The Banned

Cuestions about EIS on heavy infected systems?

Recommended Posts

Hi again but i must tell you i am very happy whith emsi i dont see eureka log crash only one time and never happen again in clean windows install. Now i have a cuestions to you because i am software reviewer from hispasoftware.com an i want to wirte some of emsisoft

 

1.- I never ask this to another providor but what happen if i download emsi in heavy infected system? the emsi installer corrupts?

2.- If emsi runs in heavy infected systems can remove infections? (I know i can go to support)

3.- Why you dont have a booteable mode like bitdefender or resque cds like kaspersky, do you think its not necesary? why?

4.- What mens direct disk acces ¿What it does in custom analisis and why is slower agressive and better than normal scan?

5.- What criteria have paranoid mode to block something or send alerts?

6.-  In paranoid mode more alerts means more protection?

7.-What will happen if i stay whith windows 7 when updates stops to relese? i will be insecure?

8.- is better to use a limited user account?

10.- I send you various files from the cuarintine as a false positives and infections and never recive answer why?

11.- Maybe that cuestion are .... but what happen whith compresed files, it means a risk if  they have malware include if i dont execute or extract? what happen whith viruses downloaded who not are executed?

12.- One important one cuestion what happen if i have virus and have a suspect behavior in my machine emsi detects it and block and i can desinfect latter? or behavior shield dont detect nothing in that escenary?. And behavior shield protects the same one moth ago than now are the same equal or not? i have understand it dont requiere updates.

13.- I see a litle problem i have outlook mail client and download a malicious mail and emsi deletes but dont prevent it download incluse in maximum security seetings, and when emsi deletes it the malicious mail redownload and i have to delete from webmail to outlook mail client dont redownload i test it in windows live mail from windows live essentials

14.- As a sugestion why dont implement a virtualizartion feature. Emsi are very compatible whith sandboxie but i like to have one software and not two security soft

15 As a second suggestion why dont make emsi more colorful i mean green and red marks on safe or unsafe sites and  a special color for banking mode

16.- What happen in dual boots? if on ubuntu catch something  it affects windows? is preferible use only win and ubuntu on vm?

17.- What happen  whith emsisoft usb stick it can desinfects include when emsisoft dont? how it works? what are the diference? i like to collect usbs from av companies but what advantajes and features gives that stick if i have the EIS.

 

Sorry for too many cuestions but i like to ask for my review i dont ask privacy policy, data base reduction, i know how works dual motor and for my is a great product i will take notes from all my post to you see my review and i like to publish here.

 

Thank you and good bless you..

Share this post


Link to post
Share on other sites

1.- I never ask this to another providor but what happen if i download emsi in heavy infected system? the emsi installer corrupts?

I would suggest to use EEK instead of EIS to clean an infected system.

2.- If emsi runs in heavy infected systems can remove infections? (I know i can go to support)

If you can install it and it isn't blocked otherwise, yes. However, EEK is still the superior choice as it doesn't need an installation.

3.- Why you dont have a booteable mode like bitdefender or resque cds like kaspersky, do you think its not necesary? why?

Mostly because we are a small company and we don't want to spread ourselves too thin. A live CD requires either a huge financial investment to license Windows PE or a huge time investment to port our products to Linux in order to provide a linux bootable CD. Both isn't an option right now.

4.- What mens direct disk acces ¿What it does in custom analisis and why is slower agressive and better than normal scan?

It essentially reads data directly from disk, bypassing the Windows file system and disk drivers. In general it is not recommended to enable the option unless you are absolutely certain you have a rootkit infection.

5.- What criteria have paranoid mode to block something or send alerts?

It just disables a majority of our whitelists. It won't offer more protection. Just causes a ton of more alerts. That option will likely be removed in one of the next versions.

7.-What will happen if i stay whith windows 7 when updates stops to relese? i will be insecure?

In general, yes.

8.- is better to use a limited user account?

Enabling UAC does the same while still providing a convenient way to get administration rights if you use it. So instead of switching to a limited account full time, better make sure to enable UAC.

10.- I send you various files from the cuarintine as a false positives and infections and never recive answer why?

You only get an answer if you provide your email address in the submission.

11.- Maybe that cuestion are .... but what happen whith compresed files, it means a risk if  they have malware include if i dont execute or extract? what happen whith viruses downloaded who not are executed?

If you don't execute malware, it is harmless. So just downloading won't get you infected. Same is true with archives. Malware in archives are rendered harmless as they aren't executable without unpacking them first.

12.- One important one cuestion what happen if i have virus and have a suspect behavior in my machine emsi detects it and block and i can desinfect latter? or behavior shield dont detect nothing in that escenary?. And behavior shield protects the same one moth ago than now are the same equal or not? i have understand it dont requiere updates.

We do update the behavior blocker quite often actually. Updates are just less of a requirement.

13.- I see a litle problem i have outlook mail client and download a malicious mail and emsi deletes but dont prevent it download incluse in maximum security seetings, and when emsi deletes it the malicious mail redownload and i have to delete from webmail to outlook mail client dont redownload i test it in windows live mail from windows live essentials

We don't scan your mails.

14.- As a sugestion why dont implement a virtualizartion feature. Emsi are very compatible whith sandboxie but i like to have one software and not two security soft

Same reason as before: We don't want to spread ourselves too thin.

15 As a second suggestion why dont make emsi more colorful i mean green and red marks on safe or unsafe sites and  a special color for banking mode

We don't like browser dependent features. Adding color indicators to sites would essentially require browser plugins, meaning we would constantly have to update those addons due to rapid release cycles most browsers use these days.

16.- What happen in dual boots? if on ubuntu catch something  it affects windows? is preferible use only win and ubuntu on vm?

Cross platform infections are theoretically possible, but incredibly rare in the real world. So malware infecting Ubuntu should have no influence on a Windows install on the same system and the other way around.

17.- What happen  whith emsisoft usb stick it can desinfects include when emsisoft dont? how it works? what are the diference? i like to collect usbs from av companies but what advantajes and features gives that stick if i have the EIS.

EEK can't remove more or less malware than EIS. They are using the very same code and cleaning performance is therefore identical.

Share this post


Link to post
Share on other sites

Fabian Dear friend i realy impressed for your answers really clarify all my cuestions.

 

1 Sometimes i ask because i format my pc and run emsi and i dont see anything blocks and perform direct access disk system scan and all goes fine. I think i not infected. Too much people says when you format a pc virus can persist i have data ond D and system on C and no exe files from cuestionable procedure.

 

2 If emsi dont scan my mails it means its better to use a web mail than a mail client? As i say you one time i run a full scan and found one of my mails are infected and emsi delete it and then redownload it and i have to go to web plataform to delete it but emsi never detect the mail when it redownload only when i scan bacause that whats your opinion?

 

Sorry to dont answer i have too much work in that moths

Share this post


Link to post
Share on other sites

1 Sometimes i ask because i format my pc and run emsi and i dont see anything blocks and perform direct access disk system scan and all goes fine. I think i not infected. Too much people says when you format a pc virus can persist i have data ond D and system on C and no exe files from cuestionable procedure.

Malware that exists outside of the scope of the normal file system, like for example bootkits, may persist through a format. However, bootkits are becoming less of a problem given the rising adoption of Windows 8 and Secure Boot. So there haven't been any new major bootkit families for a while.

 

2 If emsi dont scan my mails it means its better to use a web mail than a mail client? As i say you one time i run a full scan and found one of my mails are infected and emsi delete it and then redownload it and i have to go to web plataform to delete it but emsi never detect the mail when it redownload only when i scan bacause that whats your opinion?

Well, obviously EAM can't delete mails from your webmail account. So it is expected that you have to delete the mails in your webmail account yourself.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.