Emsisoft Anti-Malware and Emsisoft Internet Security 9.0 Public Beta

Discussion in 'other anti-malware software' started by Fabian Wosar, May 5, 2014.

Thread Status:
Not open for further replies.
  1. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,273
    Location:
    USA
    Too bad was a nice utility.
     
  2. emsisoft

    emsisoft Security Expert

    Joined:
    Mar 12, 2004
    Posts:
    320
    Location:
    Nelson, New Zealand
    The moving dot was replaced by a white glowing effect of the shield icon. :)
     
  3. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,273
    Location:
    USA
    Okay I just ran update and saw it.
     
  4. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    5,988
    Location:
    New York City
    No problems so far. GUI is fine. Most important thing is seeing the three check marks under 'Protection'.
    The rest, I don't care too much about.
     
  5. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Default rules are sufficient. It comes down to personal taste really. These are the few settings I like to change and my reasoning:

    Under Protection/File Guard:
    • Set scan level to "Fast" which means, the File Guard will only scan files if they are about to be executed. This is mostly to reduce overhead without compromising security.
    • Disable "Protect the computer even if no user is logged on". Slows down the system boot considerably and has no real benefit unless you regularly leave your system without a user being logged on (like for example File Servers).
    • Disable "Only scan files with specific extensions". If the File Guard thinks a file is about to be executed, it should always be scanned, no matter the extension. Will most likely make no difference in real world though.
    • Set the action for both malware and PUP detections to Alert. I hate auto quarantine ;).
    Under Protection/Firewall/Automatic rule settings:
    • I set the preference for "Unknown programs" both to Ask. I like knowing if an application that Emsisoft Internet Security doesn't know anything about and doesn't trust is trying to connect to the Internet. Again, it will most likely not make a difference in real world as malicious connection attempts to the Internet are covered by the Behavior Blocker as well.
    Under Settings/General:
    • Disable "Activate memory usage optimization". I bought my RAM so the applications I have on my system can use it. There is no point in getting 4 GB or even more RAM and obsessing about an application using a few hundred MBs of those 4 GB. Especially if I get better system performance and responsiveness in return.
    Hope those hints help :).
     
  6. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Yes, it is. Server rules deal with incoming connections, client rules with outgoing connections. They are just different presets.
     
  7. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Do you happen to use any email filter or scanner? Some of them will redirect the traffic to a local proxy. I know Avast did that in the past for example. Not sure if that is still the case.
     
  8. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Glad you are liking it and it works well for you. Make sure to let me know if it changes :).
     
  9. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    2,011
    Location:
    Canada
    Fabian, thanks for the hints, it's really appreciate:)
     
  10. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    So EIS + OA isn't recommended.
     
  11. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,639
    I'm testing EIS on a VM and I do have Avast on my main machine
    but I have the mail scanner disabled

    just in case I created a new VM and disabled Avast on the main machine
    installed EIS and configured Thunderbird with the preset rules
    created a new email account, and the result was the same
     
  12. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,113
    Location:
    South Texas, USA
    Never a good idea to install two firewalls especially from the same vendor, but there is no problem using EAM+OA like you're doing now. I personally dropped EAM+OA and now using EIS only.

    dja2k
     
  13. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,639
    I remembered when creating rules in OA for torrent clients
    I had to add a bottom rule blocking everything,
    otherwise OA would allow and add new ports per the client request
    3-2-2010 4-43-12 PM.jpg

    so I created block rules for Thunderbird in EIS along the preset ones
    001.PNG 002.PNG 003.PNG

    and this time things worked as expected,
    Thunderbird said it could not connect to the server
     
  14. kmr1685

    kmr1685 Registered Member

    Joined:
    Aug 22, 2009
    Posts:
    62
    hello hi,

    is this problem of emsisoft internet security suite, i am installed in win 7 x64 fully updated and no other security program installed.[​IMG]

    when i start other system with same win 7 x64 with i3 and 4 gb ram, i do not got this error message, so is the related above said.:confused::rolleyes:
     

    Attached Files:

  15. Securon

    Securon Registered Member

    Joined:
    Jan 11, 2009
    Posts:
    1,960
    Location:
    London On
    Good Morning! Just have EIS and AppGuard...in tandem...from the couldn't be happier department...over and out! Sincerely...Securon
     
  16. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Thank you for your update, Securon :).
     
  17. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Thanks. We will be looking into this issue. Good catch! :)
     
  18. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    I am glad you found a workaround that works for you, but it shouldn't be necessary to begin with. If you set the default behavior to Ask for outgoing connections, then it should ask if the connection doesn't match your specified rules and not just allow it through.
     
  19. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,639
    I presume you mean Protection/Firewall/Automatic rule settings
    yes it should work, but what I mean is that the presets (email client, web browser etc.) are flawed
    there should be a bottom rule to either Ask or Block like in Comodo
    c01.PNG c02.PNG


    also there should be more default ports in the Email presets
    c03.PNG
     
  20. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    It is hard to tell from just a screenshot. Any chance you can create a crash dump of the application showing the error message? That should give some more insights :).
     
  21. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Great release! I've been looking forward to a brand new GUI and finally merging OA with EAM.

    Two things;

    I'm using Windows 8 x64 and testing EIS 9.

    1) When downloading a .exe file... will EIS 9 show a toast notification that the download was checked and clean/infected when finished in the final release of 9.0? The same goes when EIS 9 encounters tracking cookies. I know you said:
    • Windows 8 toast notifications aren't integrated yet.
    Does that apply to the above scenarios I described? Will I see toast notifications in these scenarios?


    2) I really miss "Run Safer" option from Online Armor because this eradicated vulnerabilities in a way EIS 9 never can. Will a similar "Run Safer" option become available in the future?
     
  22. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    The toast is triggered whenever EIS displays a dialog on the Desktop that the user needs to react to. Triggering a notification for every scanned file that was found to be clean or every cookie that was blocked will cause a flood of notifications. The main purpose of the toasts is to tell the user that something needs his intention while he is using Metro because otherwise he may not know why his Metro app stopped working as an alert on the Desktop is not immediately visible. The toasts are also very limited in what they can do. So we can't move the allow or deny options directly to the notifications either.

    Run Safer adds next to nothing if you are already using a non-admin user, which is the default on Windows Vista, 7 and 8 thanks to UAC. So it is extremely unlikely to make in comeback. However, exploit mitigation and protection is something we are looking into at the moment as a possible upgrade to our behavior blocker in the future.
     
  23. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Thank you for a quick answer.

    For those of us who disable UAC and still want to restrict, for instance, Internet facing applications, Run Safer was a good feature. However, if some kind of exploit protection is in the roadmap for 9.1 I'd say I'm satisfied enough!
     
  24. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Are you sure you actually disabled UAC? Disabling UAC on Windows 8 has some huge ramifications, because it is used for example to isolate the app container processes that Metro uses. So disabling UAC breaks all Metro apps and is the reason why you can't do it in the normal user interface. You most likely have it set to just allow everything without any further dialog, which still runs all applications as a limited user except the applications that ask for admin rights. However, in those cases Run Safer will more than likely break the application, again rendering the potential benefit questionable at best.
     
  25. Rompin Raider

    Rompin Raider Registered Member

    Joined:
    May 6, 2010
    Posts:
    1,253
    Location:
    North Texas
    So...is that a thumbs up? I'm tempted! RR
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.