a-squared Anti-Malware 4.0.0.50 Released

testsoso, please submit your findings asap. Right click the detected items in the scan result list and select "Report false alert" in the context menu.

 

Hi,

Using it for the last while since its(v.4 full with background guard on) debut, however.....

It slows down web surfing, sucks up unnecessary memory usages, produces frighting F.P.(some essential system files), therefore, returned back to

MBAM or SAS real time . .

Just wish, one day it will emerge as a REAL ONE, a better one.

 

I cannot join your club of FPs. A2AM runs light & stable for me, & rarely yields an FP. By "rarely" I mean just one FP so far.

This sort of situation leads me to believe that those who post to application threads are primarily composed of a small minority having problems. The majority, who are NOT having problems, seldom post.

Am I incorrect in this conclusion, I wonder?

 

Not necessarily because the same logic fits even to those having problems with A2AM

 

1) How long have you running A2 4.0?
Since day 1 or just download it?
They keep fixing the FPs, you know...

2) What about the IDS-Surf Protection?
No problem with it, too?

Just to clarify some issues:
I'm not associated formally/informally with a competitive product.
I'll remind you that I welcomed A2 at Wilders (where most people support SAS and MBAM).
It is not -MY- Club.
That was a funny comment whenever someone posted a problem with A2.
I'm not the only one having problems with A2.
Just have a look at their Forum and other Security Forums as well...

According to your way of seeing things,
whenever I read a negative comment/problem related to OnlineArmor, Sandboxie, SAS, MBAM etc. etc.,
I will have to bypass/ignore it,
because these postings belong to 'Minority' users.
'Majority' users, who are NOT having problems, seldom post.

Just a Question:
-Why software developers -so frequently- listen to the 'Minority' users and
respond to their postings by fixing bugs, correcting FPs, and other problems?

According to your way of seeing things,
software developers should have ignored these 'Minority' users,
since 'Majority' users, who are NOT having problems, seldom post.
But it does Not work that way.
In the case of A2, the developer will gain and improve his product
whenever users submit a FP or report problem(s).

 

You are not

Gerard

 

Corrected

 

Not at all. I just meant that a prospective user needs to use his head and not conclude that a given software is necessarily "no good" simply because some forum comments are negative in nature.

If I had assumed that forum posts reporting problems & requesting help were proof that a product is no good, I would never have trialed such excellent software as DefenseWall, NOD32, Avira, ATI, ComodoPFW, Sandboxie, etc.

It is best, I think, for any given prospective user to trial software on his own, rather than make any final (or even semi-final) conclusions based mainly upon the posts of others.

I have used A-squared (A2) for YEARS -- pretty much since the days when it was introduced by Andreas Haak. During that time, I have gotten many of my friends to use it -- and I never have had to hide or walk the other way when I see one of them coming toward me down the hall. They are all very satisfied.

Yes, A2 is very aggressive. Therefore, I always suggest to my friends who trial or buy A2 that they do a couple of full-system scans right after installing A2. Those scans tend to "shake-out" most of the potential FPs right from the get-go, after which A2 settles down. This is kind of parallel to the "learning mode" of many HIPS applications. It works good.

AFAIK, over & above A2's blacklist-based scanners, A2 also uses a Behavior Blocker and heuristics. These types of security techniques have gained in usage because more & more malware is either 0-day (too new for current blacklists) or else has the ability to morph itself and thereby hide from (or trick) blacklist-based scanners.

Behavior Blockers & heuristics seek to identify malware based primarily on whether or not a given process ACTS in similar fashion to the way that malware often acts.

If a Behavior Blocker or heuristic pops-up an alert, it means that the given process has ACTUALLY manifested suspicious behavior.

The problematic fact is this: some benign processes (especially security apps) DO manifest malware-type actions from time to time. If the Behavior Blocker or heuristic is modified to ignore such actions, then there will be fewer FPs, but some malware might squeak through.

My long-term experience with A2 tells me that A2 has continuously improved its balance between <reducing FPs> and <increasing protective aggressiveness>. Perfect balance? No. Bloody good? Yes.

 

sorry, i use your comand line scanner, and i don't know how to do this...

but your software has improved already: todays scan, after a update:

[700] C:\WINDOWS\Explorer.EXE
detected: Worm.Win32.Downloader.sz!A2

c:\windows\ncuninst.exe
detected: Trace.File.MARAVEL Screensaver!A2

C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe
detected: Worm.Win32.Otwycal.bo!A2

C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe
detected: Email-Worm.Win32.Brontok.cu!A2

C:\WINDOWS\ServicePackFiles\i386\msconfig.exe
detected: Email-Worm.Win32.Brontok.cu!A2

C:\WINDOWS\SoftwareDistribution\Download\1234567890....\msconfig.exe
detected: Email-Worm.Win32.Brontok.cu!A2

C:\WINDOWS\SoftwareDistribution\Download\1234567890....\msconfig.exe detected: Email-Worm.Win32.Brontok.cu!A2

C:\WINDOWS\system32\dllcache\msconfig.exe
detected: Email-Worm.Win32.Brontok.cu!A2

 

Wheeeeeee! Seriously; make the Ikarus stuff optional, otherwise the product is unusable for me.

 

To report a false alert, please pack the deteted files in a zip or rar archive file with a password and send it to fp@emsisoft.com.

Which version and language of Windows do you use? It's very strange that we didn't get this false detection earlier, if Windows core components are affected. Are you sure it's not correct detection?

 

A-Squared Free 4.0.0.21 is 45mb big!! Previous version 4.0.0.0 was 12mb big.
I am talking about the setups.

What have they included?

 

The Ikarus engine.

 

Are you sure that your PC is not infected? I scanned my PC with the latest signature database and there were no false positives.

A-Squared is superb antimalware. The only negative thing is the window for the newsletter registration which is always open to free version. Pretty boring thing.

 

Well, just registrate, check "Never ask again" and it's gone

I agree about a², free utility that combines a very good AV and AS engine.

 

Well, I would like to be so simple. I checked "Never ask again" but the window constantly re-appears.

 

Ooo this seems to be some kind of glitch, mine never poped-up again!

 

Old good reinstallation and the problem is gone.

 

I bought A-Squared Anti-Malware just an hour ago. From all the research I've done it seems like a great program to go along with DefenseWall.

 

Ikarus engine seems extremely impressive, 100% hit to all my malware samples!
Many old, few new, but still

 

i run asquare mamutu with defensewall and they like each other

 

In previous setups (v4) the Ikarus signatures were downloaded after installation ~30 mb. Now the signatures are included in the setup file.

That makes it easier for analog modem users to download the biggest part on a faster machine and after installation just download the latest signatures.

 

The download size shouldn't be a problem, considering the amount of signatures a user gets. And the program is ready to go.

Your latest version is great, well worth the time you've put into the product.

 

Those who been around since Windws 98 can attest to the absolute staying power of EMSI a2-squared scanning.

The mere fact that they IMHO hold the very best Behavioral Blocker ever conceived and marketed is testimony to the many years of fierce persistence and dedication not often seen to this magnitude.

I can only offer a lot of appreciation to their top chairmen for maintaining the best AS engineers ever to lasted this long and they just keep rolling full steam ahead.

 

It is great that the Ikarus signatures were included in the installer .
It took me an hour to download the Ikarus signatures during setup, which is quite annoying.