Jump to content

Peter2150

Member
  • Posts

    591
  • Joined

  • Last visited

  • Days Won

    18

Posts posted by Peter2150

  1. 1 hour ago, JeremyNicoll said:

    Do those of you who run things other than EAM come across things that EAM didn't detect?   If/when that happens do you report those failures-to-be-detected to Emsisoft?  

    Also, do you find that EAM finds things that the other products don't? 

    How do you decide that running two products is sufficient?

    Hi Jeremy

    With my systems I've never detected anything.   Mainly I am extremely hard on email.   Even in my business email I have two strict rules.  Open no attachments and click on no links.   This apply's even w ith client emails.

    Now in testing agains malware which I do in a VM configured like my hardware machine, when I want to test secondary layers of security I always have to turn off EAM.   That should answer that question.

     

    Pete

     

    PS I run more then two products.

  2. Powershell is a tough bird.  I've got the same four powershell exe's blocked, but that won't stop it.   Won't break anything for most users,  but  won't block it.   There is also a DLL  system.managament.autmation.dll  that  can fire off Powershell.   Not sure extactly w here in windows it, I've got it blocked with wildcards. 

    I've done a lot homework on powershell malware and there are two bottom lines.

     

    1.  If some can get the right script on your computer and it runs, it's game over.  They own you.

    2.  The good news, is all of these infections were delivered by  email, so if you good email control your are safe

    • Like 1
×
×
  • Create New...