Emsisoft Anti-Malware and Emsisoft Internet Security 9.0 Public Beta

Discussion in 'other anti-malware software' started by Fabian Wosar, May 5, 2014.

Thread Status:
Not open for further replies.
  1. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    paranoid.PNG
     
  2. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    thanks buddy
     
  3. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Personally I find the behavior blocker is still way too noisy and as long as we don't have 0 user decisions and 100% detection rate there is still work to do. We also need to protect our XP users better who will face more and more exploits for unpatched vulnerabilities in the future. So there is always room for improvement and we will focus a lot more on these aspects once the 9.0 release is done.
     
  4. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Mamutu was a top notch BB as a stand alone product. Its hard for other AV's to match that by just adding some behavior blocking ability. A lot of hours of development when into Mamutu. The only thing I did not like about Mamutu was it alerted me to a lot of harmless actions.
     
  5. FOXP2

    FOXP2 Guest

    @Fabian - Thanks!!

    FYI: I used OA for many years, Tall Emu and Emsi, on about a dozen systems. (My Win7 desktop had 93 custom firewall rules.) I let my OAP licenses expire last year for reasons having to do with the Programs/Banking mode only and went with Commodo Firewall which I find to be primitive in configuration features and alert options but otherwise effective. Oops, off topic.

    "In addition it is exceptionally rare that people just dislike a user interface due to appearances and personal taste."
    :argh::D Maybe over at Auntie Ophelia's Embroidery Templates Builder forum.
    Obviously, you don't spend enough times in other threads here, which is a Good Thing. As of my post #44 here just with a casual scroll-thru there were already:
    looks like a high school project
    Not to keen on the color scheme
    bland and one dimensional

    Fortunately you haven't received the requisite "looks like a rogue." Yet. Of course, if something fails to render correctly or respond to user input, that's a different matter.

    While I'm thinking out loud... I'm wondering if the new GUI won't present issues with older XP systems like laptops with 4:3 or cheapo 16:9 flat screens and desktops using CRT monitors with there seemingly infinite resolutions and screen refresh rates.

    "The firewall incoming and outgoing panels look like this:"
    -http://i.imgur.com/EkXAeyq.png-
    -http://i.imgur.com/0GpioTe.png-
    No Custom rules there yet. Does that pull-down reveal the "always" rules where they can be deleted or edited?

    The firewall warning View details scrolls down a bit. Is the remote IP address resolved to a host name anywhere in there?

    For the Block once option, perhaps a re-think of the phrase "malicious file" is in order IMHO; not all firewall alerts will pertain to malicious files.

    Is there a setting that will evoke a packet firewall alert for any app not yet ruled, even for apps otherwise deemed "trusted"? (As in un-checking "Automatically allow trusted..." & "Autoconfigure..." in OAP's Firewall Options.)

    How about screenshots of "Settings" and what lies therein?

    I wish I had a throwaway system on which to run your beta to ferret this out myself, but I'm liking the OAP looks and layouts (Not the artwork!) for the firewall alerts and rules building/editing.

    I would certainly miss the HIPS. It is one of the best that ever was.

    Cheers.
     
  6. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    I still have hope they will keep developing OA.
    Still deciding if it will be better to run EAM v9 with OA or EIS v9 with OA. (When they release it)
     
  7. Gapliin

    Gapliin Registered Member

    Joined:
    Feb 12, 2012
    Posts:
    81
    Does it also make use of Early Launch Antimalware (ELAM)?
    I know there a possibilities to bypass/ignore the added protection (like 1, 2, 3, though the feature just does what it's meant for) but still it could be useful against some sort of malware. But I can imagine that it's not really worth the effort.

    And while we're at it talking about Windows 8 stuff: Have you tested the new version on a High DPI display?
     
  8. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany

    And none of them stated: "I hate the user interface because I am not too keen on the color scheme" or "This sucks, because it is bland and one dimensional.". Again, it is exceptionally rare that people completely dismiss a user interface just because they don't like a certain color or style. Sure, they may find other more visually pleasing. But a good user experience stays a good user experience.

    You will never know that something failed to render if you outright dismiss any opinions on the user interface as a waste of bandwidth :p.

    Yeah. Though there are no rules by default, meaning the default rule applies.

    No, and with good reason. In general we try not to display information that can be easily falsified. That is why you don't see the application icon by default any longer or why we don't display the version information outright. The problem is, people see the Internet Explorer icon and Microsoft as a publisher and instantly trust it without questions. Reverse DNS mapping has no relations to DNS forward mapping. You can put whatever you want there. A malicious IP can very well resolve to yourbank.com - no problem at all. The only thing that is absolutely true is the IP, which is why it takes precedence.

    I already mentioned the buttons are completely messed up.

    If there is no matching application rule, the default rules will apply. By default they are:

    http://i.imgur.com/qhpuQXb.png

    So by default the firewall will pretty much behave like the Windows firewall. However, you can change it as you see fit by setting the default rules to either Allow, Ask, or Block.

    Those are all pretty much the same settings as the EAM 8.1 settings menu.
     
  9. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    EIS with Online Armor won't work. You will run into some serious issues if you try to set something like that up.
     
  10. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    ELAM is very, very limited and doesn't really allow for any meaningful protection. That is why we chose not to add it, simply because we don't think it would be worth the benefit. If Microsoft decides to allow for a more thorough scan during boot, we may reconsider adding ELAM.

    I know quite a few of our testers do use high DPI displays. I am not sure whether or not anyone went to the extreme of 200 DPI though, which is rather uncommon in my experience. In general we did make sure that the application is able to scale properly. However, when you go up to 200 DPI you will eventually end up with a window that is too large for a normal 1920x1080 screen.
     
    Last edited: May 6, 2014
  11. FOXP2

    FOXP2 Guest

    I think EIS 9 has cleanest, easiest to use interface I've ever seen. I mean, uh, it doesn't suck. And those the most pleasing colors ever to grace an interface.'" I mean, uh, I don't hate it.

    And over the many years since this forum gained in exponential popularity with the death of Computer/Castle Cops, there have been 1000's of absurd, useless and infantile postings about interfaces with an incredulous number that without any uncertainty or mincing of words whatsoever "...completely dismiss a user interface [and the application itself] just because they don't like a certain color or style." Every last one of them a was of bandwidth - including the ones here.

    A final thanks for your input and screenshots. It's helped determine EIS is not for me as OA had become. Good luck to you and the Emsisoft team. I'm gone. Cheers.
     
  12. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    Oh really?
    I thought if i disabled the firewall in OA and used the firewall in EIS it would work fine.
    I still want to keep using OA for the HIPS.
     
  13. guest

    guest Guest

    the drivers of OA will be still there and conflict with those of EIS.

    so EAM v9 + OA; but honestly HIPS is a tool of the past; Behavior Blockers are more "smart" and less annoying. but if you set EAM/EIS Behavior Blocker on Paranoid you will have something very similar to an HIPS
     
  14. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
    What about the HijackFree module. Is that discontinued in new version?
     
  15. siketa

    siketa Registered Member

    Joined:
    Oct 25, 2012
    Posts:
    2,718
    Location:
    Gaia
    Yes.
     
  16. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,983
  17. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,177
    Location:
    Canada
    I have a question regarding the Firewall. Is there any rule I should add to get more protection or is it sufficient with the default rules?
    Thanks
     
  18. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,718
    under the firewall predefined rules
    there are different designations for in or out,
    Web Server/Web Browser
    Email Server/Email Client

    is this by design?
     

    Attached Files:

  19. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,718
    as you can see from the previous snapshots
    it's very difficult to be sure of what tab is checked
    (Behaviour Blocker/FW incoming/FW outgoing)
     
  20. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,718
    one thing I just noticed

    my Thunderbird uses port 993
    although it is not one of the ports in the rules
    the program is allowed to connect
     

    Attached Files:

  21. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Morning! My first scan kicked in at 9:30am sharp...I know everyone's set up differs obviously...but on my system EIS V9...as stated earlier is running flawlessly...no bugs in the rug...yet. I've got to admit this product is running unlike any other Beta Product i've ever tested. I'm starting to feel like the Maytag Repairman...and as far as beta tests goes that to Emsisoft's and Fabians ears is definitely a good thing. Sincerely...Securon
     
  22. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,283
    Location:
    UK
    Downloading the Emsisoft Anti-Malware (not the internet security).

    Do i need to switch anything off with outpost firewall?
     
  23. trott3r

    trott3r Registered Member

    Joined:
    Jan 21, 2010
    Posts:
    1,283
    Location:
    UK
    Ok first impressions of the GUI.

    Way too much wasted white space around the borders of the window on all the windows i have seen so far.
    It is too much of a hog of visual space. :(

    Both the wizard and service run as 32bit on a 64bit OS (win7) :(
    Also the start and guard processes.

    Smart scan finished in 10minutes on a SSD :)
     
    Last edited: May 7, 2014
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    13,744
    Location:
    Canada
    it is running ver nice here so far so good :)
     
  25. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
    Running v9 Beta. No problems so far. Accepted my existing license. One thing I miss is the moving dot in the tray icon when an update is installing.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.