Emsisoft Anti-Malware 8.1 released

Emsisoft Anti-Malware 8.1 is a maintenance update for improved performance, detection, and removal.

What’s new in Version 8.1?

* Lighter real-time protection: Reworked File Guard and Behavior Blocker routines to reduce resource usage significantly, making the software lighter and faster than ever before.

* New Hybrid Updates: 95% less update traffic on average thanks to the clever combination of incremental and differential updates.

* Broader PUP detection: Special treatment of potentially unwanted programs (PUPs), such as browser toolbars and buttons, allow for much more aggressive PUP detection and removal in the future.

* Better Malware removal: Improved speed and precision when cleaning infections.

* Improved accessibility: Optimized support for screen readers and braille lines.

Download: http://www.emsisoft.com/en/software/antimalware/

As always, the new version is free for all customers with a valid license and can be obtained by performing an online update.

 

Good news I will try it soon

 

Since a few other people asked about it already:

http://i.imgur.com/o4KxeJC.png

That is the new step we introduced into the wizard. Quickly explains what PUPs are and requires the user to select whether he wants us to detect PUPs or not.

If you have EAM already installed, you don't have to reinstall or rerun the wizard to be able to configure whether or not to detect PUPs. Instead you can just go directly to the File Guard configuration and change it there:

http://i.imgur.com/IeVdfdC.png

This option also influences the on-demand scans. If you have set PUPs alerts to anything but "no detection", PUPs detection will be enabled by default for all predefined as well as custom scans.

You can easily test whether PUPs detection is working properly by downloading and running the AMTSO PUP test file. If everything is working and you set the PUP alerts to show an alert, you will get a message like this:

http://i.imgur.com/4oCikda.png

If the test file is running, it will also be picked up by the on-demand scanner:

http://i.imgur.com/io1uJvZ.png

That's about it. So if you are confused about where to find the new settings, now you know. And you also know how to test that everything is working properly .

 

Very nice update, especially love the cleaner more readable alerts.
Well done folks

 

Thanks for the informative writeups on the new features! You've made it much easier for me to enable this detection on my boxes running EAM. I think the screenshot you've included with the install wizard will be very nice for new users to understand.

I just checked a couple OpenCandy bundled installers on VT, but neither was detected by Emsisoft. Will it take awhile for the new detections to be reflected at VT? Is the new sourceforge adware one of the detections? Is there a list someplace of the adware EAM is now detecting?

 

We decided to ask VirusTotal not to enable PUP detection. It helps to keep overeager lawyers away, that just check files at VirusTotal, have no clue how to interpret the results they get, ignore all kinds of additional information, and show up at our forums waving around with lawsuits.

I don't think so. In general we just created the technical ground work to enable broader and more aggressive PUP detection. The next weeks will be the time where our analysts will actually put the new features to work by extending the signature database. That will take quite a bit of time. There are tons of PUPs out there that we need to go through.

 

EAM is not detecting eicar.com test file downloaded using firefox 23.0.1. Addons installed are ABP, downloadthemall, google/yandex search link fix, no script with javascript globally allowed setting, zscaler search engine security. I have set firefox to ask for download location everytime. EAM works correctly if I choose to use downloadthemall in the download dialogue and also with IE 10. My OS is windows 8 64 bit. Also there are no alerts if I try to double click eicar.com test file. But when I try to extract it from zip archive it is blocked and quarantined. I have also set to additionally scan all files when read in file guard settings.

I had a BSOD showing APC index mismatch error. I am not sure if it is related to EAM and also now I have deleted the windows error reports and dump using ccleaner. I will keep EAM for some more time and see how it works.

 

Fabian Wosar ,it's very impressive indeed...

 

im·pres·sive........

having the ability to impress the mind; arousing admiration, awe, respect, etc.; moving; admirable: an impressive ceremony; an impressive appearance

 

Interesting. Appears this file has a way to get IE9 download checks? I went to site to download and received the IE popup to allow download to proceed. I didn't not select anything but immediately got the EAM PUP alert for the test file located in internet temp storage. Appears PUP scanner is accessing upon create which is what I have EAM realtime scanner set at.

The only thing a bit confusing was the alert to restart and immediately another EAM pup alert identical to the first(?) prior to my selecting the restart option. I set the PUP handling to "notify and quarrantine."

 

Smart move. I believe VT would be interpreted as public domain.

 

Try to disable the extension filter in the File Guard settings. Firefox downloads the files as *.part files first (which isn't included as an extension to scan) and then renames them, which is one of the operations the File Guard won't trigger a scan for. That being said, the file will still be scanned when being opened. Just try to open the file using Notepad for example.

We had one report about a similar BSOD. But those BSODs happened and continued to happen even without EAM being installed. Back then it was triggered by a Metro app ("Great British Chefs" if I remember correctly).

That being said, I will gladly look into any minidump you are able to provide if it happens again.

 

It is now very fast in my machine , finally

I dont know what changed , but it really made a difference here.

 

Glad you like the changes we made .

 

That's an interesting insight. I had no idea this was going on - what a strange world we live in.

The new version upgraded fine and is running great here. Thanks!

 

Good news

Perhaps it's better to clarify that in the settings or make a separate setting for on-demand scans. It's a bit confusing now, I didn't read this earlier and was searching for a way to turn on PUP detection for on-demand scans.

 

Just downloaded...very nice!

 

Sweet! Better PUP detection and 95% less update size is fantastic. I think I already asked but when will these changes be rolled into EEK?

EDIT: Appears a new EEK was released today. I ran it and it asked about the PUPS, so it appears the changes have already been applied to EEK. Woot!

 

Thanks Changing file guard settings to scan all files solved the issue with firefox

So far no more BSODs I will provide the dump if it happens again.

 

Correct. It has already been updated.

 

Here (http://changeblog.emsisoft.com/category/stable-updates/) it says EEK 4.0.0.12 and here (http://www.emsisoft.com/en/software/eek/) 4.0.0.13.

Which one is correct?

 

4.0.0.13 is the newest version. The 4.0.0.12 announcement in the blog is from July 12th when 4.0.0.12 was released .

 

Oh, yeah...my bad....
I saw "Posted on August 19th, 2013" right above the EEK title but it belongs to EAM announcement.

 

Don't worry. I can see how it is confusing .

 

So basically you will transfer cloud based signatures from AMN to database more often ? (I am thinking about the PUPs).