Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Lynx

  1. You are welcome and thanks for the reply, TheodoreAt the same time, running OA++ with AV features is different to running OA and EAM, where the latter is a separate product with double-engine AV; Surf Protection; & Behavioral Blocker components Therefore the questions was asked by stapp in order to clarify the matter Cheers!
  2. To the developers: Greetings! I was reporting the issue since the introduction of EAM v5 (similar apply to EEK) Currently the report(s) are automatically saved. Instead of <<Save report>> button we have <<View Report>> “Potentially” that may introduce some convenience, at the same time, as it was posted before many times already you will never get the latest report unless sorting the respective folder “by date” Therefore this introduced feature is completely useless Can you please eventually address and fix it? My regards
  3. Thank you for the reply, stappI do understand that, and it was suggested to visit OA section of the forum, at the same time, due to use of "Emsisoft Dual Antivirus and Antimalware engine" as a part of OA++ I was just surprised to hear about EAM. It seems that the original poster has an understanding of the AV component included Cheers!
  4. Hi stapp,Can you please clarify what you mean? Theodore was asking about OA++ That's why the initial request was legit - can that be used alongside with MBAM Pro, and its (MBAMS's) real-time background protection? That was the question, wasn't it? Cheers!
  5. Hi Theodore, welcome to the forum 1) Yes, Emsisoft developers are closely monitoring all sections of this forum and do answer questions and giving advicesIt' s just a matter of reading the forum a bit and you'll find the replies by the developers (marked as “Staff” and Group: “Developer”) Irrespectively, if you are using payed product (or the full product under the trial period) you can contact the developers as stated in Contact Us in case you think that the Software has issues and/or not functioning according to the descriptions 2) As for your question re: another AV and/or Anti-malware solution – that question was asked many times here and all over the place The rule of thumb – you should never have more than one AV solution with its real-time resident active For example, please read this recent request... definitely there are many others with the similar advices My regards P.S. 1) From the past experiences and reports from users discussing compatibility issues MBAM's IP blocking was the one creating problems and in any case was the components disabled by users That may've changed though. New versions of any Software can bring fixes ...but can introduce incompatibilities as well 2) {added} I forgot to mention that OA section of the forum would be a better place for asking about different flavours of OA in conjunction with other security. There are really great helpers there. They have sound knowledge of OA & testing it staring from "the early alphas" way before the acquisition of OA by Emsisoft
  6. Hi Carduelis, Sorry for missing your post The interval for Mamutu's auto-update is set by default to 24 hours As you can see from the attached image it works as expected The differences: - it's running on XP here; - the notification of the update is disabled compare to what you posted; - I'm using beta Supposedly none of the above should influence the auto-update being delivered in time but there could be some issues on Win7 32bit that I am not aware of. Let's hope users and the developers will add to that My regards
  7. Hi FoxFire, That is not a proper reporting of the issue. Please always save the the report and attach it. Ask 1st if you are not sure Nothing can be advised according to what you posted. You could remove the Registry Entries that shouldn't have been removed 1) read Submitting suspected False Positives for analysis 2) in addition please read this Sticky 3) if you think that you are infected and require an investigation of the matter, then read the following instructions START HERE, if you don't we are just going to send you back to this thread <--click Prepare and post (attach) the required log files into Malware Removal section of the forum (create new thread there) Wait for reply from the malware fighters for assistance and further instructions. My regards
  8. Hi G11, welcome to the forum 1st, as far as I am concerned (after testing) that's still very inconvenient to manage and edit added hosts especially when whole file(s) was imported. But the main message would be - that is not recommended to merge two big hosts files for many reasons. You may be interested in reading this recent discussion a side note: As it stands at the moment I would rather leave hpHosts management to EAM as is (sure it is possible to add not many new entries), ... but If you want to have additional MVPS you can manage it separately, say with HostsMan. Keep in mind though there could be duplicates, and other disadvantages re: performance/slower browsing etc. Consider using DNS services as suggested - that's much better choice and more flexible in many cases in terms of customizing My regards
  9. ... and vice versa including proper uninstall and/or proper disabling any additional security as pointed above
  10. Hi mattg150, welcome to the forum You posted into a very old thread. That matter was solved and there were no complaints about any freezes since. It is always recommended to create a new separate thread and provide more detailed information about your System Environment as in Forum Posting Rules #2) In addition please state whether you have any additional security with real-time residents in place now or the one that was uninstalled (in addition to the OA mentioned ... what version as a matter of fact?) In most cases improper uninstallation of the security Software can cause a lot of issues irrespectively regarding the new one being installed. That is a common mistake made by many users My regards P.S. have you disabled native Windows Firewall? If you have any other security in place and do not want to uninstall it - disable all completely (hope you know how to do that properly... if not - ask); Reboot prior to uninstalling/installing current version of EAM; Test it -it must work perfectly; Then enable back whatever is necessary and make mutual exclusions You will not have any issues; no performance degradation whatsoever; etc. EAM stable and beta were tested on XP Pro 32 bit ; Vista 32 bit ; Win 7 32bit & x64
  11. Greetings all, and thanks for all inputs Interesting points, Guys But in order to test I've changed to German and "in reverse" changed (commas => dots) Nahh! still cannot get it using any type of scans All indicators involved one after another are working perfectly Above is \system32\ folder scan. All previous scans : processes / traces went as supposed from 0 to 100% too Cheers!
  12. Indeed! The reason was stated in one of the referred threads and here Sure, but... "saving time" cannot be considered as a strong point. In addition I was submitting (softly speaking) "quite a few !A2" detections since v5 internally/silently , meaning not reporting those publicly, which is not necessarily could be counted as "(99.99%) detections by Ikarus". The similar can be found as submitted by other users Therefore, it would be nice having v6 ... kinda ... tomorrow or if the developers are sure that all "!A2" detections are FPs - don't use a2 engine currently except for the Registry Traces as it was mentioned Otherwise, users are in the dark and they have freedom of "double-clicking"/ running anything that could be lately & accidentally detected by scanning Finally, is there ETA for v6 so we can use both engines eventually employed by the Guard? My regards p.s. Sorry Ray I did not see you posting when I was typing The issue is not entirely about "onAccess" as far as I am concerned , but rather the Guard and "onExecution" ... and not about "cookies". Who ever cares about those?
  13. Hi Ray,Can you please elaborate on this? The German version was mentioned as being used in the past Cheers!
  14. Hi Michael, Thanks for the input. That was an interesting point, no matter what The "German version" sometimes can be very specific (we can find that all over the place), but usually most problems reported were about "oriental localization" like Korean , Chinese, Japanese, etc.. where double-byte character codes involved At the same time, none of the above were related to the gauge (progress bar)... yet As was pointed above, I was able to reproduce only "0% indicator" but not "just 100%" neither on XP Pro 32bit nor on Win 7 x64 despite I do have English version of Windows but the language set as "matching the language of the non-Unicode" is Russian I tested Ukrainian and other languages, plus making respective changes in the Registry regarding the Code Page settings. None of my numerous tests could break correctly displayed indicator The only test I am not able to perform is win7 32bit, which is the one that OP is using My regards
  15. Thanks for the reply, Fabian Actually, in the past there were similar discussions & answer(s), like here In addition, I do remember that the developers were saying that "!A2" detections basically were left for the "Traces" only. If so, that would be Ok, but since a2 engine in v5 is still capable of catching "Trojans"/"Backdoors"/ etc. e.g.: this case (leaving aside whether that's FPs or genuine detections) - it seems that the exclusion of a2 engine from functioning as a part of the File Guard is shortcoming How serious that drawback is? or such incidents should be just ignored by the users? That's for the developers to conclude and any comments would be appreciated My regards
  16. Sure, and that's what I was suspecting as much, since neither in your the initial report nor in your the next reply you did not mention the Guard / its options / archiving etc. Anyway what is about setting "onExecution" only? Then, please PM me the link to the file Probably I will be able to test "onAccess" options tomorrow on Win 7 where full EAM is installed ... unless that's an FP and it will be fixed by the developers prior to my test, since the file was submitted My regards
  17. Thanks for the reply, Nex, and most importantly for submitting the file Unless I am really missing something, I cannot see the difference re: the detections. Where is an alleged moving the file from one folder to another as in you initial post? Both "140145" & "154443" reports are referring to the same folder C:\Documents and Settings\Feo\Рабочий стол\FirefoxOptimizer.exe Обнаружено: Trojan.MSIL.FireOptimizer!A2 My regards P.S. I will answer to your PM about the Software translation a bit later
  18. Hi Nex, Welcome to the forum If you are not sure - in order to find out whether the flagging is false positive or not please submit flagged item(s) - FireFoxOptimizer.exe in your case as described in Submitting suspected False Positives for analysis That was never reported here in this new and the old forum and personally I never encountered that the detection(s) may be different depending on moving files In any circumstances please always save reports and attach such reports so users here and most importantly the developers can see the alleged discrepancies next time you find such thing again My regards p.s. If you need any help regarding Russian translation or alike since I've observed the images posted - feel free to PM
  19. You are welcome, KennyZ You can consider several additional layers of security regarding the matter 1st, have a look at free DNS services ... e.g: Open DNS and alike. The default settings are quite sufficient, but you have to choose one Not all will work as fast as you expect. It depends. I'm sure you'll get that from info supplied and from your own testing. Plus have a look at the customization features of the said services and choose the one you prefer. There is a list of other layers of security related to the issue you've raised, and you can add those as well (out of scope here) Cheers!
  20. Hi Ritm, In addition to the above I recall some cases where the indicator may stay at 0% and retested that 1) when using Shell Extension scan where the total size of scanned file(s) is not substantial. 2) when using Custom Scan with the similar condition re: the total size. But the Quick Scan is a part of any scan except the Explorer Integration. Since Quick Scan has separate indications when Processes / Traces are scanned , those indicators are always working and showing correct percentage. Then again, I never saw "just 100%" being displayed. Hope users will add some info My regards
  21. Hi Ritm, welcome to the forum, That was never reported and I never encountered such problem on win 7 x64. Either older or current version of EAM (or EEK) perfectly showing the progress bar. The gauge can be a bit out of sync for well known reasons but never just 0 and/or 100% I am using Comodo firewall only . Mutual exclusions are made Are you disabling Comodo's AV real-time resident during EAM's scan, which is recommended? What else is running in the background? What type of scan is performed when you are experiencing that, or that doesn't matter? Can you confirm that EAM's scan finishes correctly despite of the described issue? My regards
  22. Hi KennyZ, welcome to the forum No, you are right You cannot see either internal block list or hpHosts files entries including those that were imported in that table. Under the Guard > Host Rules Tab you will see all related rules that were created (added by you)/edited in that area. {added} you can find all imported entries in a2user.dat ("Open with" text editor) I hope the developers will answer this question, but as it stands currently and stated at the site you referred to a side note: I'm not sure whether adding big lists of entries to the internal hosts management or to any 3rd party Host management of system host file would be preferable method meaning those disadvantages/problems including using huge hosts file/merged hosts files etc. Actually, that's described here My regards
  23. Hi jeg, Please read the reply regarding ATI here The request was about ati2sgag.exe but similar solution apply to CLIstart.exe and ati2evxx.exe if you read the referred link My regards
  24. Hi tsmith35, I submitted the file yesterday late evening and quarantined it After the latest update few min. ago the file was automatically re-scanned and restored from quarantine, so the FP was confirmed and fixed quite quickly My regards
  25. Thanks for the reply, hackerman1 Yes what you wrote will work,... but... 1) don't forget that CLS was suggested as an alternative, since the initial question was about EAM in conjunction with "another service". Basically we don't know about the implementation of that service; 2) Speaking of batches and commands execution. That depends. In many cases the next command will be fired up straight after the previous one and you have to know how the "previous" is implemented, since the next line in the command will be executed after receiving a return code (again) from the previous command. Not all are returning that including known commands (those are executables as well... redundant remark ) or the previous process may return an "error code" straight after its launch, not when it's physically closed. There are many examples of that So, all that has to be known and tested beginning with stopping the service as required by the OP As you said, the following example is working fine (indexing has to be enabled) net stop "Indexing Service" a2cmd /quick > f:temp\redir.txt net start "Indexing Service" My regards
  • Create New...