Silekonn

Signature Download for Offline Install

Recommended Posts

Hello,

I like Anti-Malware and may recommend it to customers if I am able to demonstrate it.

How can Anti-Malware's engine and signature updates be downloaded for transfer to a computer that has a slow internet connection?

I read there is an application named a2proxyupdate. Is this what is needed, and can it be configured for all updates?

Thank you,

Silekonn

Share this post


Link to post
Share on other sites

We don't offer any signature offline updates directly. You can copy the signatures folder from a fully updated installation though or download the Emsisoft Emergency Kit that always include the latest signatures. Be aware though that in order to install new signatures manually you will have to disable the self protection in the EAM settings and make sure to restart EAM so the new signatures get loaded.

Share this post


Link to post
Share on other sites

Fabian,

If the application is installed and all of the definitions and engine updates are downloaded, can the directory be copied over an (inactive) installation on an alternate system with full function?

Is there a reason the updates are not offered?

Silekonn

P.S. This application just ALERTed me that C:\WINDOWS\SYSTEM32\MSFEEDSSYNC.EXE is suspicious. How has this not been whitelisted?

Share this post


Link to post
Share on other sites

Hi Silekonn,

...If the application is installed and all of the definitions and engine updates are downloaded, can the directory be copied over an (inactive) installation on an alternate system with full function?

As Fabian answered - yes you can do that if you are sure that all modules are current and up-to-date if that's what you mean by "with full function" (keep in mind the note about self protection)

Is there a reason the updates are not offered?
That is not clear message.

What do you mean buy that? You can update EAM on one system but not on another?

This application just ALERTed me that C:\WINDOWS\SYSTEM32\MSFEEDSSYNC.EXE is suspicious. How has this not been whitelisted?

This is a system file (MS Feeds Synchronization) and it is not flagged here on XP with the latest Signatures neither in \system32\ nor in \IE8\ folders

Please submit as described in Submitting suspected False Positives for analysis

As for whitlisting - use "Manage whitelist" link on Scan PC screen, despite I am not sure that is necessary in this case

My regards

Share this post


Link to post
Share on other sites

Lynx,

Is there a reason emsisoft does not offer definition downloads from the website, to update offline installs?

Silekonn

P.S. The file was "detected" on a Vista SP2 machine.

Share this post


Link to post
Share on other sites
...Is there a reason emsisoft does not offer definition downloads from the website, to update offline installs?
That was the purpose of the question, since I updated perfectly & tested the files by scanning them with EAM straight after reading your message (few minutes ago)
...The file was "detected" on a Vista SP2 machine.
Thanks for pointing the system, but what platform? ...

... and in any case - regarding both points - Please provide more detailed information about your System Environment as in Forum Posting Rules #2)

You can use your signature , so you are not asked again & again ;)

Cheers!

Share this post


Link to post
Share on other sites

@Lynx

I do not comprehend your response as an answer. Please elaborate.

Let me rephrase: Does Emsisoft understand that consumers may have access to multiple systems, and that some systems that see foreign data but are not connected to the internet would have an installation of Anti-Malware that need to receive updates via a download (transferred from an alternate system)?

Other companies offer their applications as downloads, and also downloadable definition/engine ("module," in Emsisoft-speak) executables.

Silekonn

P.S. The system with the detection is not mine (not for my signature), and it is x86. My point is that the file is part of a Windows operating system and this software is falsely flagging it years after its release.

Share this post


Link to post
Share on other sites

Hi again, Silekonn

I do not comprehend your response as an answer. Please elaborate.

Let me rephrase: Does Emsisoft understand...

As for the Emisisoft's understanding - the developers answered.

Similar discussions were in the past. Fabian Wosar posted what can be done currently as a workaround. Not much can be added.

The question about "understanding is a new one"

You re-asked your initial question and the reply was simple - "Yes"

... The system with the detection is not mine (not for my signature), and it is x86. My point is that the file is part of a Windows operating system and this software is falsely flagging it years after its release.

I tested on XP 32bit & just now on win7 x64 with the latest Signatures - no detections. Sure if you are scanning with old Signature on another PC that is not yours and/or the file was compromised by the3rd party malware (which can be the case) - the only way to find out is by submitting as suggested.

That is quite surprising that it was not done already "years after its release". The latest version of EAM v5 is reasonably recent ... What version are you scanning with? When the signatures were updated last time?

My regards

Share this post


Link to post
Share on other sites

If the application is installed and all of the definitions and engine updates are downloaded, can the directory be copied over an (inactive) installation on an alternate system with full function?

Yes, they can.

Is there a reason the updates are not offered?

There are 2 major use cases for offline updates: Cleaning an infected machine and updated multiple systems. We provide the EEK for the first use case which is a one file download that is always fully updated and provides all tools necessary to clean a system. We provide the Emsisoft Anti-Malware Update Proxy free of charge for the second use case. With the major two use cases out of the way the risk that people abuse offline updates to update expired or unlicensed EAM versions simply outweighs the benefits.

P.S. This application just ALERTed me that C:\WINDOWS\SYSTEM32\MSFEEDSSYNC.EXE is suspicious. How has this not been whitelisted?

MSFEEDSSYNC.EXE should be excluded from alerts unless you have paranoid mode enabled. Can you please check your Guard configuration and make sure paranoid mode is disabled?

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.