Jump to content

fax

Member
  • Posts

    57
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by fax

  1. Emsisoft is known to be the most conscious (borderline paranoid) on privacy. If you have issues with Emsisoft you will have hard time to find a suitable alternative. 😀. The post seem rather generic do you have more concrete evidence on connections and related spyware? Unless something has changed recently, in the link below you find what is collected by Emsisoft.

    https://blog.emsisoft.com/en/7308/emsisoft-quite-possibly-the-most-privacy-conscious-anti-malware-around/ 

  2. 7 hours ago, GT500 said:

    Are you sure that the file ZAAR.exe is digitally signed? What does it say in the Digital Signatures tab of the file's properties?

    Yes, it digitally signed, See screenshot. 

     

    7 hours ago, GT500 said:

    Also, the log exert says "Quarantined by user". Was there an alert?

    This must be due to the non specific logging which does not distinguish between user actions and EAM actions (Auto resolve). May be development could think of refine the logging capability to allow separating the two as this could be a common scenario,

    Thanks,

    Fax

    Capture.JPG

  3. Any chance to find a more permanent solution to EAM trying to kill checkpoint anti-ransomware (luckily the anti tampering in checkpoint blocks the attempts)? Whitelisting by digital certificate?

    07/10/2017 14:36:28	1912	C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe	Allowed by rule	Behavior.TrojanDownloader	
    07/10/2017 13:01:25	8332	C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe	Quarantined by user	Behavior.HiddenInstallation	

    The file is digitally signed by Checkpoint Security. As it updates often the only way I found is to add it to the exclusion list. I have contacted support in the past to whitelist but at every new version the problem re-appear.

    Thanks,

    Fax

     

  4. 17 hours ago, HAWKI said:

    FWIW:

    At the bottom of The ZoneAlarm Firewall Pro 2017 Chckpoint states:

    "Compatibility Requirements


    ZoneAlarm 2017 is only compatible with MS Windows Defender, and is not compatible with any other antimalware software.
    To install ZoneAlarm 2017, you must first uninstall other antimalware software. Otherwise, you may experience OS stability and computer performance issues."

     

     

    Explained here:

    https://www.wilderssecurity.com/threads/zonealarm-firewall-release-is-15-159-17147.392124/#post-2655799

    Quote

    No sorry, wrong. Lazy marketing people just copy the same requirements for all ZA versions. BUT it applies only for ZA with AV, not for the firewall only version! :)

    :D

    Main difference with ZAPRO: With ZAfree you can't open specific ports or create ad-hoc rules for apps.

  5. In simple terms you cut off any internet/network connections.

     

    From the help file:

     

    • Offline mode - Offline mode (available in Emsisoft Internet Security only) blocks all network/internet traffic so that nothing can connect to the network/internet. When Offline mode is active, an unplugged cord is displayed over the Emsisoft shield icon as a visual reminder.
  6. And here you have the Asus response... i.e. you are vulnerable :D

    I give up on my side.

     

    Cheers,

     

     

     

    Dear Sir,

    Thank you for your email.

    The link you mentioned is recognised by Trend Micro as vulnerable. This both for the standard Trend Micro as well as the stand alone version for PC.

    Therefor the only solutions we can offer is either to turn this off in the router under the AiProtection settings. Or to download this through a different connection.

    Hoping to have informed you with this.


    With regards,

    ASUS TSD

×
×
  • Create New...