Serious Discussion Windows and Office Genuine ISO Verifier detected by Emsisoft BB

simmerskool

simmerskool

Level 36
Verified
Top Poster
Well-known
Apr 16, 2017
2,547
Specifically whether emsi BB will initially block all unsigned files, I don't know, but it is a key indicator of possible malware. Eg, Voodooshield aka Cyberlock and its component WhiteListCloud alert to unsigned files and suggest you dig deeper to see if the file is safe or malicious. It's a positive feature not a drawback, IMO.
 
  • Like
Reactions: Zartarra and Divine_Barakah
Divine_Barakah

Divine_Barakah

Level 33
Thread author
Verified
Top Poster
Well-known
May 10, 2019
2,289
simmerskool said:
Specifically whether emsi BB will initially block all unsigned files, I don't know, but it is a key indicator of possible malware. Eg, Voodooshield aka Cyberlock and its component WhiteListCloud alert to unsigned files and suggest you dig deeper to see if the file is safe or malicious. It's a positive feature not a drawback, IMO.
Click to expand...
But it generates a considerable amount of FPs.

I most of the time receive alerts when installing almost any software, but most of the time AntiMalware Network steps in and allows the installation.

I believe Emsisoft should allow the submission of hashes during detection to help with FPs. It is very inconvenient to submit quarantined files and wait for support, even if support is relatively fast.

I know I can always add detections to exclusion, but I believe this should not be up to the user because there is the possibility that the detection is correct and not a FP. This is why I prefer BD. First, it has a larger user base and the product itself seems to be more intelligent. Moreover, it requires zero interaction from the end user. I know BD also generates some FPs, but way lesser than Emsisoft does.
 
  • Like
Reactions: Zartarra and simmerskool
Oldie1950

Oldie1950

Level 6
Verified
Well-known
Mar 30, 2022
283
Divine_Barakah said:
But it generates a considerable amount of FPs.

I most of the time receive alerts when installing almost any software, but most of the time AntiMalware Network steps in and allows the installation.

I believe Emsisoft should allow the submission of hashes during detection to help with FPs. It is very inconvenient to submit quarantined files and wait for support, even if support is relatively fast.

I know I can always add detections to exclusion, but I believe this should not be up to the user because there is the possibility that the detection is correct and not a FP. This is why I prefer BD. First, it has a larger user base and the product itself seems to be more intelligent. Moreover, it requires zero interaction from the end user. I know BD also generates some FPs, but way lesser than Emsisoft does.
Click to expand...
If I were to frequently install new software, I would probably find Emsisoft's alerts annoying. But I rarely install new software. However, today Emsisoft Business sent a notification when HP Support Assistant tried to update the BIOS with a new version. I then just clicked Allow and the update continued. The behavior blocker flagged the action as suspicious.
 
  • Like
Reactions: Zartarra
simmerskool

simmerskool

Level 36
Verified
Top Poster
Well-known
Apr 16, 2017
2,547
Divine_Barakah said:
But it generates a considerable amount of FPs.

I most of the time receive alerts when installing almost any software, but most of the time AntiMalware Network steps in and allows the installation.

I believe Emsisoft should allow the submission of hashes during detection to help with FPs. It is very inconvenient to submit quarantined files and wait for support, even if support is relatively fast.

I know I can always add detections to exclusion, but I believe this should not be up to the user because there is the possibility that the detection is correct and not a FP. This is why I prefer BD. First, it has a larger user base and the product itself seems to be more intelligent. Moreover, it requires zero interaction from the end user. I know BD also generates some FPs, but way lesser than Emsisoft does.
Click to expand...
ok, but I am getting very few false+ with Emsisoft or with Cyberlock, but then I am downloading less and I'm often aware when I am that the file is potentially unsigned.
 
  • Like
Reactions: Zartarra and Divine_Barakah

Similar threads

Divine_Barakah
    • Like
    • +Reputation
Serious Discussion Zen Browser (Firefox Fork) detected by Emsisoft
Replies
44
Views
2,313
Emsisoft
jamey910111
J
C
  • Locked
Emsisoft Emergency Kit's temp files detected as Trojan:Script/Wacatac.B!ml by Windows Security
Replies
8
Views
1,151
Windows Malware Removal Help & Support
Can't Decide
C
B
Snipping Tool and Paint updates begin rolling out to Windows Insiders
Replies
0
Views
260
Windows 11
Brandon LeBlanc
B

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top