App Review Emsisoft vs. Ransomware - Double Feature (Juan Diaz)

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
It seems that Emsisoft doesn't monitor the child processes if it's a trusted process. Fcrypt used cmd to encrypt the files and since cmd is a trusted windows component, the BB ignored it's actions. I wonder how OSArmor would fare in such a situation.
 
  • Like
Reactions: Solarquest, Der.Reisende, upnorth and 7 others
bribon77 said:
Big Emsisoft flaw. You must correct that.:p
Click to expand...
It's being worked on:
Fabian Wosar said:
We are currently reworking the way trust works in EAM, so it assigns trust based on a trust-chain. That means, GPG may be trusted when it is started by a trusted process, but not if it is started by an unknown or untrusted process.

There is no ETA yet for when this change will roll out ...
Click to expand...
 
  • Like
Reactions: Solarquest, Der.Reisende, bribon77 and 6 others

You may also like...