Peter2150 Posted November 27, 2019 Report Share Posted November 27, 2019 Hi Frank Just auto updated. All seems well. Pete Link to comment Share on other sites More sharing options...
stapp Posted November 28, 2019 Report Share Posted November 28, 2019 How has this improved from last year? Quote What we changed in 2018.7 is that we enhanced the OnExecution scan in a way that allows third-party programs and the Windows operating system to access our scanner technology too. Microsoft created specific interfaces called IOfficeAntivirus and AMSI that are used by most modern browsers, script interpreters, and Office programs to make sure the documents that are downloaded and opened do not contain any malware. Taken from https://blog.emsisoft.com/en/31683/new-in-2018-7-improved-file-guard-performance/ Link to comment Share on other sites More sharing options...
Frank H Posted November 29, 2019 Report Share Posted November 29, 2019 Quote Emsisoft Anti-Malware now displays related detection notifications and adds log records. taken from https://support.emsisoft.com/topic/30470-emsisoft-anti-malware-2019x-beta-releases/?do=findComment&comment=198443 Link to comment Share on other sites More sharing options...
JeremyNicoll Posted November 30, 2019 Report Share Posted November 30, 2019 > Emsisoft Anti-Malware now displays related detection notifications and adds log records. For example, what? How could we test this? Link to comment Share on other sites More sharing options...
Frank H Posted December 1, 2019 Report Share Posted December 1, 2019 On 11/30/2019 at 10:11 AM, JeremyNicoll said: For example, what? How could we test this? just download the eicar virus testfile http://www.eicar.org/download/eicar.com.txt after download, IE/EDGE/CHROME (not supported by FF) calls EAM and the the browser deletes the file when tagged as malicious by EAM. EAM will show a notification and adds a record to forensics. Link to comment Share on other sites More sharing options...
stapp Posted December 1, 2019 Report Share Posted December 1, 2019 1 hour ago, Frank H said: just download the eicar virus testfile http://www.eicar.org/download/eicar.com.txt after download, IE/EDGE/CHROME (not supported by FF) calls EAM and the the browser deletes the file when tagged as malicious by EAM. EAM will show a notification and adds a record to forensics. Win10 1909 Confirmed as working in Vivaldi (Vivaldi deletes the file and entry shows in Forensics) However I can download the file Sandboxied without Vivaldi deleting it Link to comment Share on other sites More sharing options...
JeremyNicoll Posted December 1, 2019 Report Share Posted December 1, 2019 Hmm, I tried that link to download the test file using Chrome (and the newer EAM 9864 beta). First time: the EAM alert says the file is downloaded but dangerous, so I clicked the Quarantine button. The log tells me both things occurred, but when I then go to the Quarantine display, it is empty. I repeated that; the test file definitely does get downloaded - I can see it in my \Downloads folder, and it vanishes from there again when I click the Quarantine option in the alert... but again, it's not in the Quarantine display. C:\Program Files\Emsisoft Internet Security\Quarantine contains two files, with recent timestamps, so presumably those are the quarantined objects. Why does EAM not show them? Link to comment Share on other sites More sharing options...
Frank H Posted December 1, 2019 Report Share Posted December 1, 2019 Jeremy, your example shows behavior that always was there, as you have *not* set your FileGuard scanlevel to 'Default'. Please note that this only works smoothly when you have set EAM File Guard to scanlevel 'Default', as it doesn't scan files while being saved by the browser. Link to comment Share on other sites More sharing options...
JeremyNicoll Posted December 1, 2019 Report Share Posted December 1, 2019 > Jeremy, your example shows behavior that always was there, as you have *not* set your FileGuard scanlevel to 'Default'. True, it's "thorough". But EAM knows how I have Fileguard set. Whether the alert I got came from the new IOfficeAntivirus/AMSI interface or not, the alert did offer me a Quarantine option and I did choose it. The files did go into the C:\Program Files\Emsisoft Internet Security\Quarantine folder. I don't see why how often Fileguard scans files has anything to do with why the files in Quarantine are not listed in the Quarantine dialog pane. Link to comment Share on other sites More sharing options...
stapp Posted December 2, 2019 Report Share Posted December 2, 2019 @JeremyNicoll Why do you have C:\Program Files\Emsisoft Internet Security and not C:\Program Files\Emsisoft Anti-Malware? Link to comment Share on other sites More sharing options...
JeremyNicoll Posted December 2, 2019 Report Share Posted December 2, 2019 @stapp I think it's because EIS auto-updated in-place to EAM, without creating a new folder for itself. (Similarly I used to use a 32-bit version of Firefox - though I'm on a 64-bit version of Windows - so Firefox was then installed under C:\Program Files (x86)\. When Mozilla finally produced a 64-bit version and it auto-updated, it did so inside the same folder as before so my 64-bit Firefox is also in a subfolder of C:\Program Files (x86)\.) Link to comment Share on other sites More sharing options...
Frank H Posted December 3, 2019 Report Share Posted December 3, 2019 The Migration from EIS to EAM was done in the same folder where EIS was installed. This was required to not make the migration complicated/impossible by moving stuff to another folder or forcing a re-installation. Link to comment Share on other sites More sharing options...
Recommended Posts