Just noticed in my NIS2010 log that autokms.exe and it's scheduled task was removed on Jan 7. New definitions? I used Office toolkit since November 2010 and everything went fine except I had to exclude kmsemulator.exe at the time. Can I just add exception and restore it from quarantine or are there any other steps required? Anyone else noticed this?
Since I'm very busy and find questions being asked over and over, in the next readme I'll be posting guidelines to follow to get support so I won't have to spend time getting info then the user never responding. Anyone who follows them will be able to be helped better and faster, anyone not following the guidelines will just be ignored by me until they post the needed info. They'll be in the readme for V2.1, where 99% of questions asked are answered like how things work and what is recommended. ...and for anyone asking, there is no ETA for V2.1 as I don't know when it will be released. Bosh is working on figuring out several remaining things and I'm back in college so I have less time. I did get the Channel Switcher 100% done which was very time consuming. I'm waiting on the following then I simply add some safety checks for new features: 1.Extraction and Creation of ISO files (I'd like to not use external EXE files to do so). 2.Silent Switching (I rigged a setup that will call the right functions but the switching is not working as in nothing happens any different than without a switch). 3. Running KMSEmulator from RAM without ever writing it to disk (we can access it as a byte stream which is how we write it to disk in the first place). Phazor would be of help with this as we are stuck on it, as he has done something in LocalHost/UniKMS.
thanks, I was just wondering if anyone else using NIS experienced this recently. I only discovered it by looking at the history page, so maybe users of Norton Internet Security 2010 2011 should check this issue.
I have NIS and it screws with my AutoKMS. I'm aware of it but the rule is you should exclude everything in whatever AV+Firewall you use (AutoKMS and KMSEmulator.exe) to ensure it is future proof (as most AV's left AutoKMS alone but they are associating it with the KMSEmulator virus and therefore targeting both.
thanks buddy i figured that after reading readme file any all good but my antivirus shows trojan is that ok
Microsoft Security Essentials Near the end of December Microsoft released a new version of Microsoft Security Essentials. The older version was Version 1.xxx and the new one is Version 2.xxx. One of the big differences is that now you can install MSE on servers including Server 2008 and Server 2008R2. However one of the changes that is not advertised is the Real-time Protection feature behaviour of MSE when it encounters what it believes to be a virus. In version 1 you were presented with a red bordered screen which was basically the same as the home tab, with a big "Clean your computer" button and a "details" option. If you selected details option it would show you the file name and location and you had a choice of Remove, Quarentine, or Allow the file in question. In version 2 the allow option is missing. I have done limited testing but it appears that the only way to allow a file that would be flagged as a virus is to put it in the exception list first. If you forget to do that the file is flagged and your only choice is quarentine. If you go ahead and quarentine it, then you can add it to the exclusion list, but when you then try to restore it MSE detects it as a virus again and your are in a locked loop. I was able to finally get a file allowed by quarentining it and then going into history and removing it altogether. Then I put it in the exclusion list by path and name, and re-copied onto the system. Then it was ok. What a pain. I don't know it it acts this way for all suspected virus files because I didn't have a big test base, but before you update this new version be aware of this change. A side note. If you have version 1 and go into help | check for updates it will tell you that you have the latest version. If you go to Microsoft's web site and download version 2 and run it on your system you will be presented the option to upgrade.
I need my computer to act as if I had never installed Office14. Is this the tool for me? If so, what should I run to completely delete Office14 and all traces of it?
Office 2010 Uninstalller in it can cleanup more than normal but I am aware of nothing (including commerical uninstaller tools like Revo/Total Uninstall )that 100% removes Office 2010 as I can always find some crap reg key or something
Just an update - even though Toolkit 2.0.1 uses a different form of trojan to avoid detection by AV programs, Norton 360 and Internet Security are now identifying kmsemulator.exe as a Trojan.Gen2 trojan. Seems like the best solution will be to remove the trojan from kmsemulator, or this will be a game of "cat and mouse".
It isn't a trojan that is in the new toolkit, it is an altered KMS activator to make KMS not trip AVs. There doesn't appear to be a trojan in KMSemulator, the old or new form - it is a false positive. So the "trojan" can't be "removed" like you state. If you have any ideas on altering the KMS emulator to remove the false positives, or indeed trojan if you have found one, I'm sure people on this forum will be happy to listen to how it's done.
Also I knew of that FP long ago. Nothing can be done except run it from RAM and then AV's will just flag the toolkit itself anyway.
Hey guys, I read in zdnet that Microsoft shut down the activation process for Office 2010. Does that mean that we don't need activation tools like this one anymore or do I still need to use this activation tool? I'm wanting to install Office 2010 (I have 2007) but I'm not sure yet.