Peter2150 45 Report post Posted November 27, 2019 Hi Frank Just auto updated. All seems well. Pete Quote Share this post Link to post Share on other sites
stapp 130 Report post Posted November 28, 2019 How has this improved from last year? Quote What we changed in 2018.7 is that we enhanced the OnExecution scan in a way that allows third-party programs and the Windows operating system to access our scanner technology too. Microsoft created specific interfaces called IOfficeAntivirus and AMSI that are used by most modern browsers, script interpreters, and Office programs to make sure the documents that are downloaded and opened do not contain any malware. Taken from https://blog.emsisoft.com/en/31683/new-in-2018-7-improved-file-guard-performance/ Quote Share this post Link to post Share on other sites
Frank H 91 Report post Posted November 29, 2019 Quote Emsisoft Anti-Malware now displays related detection notifications and adds log records. taken from https://support.emsisoft.com/topic/30470-emsisoft-anti-malware-2019x-beta-releases/?do=findComment&comment=198443 Quote Share this post Link to post Share on other sites
JeremyNicoll 58 Report post Posted November 30, 2019 > Emsisoft Anti-Malware now displays related detection notifications and adds log records. For example, what? How could we test this? Quote Share this post Link to post Share on other sites
Frank H 91 Report post Posted December 1, 2019 On 11/30/2019 at 10:11 AM, JeremyNicoll said: For example, what? How could we test this? just download the eicar virus testfile http://www.eicar.org/download/eicar.com.txt after download, IE/EDGE/CHROME (not supported by FF) calls EAM and the the browser deletes the file when tagged as malicious by EAM. EAM will show a notification and adds a record to forensics. Quote Share this post Link to post Share on other sites
stapp 130 Report post Posted December 1, 2019 1 hour ago, Frank H said: just download the eicar virus testfile http://www.eicar.org/download/eicar.com.txt after download, IE/EDGE/CHROME (not supported by FF) calls EAM and the the browser deletes the file when tagged as malicious by EAM. EAM will show a notification and adds a record to forensics. Win10 1909 Confirmed as working in Vivaldi (Vivaldi deletes the file and entry shows in Forensics) However I can download the file Sandboxied without Vivaldi deleting it Quote Share this post Link to post Share on other sites
JeremyNicoll 58 Report post Posted December 1, 2019 Hmm, I tried that link to download the test file using Chrome (and the newer EAM 9864 beta). First time: the EAM alert says the file is downloaded but dangerous, so I clicked the Quarantine button. The log tells me both things occurred, but when I then go to the Quarantine display, it is empty. I repeated that; the test file definitely does get downloaded - I can see it in my \Downloads folder, and it vanishes from there again when I click the Quarantine option in the alert... but again, it's not in the Quarantine display. C:\Program Files\Emsisoft Internet Security\Quarantine contains two files, with recent timestamps, so presumably those are the quarantined objects. Why does EAM not show them? Quote Share this post Link to post Share on other sites
Frank H 91 Report post Posted December 1, 2019 Jeremy, your example shows behavior that always was there, as you have *not* set your FileGuard scanlevel to 'Default'. Please note that this only works smoothly when you have set EAM File Guard to scanlevel 'Default', as it doesn't scan files while being saved by the browser. Quote Share this post Link to post Share on other sites
JeremyNicoll 58 Report post Posted December 1, 2019 > Jeremy, your example shows behavior that always was there, as you have *not* set your FileGuard scanlevel to 'Default'. True, it's "thorough". But EAM knows how I have Fileguard set. Whether the alert I got came from the new IOfficeAntivirus/AMSI interface or not, the alert did offer me a Quarantine option and I did choose it. The files did go into the C:\Program Files\Emsisoft Internet Security\Quarantine folder. I don't see why how often Fileguard scans files has anything to do with why the files in Quarantine are not listed in the Quarantine dialog pane. Quote Share this post Link to post Share on other sites
stapp 130 Report post Posted December 2, 2019 @JeremyNicoll Why do you have C:\Program Files\Emsisoft Internet Security and not C:\Program Files\Emsisoft Anti-Malware? Quote Share this post Link to post Share on other sites
JeremyNicoll 58 Report post Posted December 2, 2019 @stapp I think it's because EIS auto-updated in-place to EAM, without creating a new folder for itself. (Similarly I used to use a 32-bit version of Firefox - though I'm on a 64-bit version of Windows - so Firefox was then installed under C:\Program Files (x86)\. When Mozilla finally produced a 64-bit version and it auto-updated, it did so inside the same folder as before so my 64-bit Firefox is also in a subfolder of C:\Program Files (x86)\.) Quote Share this post Link to post Share on other sites
Frank H 91 Report post Posted December 3, 2019 The Migration from EIS to EAM was done in the same folder where EIS was installed. This was required to not make the migration complicated/impossible by moving stuff to another folder or forcing a re-installation. Quote Share this post Link to post Share on other sites
