EAM Configuration

Discussion in 'other anti-malware software' started by whitedragon551, Sep 24, 2010.

Thread Status:
Not open for further replies.
  1. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    I have switched from AVG AV Paid to EAM for the remainder of my license. I never experienced any lag going between tabs in FF and downloading and switching back and forth until I installed EAM.

    What can I do to lower over head without compromising security? Newspopups have been disabled, logs have been shortened from 3000 entries to 250 entries, Surf Protection has been kept at defaults for the most part. Tracking cookies and ad/tracking hosts have been set to silently block. The rest are block and notify.

    What should I do with the guard settings? They are rather annoying popping up all the time.
     
  2. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    There is nothing you can do.
    Had the same problem and decided to turn every feature OFF , just to see what is causing the lag.
    To my surprise with everything OFF , it was still very very heavy.
    Couldn't understand it, no-one from their forums bothered to help.

    Good luck !
     
  3. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    It weighs in at around 180mbs on my system, but its very quick to load at boot.

    Maybe someone has something I can do. EAM does great in testing.
     
  4. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    It does great because it's over-sensitive and thus full of FP's.

    Try what I did, turn everything OFF and see is it the same , if it's not then turn ON one-by-one thingy until you realize what is it.
     
  5. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    Over sensitive or not it doesnt matter and thats not the topic of this thread.
     
  6. ctrlaltdelete

    ctrlaltdelete Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    318
    Location:
    NL
    Exclude other security software in EAM. I've excluded other security software in Guard > Application Rules and also in the Whitelist (File Guard > Manage Whitelist)

    And exclude EAM in other security software.

    Don't know what your File Guard settings are. I've chosen for "Scan only programs before they are executed".
     
  7. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    Ive added MBam, PrevX, LooknStopand Safe Returner to the EAM whitelist.

    Fileguard is set to scan files when created or modified and before they are executed. Also set to alert on riskware.
     
  8. ctrlaltdelete

    ctrlaltdelete Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    318
    Location:
    NL
    Did you also exclude EAM in the other security software?

    And i suggest to change the File Guard setting to "Scan only programs before they are executed" and check if that makes a difference.
     
  9. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    PrevX is supposed to be compatible with all security software and LnS is a FW. The rest are on demand scanners only.
     
  10. ctrlaltdelete

    ctrlaltdelete Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    318
    Location:
    NL
    It's not about being compatible, that only means your system will not crash....:D
    If security product A is constantly checking what security products B, C and D are doing, it's a waste of CPU cycles and memory.

    Noticed Windows Defender in your sig, thought that was running also.
     
  11. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    Okay, had to install it again after long time and I must say it's not heavy anymore :)
    It was at first when it learned about new apps that started and created rules for them, but second run of those apps was instant.
    There was nothing else running of other security apps.
    And it was not on VM, but on Win7 32-bit Ultimate.
    Yes, they still have lots of FP's but I could manage them easily, virustotal is reporting 2/45 on those files (Emsisoft and Ikarus are the only ones)

    But the problem for me is that they still have those confusing whitelist system (exclusions) and I don't like that (cause I don't understand that).
    Let's say I want to exclude that file, it will appear in whitelist as threat name , not the path of the file itself.
    What's confusing for me is : will ALL threats with that name be excluded in the future or there are no two or more files with the same Threat Name ?
    If someone can answer me that question I give my huge thanks in advance.

    I would use this software for sure if they can just add actual file (path to it) in their exclusions (Whitelist).
    Only other way would be that there are no two or more files with the same Threat Name.
     
  12. kasperking

    kasperking Registered Member

    Joined:
    Nov 21, 2008
    Posts:
    406
    okay..........
     
    Last edited: Sep 24, 2010
  13. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    File guard> Settings > Manage Whitelist in blue. Not confusing at all. You browse to the location of the file/folder you want to exclude.

    Now back to the OP. Any other advice on reducing overhead with EAM?
     

    Attached Files:

  14. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
  15. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,779
    Location:
    Texas
    Let's stick to the topic of this thread which is configuration of the program, not detections. Thanks.
     
  16. ctrlaltdelete

    ctrlaltdelete Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    318
    Location:
    NL
    whitedragon551,

    Take a look at this topic on Emsi's forum.


    pabrate,

    It's the difference between whitelisting a detection name or a file.



    kaspersking,

    Nothing wrong with the detection of that behavior. But it's a trusted file so you won't see an alert. It just shows that EAM does detect/monitor this behavior not only for malware but for all programs. Unless you exclude a program in Program Rules. Suppose the same program suddenly tries to do something that it shouldn't do, how would EAM be able to detect this if it isn't monitoring it's behavior?
     
  17. atomomega

    atomomega Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    1,285
    Do you have the Behaviour shield (or whatever the module is called) a.k.a. Mamutu set on paranoid mode? If so, that may be one of the reasons why you keep getting so much pop-ups... Try going by community... that will reduce them a lot...
     
  18. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    787
    Location:
    Germany
    You could change the File Guard from scan on modify to scan on execution only.

    Do you have "Paranoid mode" enabled? If you do, disable it.

    Can you please submit the false positives using the submit feature? If they really are false positives we will take care of them as soon as possible.

    In the scan result window detections are clustered in groups based on the malware name. Since you can't select single files but only groups EAM can't guess what files you want to exclude. That is why the context menu option whitelists the malware name (= whenever a detection is found with the same name it gets ignored by the scanner).
    If you want more control over it use the white list dialog where you can white list via file name (no matter what malware is found in that file, it will never be reported or even scanned), folder name (no matter what malware is found in files inside this folder and it's subfolders, it will never be reported or even scanned) and malware name (no matter in what file malware with that specific name is found, it won't be reported).
     
  19. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    Paranoid mode is not activated. It is set to defaults there.
     
  20. pabrate

    pabrate Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    685
    That's fine, but I guess one more option in scanner wouldn't hurt, like "Add files to Whitelist" .
    Since there are already filenames with full paths in details of threats that are found, can't see reason why that would be hard to implement.
    If selecting single files in group that was found is the problem, then whole group of files can be added and then if needed one or more files from that group can be deleted in Manage Whitelist.
    Would save a lot of time , opposed to doing it manually.
     
  21. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    After adding exclusions everything seems to be running much smoother and lighter.

    In my whitelist I placed MBAM, PrevX, LnS, and Safe Returner folders rather than specific files. Should I change them to the specific files in the off chance malware embeds itself in the folder?
     
  22. gud4u

    gud4u Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    206
    Currently running this combo:
    - EAM
    - Comodo CIS v5
    - Prevx SafeOnline

    Whitelisted Comodo CAV and Prevx SOL in EAM.

    Prevx SOL and EAM set as exclusions in Comodo CIS5.

    Combination ran trouble-free before exclusions and whitelisting, but scanning speeds were a problem.
     
  23. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,189
    Location:
    USA
    I didnt notice any scanning speed issues. Just with the browser speeds, downloads, switching tabs, and other lag with internet facing applications.
     
  24. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    I don't notice any lag, or it may be because i've been using this for a long time and got used to it? :D
     
Thread Status:
Not open for further replies.