Fabian Wosar

Emsisoft Employee
  • Content count

  • Joined

  • Last visited

  • Days Won


Fabian Wosar last won the day on January 4

Fabian Wosar had the most liked content!

Community Reputation

374 Excellent


About Fabian Wosar

  • Rank
    Forum Veteran

Contact Methods

  • Website URL
  • Skype

Profile Information

  • Gender
  • Location
  • Interests
    Breaking ransomware

Recent Profile Visitors

50702 profile views
  1. Indem Du die Option abschaltest. Nur wenn die Option aktiviert ist, wird der Filter benutzt. Ansonsten wird alles gescanned.
  2. Emsisoft Anti-Malware ist vollständig mit dem Windows Update kompatibel. Wir haben ausserdem grade ein Update für alle Nutzer des Beta, Stable und Delayed Update Trees veröffentlicht, dass den entsprechenden Kompatibilitätsmarker in der Registry platziert. Wir möchten an dieser Stelle zu bedenken geben, dass Microsoft den selben Kompatibilitätsmarker für alle Anti-Virus und Anti-Malware Anwendungen verwendet. Sollten also mehr als ein Anti-Virus oder Anti-Malware Programm in Benutzung sein, besteht das Risiko das eine der Anwendungen, wie Emsisoft Anti-Malware z.B., das System als kompatibel markiert, obwohl eines der anderen installierten Sicherheitsprodukte nicht kompatibel ist. Es gibt für uns leider keine Möglichkeit dies zu verhindern oder abzufangen, da Microsoft die Verwendung mehrerer Schutzprogramme auf dem selben System schlicht nicht vorsieht. Dies ist übrigens ein perfektes Beispiel dafür, wieso wir seit Windows 10 von der parallelen Verwendung mehrerer Sicherheitsprogramme abraten. Weitere Informationen, gibt es auch in unserem Blog.
  3. Emsisoft Anti-Malware is compatible with the Windows update. We also just published an update that sets the compatibility flag for all users of the beta, stable and delayed update feed. Keep in mind, that Microsoft uses the same flag for all anti-virus vendors. That means if you are using multiple anti-viruses or anti-malware applications, you are risking one of those products, like Emsisoft Anti-Malware, flagging the system as compatible, even though one of your other products is not compatible. There is, unfortunately, nothing we can do to prevent this as Microsoft does not account for the scenario of multiple security products being installed on the same system. This is the perfect example why we are recommending against using multiple security products in parallel. For further information, feel free to stop by our blog.
  4. CLOSED Emsiclean.exe

    It X-es out an existing installation so to say
  5. Deleting old signature files

    Our signatures are the *.sig files with the names based on dates. However, we do use two scan engines. Our own and the Bitdefender engine. The Bitdefender signatures are stored in the Signatures\BD folder and those take up about 500 MB.
  6. Deleting old signature files

    EAM will take care of the signature files on its own. No need to do anything. If you try to delete any of the files, they will just be redownloaded again. Our signatures account for about 13 MB. I don't think you will notice that compared to the Bitdefender signature database, which is about 500 MB with the cache.
  7. Language Files

    The self-protection protects the entire EAM directory, which includes the language files. In addition, upon update, it will simply re-download the missing language files.
  8. Stampado Issues

    The encrypted files are useless. We will require the ransomware executable that encrypted those files in order to extract the necessary information.
  9. EMSI with Bitdefender engine

    This question has been answered many times before. But to repeat the answer: The whole world product tests do not simply evaluate the on-demand scan performance of products but test all protection layers of a product. Essentially the attack vector is being replicated exactly as it would happen in the real world and the products get a chance to protect the system on many different layers. Signature detection, which is the part we licensed from Bitdefender, just being one of many layers. AV-C doesn't release detailed information about what infection is being blocked at which layer, which means nobody but them know how these scores break down exactly. So while EAM and Bitdefender will always perform comparatively when it comes to just the signature-based detection, other areas, like the URL blocking, for example, will not.
  10. Stampado - no email or id

    Stampado doesn't use a bitcoin address. It uses an ID and email. Philadelphia uses a bitcoin address and is visually extremely similar. So I suggest you try the Philadelphia decrypter instead.
  11. How do I find the version number?

    Putting it into the context menu of the systray icon is just as hidden as it is now and wouldn't fix the issue at all. The reality is: Most users don't care and if you want to make sure you have the latest version, you should hit the update button instead of comparing the numbers, as the update will ensure you have the latest version appropriate for your currently selected update tree. For those who truly want to see the version numbers all the time, we have the workaround with removing the renew link and replace it with the version number instead. It's a one-time click that permanently gets you what you want.
  12. .losers

    Can you please upload the ransom note and one encrypted file to https://id-ransomware.malwarehunterteam.com and post the result link here? Thanks.
  13. Seit heute stürzt Acrobat ab.

    Das Update befindet sich zwischenzeitlich im Beta Updatezweig. Falls einer derjenigen, die von dem Problem betroffen sind mal kurz testen möchte ob das Problem auf Ihrem System damit behoben ist.
  14. Seit heute stürzt Acrobat ab.

    Jemand anderes hat mittlerweile einen Dump eingeschickt. Ein Fix sollte im Laufe des Tages zur Verfügung stehen via Beta Updates.