Discussion in 'other anti-malware software' started by Fabian Wosar, May 5, 2014.
Personally I find the behavior blocker is still way too noisy and as long as we don't have 0 user decisions and 100% detection rate there is still work to do. We also need to protect our XP users better who will face more and more exploits for unpatched vulnerabilities in the future. So there is always room for improvement and we will focus a lot more on these aspects once the 9.0 release is done.
Mamutu was a top notch BB as a stand alone product. Its hard for other AV's to match that by just adding some behavior blocking ability. A lot of hours of development when into Mamutu. The only thing I did not like about Mamutu was it alerted me to a lot of harmless actions.
@Fabian - Thanks!!
FYI: I used OA for many years, Tall Emu and Emsi, on about a dozen systems. (My Win7 desktop had 93 custom firewall rules.) I let my OAP licenses expire last year for reasons having to do with the Programs/Banking mode only and went with Commodo Firewall which I find to be primitive in configuration features and alert options but otherwise effective. Oops, off topic.
"In addition it is exceptionally rare that people just dislike a user interface due to appearances and personal taste."
Maybe over at Auntie Ophelia's Embroidery Templates Builder forum.
Obviously, you don't spend enough times in other threads here, which is a Good Thing. As of my post #44 here just with a casual scroll-thru there were already:
looks like a high school project
Not to keen on the color scheme
bland and one dimensional
Fortunately you haven't received the requisite "looks like a rogue." Yet. Of course, if something fails to render correctly or respond to user input, that's a different matter.
While I'm thinking out loud... I'm wondering if the new GUI won't present issues with older XP systems like laptops with 4:3 or cheapo 16:9 flat screens and desktops using CRT monitors with there seemingly infinite resolutions and screen refresh rates.
"The firewall incoming and outgoing panels look like this:"
No Custom rules there yet. Does that pull-down reveal the "always" rules where they can be deleted or edited?
The firewall warning View details scrolls down a bit. Is the remote IP address resolved to a host name anywhere in there?
For the Block once option, perhaps a re-think of the phrase "malicious file" is in order IMHO; not all firewall alerts will pertain to malicious files.
Is there a setting that will evoke a packet firewall alert for any app not yet ruled, even for apps otherwise deemed "trusted"? (As in un-checking "Automatically allow trusted..." & "Autoconfigure..." in OAP's Firewall Options.)
How about screenshots of "Settings" and what lies therein?
I wish I had a throwaway system on which to run your beta to ferret this out myself, but I'm liking the OAP looks and layouts (Not the artwork!) for the firewall alerts and rules building/editing.
I would certainly miss the HIPS. It is one of the best that ever was.
I still have hope they will keep developing OA.
Still deciding if it will be better to run EAM v9 with OA or EIS v9 with OA. (When they release it)
Does it also make use of Early Launch Antimalware (ELAM)?
I know there a possibilities to bypass/ignore the added protection (like 1, 2, 3, though the feature just does what it's meant for) but still it could be useful against some sort of malware. But I can imagine that it's not really worth the effort.
And while we're at it talking about Windows 8 stuff: Have you tested the new version on a High DPI display?
And none of them stated: "I hate the user interface because I am not too keen on the color scheme" or "This sucks, because it is bland and one dimensional.". Again, it is exceptionally rare that people completely dismiss a user interface just because they don't like a certain color or style. Sure, they may find other more visually pleasing. But a good user experience stays a good user experience.
You will never know that something failed to render if you outright dismiss any opinions on the user interface as a waste of bandwidth .
Yeah. Though there are no rules by default, meaning the default rule applies.
No, and with good reason. In general we try not to display information that can be easily falsified. That is why you don't see the application icon by default any longer or why we don't display the version information outright. The problem is, people see the Internet Explorer icon and Microsoft as a publisher and instantly trust it without questions. Reverse DNS mapping has no relations to DNS forward mapping. You can put whatever you want there. A malicious IP can very well resolve to yourbank.com - no problem at all. The only thing that is absolutely true is the IP, which is why it takes precedence.
I already mentioned the buttons are completely messed up.
If there is no matching application rule, the default rules will apply. By default they are:
So by default the firewall will pretty much behave like the Windows firewall. However, you can change it as you see fit by setting the default rules to either Allow, Ask, or Block.
Those are all pretty much the same settings as the EAM 8.1 settings menu.
EIS with Online Armor won't work. You will run into some serious issues if you try to set something like that up.
ELAM is very, very limited and doesn't really allow for any meaningful protection. That is why we chose not to add it, simply because we don't think it would be worth the benefit. If Microsoft decides to allow for a more thorough scan during boot, we may reconsider adding ELAM.
I know quite a few of our testers do use high DPI displays. I am not sure whether or not anyone went to the extreme of 200 DPI though, which is rather uncommon in my experience. In general we did make sure that the application is able to scale properly. However, when you go up to 200 DPI you will eventually end up with a window that is too large for a normal 1920x1080 screen.
I think EIS 9 has cleanest, easiest to use interface I've ever seen. I mean, uh, it doesn't suck. And those the most pleasing colors ever to grace an interface.'" I mean, uh, I don't hate it.
And over the many years since this forum gained in exponential popularity with the death of Computer/Castle Cops, there have been 1000's of absurd, useless and infantile postings about interfaces with an incredulous number that without any uncertainty or mincing of words whatsoever "...completely dismiss a user interface [and the application itself] just because they don't like a certain color or style." Every last one of them a was of bandwidth - including the ones here.
A final thanks for your input and screenshots. It's helped determine EIS is not for me as OA had become. Good luck to you and the Emsisoft team. I'm gone. Cheers.
I thought if i disabled the firewall in OA and used the firewall in EIS it would work fine.
I still want to keep using OA for the HIPS.
the drivers of OA will be still there and conflict with those of EIS.
so EAM v9 + OA; but honestly HIPS is a tool of the past; Behavior Blockers are more "smart" and less annoying. but if you set EAM/EIS Behavior Blocker on Paranoid you will have something very similar to an HIPS
What about the HijackFree module. Is that discontinued in new version?
Emsisoft releases Anti-Malware 9, Internet Security 9 betas
I have a question regarding the Firewall. Is there any rule I should add to get more protection or is it sufficient with the default rules?
under the firewall predefined rules
there are different designations for in or out,
Web Server/Web Browser
Email Server/Email Client
is this by design?
as you can see from the previous snapshots
it's very difficult to be sure of what tab is checked
(Behaviour Blocker/FW incoming/FW outgoing)
one thing I just noticed
my Thunderbird uses port 993
although it is not one of the ports in the rules
the program is allowed to connect
Good Morning! My first scan kicked in at 9:30am sharp...I know everyone's set up differs obviously...but on my system EIS V9...as stated earlier is running flawlessly...no bugs in the rug...yet. I've got to admit this product is running unlike any other Beta Product i've ever tested. I'm starting to feel like the Maytag Repairman...and as far as beta tests goes that to Emsisoft's and Fabians ears is definitely a good thing. Sincerely...Securon
Downloading the Emsisoft Anti-Malware (not the internet security).
Do i need to switch anything off with outpost firewall?
Ok first impressions of the GUI.
Way too much wasted white space around the borders of the window on all the windows i have seen so far.
It is too much of a hog of visual space.
Both the wizard and service run as 32bit on a 64bit OS (win7)
Also the start and guard processes.
Smart scan finished in 10minutes on a SSD
it is running ver nice here so far so good
Running v9 Beta. No problems so far. Accepted my existing license. One thing I miss is the moving dot in the tray icon when an update is installing.