newsofter

Some newbie questions...

Recommended Posts

Hello to all members, my newbie posting... :wub:

Coming from Gdata (also two scan engines, but performance issues for us) and after trying original Bitdefender I am just evaluating E.Anti-Malware.

Some questions occur:

If opening a webpage containing malware, I am wondering if there is a popup or blocking page shown? Even with ssl-secured pages?
I don't know an uncritical example page for testing...

And:
If downloading eicar test file from:
http://www.eicar.org/85-0-Download.html
no warning is show (FF-21), even with normal or ssl-secured page.
File is scored on local disc without any hint!?
I would expect a warning similar to Gdata or Bitdefender? Misconfiguration (see screenshot attached)?
(If manual scanning from file explorer later on, test virus is found!)

 

Are there any known incompatibility with kerio winroute firewall 6.7.1 (b6544)?
http://www.kerio.com/download.php?lang=us&product=kwf6-win
(testversion 30 days)
It seems (!) to be working...

If using download manager with possibility to scan downloaded files, a2cmd.exe can be used.
Is following syntax deep enough for scanning?

a2scan /a /r /f=file.zip /l=somewhat.log

Thanks a lot, best regards!

 

Share this post


Link to post
Share on other sites

If opening a webpage containing malware, I am wondering if there is a popup or blocking page shown? Even with ssl-secured pages?

I don't know an uncritical example page for testing...

Threats are not detected within the page. Blocking occurs when a file is downloaded (such as when it is saved in the browser cache) or when you visit a website that is blocked by our Host Rules. When a website is blocked, you will see a small notification in the lower-right corner of the screen. When a file is blocked, Emsisoft Anti-Malware will open a pop-up and ask you what to do with the file (unless you have altered the settings for the Guard).

 

If downloading eicar test file from:

http://www.eicar.org/85-0-Download.html

no warning is show (FF-21), even with normal or ssl-secured page.

File is scored on local disc without any hint!?

I would expect a warning similar to Gdata or Bitdefender? Misconfiguration (see screenshot attached)?

(If manual scanning from file explorer later on, test virus is found!)

You would have only received a notification if you had downloaded the eicar.com or eicar.com.txt files. While Emsisoft Anti-Malware does scan ZIP archives automatically, it does not unpack them and scan their contents automatically, so if you had downloaded eicar_com.zip or eicarcom2.zip then you would not have seen a notification.

To ensure that files are detected when they are created, please make sure that the File Guard settings look like the screenshot below:

Are there any known incompatibility with kerio winroute firewall 6.7.1 (b6544)?

http://www.kerio.com/download.php?lang=us&product=kwf6-win

(testversion 30 days)

It seems (!) to be working...

I am not aware of any compatibility issues with Kerio's software.

If using download manager with possibility to scan downloaded files, a2cmd.exe can be used.

Is following syntax deep enough for scanning?

a2scan /a /r /f=file.zip /l=somewhat.log
Thanks a lot, best regards!

Actually, to run a Deep Scan, all you have to do it this:

a2cmd.exe /deep
A Deep Scan automatically scans all files on all hard drives, so there's no need to specify files or hard drives to scan. Just make sure to run the scan from a Command Prompt that had Administrator rights.

Share this post


Link to post
Share on other sites

Ok, File Guard settings are as shown, not packed files containing malware are detected with popup while storing it to harddisc.

Packed files are not detected as describben, thx.

But: Why isn't it possible to add for example .ZIP to extension list?

a2scan /a /r /f=%file% /l=somewhat.log

should not start a deep scan of whole system but only a scan of just downloaded files n download directory, triggered by batch or download manager. So is it deep enough?

 

Thanks once more, best regards!

Share this post


Link to post
Share on other sites

But: Why isn't it possible to add for example .ZIP to extension list?

The ZIP extension is already in the list. The issue is not that the File Guard is incapable of scanning them (it already does this), but rather that unpacking archives in real-time as they are created or modified in order to scan their contents would be a massive drain on system performance. You can also right-click on the file and select to scan it with Emsisoft Anti-Malware, and archives will be unpacked by the on-demand scanner in order to scan the contents, so you can still determine if there are malicious files in a ZIP archive before you open it.

a2scan /a /r /f=%file% /l=somewhat.log
should not start a deep scan of whole system but only a scan of just downloaded files n download directory, triggered by batch or download manager. So is it deep enough?

 

Thanks once more, best regards!

I'm sorry, I had thought you were wanting to do a Deep Scan. To scan a single file, that command will work, however note that the /r switch is not needed as it tells the scanner to check the registry and certain places on the hard drive for riskware, and it would not have any effect on what is detected in the file or folder that is being scanned.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.