Jump to content

Fabian Wosar

Emsisoft Employee
  • Content Count

  • Joined

  • Days Won


Everything posted by Fabian Wosar

  1. Please run the online update at least once after selecting your 1 year license.
  2. This is normal because your browser starts downloading the start page before it is even visible to the user. Additionally Firefox uses TCP/IP for inter-process communication which looks suspicious. I have moved your request to the appropriate area. Please read and follow this thread carefully. Thanks.
  3. Yeah, that looks fine . There shouldn't be any problems with a-squared Anti-Malware 4.5. With a-squared Anti-Malware 5.0 there may be some comparability issues due to the introduction of on-access scanning. We have tried to implement on-access scanning in a way that is compatible to other AVs. But there may be incompatibilities we missed so far.
  4. Prinzipiell sind alle neuen Versionen während der Laufzeit der Lizenz inklusive. Sollte Deine Lizenz also noch gültig sein, wenn a-squared Anti-Malware 5.0 released wird, wirst Du problemlos darauf upgraden können.
  5. Prinzipiell ist so ziemlich jede AV Software die x64 Systeme supportet auch mit a-squared kompatibel. Entsprechend ist es Deine persönliche Entscheidung was Du bis zum Erscheinen von a-squared Anti-Malware 5.0 einsetzt.
  6. The forum support and ticket support staff is entirely different. So in general people here on this forum don't have access to the support tickets. I have taken a look at your ticket though. My guess would be that you used a different account for buying the licenses. Since I don't have access to the actual order database I can't look up your order. I have forwarded your ticket to someone who has access to the orders so he can look up what account was used when ordering a-squared.
  7. In general, yes. There are situations where 50 updates are used within less time or more. But 3 days is a general estimation. This isn't what happened in your case though. The limit was not chosen arbitrary. There is a point where the sum of sizes of the delta files will exceed the size of the whole database. This point is reached at roughly 50 delta files. While we can discuss endlessly about the disadvantages of the approach there really is nothing we could do about it. We brought that problem to IKARUS' attention several times. They are looking into it. But that's pretty much it.
  8. Es ist auch nicht als ausführlicher Scan gedacht, sondern schnelle Überprüfung. Die Auswahl welche Signaturen mitgeliefert werden, wird übrigens durch die Malware bestimmt die wir ITW sehen. Das bedeutet Malware die auf den Rechnern unserer Kunden schon seit Monaten nicht mehr vorkommt, werden von MalAware gar nicht mehr überprüft. Ansonsten gilt das was Hachi gesagt hat. Ausschließlich aktive Programme werden gescannt. Malware die inaktiv auf dem Rechner in irgendwelchen Ordnern rumliegt, wird nicht erkannt werden. Außerdem kommen in der Cloud ausschließlich unsere eigenen Signaturen zum Ein
  9. No file locations. There are certain registry keys though that will hold certain settings including the ones you mentioned. You may want to think about adding the a-squared folder inside your "My documents" folder as well since it is the default save location for scan sets and logs.
  10. The problem is most likely that your "explorer.exe" ended up infected by a virus and was therefore quarantined. You can fix it using the following steps: When you are looking at the empty screen press the following keys simultanously on your keyboard: CTRL ALT DEL. After that the Windows task manager should appear. Click on "File", "New task" to get a command prompt. Click on "Browse", browse to your a-squared directory and select "a2free.exe". After clicking "OK" a-squared should show up. Just restore the items from the quarantine. As soon as you have done that restart the PC by
  11. The white list has actually two kind of entries: You can either whitelist malware names (which is done if you whitelist malware using the contextmenu of the scanner) or using file or directory names. If you whitelist a malware name you will never see a warning again from the scanner for that particular malware name, no matter what the name of the file is. If you whitelist a file or directory name the file or directory is not scanned so you will no longer trigger any kind of alerts no matter what malware is found inside of them. In your case you can't see files you have whitelisted since you
  12. The detection of C:\Program Files\Microsoft Office\Visio10\1033\Visres.dll is most likely a false positive. Can you please submit the file using the submit function inside the a-squared Quarantine?
  13. Hi stringo71, your infections seem to reside inside the Windows System Restore folder. This folder is used by the System Restore feature of Windows. Therefore a-squared can't delete files there. The easiest way to get rid of the files is to temporarily deactivate the Windows System Restore. This will delete all System Restore points you have created in the past though. A step-by-step guide on how to activate and deactivate the Windows System Restore function in Windows XP can be found here: http://support.microsoft.com/kb/310405 Just deactivate the Windows System Restore feature, reboot a
  14. Hi, thanks for your report. I can confirm that this is in fact a false positive. I removed the signature and published a revised signature update. It should be available within the next 5 minutes.
  15. If you miss more than 50 updates of the IKARUS engine (which equals about 3 days of updates) you will have to download the whole database again. While we agree that this design is not very low bandwidth friendly there is really nothing we can do about it. It's not our design, we just license the engine. IKARUS is working on an overhaul for their update system though. But as always we can't give any ETA when the new update system for IKARUS will be available.
  16. Usually you don't get any response. We ask for your contact details in case something was wrong with the transfer or if we need any more information about the files you submitted. But in general you won't get an answer.
  17. Die von uns verwendete IPC Methode basiert auf LPCs. Dieser Mechanismus ist zwar undokumentiert, allerdings im permanenten Windows-internen Gebrauch. Entsprechend würd ich es nicht unbedingt als "horrible" bezeichnen wollen . Interessant ist, wieso es da früher keine Probleme gab. Auf unserer Seite hat sich diesbezüglich nämlich nichts geändert.
  18. Die Alarm-Reduktionen oder der Paranoid Modus haben primär nichts damit zu tun ob Dateien überwacht werden oder nicht. Sie haben nur Einfluss auf die Anzahl der Meldungen die generiert werden. Ich würde Dir empfehlen die Standardeinstellungen beizubehalten. Ansonsten empfehle ich Dir an dieser Stelle einen Blick in die Hilfe oder alternativ in unser Tutorial. Prinzipiell werden immer alle Anwendungen überwacht. Die Anwendungen innerhalb der Liste im "Anwendungsregeln" Reiters sind nur Programme für die spezielle Regeln oder Ausnahmen definiert wurden. Dabei bedeutet "Ausgenommen", daß die
  19. a-squared Free has no firewall integrated.
  20. Mir wäre auf Anhieb kein Schädling bekannt, der es mit Hilfe von Pipes oder IPC Mechanismen versucht aus einer Sandbox auszubrechen (wobei das nicht heißt, das dies prinzipiell unmöglich wäre). Ob dieses Settings noch evtl. andere Objekte betrifft, kann ich nicht sagen. Ich benutze Sandboxie nicht.
  21. Prinzipiell könnte man mal versuchen pauschal alle IPC Requests für Firefox und den IE zu erlauben: OpenIpcPath=firefox.exe,* OpenIpcPath=iexplore.exe,* Ist keine sondlich elegante Lösung, aber einen Versuch wäre es wert.
  22. The download available at FileHippo is signed as well: sigcheck v1.60 - sigcheck Copyright (C) 2004-2009 Mark Russinovich Sysinternals - www.sysinternals.com c:\users\administrator\downloads\a2FreeSetup (1).exe: Verified: Signed Signing date: 1:06 PM 10/12/2009 Strong Name: Unsigned Publisher: Emsi Software GmbH Description: a-squared Free Setup Product: a-squared Free Version: 4.5 File version: 4.5 MD5: 61c8facbf9d6d1233a8e3e9f5988cd35 SHA1: 6fdc843de2bf6e31ca4db3e4c07c16e8e298
  23. We use embedded authenticode signatures. And in fact if I download the a-squared Free setup from our servers (http://download1.emsisoft.com/a2FreeSetup.exe) I do in fact have a file with a digital signature: sigcheck v1.60 - sigcheck Copyright (C) 2004-2009 Mark Russinovich Sysinternals - www.sysinternals.com c:\users\administrator\downloads\a2FreeSetup.exe: Verified: Signed Signing date: 12:54 PM 10/12/2009 Strong Name: Unsigned Publisher: Emsi Software GmbH Description: a-squared Free Setup Product: a-squared Free
  • Create New...