Jump to content

hackerman1

Member
  • Content Count

    219
  • Joined

  • Last visited

  • Days Won

    2

Posts posted by hackerman1

  1. Ok, well i should have said C:\Program Files\WinPatrol or similar, depending on where you have installed it....

    My Winpatrol-folder is on E:\Program Files\WinPatrol as i have all programs on a separate partion.

     

    Those screenshots are ok.

     

    I asked about the firewall because if you have a firewall blocking outgoing traffic then you will probably get problems with Winpatrol being unresponsive.

    If that´s the case you can send me a PM and i will tell you what to do.

    I don´t think Emsisoft like it if we discuss configuring windows firewall for a non-emsioft program.....

    That might be too offtopic.

  2. It´s ok, no problem.

    But to verify i needed to see what you have excluded.

    Those exclusions in EAM is correct.

    I can´t give you any advice regarding SAS as i don´t use it, so i suggest you turn off SAS, at least until someone else says different.

     

    Two other exclusions to add in both EAM & MSE

     

    under folder:

    C:\Program Files\WinPatrol

     

    under process

    WinPatrol.exe

    WinPatrolEx.exe

     

    btw. which firewall are you using ?

  3. I can´t see which processes you have excluded in EAM, because the filenames are not visible.

    If you put your mouse immediately to the left of "scan" in the top row then click the left button and drag "scan" all the way to the right, then the complete filepath will be visible.

    Then take a new screenshot.

    You have probably done it right if you have followed my advice, but to verify i need a new screenshot .

    The 2 MSE-screenshots looks ok.

  4. Don´t worry.

    EAM and MSE works fine even without mutual exclusions.

    Your computer may be a bit slow and the scan for each program can take longer, but you will not see any big problems.

    I have had both EAM & MSE together, without exclusions, for a long time.

    Actually i never noticed any big difference when i added exclusions....

     

    If you create 2 screnshots, one of the exclusions in EAM and one of the exclusions in MSE and then post them here, then i can verify if you have done it correctly.

  5. No problem.

     

    Here's how to exclude MSE in Emsisoft Anti-Malware:

    1. Open Emsisoft Anti-Malware from the icon on the desktop.
    2. Click Scan in the menu on the left.
    3. In the lower-menu click on the Scan whitelist link.
    4. In the box under Type click the little down arrow and change it from File to Process (you may need to click in the box for the arrow appear).
    5. Click in the white box below Item to make a button with three dots (...) appear, and then click the ... button.
    6. Navigate to the MSE directory (C:\Program Files\Microsoft Security Client\), and double-click on msseces.exe to add it.
    7. Navigate to the MSE directory C:\Program Files\Microsoft Security Client\Antimalware\ and double-click on MsMpEng.exe to add it
    8. Navigate to the MSE directory C:\Program Files\Microsoft Security Client\Antimalware\ and double-click on NisSrv.exe to add it
    9. In the box under Type click the little down arrow and change it from File to Folder
    10. Click in the white box below Item to make a button with three dots (...) appear, and then click the ... button.

    11. Navigate to the MSE directory C:\Program Files\Microsoft Security Client\ and click OK

    12. Navigate to the MSE directory C:\Program Files (x86)\Microsoft Security Client\ (if you have a 64-bit O/S) and click OK

     

    Then you have to do the same in MSE....

    I´m currenly using another O/S without MSE installed so i can´t give you exact instructions.

    But you have to doubleclick on the MSE-icon

    Click settings

    Navigate to excluded processes and add the EAM-files as described in my previous post above.

    Navigate to excluded folders and add the EAM-folder as described

  6. WinPatrol is always good to have.

    You really don´t need MSE and SAS.

     

    Emsisoft Anti-Malware (EAM & MSE works well together, so you can keep MSE if you want.

    I´ve used them together since MSE´s first betaversion was released.

    But if you have MSE and EAM together then you should use "mutual exclusions", which means to tell both programs to ignore each other.

    Your computer being slow is probably because of 3 antimalwareprograms running together.

     

    In the filesystem MSE is called Microsoft Security Client.

     

    Exclusions for MSE to enter in EAM

     

    under "Process":

     

    C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

    C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

    C:\Program Files\Microsoft Security Client\msseces.exe

     

    You can also add the Microsoft Security Client-folder(s):

    C:\Program Files\Microsoft Security Client\

    C:\Program Files (x86)\Microsoft Security Client\ (if you have a 64-bit O/S)

     

    and under "process": C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe (if you need to run MSE via commandline)

     

    that´s "my" exclusions for MSE....

     

     

    Exclusions for EAM to enter in MSE

     

    under "Settings"

     

    Excluded files and locations: your EAM-folder (C:\Program Files\Emsisoft...)

     

    Excluded Processes:

    a2.guard.exe

    a2service.exe

    a2start.exe

    a2cmd.exe

  7. You can also add the Microsoft Security Client-folder(s):

    C:\Program Files\Microsoft Security Client\

    C:\Program Files (x86)\Microsoft Security Client\ (if you have a 64-bit O/S)

     

    and under "process": C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe (if you need to run MSE via commandline)

     

    that´s "my" exclusions for MSE....

     

    Exclusions for EAM to enter in MSE

     

    under settings

     

    Excluded files and locations: your EAM-folder (C:\Program Files\Emsisoft...)

     

    Excluded Processes:

    a2.guard.exe

    a2service.exe

    a2start.exe

    a2cmd.exe

  8. I just tried following the instructions in the thread How to create a process exclusion in Emsisoft Anti-Malware.  In the drop down menu under Type, I first changed it from File to Process, clicked in the white box to bring up the 3 dots, then clicked on those.

     

    In the filesystem MSE is called Microsoft Security Client.

     

    Exclusions for MSE to enter in EAM, under "Process":

    C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

    C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

    C:\Program Files\Microsoft Security Client\msseces.exe

  9. You are welcome.

     

    As you might have seen there is a very good price for OA when buying the Emsisoft Internet Security Pack.

    If you want to "upgrade" to Emsisoft Internet Security Pack i suggest you contact Emsisoft´s customer support.

    I´m sure they can give you a good deal and help you convert your EAM-license into Emsisoft Internet Security Pack.

  10. Emsisoft Internet Security Pack = Emsisoft Anti-Malware (EAM) & Online Armor (OA)

    Online Armor is a firewall.

     

    You can disable or uninstall MSE, but you can also keep MSE if you want.

    EAM & MSE works well together, i´ve used them together since MSE´s first betaversion was released.

    But if you have MSE and EAM together then you should use "mutual exclusions", which means to tell both programs to ignore each other.

  11. Hi !

     

     

    There is a good explanation by Fabian on "Wilders": http://www.wilderssecurity.com/showpost.php?p=2214975&postcount=36

     

    "

    Re: AV-Comparatives - File Detection Test - March 2013

    Something to keep in mind and will be also reflected in the false positive paper as soon as it is up:

    What most testers do to build these clean file tests is essentially harvest FTP servers and download portals for new files. Some of them have been doing so for decades, without ever actually removing any files that were obsolete. As a result a large percentage of those files is no longer in circulation and may not even be available publicly on the internet anymore. Most of them won't even work on modern Windows versions. Both also means that users never encounter these files in normal usage, so unless your product gets tested by someone with such clean file collection those false positives will never be found and therefore fixed. What that means is that if you enter these type of tests for the first time, you need to catch up on false positives first. Other products most likely had the same amount of false positives, but spread out over a longer period of time. So it is less obvious than a sudden spike in the first test smile.gif.

    Last but not least about the switch from IKARUS to Bitdefender: You remember the 2011 test of EAM 5.1.0.4? We had 127 false positives then. What most of you don't know is that we never received those files, so these false positives were never actually fixed. Now, 2 years later, with most likely hundreds of thousands of files more in the clean test set, we have just 34 false positives. That's a huge improvement in my book and can be directly attributed to the fact that we switched engines.
    __________________
    Best regards,

    Fabian Wosar [Development]
    Emsisoft Team - www.emsisoft.com

    "

     

    and some more info from Fabian a few posts later: http://www.wilderssecurity.com/showpost.php?p=2215025&postcount=43

  12. I have used Comodo Firewall together with EAM for a long time, already when EAM was named a-squared (a2).

    But after discovering that there were some security-problems as Comodo Firewall didn´t work properly, i switched to Online Armor.

    Currently i´m once again using Comodo Firewall.

    I have it on a testsystem running Windows Server 2008-R2 (Server-version of Windows 7), together with EAM.

    Although i have Windows Firewall active, so I´m only using Comodo´s HIPS (Defence+) not the firewall.

    On another system i have Windows 7 with Comodo Firewall and EAM together, although i have only used that system for a short time,

    but i haven´t noticed any problems.

    It works well together and i would not expect any problem using Comodo Firewall together with EAM.

    Go ahead and try both.

    Of course EAM works well together with Online Armor(OA)....

  13. This isn't really an issue in our case as we only use the Bitdefender scan engine and signatures and added all our improvements like anti-rootkit technology, behavior blocking, the Emsisoft scan engine etc. on top of it. So even if malware authors patch Bitdefender detections, it doesn't mean one of our other detection layers won't catch it.

    To get an idea on how efficient our added technology actually is just take a look here:

    I removed the picture from the quote...

    And which test are you referring to ?

    What was tested in that test ?

    References, please !

×
×
  • Create New...