Emsisoft Anti-Malware & Emsisoft Internet Security 12

Discussion in 'other anti-malware software' started by Mops21, Sep 14, 2016.

  1. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Every single firewall that supports Windows Vista and later is probably built upon WFP. TDI, which was the way to intercept applications accessing the network before, has been deprecated for over a decade now and doesn't allow to regulate Windows apps. So everyone switched ages ago. In theory, multiple WFP drivers are fully compatible with each other as Microsoft takes care of properly layering drivers on top of each other. So there aren't any issues, in theory at least. The much bigger issue is to find a firewall that is just a firewall. It is much more likely that our behaviour blocker conflicts with the sandbox/HIPS style parts of most firewalls that aren't just a reskin of the Windows Firewall interfaces.
    That being said, the only firewall we officially support and do any compatibility testing with is the Windows Firewall. So that is our recommendation and clearly mentioned in the blog post. Third-party applications that sit on top of the Windows Firewall are probably okay as well, like Windows Firewall Control, Windows Firewall Notifier, TinyWall and GlassWire.
     
  2. simmersK00L

    simmersK00L Registered Member

    Joined:
    Mar 20, 2013
    Posts:
    323
    Location:
    USA
    ...and very unofficially, I can say that EAM is playing nicely with comodo firewall 10 at cruelsister config, proactive with HIPS off. but I've only been using cf10 for a few months overall both in VM and now on my hardbox. I like the sandbox / container in cf. :D EAM good report too in July av-comparatives. :thumb:
     
  3. FleischmannTV

    FleischmannTV Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    1,094
    Location:
    Germany
    Have you ever had an instance where the behavior blocker was trying to monitor malware which was running inside Comodo's sandbox? If not, you can't really say if they are playing along nicely.
     
  4. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I've been playing with 3rd party firewalls and have come to the conclusion with my setup, I just don't need them.
     
  5. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,325
    Location:
    US
    Whoa, Peter, does that include ZoneAlarm Pro? (I am starting to come to that conclusion myself but you know more than I do). Also thinking of switching to another PURE anti-Virus without all the "extra crap", err I mean, "features added".
    Acadia
     
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Acadia

    Yes it does, but remember I have my system locked down pretty darn tight. The problem with a "pure AV" is 1st finding one. Without all the extra's a pure av is going to protect you all that well. I occasionally take a look at all the offerings and I can say that Emsisoft is the best, both in product and integrity. If you want to tighten up you know what you need, and I can help you.

    Pete
     
  7. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    In case anyone has missed it, this is an excellent post by @Firecat. The links in that are worth reading.
     
  8. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,325
    Location:
    US
    Bingo. Anyone "out there" know of a simple pure anti-Virus without all the "extras" that actually works. Must work with Sandboxie or else forget it.
    Acadia
     
  9. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I recommend you go with Windows defender. The one and only time compatibility with Sandboxie was broken was in very earlier version 1, about 7 years ago. You cant go wrong, Acadia. I would be using it if I wanted to use an AV.

    Bo
     
  10. kram7750

    kram7750 Guest

    Comodo Sandbox genuinely relies on virtualization as far as I know (which means it is relying on the hyper-visor and thus the sandboxed program is in it's own environment just like when you run programs in a virtual machine - this explains why virtualization needs to be supported by the hardware and enabled via the BIOS to use the sandbox).

    However, Sandboxie relies on user-mode API hooking (the sandboxed program will have a sandboxie DLL within its address space which hooks a ton of functions)... So I would assume it would conflict with EAM.

    Depends on how the sandbox works I guess.
     
    Last edited by a moderator: Aug 15, 2017
  11. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    kram7750


    Bad guesses and assumptions. EAM and Sandboxie work just fine together. Posting guesses like these are not helpful either to members or products.

    Pete
     
  12. petok

    petok Registered Member

    Joined:
    Jan 11, 2015
    Posts:
    35
    I use ~3 years EAM and Sandboxie and no have problems all is ok and work excellent. Also have EIS license but will migrate to EAM.
     
  13. Acadia

    Acadia Registered Member

    Joined:
    Sep 8, 2002
    Posts:
    4,325
    Location:
    US
    Oops, sorry bo, should have mentioned, like Peter I am still using Windows 7.
    Acadia
     
  14. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    To be fair on November 23, 2015. Emsisoft released an update to improve compatibility with sandboxie. So, it seems in the past there were some issues between them.
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Maybe on Win 10, but on my Win 7 boses I've been running EIS and SBIE for at least 5 years if not longer
     
  16. simmersK00L

    simmersK00L Registered Member

    Joined:
    Mar 20, 2013
    Posts:
    323
    Location:
    USA
    Perhaps a good point, can't disagree with you :oops: If & when I see eam BB and cf10 container collide, I'll report back. And don't know of other reports, purely my experience over the past several weeks, and the little I've read. Or if BB cannot monitor or disable malware in cf10 container BUT cf10 manages and deletes the malware, aok; and, that's the reports I've been hearing, cf10 is ok letting an av handle the problem if and until av doesn't, then cf10 will. If BB and cf10 disable each other and malware wins, ugh, but I'm not seeing that, or hearing that, but I'm not a fanboy, I don't hang out at comodo forum. I do watch cruelsister's videos at MT and related comments.
     
  17. simmersK00L

    simmersK00L Registered Member

    Joined:
    Mar 20, 2013
    Posts:
    323
    Location:
    USA
    with cf10@cs for now I like the container. what I'm running is probably overkill, but not slowing down my hardware such that's its noticeable. I'd like to work more with excubits, but I'm not there yet.
     
  18. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    I'm using EAM and Sanboxie on my Windows 7 with no problem also. But I have compatibility with EAM enabled in SBIE settings. IDK if they would work together with no problems if I disabled it.
     
  19. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I think Emsisoft and Sandboxie get along as good as it can be. I haven't read any complains or reports of incompatibilities in years. At least, I don't recall any.

    Bo
     
  20. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    Work fine together on Windows 10.
     
  21. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    OK so basically, the BB does not need the Win Firewall, it works independently. However, if you want to block or monitor ALL outgoing connections, you now have to use a third party firewall or Win Firewall. Some people won't be happy with it, but I agree with you that Win Firewall controlled with a tool like WFC is good enough.
     
  22. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    No, we don't offer AMSI support yet. Same goes for ELAM.
     
  23. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    I have replied to that post with more information on the whole firewall situation and why vendors are dropping their firewalls for the Windows one. Thank you for appreciating the post, do read the new one too! :)
     
  24. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    Surprising - I suppose you have some equivalent technology that will work the same? The reasons I've heard for not implementing ELAM is mostly centered around having proprietary code for doing the same thing.....
     
  25. plat1098

    plat1098 Guest

    OK, I put EAM on here after a long hiatus and I have several questions, maybe someone can help.
    1. Why is the Defender tray icon showing a green dot and the Virus Protection is all smeared with some sort of overlay?
    2. I do not know how to optimize the threads so that the malware and custom scans do not drive CPU use to 100%. When EIS was on here, I had to ask Emsi support. :rolleyes: The maximum number of threads shows 9? Has anyone made any adjustments to this area yet? Otherwise, EAM is nice so far, no unnecessary notifications.
    3. Why are logs being described as "forensics?" Just curious. Can this be disabled or should it be left as-is?

    I'm using EAM with just the Windows firewall, no third party extension. Also, is there a quick and easy way to allow Windows Defender to update?

    emsi defender.PNG Emsi set.PNG
     
    Last edited by a moderator: Aug 21, 2017
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.