Emsisoft A-Squared Free

To me that's just referring to the on-access scanner and the Mamutu component becoming inactive .It states that the protection features won't be included not that the detection won't be.

 

Bloated? I still don't get what's bloated xD

Engine, BB and Surf Protection?
Ohhh, you only want the scanner? Hehehe

 

1972vet,

Emsisoft Anti-Malware with the limited freeware scanner mode has no realtime protection. It's the Emsisoft Anti-Malware scanner and can be updated and used for years.

You can also choose for the Emergency Kit Scanner instead. Check the images on the Emergency Kit page and you'll see it's a-squared Free with a newer design. No installation required.

 

That's how it worked for me. I'm barely keeping up with this Windows security stuff, and I had no problems at all running Emsi AM trial, then AM free, and then changing over to EmergencyKit, so I have to think that Bellgamin and 1972vet ran into some sort of software conflict.

 

Free on-demand scanner with full definitions included. Free hijackfree. Excellent support forum.

What's to complain about? It's free!

Agree with noob, the full version with behaviour blocker and surf protection, all in one, is comparable to another person with a standard AV plus an additional two security programs. But bellgamin has a point, developers can always aim to improve efficiency with the program.

 

the full paid version is very cool

 

I must update this thread with information I received just now in an email from Mr. Christian Peters of "Emsi Software GmbH" support.

I sent the email just this morning requesting clarification on this issue...stating the confusion created by the way they chose their words in describing their latest freeware version of the new antimalware scanner, combined with the warning message one receives upon installation of the product, recommending removal of the old a² program as being now useless and out of date.

Excerpt of his reply:

So, with that, I have undertaken an effort to update a "Free Software" thread that I maintain on another forum and will once again choose to highly recommend the use of this excellent product.

I can attest to the effectiveness of their anti-malware scanner from having had a licensed copy some years ago. Now that it is indeed offered as a freeware program in lieu of the old now defunct a² anti-trojan scanner as we once knew it, I am thrilled to include this product as one highly recommended for use as an on-demand scanner.

Outstanding support response too I might add. I have never received such a quick reply from any support person and NEVER on a Sunday. Awesome!

 

Up until yesterday, A-squared was the only freebie-with-nonfree-alternative on my computer. I only retained it because I still have sentimental memories of the ORIGINAL compact, highly efficient A-squared, as developed by programming genius Andreas Haak. The original A-squared was Haak's successor to his beautifully conceived little anti-trojan proggie called ANTS. ANTS was a vicious nasty-killer in a very small package -- a beautifully crafted specimen of compact but effective programming.

IMO, folks nowadays don't recognize bloat for much the same reason that a fish doesn't know it's wet, & a skunk doesn't know it stinks.

When Emsisoft wanted to "update" A-squared by incorporating it into AntiMalware I clicked okay. That began a download of >102MB (!!!), which was proceeding at the blazing speed of 3.4kbps on my 11mbps broadband connection. I figured it would pick up speed in a bit so I went & made coffee. When I returned ~12 minutes later, it had downloaded not quite 100KB and was paused. I waited a minute or so for something to happen, & then I killed the connection & uninstalled A2. Sentimentality evidently has its limits.

 

LOL, sorry for your bad experience
Anyways, life continues and so the internet

 

You ought to see the size of my games compared to the good ol' days. Totally stinky and wet. Unless you want to see what they can do, that part isn't so stinky and wet.

I guess people have different criteria for judging their software. EmergencyKit seems pretty lean and efficient, and Emsisoft Anti-Malware seems like a complete solution with all its components, including a BB like Mamutu.

 

Now Mamutu IS superb, no question. I am waiting for the Softpedia deal to become a reality, at which time -- poof! I'm a customer.

In the REALLY "good old days" 64K of RAM was considered to be a power computer, & programmers HAD to write compact code.

As to modern-day programmers, there are 10 kinds of them -- those who know binary and those who don't.

 

I firmly believe a short wait of a few minutes trumps the system that won't boot. Had you waited patiently, your system would be equipped with an excellent piece of freeware most useful for the "Second Opinion" on demand scanner.

As today's malware is quite capable of converting your system into a rather expensive paper weight, I would recommend a reconsideration of the value of sentiment vs patience. Some of today's malicious code contains quite a bit of bloat, more so than most anti-malware programs...perhaps check yourself for moisture/odor and see if your analogy applies in your own situation.

 

bellgamin, now those were the days!! I still have a copy of ants and original a2 programs!!
memories
https://www.wilderssecurity.com/showthread.php?t=5404

 

Your error lies in assuming that you know whereof you speak concerning my security needs & assets. I have a superb wall of layered security. Asquared was not one of the bricks. Just a souvenir pebble.

Grrreat collectibles! I envy you. My Windows oldies got mis-laid along the way. But I still have a plethora of programs for Commodore 64, Atari 800, & Apple//c, some of them coded by yours truly.

Bumper sticker of yore -- 4th IF honk THEN

 

Yep, one of the best antiviruses on the market.

 

I like and trust very much A-Squared, but not so for Mamutu. I like his flexiblity but, in the past, it had not good results in the test, Matousec but I believe others too.

 

Are you referring to Ikarus, the anti-virus component of Emsisoft AM? If so, I agree ... Ikarus is an excellent AV.

 

I'd love to create a full antivirus engine that needs just 1 MB to download, really! But reality is, that today we face more than 4.5 million different types of viruses, trojans, spyware, etc. and we can't just drop the detection of the oldest 4 million.

We have an average of about 20 bytes per malware signature available which must be good enough to detect variants and not cause any false alerts. That task isn't getting easier these days...

The slow download I guess was because several hundreds of thousands users downloaded the update the same time. The peak is alreay over so it should be much faster now.

 

Cloudy weather ahead, perhaps? (Not to be too subtle -- are you considering the full-on cloud approach?)

Sounds reasonable to me, Mairoll-sensei.

By the way -- Online Armor & Mabutu (referred to as "Mama Butu" in my office) are the 2 Emsisoft apps that I most admire. TWO great security apps that don't need no stinking sigs, brah.

I already own a long-term paid license for OA. I had a license for Mama Butu but it expired recently. I shall buy Mama again when the moon over Softpedia is full, & the wolfbane is in bloom.

 

No, but Ikarus is good too.

 

Do you know how cloud antivirus technology works?

It can't replace classic signature scanning, never ever, because that wouldn't make any sense.

Let me describe it in short:

A classic signature scan works that way: A malware sample is received by the AV vendor. Vendor makes a signature from it (like a fingerprint, hash, etc.). Vendor sends that signature to the client. Client scanner enumerates all files on the harddisk, calculates the fingerprints and compares them with the signature database. If it's a match, we've found a virus (or maybe a fp).

In opposite, cloud antivirus works like this: Client scanner does not have signatures at all (or just very limited set + whitelists, etc) but it calculates a number of hashes from local files. Like creating the signatures on the client instead of the analysis lab.

It also calculates some environment variables for each file to determine how likely it is for a specific file to be malware. Why? Each calculated hash must be uploaded to the cloud for a comparison with the server based big signature database.

Please count the files on your HDDs to see how many hashes that would be. Simply too many for a complete upload. So the scanner must lower the number of uploaded file hashes. It does that by using several filters that exclude files that are most likely clean. Means it excludes files in advance without even scanning them!

That's a big risk and the reason why cloud AVs always fail for full disk scans. They're simply not made to scan the whole disk, but instead they do a great work when it comes to protection as they can see the system as a whole to determine if a new downloaded file may be dangerous. Cloud antivirus is a protection concept, not a file scanning concept.

If you ever wondered why e.g. Hitman Pro, which uses the Emsisoft scan engine on the servers, has different scan results compared to Emsisoft Anti-Malware, it's because it doesn't upload/scan each file of the disk. Just those which look suspicious in the 'heuristic' determination.

Emsisoft Anti-Malware already uses cloud technology where it makes sense. E.g. at the behavior blocker to check online if a file is a known good file or to gather the other user's decisions on a specific file. We've also made MalAware, a full cloud based scanner. But it also does not scan the whole disk, but only specific regions where Malware usually hides.

 

Great thread, thanks bellgamin for keeping things rollin and others for chimin in. (good ol shortenin of wordz, keep it real!)

I am seeing great results cloud scanners as their server database becomes more expansive, at the same time, I seem to rely more on signatures when scanning an external drive.

 

Mairoll-sensei,

Superb explanation! I have copied it to my knowledge base for use by computer students at the High School where I taught until I retired a second time.

Two questions (dumb ones, no doubt) . . .

1- Right now my HIPS+FW maintains hashes (MD5) of files on my computer, as does my integrity checker (SHA-1). Thus, one or both of these security applications will detect even the slightest change in one of the files on my computer.

2- Your narrative said "Each calculated hash must be uploaded to the cloud for a comparison with the server based big signature database."

3- Q1: As long as a hash check is done by my own computer (via my HIPS/FW & integrity checker) WHY would a hash check need to be done *again* by the cloud?

4- Q2- In other words, after a handshake between my computer & the cloud (at install time & weekly thereafter), why couldn't submissions from my computer to the cloud be confined to ONLY those hash mis-matches and new files that are detected by my OWN computer's HIPS/FW?

 

Please don't mix signature hashes with integrity hash checks.

Hashes can be used in many variants for different purpose.

E.g. if you download a non digitally signed program from a website and want to be sure that nobody has altered the file on the server, you can use an integrity hash checker to calculate a MD5 or SHA1 hash of your finished downloaded file and compare with the published hash information on the vendor website. When the hashes are equal, you can be sure that the downloaded files was not manipulated.

A digital code signing certificate does bascially the same btw (the information you can see in the "Certificates" tab on file properties of all Emsisoft files). As long as the file is valid signed, you can be sure that it was not manipulated.

To Q1: The hash is not calculated by the cloud. The locally installed scanner calculates the hashes from file content. Only the 32 or 40 char hash strings are uploaded to the cloud in order to compare them with known malware hashes in the server cloud database. That must be done only once for each file of course.

When a file is being changed, the scanner must upload the new hash again to do the actual "scan".

But remember that a hash is never that good in detection as an advanced virus signature that is made blurred in order to be able to detect different variants with one signature.

 

Wow, complex debate