Fabian Wosar

Emsisoft Employee
  • Content count

  • Joined

  • Last visited

  • Days Won


Fabian Wosar last won the day on March 17

Fabian Wosar had the most liked content!

Community Reputation

405 Excellent


About Fabian Wosar

  • Rank
    Forum Veteran

Contact Methods

  • Website URL
  • Skype

Profile Information

  • Gender

Recent Profile Visitors

45969 profile views
  1. Email is: [email protected] Salt is: Wosar is watching porn on the college. Put both into the decrypter, then hit the calculate button to generate the ID and try to decrypt your files
  2. The salt should be: The researcher is opening xvideos in New York.
  3. OP didn't even post a question, so how and what exactly should I answer to? It's just another "next-gen" AV reseller that creates little videos to scare everyone to jump onto the next-gen train and increase their profit. We never cared for POC malware. Lots of things are possible and if anyone cared to, they could produce dozens, maybe even hundreds of bypass videos every day for every single product out there.
  4. If you are concerned about PowerShell: Uninstall it. Most people don't need it anyway. It's one less infection vector to worry about.
  5. https://cc.emsisoft.com is not a shopping website. You don't put in your credit card details or anything really in there at all. The shopping website is using https://shop.emsisoft.com, which has never used Cloudflare. Other than that, the problems with Tor users and Cloudflare are a known and well documented issue. Not a lot of our customers use Tor, so the benefits of using Cloudflare outweighs the drawbacks for us.
  6. At the time of the posting, the statement was true. We did expand the CloudFlare usage since then.
  7. Great you got your files back
  8. Version updates happen automatically. However, we don't update the uninstall entry which always refers to the version you installed. You can view the version number by clicking on the "EMSISOFT" on the top left. You can also display the version number permanently on the user interface by hovering over the "Renew" link in the License block. An X should appear to remove the link from the UI and make room for the version number.
  9. We don't and haven't for almost a year now.
  10. I suggest having a quick read here: http://www.kernelmode.info/forum/viewtopic.php?f=2&t=4687 There is really nothing else to add. Just some cheats trying to pass off publicly available knowledge as groundbreaking and original research.
  11. Locking this thread as discussion moved to PM.
  12. It's actually not really a crash issue. But yes, I will keep you updated.
  13. If it works on your system, there is no need to change anything.
  14. Would you mind sharing the actual sample or alternatively the hash of the sample with us? It's hard to pull out a malware file from a screenshot