Emsisoft Anti-Malware & Emsisoft Internet Security 11 has been released

Discussion in 'other anti-malware software' started by Fabian Wosar, Nov 12, 2015.

  1. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,222
    Location:
    USA
    Are you also running WinPatrol? I have been having trouble with it lately with EIS. a2guard.exe was not on WinPatrol's startup list when I did a clean install of EIS. Had to manually add it.
     
  2. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,024
    Location:
    Christchurch, UK
    I assume that you mean that the system tray icon was not loading?

    There were reports of this problem with version 10, but this was supposedly fixed with EAM 11; http://support.emsisoft.com/topic/18632-real-time-protection-service-not-running-after-update/

    There have been similar reports with EIS 11; http://support.emsisoft.com/topic/19164-emis-11-tray-icon-not-showing/

    Personally I have not seen this with EAM on my laptop running WIN 10, but a recent thread thread over on the Emsisoft Forums may be relevant to your problem as some solutions are suggested; http://support.emsisoft.com/topic/1...esnt-load-on-startup-no-tray-icon-windows-10/

    Otherwise I would post over on their Forum where one of their support staff will probably ask you to supply logs from their Farbar Recovery Scan Tool (FRST)-(but take into account the holiday period).

    PS IMHO it may also be related with running the "buggy" WIN 10 rather than solely with EAM.
     
  3. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,712
    Location:
    Zagreb, Croatia
  4. javagreen

    javagreen Registered Member

    Joined:
    May 2, 2005
    Posts:
    96
    Thanks for your responses guys!

    @G1111 - No, I've never used WinPatrol so far.

    @Blackcat - thanks a bunch for the links. I had enabled beta updates when I was on EIS, but it still used to happen nonetheless. I haven't enabled the beta update channel on EAM yet, I guess I should. It may very well be related to a Win10 issue as you suggested, I'll check the threads you've linked.

    @siketa - Thanks, I'm going to enable the beta updates on EAM now.
     
  5. Ripcord

    Ripcord Registered Member

    Joined:
    Jun 18, 2011
    Posts:
    117
    can't believe my computer just got hijacked by ransomware...got a phone # to call 1-855-999-8048...Has anyone heard of this?.... PLEASE DON'T CLICK LINK... ..www.indianfolkpaintings.com./zeus-virus-alerts/warning.htm?? running EIS latest version,Hitman Pro real time and Malwarebytes on demand. Whats odd Firefox is ok,Mircosoft edge is hijacked only. This wasn't picked up on a porn site I got hit on Zero Hedge.com I believe. Big let down for all 3 security programs I'm running.
     
    Last edited: Dec 29, 2015
  6. ReverseGear

    ReverseGear Registered Member

    Joined:
    Mar 21, 2010
    Posts:
    1,537
    Location:
    Mumbai
    MBAM is on demand how is it mbam's fault . and by hmp do you mean hmp alert ?
     
  7. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    10,411
    Location:
    UK
    That link is just an URL ransomware, it doesn't harm the computer.

    Emsisoft have just added the URL to their surf protection list.
     
  8. pegr

    pegr Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2,281
    Location:
    UK
    I don't want to take this thread off topic, but have you considered sandboxing the browser as additional protection against zero-day threats? You've got a great antimalware solution in EIS, but maybe consider supplementing it with something like Sandboxie or AppGuard as an extra security layer. Just a thought ...
     
  9. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,843
    Location:
    localhost
    ...and out of curiosity how exactly you got infected? What kind of pop-ups you got from your security tools, if any? Thanks!
     
  10. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    6,549
    Location:
    U.S.A.
    Yeah, sounds like one of the "fake" ransomware variants. These attempt to trick user into believing they're infected, call the phone number, and pay the ransom.
     
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    19,938
    That sounds about right. From my testing EIS/EAM against real ransomware, it is always first to alert.
     
  12. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,843
    Location:
    localhost
    ah.. then its clear... There wasn't anything to block, just the URL.
     
  13. Ripcord

    Ripcord Registered Member

    Joined:
    Jun 18, 2011
    Posts:
    117
    maybe so but the URL ransomware has the browser locked as of now....this is the 2nd time this has happen to me. The 1st time I was able to shut down the brower,this time no alert from my security tools. And yes I do need another layer of protection because this isn't cutting it...At this time not sure how to remove this from my system.
     
    Last edited: Dec 29, 2015
  14. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    4,680
    Location:
    New York City
    You have to kill the browser process using Task Manager. You can restore other instances of Chrome that were open. Not sure about other browsers.
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    19,938
    Use Sandboxie. Makes it easy to kill, and also deletes everything. Oh and besides that it prevents anything on your system from being encrypted. Encrypted files are written, but in the Sandbox
     
  16. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    6,549
    Location:
    U.S.A.
  17. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    6,549
    Location:
    U.S.A.
    Version 11.0.0.6131 released.

    Thanks Emsisoft for finally fixing the scheduled update issue. Works like a charm. Update will not occur outside the times specified.
     
  18. Magic_The

    Magic_The Registered Member

    Joined:
    Jun 24, 2015
    Posts:
    33
    Hey guys do you know if Emsisoft protects boot time? like in this video:

    Eset can protect from Ransomware lockers, https://www.youtube.com/watch?v=RbxXZlJ2iAs
     
  19. SHvFl

    SHvFl Registered Member

    Joined:
    May 7, 2015
    Posts:
    832
    Unfortunately cruelsister1 can't test Emsisoft because she and Emsisoft disagree on certain testing preconditions. Maybe Emsisoft can do the test on their own.
     
  20. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,712
    Location:
    Zagreb, Croatia
    Last edited: Feb 7, 2016
  21. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    6,549
    Location:
    U.S.A.
    Appears Eset has finally started monitoring program startups in the %AppData% folders using its HIPS or it detected the malware using a signature. I believe the later might be the case.

    CruelSister needs to test with some recent 0-day ransomware. That is the only way to truly gauge a product's ransomware protection. Also he needs to test with ransomware that creates its payload in folders like Program Data etc. since everyone is monitoring the %AppData% folders these days.
     
  22. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    835
    Location:
    Germany
    You can enable signature scanning during boot ("Protect the computer even if no user is logged on"). That being said, it is pointless. The attack would be trivial to adapt to account for boot protection. Just register the malware as a service and make any service that starts before the AV service depend on the malware service or alternatively make the AV service itself depend on the malware service. That way, Windows will ALWAYS start the malware before the AV is started, boot protection or not. So in the end all boot protection gets you is a more sluggish boot.

    Just to clarify: That means I flat out told her that it is pointless to include us in any of her tests unless she is willing to share her samples and POCs after the test so we can actually do something about it. She never replied to it.
     
  23. SHvFl

    SHvFl Registered Member

    Joined:
    May 7, 2015
    Posts:
    832
    thanks for clarifying @Fabian Wosar. I just went by the reply in her youtube video.
     
  24. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    Emsisoft Anti-Malware & Emsisoft Internet Security 11.0.0.6131 Hotfix(3) released
    • Fix: Occasional BSOD during installation. o_O
     
  25. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,744
    Location:
    Canada
    Just updated to 11.5.0.6191 This is a maintenance release to improved compatibility, usability, speed, detection and stability.

    Thanks Fabian, as usual no problem at all.:)

    This update will require a computer restart for Emsisoft Internet Security.

    • Improved: Emsisoft Security Center startup speed and UI responsiveness.
    • Fix: Fileguard executes the recommended action without any alert in Game mode.
    • Fixed: Occasional “Range check” error.
    • Fixed: Crash after ‘Scan computer’ initiated from tray icon.
    • Fixed: Issue where IP-address ranges were not blocked in Emsisoft Internet Security.
    • Fixed: Occasional issue where application rules could not be deleted in Emsisoft Internet Security.
    • Fixed: Issue with not updated Surf protection hosts/risks actions after a settings import.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.