Discussion in 'other anti-malware software' started by Fabian Wosar, May 5, 2014.
Has anyone else got the high memory usage with XP? I have 2 GB installed.
Here is mine, Windows 7 though. Seems to be higher than I remember, not too worried though as CPU usage is like under 1%.
It is definitely higher! ...and I can prove it, because I still have v126.96.36.199 running in another snapshot. Will post an image in a few days!...because I don't switch in and out my snapshots, daily.
Mine is quite high as of now BUT it's because i disabled "Memory usage optimization" option.
I have plenty of unused RAM so i have no problem with EAM loading everything into the RAM. It reduces Disk I/O, which is good.
I've got WIN7 64bit and ram consumption is similiar. I've noticed that "Active memory usage optimization" option could reduce memory load from aprox. 350-370 MB (optimization off) to 140-180 MB as you can see below.
"Active memory usage optimization" ON:
"Active memory usage optimization" OFF:
IMHO ram consumption isn't as important as CPU usage, especially load peaks. I must say that CPU usage is contantly improving in beta version.
I would recommend anyone who have 4 Gb and more RAM to disable "Active memory usage optimization". This will reduce disk load and hence decrease system impact from EIS!
Short and sweet, you'll get better performance the more RAM EIS is using.
Is the antikeylogger option functional in this beta? Just wondering because I Used Zemana's test programs and didn't get any warning other then from WIn 8.1 as to allow it to run like all other programs.
I think EIS isn't blocking keystrokes recording because Zemana test tool is whitelisted in the cloud by Emsisoft. Hence it's a legit application (according to Emisoft) and no need to block recording of keystrokes.
Why would it be white listed? The purpose of the test tool is to test your antimalware isn't it? Things sure have changed.
Because the file itself isn't really malicious.
Be sure to remove it from the whitelist and you'll see that EIS blocks recording of keystrokes just perfectly.
I should add that the test tool from Zemana has been whitelisted for a long time. Last time I checked was 3 weeks ago.
Behavior blockers in general can't be tested with leak tests like the Zemana test for example. You could even argue that a detection of such tools by a behavior blocker is a false positive. While HIPS only care about whether or not a certain API was called or a certain action took place, behavior blockers care a lot about the circumstances and combinations of events.
From a behavior blocker's point of view the Zemana leak test is nothing like an actual keyloggers. To name just a few things:
A keylogger is usually invisible to the user. It doesn't have any GUI or a tray icon. The Zemana leak test though does have a GUI to display what was logged.
Keyloggers also usually install themselves in the system and make sure they run automatically during boot. This leak test on the other hand is just started by the user. It doesn't install itself and never adds itself to the autoruns.
Just collecting what you type alone is not very useful. Keyloggers always have mechanisms that allow them to save what you typed or to send out what you typed through the network. Leak tests usually don't do that.
Keylogger executables often "look" fishy. No icons, no version information, no digital signatures, usage of obfuscators and packers. Leak test executables on the other hand usually have a nice shiny icon, have proper version information and some leak test providers even signed their leak test.
So when a behavior blocker sees the Zemana leak test call the SetWindowsHookEx API for example to install a window message hook it will notice that the application has the capability of logging keys, but all other aspects of the application point toward it being legitimate and not a keylogger, so it may decide not to issue an alert about it just yet.
Fabian, 2 questions:
- Is EAM v.9 using the same 2 engines (bitdefender and Em)?
- Can I install EAM v.9 and Comodo IS, together?.
Yes, same engines and it should be working alongside Comodo IS just fine.
oh,, Where is Emsisoft in this test?: http://www.matousec.com/projects/proactive-security-challenge-64/results.php
I doubt we will ever be included there due to the ongoing dispute between Matousec and Tall Emu. This has been discussed to death already:
Even if EIS was to be tested, it would most likely end up at the lower end of the list due to the lack of a HIPS.
We just released a new beta build today. Version number is 188.8.131.5257 for both Emsisoft Anti-Malware as well as Emsisoft Internet Security. If you have beta updates enabled under "Settings"/"Updates" the new version will be installed automatically.
Changes in version 184.108.40.20657 compared to the previous version:
Fixed a couple of minor GUI glitches
Improved support for high DPI displays
Improved cleaning routines in file guard alerts
Improved default firewall rules
Two possible crash bugs fixed
Improved context menu support within data grids
Improved surf protection dialog
Cleaned up outdated translations
Fixed an issue that prevented scans of email container formats even though the archive scan was enabled
Updated to 220.127.116.1157. Running smooth.
Same here, nothing to report so far
Some users complain about crashes in Chrome, Opera & Mozilla. So far we haven't been able to reproduce them, but if your browser crashes I would love to hear from you so we can get this issue worked out. Thanks .
This is probably not news to you, but have you tried running the browsers with some of the more popular extensions/add-ons?
It has nothing to do with the loaded plugins or extensions. If it happens it happens even without any plugins or extensions installed. It happens on all Windows versions as well and across pretty much all Firefox versions:
I've also contacted Mozilla to try to get this issue worked out just in case none of our user steps up and provides us with the necessary crash dumps.
I don't know if it's a clue, but I've updated recently my Adobe Flash plugin for Firefox to 18.104.22.168. After that I noticed two crashes of Firefox. I'll do a crash dump if it repets again.
The crash doesn't happen in the plugin container (which is where Flash runs in) but the Firefox main process.
Is there any way to check the program version directly from the GUI?
I will give Firefox and Chrome a try later tonight.
Well, after reading the crash report it shows 100% occurring on 32 bit. I can't help with this.
Separate names with a comma.