafficTypeDiagnostic: CY4PR10MB1989: X-MS-Exchange-PUrlCount: 1 X-MS-Oob-TLC-OOBClassifiers: OLM:8882; X-MS-Exchange-Organization-SCL: 5 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 19 Aug 2019 09:39:20.5254 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 76c22b4c-30f7-46be-477e-08d724891cb3 X-MS-Exchange-CrossTenant-Id: dff0cfe4-0774-41ed-a299-d72b333064a1 X-MS-Exchange-CrossTenant-FromEntityHeader: Internet X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR10MB1989 X-MS-Exchange-Transport-EndToEndLatency: 00:00:01.8374783 X-MS-Exchange-Processed-By-BccFoldering: 15.20.2178.000 X-Microsoft-Antispam-Mailbox-Delivery: dwl:1;ucf:0;jmr:0;ex:0;auth:0;dest:I;ENG:(20160513016)(750119)(520011016)(520008050)(702028)(944506383)(944626516); X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?zxTIkmxboA8V3HWwi2SWFCPnZs4f45S1m/nHTLKnr4HKWtXjcqLKzGpHYrQ1?= =?us-ascii?Q?Fp8H5p7fUFZBfDvqnygf5XZoWluTqwKJqHLQLR/+MQXILfUnAQdTrkoVUNuS?= =?us-ascii?Q?HEUsBMrSz8tS3yAGVGgje8/7AM140W24Tqlzc++N/6OGsfiYpjkuyrZgwDsr?= =?us-ascii?Q?splE9rOc88b1ccUQGqKieYy/udeq/Pmd6YpqRnXPW2sLYNJ2UeTYNCUtsYYi?= =?us-ascii?Q?Fc3dsbZUTr6oCRDZrMmPPyZEkZpNuxq0wua0XNRvDamdyOWjgbB8J0II2tY2?= =?us-ascii?Q?2y/WtZ8yoN/XwcqKDl33xjPDIGTBq8t2Y7RtwdcmxMVgvswB7AwQFrN+IIY/?= =?us-ascii?Q?TWiBmw5qJYb0vIxUfTFI+f9ON/8fRSiIrlvvURhLKkwiY12Izm2SC0b3EuSP?= =?us-ascii?Q?7dQDLhf78CyJO42XKDrtYpd40bLe+GC9Li4yuEeBy8bgru5W5YFxf+diJnpK?= =?us-ascii?Q?l/aRWFCpjfrmcldpUcQZW1/O1Py+5HeQ5YyQ1U3wTjY92br4PEgV2gra4EyB?= =?us-ascii?Q?5UTXbAf2vRwcweFkGuL89QwDG928QQeH94EO8GLOSjZW7mbPMzVHbLjLM8iV?= =?us-ascii?Q?ZOKIL/iyLUQnNGrXnFsBOvVmUFq+ZTSksEWBpaayeQrax/qOHljRBm5bQQuc?= =?us-ascii?Q?5dmgS5Z545wFUA95NEkiUN8TY9OeFdoeVQ28hhUghHCFeTnesL4mlhQw3HI8?= =?us-ascii?Q?axTIa7EblveXKYroxaeat/X+CTIw3jSneJhpyyko4pSDBiMiY9Q9kSqkA3We?= =?us-ascii?Q?e3ai+8n0PxjZEb2KPL9Knj6zyOjam+zns388wov0zWqkH5zhK0+h9gqVh6hA?= =?us-ascii?Q?t5UHRe0HZGwx/jowtsGey+/EKv5Ga+eesQjUCsffLtIsYtX2J4e76F3cOzy1?= =?us-ascii?Q?Z1R4vZwHqPqe5fL5r5UnIYu51RpOmcr0DvlKvgfQ8bIbUpRQKbJ9sgIsgwPc?= =?us-ascii?Q?HZMsJjj7NEfes5AgNd3Eu3unEsNZp7cJyK7Pl0Sg+cVqV7pW5d+9fcH0LHuL?= =?us-ascii?Q?ikxyu4Gkb9tWeydxi7u8nuLTsfCqjVpQ1yO+PuXpNxHF8YfvmRVbWBVVc849?= =?us-ascii?Q?dJp4b6/3/I+1xj319lehdBYAl2eN7a7Or5Anj3RWKVGwhy7YU4yeGL6rakBA?= =?us-ascii?Q?V++x0Ejjqwvm+2F1LTlP7whfLWkMySMQoLx2srdtT2fSsJzlrVTt4aHv9yvZ?= =?us-ascii?Q?aY/jfIdBmRBH+YtaTf/OslPVPQCQvtBgnnTou+u+jSTxXt3EcIDELEC1UZa7?= =?us-ascii?Q?bXSIz2JWe1frgmWUO0v5mYgX4vUYEC7IcEWh97ef6VUG6NsITAubTWyaVIDu?= =?us-ascii?Q?E4Q4Y++2D+mAmG3kfRwgJQKEdKJHeyd880RxkKfPgjq5exDs4dnnplvMAc9H?= =?us-ascii?Q?FtxVXPZfyU3AHn9v7UmLdvKpgh7Hqt3GSohCe1gEDDGPAS9BiQ4YVtnLI4dc?= =?us-ascii?Q?ROAZVYlsHGDCNT1LWmC7i87zWkVEqllLDwzwZwTQlIME8klgfrKUOWs26Bx1?= =?us-ascii?Q?xZ9tlkl0o713MvU=3D?= Here is the email message I received Hello Mr/Mrs, acknowledge this message is for our record purposes. Kindly re-confirm to us with the status of our Due invoices, as we currently have to give you a new updated Bank information. I will like to draw your attention to the fact that due to high taxes imposed by the government, we no longer receive payments in our local account. Hence the reason for our earliest mail to you. Subsequently to your acknowledgement of this mail, please let me know when you will be making payment to enable me send you our updated account information. We apologies for any inconvenience this may bring to you. Your immediate response will be highly appreciated, and if you do have any Question, do let us know. Regards, Mrs Joy Accounting Team
  2. Tunnel fun https://t.co/6jpAguX0FX

  3. Protecting your system against viruses is like dealing with a moving target. Once an antivirus program knows how... https://t.co/V3cuD0kmks

  4. Had they been running a good RMM service it would have identified these missing patches and security flaws and... https://t.co/tmYrerrL1J

  5. Over 4,000 ElasticSearch Servers Found Hosting PoS Malware Files https://t.co/M41vefkgWJ

  6. Yep personally, I'm still enjoying my Windows Phone and for good reasons...... https://t.co/QSh88l610g

  7. I have a customer on beta it was also detected on his machine a well. so the above is in correct Also my point about the Windows defender finding was, Yes many users and customers only have Emsisoft running, however many a Windows update will indeed turn on Windows Defender, also noted at times while on some computers I have been servicing remotely or on site I have seen cases were customer has a really slow internet connection and there is a big lag between updating and applying the new services Windows thinks there is no antivirus installed so it turns on Windows Defender as well. And for these folks whom have Defender on ( like it or not or even not aware it is running) the needed a2hooks64.dll get either quarantined or even worse removed then Emsisoft isn't running at all. Rick RSL Computer Solutions, LLC
  8. I turned on PC this morning and have both Emsisoft and a perodic scan using Windows Defender enabled (Been set that way for some time now) anyway Defender uprooted its ugly head this morning over a file in Emsisoft: I know this file is part of Emsisoft antimale, but could it have really become infected with some ransom crap or is this a false finding with Windows Defender: results of scan below ... Category: Trojan Description: This program is dangerous and executes commands from an attacker. Recommended action: Remove this software immediately. Items: file:C:\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll curios of those running Win 10 64 Bit and emsisoft, if you run a windows denfender scan are you getting this as well? Perhaps Microsoft at its game again: Eliminate all competition even if disassembling a great A/V to risk customers potential Bull-Shit invasions that defender has no idea how to handle, and curls up in a fetal position while your Pc is ravaged, raped of data and destroyed. sold on the black market to who knows who and your credit and life become a dark blanketed cesspool of pain and burden.. No Thanks defender I am not quarantining or disabling this until get the word from Emsisoft to do so! PC O/S: Windows 10 Version 1607 for x64-based Systems Emsisoft Antimalware: Version 2017.1.0.7125 windows Defender info: Antimalware Client Version: 4.10.14393.0 Engine Version: 1.1.13407.0 Antivirus definition: 1.235.1637.0 Antispyware definition: 1.235.1637.0 Network Inspection System Engine Version: 2.1.12706.0 Network Inspection System Definition Version: 116.72.0.0
  9. While supply last now just $32.99 https://t.co/BIgannqWIp

  10. Christian, I have a client on a windows 7 64 bit pro machine that Emsisoft Anti-Malware has stopped running/loading on as well- I like the above user used add and remove programs to in install , then rebooted and tried to install , continue to get the , Emsisoft is already installed warning , should I run the emsiclean tool like above or can I delete some registry entries to allow me to install the product again.. the Emsisoft folder is not present in the program directory and the only references to Emsisoft I see are a few in the registry.. also I know that this client also uses MS essentials and weekly runs the Microsoft MRT tool. and I suspect possibly one of these has broken Emsisoft , recently with one of there updated definition files, as they had all been working together for the last couple months, as far as I am aware from info I got from client Emsisoft apparently stopped early or mod last week, they run the other two on Fridays when they leave office, which is why I suspect one of the other MS tools has broken Emsisoft.. I am going to try and password Emsisoft when I get it re installed in hopes that if they continue to use the MS tools as well it wont in-install or break Emsisoft again, along with trying to add Emsisoft to a white list, in Essentials Thanks, Rick
  11. Just ran a manual update here as well and so far it appears to be working, Thanks Guys!
  12. I just checked with 7 customer of mine and they all have this issues as well, this ranges from Windows 7 32/64 bit , a windows 8.1 system and windows 10, It doesn't appear to be O/S version based , more of something in the latest Anti-Malware release
  13. Last evening when I revived the software version update for antimalware and it installed I have NOT Revived any definition updates since that time, last update was over 10 Hours ago, (Windows 10 Professional 64 Bit) Also I was installing for one of my customers last evening as well as I was cleaning up his system, before updated version all was working correctly , after the update to 11.5.1.6247 that system also has not received any definition updates as well for over 10 hours. (Windows 10 Home 64 Bit) I have also checked my two sandbox systems and they as well received the software update and are no longer receiving definition updates either. Bad thing is I was just telling the customer above how Emsisoft stays ahead in there definition updates and its not uncommon to see the updates take place numerous times a day. What's going on? is this a bug in the new version? since updates don't appear to be taken place how do I fix these systems and those of many customers here is a cut and paste of update log file as well: Emsisoft Anti-Malware - Version 11.5 Update log Start Date End Date Result Type 3/22/2016 08:26:06 3/22/2016 08:26:07 No modules for downloading Manual update 3/22/2016 08:26:03 3/22/2016 08:26:04 No modules for downloading Manual update 3/22/2016 08:26:00 3/22/2016 08:26:01 No modules for downloading Manual update 3/22/2016 08:25:57 3/22/2016 08:25:58 No modules for downloading Manual update 3/22/2016 08:25:55 3/22/2016 08:25:56 No modules for downloading Manual update 3/22/2016 08:25:48 3/22/2016 08:25:49 No modules for downloading Manual update 3/22/2016 08:24:45 3/22/2016 08:24:46 No modules for downloading Manual update 3/22/2016 08:24:09 3/22/2016 08:24:10 No modules for downloading Manual update 3/22/2016 08:24:06 3/22/2016 08:24:07 No modules for downloading Manual update 3/22/2016 08:24:02 3/22/2016 08:24:03 No modules for downloading Manual update 3/22/2016 08:23:21 3/22/2016 08:23:22 No modules for downloading Manual update 3/22/2016 08:23:10 3/22/2016 08:23:11 No modules for downloading Manual update 3/22/2016 08:20:15 3/22/2016 08:20:16 No modules for downloading Manual update 3/22/2016 08:20:13 3/22/2016 08:20:14 No modules for downloading Manual update 3/22/2016 08:20:11 3/22/2016 08:20:12 No modules for downloading Manual update 3/22/2016 08:20:09 3/22/2016 08:20:10 No modules for downloading Manual update 3/22/2016 08:20:06 3/22/2016 08:20:07 No modules for downloading Manual update 3/22/2016 08:20:04 3/22/2016 08:20:05 No modules for downloading Manual update 3/22/2016 08:20:02 3/22/2016 08:20:03 No modules for downloading Manual update 3/22/2016 08:20:00 3/22/2016 08:20:01 No modules for downloading Manual update 3/22/2016 08:19:58 3/22/2016 08:19:59 No modules for downloading Manual update 3/22/2016 08:19:55 3/22/2016 08:19:56 No modules for downloading Manual update 3/22/2016 08:19:53 3/22/2016 08:19:54 No modules for downloading Manual update 3/22/2016 08:19:50 3/22/2016 08:19:51 No modules for downloading Manual update 3/22/2016 08:19:48 3/22/2016 08:19:49 No modules for downloading Manual update 3/22/2016 08:19:45 3/22/2016 08:19:46 No modules for downloading Manual update 3/22/2016 08:06:24 3/22/2016 08:06:25 No modules for downloading Manual update 3/22/2016 08:06:19 3/22/2016 08:06:21 No modules for downloading Manual update 3/22/2016 08:06:15 3/22/2016 08:06:16 No modules for downloading Manual update 3/22/2016 08:06:10 3/22/2016 08:06:11 No modules for downloading Manual update 3/22/2016 07:59:20 3/22/2016 07:59:22 No modules for downloading Automatic update 3/22/2016 06:52:20 3/22/2016 06:52:22 No modules for downloading Automatic update 3/22/2016 05:45:20 3/22/2016 05:45:22 No modules for downloading Automatic update 3/22/2016 04:38:20 3/22/2016 04:38:22 No modules for downloading Automatic update 3/22/2016 03:31:20 3/22/2016 03:31:21 No modules for downloading Automatic update 3/22/2016 02:24:20 3/22/2016 02:24:21 No modules for downloading Automatic update 3/22/2016 01:17:20 3/22/2016 01:17:21 No modules for downloading Automatic update 3/22/2016 00:35:50 3/22/2016 00:35:54 No modules for downloading Automatic update 3/21/2016 23:28:35 3/21/2016 23:28:36 No modules for downloading Automatic update 3/21/2016 22:21:35 3/21/2016 22:21:36 No modules for downloading Automatic update 3/21/2016 21:14:35 3/21/2016 21:14:41 Update successful Automatic update 3/21/2016 20:07:28 3/21/2016 20:07:35 Update successful Manual update 3/21/2016 19:09:02 3/21/2016 19:09:10 Update successful Automatic update 3/21/2016 18:02:02 3/21/2016 18:02:06 Update successful Automatic update 3/21/2016 16:55:02 3/21/2016 16:55:06 Update successful Automatic update 3/21/2016 15:48:02 3/21/2016 15:48:05 Update successful Automatic update 3/21/2016 14:41:02 3/21/2016 14:41:06 Update successful Automatic update 3/21/2016 13:34:02 3/21/2016 13:34:06 Update successful Automatic update 3/21/2016 12:27:02 3/21/2016 12:27:06 Update successful Automatic update 3/21/2016 11:20:02 3/21/2016 11:20:06 Update successful Automatic update