Fresh out of beta for those that are interested: http://www.emsisoft.com/en/software/antimalware/

Looks great! Ikarus' excellent detection, A-Squared anti malware and mamutu! It would be a full feature internet security suite if it had a firewall...Gotta try this out..

Is the a2service.exe memory usage/leak issue fixed? Have two unused licenses here b/c of the issue. :-\

I have a license and having giving the beta a spin. Really like the program, its light and provides good protection.
Only issue is with FPs, but they solve them in a jiffy. So no problems there too. The only undoing for this program may be its price tag.

-{ Quote: "I have a license and having giving the beta a spin. Really like the program, its light and provides good protection.
Only issue is with FPs, but they solve them in a jiffy. So no problems there too. The only undoing for this program may be its price tag." }-

It is a lot cheaper then most anti-viruses and it includes antimalware + an IDS. So the price tag is very reasonable.

-{ Quote: "It is a lot cheaper then most anti-viruses and it includes antimalware + an IDS. So the price tag is very reasonable." }-

Also considering that the IDS is one of the most powerful ones.

Sorry, my reference was to their 3 user pack. I think its a bit too expensive for me.

psss, the hips engine does NOT work on 64 bits

We're still working on an x64 version of the Malware-IDS.

-{ Quote: "Is the a2service.exe memory usage/leak issue fixed? Have two unused licenses here b/c of the issue. :-\" }-
Judge for yourself.... :-\

-{ Quote: "Judge for yourself.... :-\" }-

Well, you should enable the "Peek Mem Usage" column. Anyway, to describe my issue better, a2service.exe ate almost half gig of RAM on scheduled scans and never gave it back. Managed to find a screenshot, see below...

-{ Quote: "We're still working on an x64 version of the Malware-IDS." }-

christian, how about fixing that fp i send in 3 weeks ago and wich i opened a ticket for 2 weeks ago? This is not a jiffy as has been always my experience with a2 in the far past.

@doktornotor: While the mem usage was so high, did it scan large archive files?

GES/POR: Could you please send the file again to fp@emsisoft.com? I'm afraid the file was lost in beta stress, sorry.

-{ Quote: "@doktornotor: While the mem usage was so high, did it scan large archive files?
" }-

I'm complaining primarily about huge memory leak (note the "never gave the RAM back" part), not about memory usage (though yeah, that definitely could be better as well)... It kept eating that half gig of RAM even hours after the scan finished.

There is something wrong with your installation.

Usually, the a2servic.exe process does all the work, not a2scan. But I can't see any process with this name on your screenshot. That means, the service is not running.

Please restart your PC and scan again. Let me know if a2scan.exe still has this memory leak.

-{ Quote: "There is something wrong with your installation.

Usually, the a2servic.exe process does all the work, not a2scan. But I can't see any process with this name on your screenshot. That means, the service is not running.
" }-

I posted a wrong screenshot. Yeah, the one attached in previous post is with a2service intentionally disabled and documents the suboptimal memory usage. The next one documents the a2service.exe memory leak. I disabled a2service.exe specifically because of the memory leak issue, since I was told it's not needed in single-user environment anyway.

-{ Quote: "I disabled a2service.exe specifically because of the memory leak issue, since I was told it's not needed in single-user environment anyway." }-

That's definitely wrong. We said that the service was created to support non-admin environments, and that the software CAN be used without a running service to scan the PC if windows is booted in safe mode. But you should never try to stop the service while a2start.exe, a2scan.exe or a2guard.exe is running! This might crash your whole system.

I'd suggest to move this problem to the a-squared forum. We'd need some more detail information about your PC and a DebugView logfile to find out what's running wrong there.

@emsisoft
Good to see the the interest from Emsisoft! Could you please verify of the memory usage in my screenshot is normal for a idle a-Squared?

-{ Quote: "That's definitely wrong. We said that the service was created to support non-admin environments, and that the software CAN be used without a running service to scan the PC if windows is booted in safe mode. But you should never try to stop the service while a2start.exe, a2scan.exe or a2guard.exe is running! This might crash your whole system.
" }-

I didn't stop it. I completely disabled it in services manager so that it never starts. (BTW, just as a side note - crashing whole system is certainly not an acceptable action on stopping a service no matter what is running or not... :o )

-{ Quote: "
I'd suggest to move this problem to the a-squared forum. We'd need some more detail information about your PC and a DebugView logfile to find out what's running wrong there." }-

I've already done this two months ago (http://forum.emsisoft.com/Default.aspx?g=posts&m=20967). Since it never went anywhere, I just uninstalled the product meanwhile. ;)

-{ Quote: "@emsisoft
Good to see the the interest from Emsisoft! Could you please verify of the memory usage in my screenshot is normal for a idle a-Squared?" }-

Yes, around 80 MB is normal with the Guard running. Keep in mind, that a-squared loads 2 scan engines with a total of more than 2 million signatures.

-{ Quote: "I've already done this two months ago (http://forum.emsisoft.com/Default.aspx?g=posts&m=20967). " }-

Can you reproduce that problem on any other x64 machine?

We didn't spend a lot of time in x64 tests as it is not officially supported (the Malware-IDS does not work at all on x64). But I guess that's the reason of the mem leak. We're currently working on full x64 support.

-{ Quote: "Yes, around 80 MB is normal with the Guard running. Keep in mind, that a-squared loads 2 scan engines with a total of more than 2 million signatures." }-
Thanks for the information. I understand about the memory usage, the system impact itself is very low though and that's what count. Using the one year free license offer from last summer, and really liking it so far (skipped v3.5).

-{ Quote: "Can you reproduce that problem on any other x64 machine?

We didn't spend a lot of time in x64 tests as it is not officially supported (the Malware-IDS does not work at all on x64). But I guess that's the reason of the mem leak. We're currently working on full x64 support." }-

Yeah, reproducible for sure; I also suspect it's x64 related, the memory leak doesn't happen on 32bit Windows. The memory usage is another thing, if you scan lots of archives it grows quickly... but oh well, as long as the usage gets normal after the scan, not much of an issue.

What I noticed is the huge amount of FP's on a number of systems here. I reported them thru the internal "Send FP" option. I didn't had this many FP's before the Ikarus engine was added. If the FP's get tackeled it's a great product :)

Congratulations! on your Trully Anti-Malware solution:
AS (a-squared) +IDS (Mamutu) +AV (Ikarus).
Exceptional product! :thumb:

-{ Quote: "AS (a-squared) +IDS (Mamutu) +AV (Ikarus)." }-

its good combination

Very good app indeed, but they need to get rid of all those fp`s. Uploaded a truckload yesterday ::)

Took a2's scanner for a spin with malware gleaned from the internet over the last month. I also scanned my user partition for f/ps. With everything on except cookies a2 got 270 out of 278 with 1 f/p - CommView (http://www.tamos.com/products/commview/). Some of the samples were not necessary malware but hacktools.

some of the samples...

this one goes direct to emsisoft guy.... why on earth should i create account in order the run this software?? i dont wana give noone i dont know my email>:(

very odd and oldfashion approach :thumbd:

cheers

-{ Quote: "why on earth should i create account in order the run this software?? i dont wana give noone i dont know my email>:(

very odd and oldfashion approach :thumbd: " }-

Just a random netizen here. Not really that odd, many vendors do that :)

Ever heard of creating another email account, say using free webmail? :) Give that when you don't want to give out your real email.

I have several 'spam'-accounts myself.

-{ Quote: "Just a random netizen here. Not really that odd, many vendors do that :)

Ever heard of creating another email account, say using free webmail? :) Give that when you don't want to give out your real email.

I have several 'spam'-accounts myself." }-

lol , welp i can count on one hand the number of vendor stand this aproach... maybe half hand....;D
they should gave creating account as an option ..not a term

-{ Quote: "this one goes direct to emsisoft guy.... why on earth should i create account in order the run this software?? i dont wana give noone i dont know my email>:(

very odd and oldfashion approach :thumbd:

cheers" }-

The licenses are stored on the a-squared server to avoid cracks. That's the simple reason for the account requirement.

You need the user account to login at the update server. Without a valid license stored on your user account, you can't get updates via the online updater.

Well, you can create a crack to avoid the unlocking, but then you would not get any updates and that makes the software useless as it requires daily updates for protection.

Very nice proggie indeed. Beautiful GUI. 8)

Fast correction of false positives :thumb:

Wunderbar

-{ Quote: "this one goes direct to emsisoft guy.... why on earth should i create account in order the run this software?? i dont wana give noone i dont know my email>:(

very odd and oldfashion approach :thumbd:

cheers" }-
Jetable.org is your friend.... Cheers.

http://www.jetable.org/en/index

-{ Quote: "Congratulations! on your Trully Anti-Malware solution:
AS (a-squared) +IDS (Mamutu) +AV (Ikarus).
Exceptional product! :thumb:" }-


Does this mean you don't need a separate AV anymore? If you have a real time AV scanner, will they conflict? I don't see where one can check separately for spyware or virus.

-{ Quote: "Does this mean you don't need a separate AV anymore? If you have a real time AV scanner, will they conflict? I don't see where one can check separately for spyware or virus." }-

I understood that Asquared+ikarus doesn't have on-acces scan to avoid conflicts with AV programs.
If you scan with Asquared, your AV will also start because Asquared accesses those files so a complete scan of your HD will take some time.
If you download a trojan in a setup file, Asquared won't react, only on execution of the file.
An AV like Avira will stop the download if I understand correctly.
Can anyone confirm that Asquared works this way?

will A-Squared antimalaware 4.0 free come out soon?

-{ Quote: "
Can anyone confirm that Asquared works this way?" }-

Yes, confirmed.

We decided to not implement an OnAccess scan guard. Downloaded Malware can not be dangerous as long as it is not started. E.g. on my machine I have stored many thousands of Malware files, but the system is not 'infected'.

Once started, the file is scanned and blocked if malicious.

OnAccess scans usually slow down the system too much. Try to run Sysinternals DiskMon to see that hundreds of files are read/written every second. An unnecessary waste of ressources when they are scanned all the time, even with advanced caching.

@chaos16: We're already working on a-squared Free 4.0. You can expect a first beta soon.

-{ Quote: "Yes, confirmed.
...We're already working on a-squared Free 4.0. You can expect a first beta soon." }-

Thanks for your reaction, Christian.
I'm eager to check out the upcoming free version.
Cheers

Add or Remove program still display i have v3.5 install when i have v4 install. Bug?

203356

-{ Quote: "Add or Remove program still display i have v3.5 install when i have v4 install. Bug?
" }-

Not a bug, just normal Windows behavior. You installed the v3.5 setup (that creates the entry in Add/Remove programs, but updated to v4.0 via the built-in online update of a-squared. Windows does not refresh the version number.

If you uninstall and download the latest 4.0 setup, you'll see v4.0 there.

-{ Quote: "Not a bug, just normal Windows behavior. You installed the v3.5 setup (that creates the entry in Add/Remove programs, but updated to v4.0 via the built-in online update of a-squared. Windows does not refresh the version number.

If you uninstall and download the latest 4.0 setup, you'll see v4.0 there." }-

ok thanks

1) The spinning Trojar Horse that explodes into a red exclamation mark (i.e. !)
during the 1st Malware Detection is for Decorative purposes.
Elapsed Time and
a Percentage Progress bar -which exists But Only when you Minimize the Scan Window-
would be more useful.
Besides, many AV/AS products show
the Elapsed Time and
a Percentage Progress bar.

2) For a moment I thought that A-Squared 4.0 Free (when it comes)
would be the only On-Demand scanner needed.
However, the False Positives have been a major problem.
Last time, A-Squared 4.0 Paid detected some Microsoft Excel setup files as Viruses!

That's it! Back to SAS Free, MBAM, and Dr.Web CureIt!

-{ Quote: "Congratulations! on your Trully Anti-Malware solution:
AS (a-squared) +IDS (Mamutu) +AV (Ikarus).
Exceptional product! :thumb:" }-

This is what INITIALLY thought...
BUT Now,
No more A-Squared 4.0 for me!
I had enough False Positives for...my entire life...

-{ Quote: "This is what INITIALLY thought...
BUT Now,
No more A-Squared 4.0 for me!
I had enough False Positives for...my entire life..." }-

It's been darn accurate for me so far...

-{ Quote: "It's been darn accurate for me so far..." }-

Lucky you...

Questions:

How good is this product really ?

I've tried the a-squared online scan a few times, and it never found anything but tracking cookies. It even said if it found three or more items, one should purchase <whatever, I don't remember>. More than once, it found three 'tracking cookies', although they seemed more like false positives to me.

What about this Ikarus AV ? I've never heard of it. Is it still maintained ? Good, bad, or in the middle ?
How intrusive is the behaviour blocker on Windows XP Home Edition IE 7 ?

See: http://remove-malware.com/announcements/a-squared-40-removal-review-on-friday/

It may help you on the detection front. IDS is same as Mamutu, for which you will find many threads and kudos. It works perfectly on XP and Vista 32-bit.

-{ Quote: "How good is this product really ?" }-
The main problem I have with this one is that it is a real resource bugger...

i installed it to try it but it gave a false trojan alarm about a file that i was sure it was safe because it was in my laptop for a long time. i scanned it with various antiviruses and all was clean . It wasted two good hours and i removed it away. No more a sqware

-{ Quote: "i installed it to try it but it gave a false trojan alarm about a file that i was sure it was safe because it was in my laptop for a long time. i scanned it with various antiviruses and all was clean . It wasted two good hours and i removed it away. No more a sqware" }-

Welcome to the club...

It doesn´t sound like a good deal ...

-{ Quote: "It doesn´t sound like a good deal ..." }-
More than likely there's a large number of happy users too :) It's just that they do not appear in forums that often (if ever) and thus the vocal negative posters tend to give distorted view of the product.

Just my 0.02€

-{ Quote: "More than likely there's a large number of happy users too :) It's just that they do not appear in forums that often (if ever) and thus the vocal negative posters tend to give distorted view of the product.

Just my 0.02€" }-

On the other hand, there is a large number of 'happy' users (i.e. Always & Totally 'Satisfied')
who give a distorted view of a product by posting nothing but 'positive' comments.
Some people called them Shills...

Because, I don't like vague statements,

-Is it a Distorted view that

(a) the Ikarus AV engine has many False Positives
(Even Windows/Office Genuine files that a few days ago it had scanned them as Clean)?

(b) the IDS-Surf Protection -Frequently- Alarms as 'Malicious Hosts' Legitimate/Clean sites?

Initially, I thought that A-Squared 4.0 would be so effective/powerful that no AV was necessary.
After what I experienced, I will think again to use even A-Squared 4.0 -Free- (when it comes).

-The More False Positives of A-Squared 4.0, the Less you Trust it,
and the More you have to Double-Check its 'Results'
by using other scanners (free/online/paid).
-It is really Exhausting to have to Double-Check
with SAS Free, MBAM, Dr.WebCureIt!,
and many online Multi-Scanners
-Every Time- A-Squared 4.0 detects a file as 'Malicious'.
It is even more Exhausting! when the other scanners (free/online/paid)
-All- or in their -vast Majority- claim that the respective file is Innocent/Clean.

This was my experience with A-Squared 4.0.
Maybe, other users will be lucky with it,
and they will not waste their money/time.

I've had no trouble whatsoever with A-Squared 4. Works well with Sandboxie, Defensewall, OA, etc. I do not think it is a stand alone yet (getting close), but can be a great complimentary product.

I felt the need to express some positive views after all the negativity.

-{ Quote: "I've had no trouble whatsoever with A-Squared 4. Works well with Sandboxie, Defensewall, OA, etc. I do not think it is a stand alone yet (getting close), but can be a great complimentary product.

I felt the need to express some positive views after all the negativity." }-
getting close it is not enough to spend your money and time and yet be uncertain and not secured which you expect to be when you buy software.
it is heavy and full of FP

-{ Quote: "getting close it is not enough to spend your money and time and yet be uncertain and not secured which you expect to be when you buy software.
it is heavy and full of FP" }-

I haven't had one FP yet. Go figure...

Guys

To be honest, I had A2 installed on my mom's PC (75). For a reference she is perfectly happy with defensewall. She asked me to remove A2, because of the warnings. I installed Avast dutch again on her PC.

So I installed A2 on our PC to check. Especially the web protection causes warnings for commercial sites (of which we buy music like radio538 ). After switching the webprotection off everything ran smoothly again.

Regards Kees

What is the point of buying a product and swiching off features? don't bother buying it at all

-{ Quote: "What is the point of buying a product and swiching off features? don't bother buying it at all" }-i understand kees what happen
gerry is that some features in(some programs are eitheir annoy or you dont need it cause probably you have it in another program or dont like it on at all;D }

-{ Quote: "i understand kees what happen
gerry is that some features in(some programs are eitheir annoy or you dont need it cause probably you have it in another program or dont like it on at all;D }" }-
i understand it . but there are two different thing ranked here
1- you dont like it- and that is fine
2-you can not use it that's totally different
case closed

will this new version-4 of a-squared be tested by av-comparatives and av-test org ?

and if it use Ikarus engine then it must have alot of FP's right?

How is it on resources is it heavy or light?

-{ Quote: "i understand it . but there are two different thing ranked here
1- you dont like it- and that is fine
2-you can not use it that's totally different
case closed" }-

I set the tracking cookies to stop without pop-up, others allow. The rest of A2 is really agood package. Ikarus is a decent AV, A2 a decent AT/AS, the IDS has really developed, so for someone looking for a easy solution it is a nice deal IMO. You can also make your own for free with ThreatFire and Avira.

-{ Quote: "I set the tracking cookies to stop without pop-up, others allow. The rest of A2 is really agood package. Ikarus is a decent AV, A2 a decent AT/AS, the IDS has really developed, so for someone looking for a easy solution it is a nice deal IMO. You can also make your own for free with ThreatFire and Avira." }-

-What about the False Positives of the Ikarus AV engine?
-Are they 'decent', too?

I guess users facing problems with the False Positives of A-Squared
are -ALL- liars, drunk or have illusions.
Maybe, it is just in our imagination...

-{ Quote: "-What about the False Positives of the Ikarus AV engine?
-Are they 'decent', too?

I guess users facing problems with the False Positives of A-Squared
are -ALL- liars, drunk or have illusions.
Maybe, it is just in our imagination..." }-


If I remember correctly, you said it was finding MS Office docs/files as suspicious. Considering I do not use office, as I am suspecting many users here do not, that is why you get differing experiences. Imagine that...

As for it flagging legit sites as malicious....again, I personally haven't seen it flag anything yet. So either the sites you are visiting are not as legitimate as you think, or they have some scripting (probably benign) on the site that triggers. Either case, me personally, I'm glad my software would alert me to that.

No one is calling anyone a liar here, but for you to expect that what you are experiencing is the end all be all, is just foolish.

-{ Quote: "-What about the False Positives of the Ikarus AV engine?
-Are they 'decent', too?

I guess users facing problems with the False Positives of A-Squared
are -ALL- liars, drunk or have illusions.
Maybe, it is just in our imagination..." }-

Dear Balatsokas,

I am not saying your lying, neither drunk. Ikarus is a good AV (just a tiny bit after Avira). It is true that Ikarus generated more FP's. Decent is to my reference and my average PC usage behaviour.

Tests agree with you that Ikarus generates some more FP's. These tests also show it is a good AV in terms of detection rate (often just behind Avira).

I trust A2 will get their act together on integrating the two engines. For such a dramatic code change (two engines integrated at driver level) they really did well (may be because I am an old software developer that I am so mild in my critism)

Regards Kees

-{ Quote: "If I remember correctly, you said it was finding MS Office docs/files as suspicious. Considering I do not use office, as I am suspecting many users here do not, that is why you get differing experiences. Imagine that...

As for it flagging legit sites as malicious....again, I personally haven't seen it flag anything yet. So either the sites you are visiting are not as legitimate as you think, or they have some scripting (probably benign) on the site that triggers. Either case, me personally, I'm glad my software would alert me to that.

No one is calling anyone a liar here, but for you to expect that what you are experiencing is the end all be all, is just foolish." }-

1) In a previous post of this thread I wrote: "A-Squared 4.0 Paid detected some Microsoft Excel setup files as Viruses!"
I never talked about -Suspicious-.
So, you do NOT remember correctly...

2) I am not the only one who experienced False 'IDS-Surf Protection' Alarms.
In fact, many users were forced to turn off the specific feature.
From a point and on, these False 'IDS-Surf Protection' Alarms were so many that
even if a -Real- threat existed, users wouldn't take it very seriously.
That makes the product not only inappropriate, it makes it unreliable.

Now, if someone is glad, because his software offers him
-False 'IDS-Surf Protection' Alarms for no -Real- Threat
he has to revise his perception of 'foolishness'...

Not to mention the always happy and totally/perfectly satisfied "u$ers" who write
nothing but po$itive comment$ and attack on the ones who dared to report problem (a) or (b)
with product X. Software Security Forums are full of these "u$ers"...

-{ Quote: "Dear Balatsokas,

I am not saying your lying, neither drunk. Ikarus is a good AV (just a tiny bit after Avira). It is true that Ikarus generated more FP's. Decent is to my reference and my average PC usage behaviour.

Tests agree with you that Ikarus generates some more FP's. These tests also show it is a good AV in terms of detection rate (often just behind Avira).

I trust A2 will get their act together on integrating the two engines. For such a dramatic code change (two engines integrated at driver level) they really did well (may be because I am an old software developer that I am so mild in my critism)

Regards Kees" }-

No problem, Dear Kees.
I wish that A2 will be improved, too.
Time will tell...

-{ Quote: "1) In a previous post of this thread I wrote: "A-Squared 4.0 Paid detected some Microsoft Excel setup files as Viruses!"
I never talked about -Suspicious-.
So, you do NOT remember correctly...

2) I am not the only one who experienced False 'IDS-Surf Protection' Alarms.
In fact, many users were forced to turn off the specific feature.
From a point and on, these False 'IDS-Surf Protection' Alarms were so many that
even if a -Real- threat existed, users wouldn't take it very seriously.
That makes the product not only inappropriate, it makes it unreliable.

Now, if someone is glad, because his software offers him
-False 'IDS-Surf Protection' Alarms for no -Real- Threat
he has to revise his perception of 'foolishness'...

Not to mention the always happy and totally/perfectly satisfied "u$ers" who write
nothing but po$itive comment$ and attack on the ones who dared to report problem (a) or (b)
with product X. Software Security Forums are full of these "u$ers"..." }-

1) So yes, I was correct, it was MS Office.. Not whether it was a virus or suspicious. Again, my point being, many people have different experiences with software. The fact that you are running office and I am not, points to one glaring reason why.

2) I can exaggerate my experiences with it as well. fun.

3) I have not had only po$itive comments to say. I have only played devils advocate to what seems to be an agenda to disparage a product.

It is plainly obvious that you do not like the product, and that is fine. But it does not give the totally un$atisfied u$ers the right to attack those that do. Security forums seem to be full of them as well...

It appears we shall agree to disagree.

-{ Quote: "1) So yes, I was correct, it was MS Office.. Not whether it was a virus or suspicious. Again, my point being, many people have different experiences with software. The fact that you are running office and I am not, points to one glaring reason why.

2) I can exaggerate my experiences with it as well. fun.

3) I have not had only po$itive comments to say. I have only played devils advocate to what seems to be an agenda to disparage a product.

It is plainly obvious that you do not like the product, and that is fine. But it does not give the totally un$atisfied u$ers the right to attack those that do. Security forums seem to be full of them as well...

It appears we shall agree to disagree." }-

No, you were wrong Again!
I said as -Viruses-; not just -Suspicious-.
It makes a hell of difference in terms of Detection (if you are familiar with the field)...

I was among the first ones who welcomed A-Squared in a Forum that loves SAS and MBAM.
However, A-Squared needs a lot of improvement.
The A-Squared Forum is full of postings of people having similar problems - LINK (http://forum.emsisoft.com/Default.aspx?g=posts&t=3937)
False Positives that they keep fixing and fixing with updates, updates, and updates...

-{ Quote: "No, you were wrong Again!
I said as -Viruses-; not just -Suspicious-.
It makes a hell of difference in terms of Detection (if you are familiar with the field)...

I was among the first ones who welcomed A-Squared in a Forum that loves SAS and MBAM.
However, A-Squared needs a lot of improvement.
The A-Squared Forum is full of postings of people having similar problems - LINK (http://forum.emsisoft.com/Default.aspx?g=posts&t=3937)
False Positives that they keep fixing and fixing with updates, updates, and updates..." }-

:blink:

Reading comprehension is your friend...

Again, my point was the reason in differing experiences (FPs) is you use MS Office, I do not. Trust me, I know the differences in being tagged as a virus or suspicious, and that was never my point, as much as you would like it to be.

-{ Quote: ":blink:

Reading comprehension is your friend...

Again, my point was the reason in differing experiences (FPs) is you use MS Office, I do not. Trust me, I know the differences in being tagged as a virus or suspicious, and that was never my point, as much as you would like it to be." }-

Apart from MS Office-related FPs, many users have faced problems with *OTHER* -LEGITIMATE- programs
the Ikarus scan engine detected as 'Malicious'.
Why are you only/DELIBERATELY-
focusing on MS Office as if if it is the only source of FPs?

Also, don't ignore the IDS-Surf Protection/Alerts
that drove crazy many users who were
obliged to Turn it Off.
If you search on other Software Security Forums, you will read about these problems.
If A-Squared 4.0 proved to be so great for you, I am happy that you did not waste your time and money.
Others believe that A-Squared needs much of Improvement and regret for wasting their money on it!

i have tested their cmd line scanner, and it put my explorer.exe in quarantine...too many false positive...

-{ Quote: "i have tested their cmd line scanner, and it put my explorer.exe in quarantine...too many false positive..." }-

Welcome to the Club, too.

thank you.

here is the report:

C:\WINDOWS\Explorer.EXE
detected: Worm.Win32.Downloader.sz!A2

C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
detected: Email-Worm.Win32.Brontok.cu!A2

C:\runscanner\runscanner.exe
detected: Trojan-Spy.Win32.Banbra.df!IK

testsoso, please submit your findings asap. Right click the detected items in the scan result list and select "Report false alert" in the context menu.

Hi,

Using it for the last while since its(v.4 full with background guard on) debut, however.....

It slows down web surfing, sucks up unnecessary memory usages, produces frighting F.P.(some essential system files), therefore, returned back to

MBAM or SAS real time . .

Just wish, one day it will emerge as a REAL ONE, a better one.

-{ Quote: "Welcome to the Club, too." }-I cannot join your club of FPs. A2AM runs light & stable for me, & rarely yields an FP. By "rarely" I mean just one FP so far. :thumb:

This sort of situation leads me to believe that those who post to application threads are primarily composed of a small minority having problems. The majority, who are NOT having problems, seldom post.

Am I incorrect in this conclusion, I wonder?

Not necessarily because the same logic fits even to those having problems with A2AM

-{ Quote: "I cannot join your club of FPs. A2AM runs light & stable for me, & rarely yields an FP. By "rarely" I mean just one FP so far. :thumb:

This sort of situation leads me to believe that those who post to application threads are primarily composed of a small minority having problems. The majority, who are NOT having problems, seldom post.

Am I incorrect in this conclusion, I wonder?" }-

1) How long have you running A2 4.0?
Since day 1 or just download it?
They keep fixing the FPs, you know...

2) What about the IDS-Surf Protection?
No problem with it, too?

Just to clarify some issues:
I'm not associated formally/informally with a competitive product.
I'll remind you that I welcomed A2 at Wilders (where most people support SAS and MBAM).
It is not -MY- Club.
That was a funny comment whenever someone posted a problem with A2.
I'm not the only one having problems with A2.
Just have a look at their Forum and other Security Forums as well...

According to your way of seeing things,
whenever I read a negative comment/problem related to OnlineArmor, Sandboxie, SAS, MBAM etc. etc.,
I will have to bypass/ignore it,
because these postings belong to 'Minority' users.
'Majority' users, who are NOT having problems, seldom post.

Just a Question:
-Why software developers -so frequently- listen to the 'Minority' users and
respond to their postings by fixing bugs, correcting FPs, and other problems?

According to your way of seeing things,
software developers should have ignored these 'Minority' users,
since 'Majority' users, who are NOT having problems, seldom post.
But it does Not work that way.
In the case of A2, the developer will gain and improve his product
whenever users submit a FP or report problem(s).

-{ Quote: "
This sort of situation leads me to believe that those who post to application threads are primarily composed of a small minority having problems. The majority, who are NOT having problems, seldom post.

Am I incorrect in this conclusion, I wonder?" }-

You are not;)

Gerard

-{ Quote: "-{ Quote: "Am I incorrect?" }-You are not correct" }-Corrected;)

-{ Quote: "According to your way of seeing things,
whenever I read a negative comment/problem related to OnlineArmor, Sandboxie, SAS, MBAM etc. etc.,
I will have to bypass/ignore it" }-Not at all. I just meant that a prospective user needs to use his head and not conclude that a given software is necessarily "no good" simply because some forum comments are negative in nature.

If I had assumed that forum posts reporting problems & requesting help were proof that a product is no good, I would never have trialed such excellent software as DefenseWall, NOD32, Avira, ATI, ComodoPFW, Sandboxie, etc.

It is best, I think, for any given prospective user to trial software on his own, rather than make any final (or even semi-final) conclusions based mainly upon the posts of others.

I have used A-squared (A2) for YEARS -- pretty much since the days when it was introduced by Andreas Haak. During that time, I have gotten many of my friends to use it -- and I never have had to hide or walk the other way when I see one of them coming toward me down the hall. They are all very satisfied.

Yes, A2 is very aggressive. Therefore, I always suggest to my friends who trial or buy A2 that they do a couple of full-system scans right after installing A2. Those scans tend to "shake-out" most of the potential FPs right from the get-go, after which A2 settles down. This is kind of parallel to the "learning mode" of many HIPS applications. It works good.

AFAIK, over & above A2's blacklist-based scanners, A2 also uses a Behavior Blocker and heuristics. These types of security techniques have gained in usage because more & more malware is either 0-day (too new for current blacklists) or else has the ability to morph itself and thereby hide from (or trick) blacklist-based scanners.

Behavior Blockers & heuristics seek to identify malware based primarily on whether or not a given process ACTS in similar fashion to the way that malware often acts.

If a Behavior Blocker or heuristic pops-up an alert, it means that the given process has ACTUALLY manifested suspicious behavior.

The problematic fact is this: some benign processes (especially security apps) DO manifest malware-type actions from time to time. If the Behavior Blocker or heuristic is modified to ignore such actions, then there will be fewer FPs, but some malware might squeak through.

My long-term experience with A2 tells me that A2 has continuously improved its balance between <reducing FPs> and <increasing protective aggressiveness>. Perfect balance? No. Bloody good? Yes.

-{ Quote: "testsoso, please submit your findings asap. Right click the detected items in the scan result list and select "Report false alert" in the context menu." }-
sorry, i use your comand line scanner, and i don't know how to do this...

but your software has improved already: todays scan, after a update:

[700] C:\WINDOWS\Explorer.EXE
detected: Worm.Win32.Downloader.sz!A2

c:\windows\ncuninst.exe
detected: Trace.File.MARAVEL Screensaver!A2

C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe
detected: Worm.Win32.Otwycal.bo!A2

C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
detected: Email-Worm.Win32.Brontok.cu!A2

C:\WINDOWS\ServicePackFiles\i386\msconfig.exe
detected: Email-Worm.Win32.Brontok.cu!A2

C:\WINDOWS\SoftwareDistribution\Download\1234567890....\msconfig.exe
detected: Email-Worm.Win32.Brontok.cu!A2

C:\WINDOWS\SoftwareDistribution\Download\1234567890....\msconfig.exe detected: Email-Worm.Win32.Brontok.cu!A2

C:\WINDOWS\system32\dllcache\msconfig.exe
detected: Email-Worm.Win32.Brontok.cu!A2

-{ Quote: "
but your software has improved already: todays scan, after a update:
" }-

Wheeeeeee! Seriously; make the Ikarus stuff optional, otherwise the product is unusable for me. :thumbd:

To report a false alert, please pack the deteted files in a zip or rar archive file with a password and send it to fp@emsisoft.com.

Which version and language of Windows do you use? It's very strange that we didn't get this false detection earlier, if Windows core components are affected. Are you sure it's not correct detection?

A-Squared Free 4.0.0.21 is 45mb big!! Previous version 4.0.0.0 was 12mb big.
I am talking about the setups.

What have they included?

-{ Quote: "A-Squared Free 4.0.0.21 is 45mb big!! Previous version 4.0.0.0 was 12mb big.
I am talking about the setups.

What have they included?" }-
The Ikarus engine.

-{ Quote: "sorry, i use your comand line scanner, and i don't know how to do this...

but your software has improved already: todays scan, after a update:

[700] C:\WINDOWS\Explorer.EXE
detected: Worm.Win32.Downloader.sz!A2

... " }-

Are you sure that your PC is not infected? I scanned my PC with the latest signature database and there were no false positives.

A-Squared is superb antimalware. The only negative thing is the window for the newsletter registration which is always open to free version. Pretty boring thing. :doubt:

-{ Quote: "A-Squared is superb antimalware. The only negative thing is the window for the newsletter registration which is always open to free version. Pretty boring thing. :doubt:" }-Well, just registrate, check "Never ask again" and it's gone :P

I agree about a², free utility that combines a very good AV and AS engine.

Well, I would like to be so simple. :P I checked "Never ask again" but the window constantly re-appears.

Ooo this seems to be some kind of glitch, mine never poped-up again!

Old good reinstallation and the problem is gone. ;D

I bought A-Squared Anti-Malware just an hour ago. From all the research I've done it seems like a great program to go along with DefenseWall.

Ikarus engine seems extremely impressive, 100% hit to all my malware samples!
Many old, few new, but still :thumb:

i run asquare mamutu with defensewall and they like each other;)

-{ Quote: "A-Squared Free 4.0.0.21 is 45mb big!! Previous version 4.0.0.0 was 12mb big.
I am talking about the setups.

What have they included?" }-

In previous setups (v4) the Ikarus signatures were downloaded after installation ~30 mb. Now the signatures are included in the setup file.

That makes it easier for analog modem users to download the biggest part on a faster machine and after installation just download the latest signatures.

The download size shouldn't be a problem, considering the amount of signatures a user gets. And the program is ready to go.

Your latest version is great, well worth the time you've put into the product.

Those who been around since Windws 98 can attest to the absolute staying power of EMSI a2-squared scanning.

The mere fact that they IMHO hold the very best Behavioral Blocker ever conceived and marketed is testimony to the many years of fierce persistence and dedication not often seen to this magnitude.

I can only offer a lot of appreciation to their top chairmen for maintaining the best AS engineers ever to lasted this long and they just keep rolling full steam ahead. 8)

-{ Quote: "In previous setups (v4) the Ikarus signatures were downloaded after installation ~30 mb. Now the signatures are included in the setup file.

That makes it easier for analog modem users to download the biggest part on a faster machine and after installation just download the latest signatures." }-

It is great that the Ikarus signatures were included in the installer :D .
It took me an hour to download the Ikarus signatures during setup, which is quite annoying. >:(

I had the same problem:-[

Additional daily updates shouldn't take long. Haven't had any problems updating each day.

You might want to make sure additional languages is unchecked as updates to the language files are included in the downloads.