Bundaburra

Member
  • Content Count

    23
  • Joined

  • Last visited

Community Reputation

2 Neutral

About Bundaburra

  • Rank
    Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. There is a suggestion in the Feb 25 issue of the AskWoody newsletter that the protection provided by Microsoft could be turned off, via the InSpectre tool from Steve Gibson. Apparently an improvement in overall performance can be achieved by turning this off. Does Emsisoft Anti Malware provide adequate protection against these, or would we be better advised to leave it turned on?
  2. I know I can pause EAM protection via the tray icon - Pause protection - but is there a batch command to do it? And re-enable later?
  3. Wow. I had no idea that I would be stirring up such a hornets nest. The only reason I asked the original question was when Foollish IT said that the free version of CP would no longer be receiving updates, and I thought there is nothing more useless than an AV/ransomware detector which is not being updated. As I already had a paid subscription to Emsisoft Anti Malware, I did not want another such. I am happy with the above description of the Behaviour Blocker, and in any case I take regular backups (with the internet disconnected) which could be restored if necessary. BTW, up until then I had been receiving occasional updates to the CP free version.. The last version I had was 9.1.
  4. Thanks for the heads-up. I have now completely disabled and uninstalled CryptoPrevent, and will see how I go. One other question: the reply from GT500 mentions Group Policies. Would the uninstall have removed or reverted these? If not, should I do so and what are they?
  5. Since the ransomware scare I have been using CryptoPrevent (free version) from Foolish IT, in addition to Emsisoft anti-malware. I now find that the free version of CP is discontinued, so I would like to know if I really need it? Does EAM provide the same or similar protection as CryptoPrevent, or should I switch to the paid version?
  6. I had exactly the same problem with W10 1803. The update would get to 5% installed, then the entire system would freeze. Even the clock stopped running. After several retries, always with the same result, I tried shutting down EAM before running the update, and then it worked as expected. I have never previously had to shut down EAM before running a Windows Update, but should I do so in future? Running Windows 10 64 bit, EAM version 2018.3.1.8572,
  7. In the blog on layered protection, it says that the first layer of defence is a firewall, and it goes on to discuss the Windows Firewall. Many users nowadays access the internet via a router, and most routers have some kind of built in firewall, so would not this be the first layer of defence? I realise that Emsisoft is not in the business of routers, but for the sake of completeness of topic, should this also be mentioned, with some explanation of what a router's firewall does?
  8. Maybe that adservice is just a bad site? When I tried it in Firefox, it was first blocked by Ublock Origin. When I allowed that, it was then blocked by Surf Protection.
  9. This is probably a silly question, but in the documentation for KB4088776 it says "Due to recent work with our antivirus (AV) partners, AV software has now reached a sustained level of broad compatibility with Windows updates. After analyzing the available data, we’re lifting the AV compatibility check for the March 2018 Windows security updates for supported Windows 10 devices through Windows Update. We’ll continue to require that AV software be compatible. Devices with known AV driver compatibility problems will be blocked from updates. We recommend that customers check installed AV software compatibility with their AV provider.". Please note the last sentence - is EAM compatible?
  10. Thanks for the replies. I guess the main point is that regardless of what the email sender says, or does, or puts in a footer, the primary defence is at the receiving end. Turns out that my multiple sender was using a free Russian AV program .... enough said?
  11. Interesting. Often I receive an email where at the bottom it says something like "scanned by XXX anti-virus" or "checked to be virus free by XXXX anti-virus". If EAM does not scan outgoing emails,how can a recipient know that they are virus free, especially if there is an attachment?
  12. Yesterday I received the same email 10 times in succession. As it was a large email (15MB) with several attachments, it made for a large download which I did not appreciate. The sender advised that his AV software (unspecified) was updating itself at the time of sending the email . When he became aware of the multiple sends, he killed them by shutting down the entire PC. On looking into this, I found a link which says "The most common reason for many copies of the same email being sent can be traced back to your mailware or virius scanning tools attempting to scan outgoing messages. This tends to interfere with the proper operation of the mail program, such as Outlook ..." Is this something which could happen with Emsisoft Anti-Malware? I often send large emails to multiple recipients, and would hate to think that I could cause problems at their end.
  13. In the blog "13 mistakes to avoid", under the heading "SSL inspection practice", it says " DNS based filtering is the way to go, if you’re worried about your SSL security.". What does this mean? I use the DNS servers provided by my ISP, but I know there are others, some of which are said to offer enhanced security and filtering. Does Emsisoft have any recommendation about which DNS servers to use? (Windows 10 1709, Firefox 58.0.1, EAM 2018.1.1.8439))
  14. I have decided to use the Binsoft WFC,in "Medium Filtering" mode, which bans all outward connections except for those which are specifically allowed. There's a bit of initial setting up, to allow programs such as Outlook, Firefox, EAM, but then it's just a matter of noting any failed connections and allowing them if they are OK, and keeping an eye on the log. Working well so far.
  15. I'm sorry to be a pain, but further explanation is required. I have a legitimate program which uses an outbound connection - call it Program X. When I run X with outbound connections disabled in the Windows Firewall it will not connect and gets an error - no prompt or warning.So I re-enabled outbound connections and looked at how it works in the Behaviour Blocker, which appears in EAM under "Protection". Under "Protection", and then under the "Behaviour Blocker" tab, program X does not appear unless it is running at the time. When I exit from it, X disappears from the list. Under the "Application Rules" tab, X is not listed at all, even with fully trusted applications unhidden and with the program running, so there is evidently no Rule for it. The entry under "Behaviour Blocker", when X is running, shows "Monitored Yes" and "Reputation Unknown". If the reputation is unknown, should I be asked to allow it or not, thereby creating an Application Rule? That doesn't happen, it just runs and connects, even though its reputation is unknown. I assume that the monitoring would pick up any suspicious behaviour and then ask the question, but it seems strange for an "unknown" program.