Emsisoft Anti-Malware & Emsisoft Internet Security 10 available

Discussion in 'other anti-malware software' started by emsisoft, May 10, 2015.

  1. XhenEd

    XhenEd Registered Member

    Joined:
    Mar 31, 2014
    Posts:
    536
    Location:
    Philippines
    I just would like to ask why EIS is consuming 2-5% of CPU power all the time. Only after I disable Surf Protection and BB will it calm down. I use the latest version of EIS.
    I already removed ESET Smart Security 8 through its own uninstaller tool before installing EIS. I already rebooted several times.
    I have AppGuard and CryptoPrevent installed. That's all are my security softs. My laptop runs Windows 10 Home. It has i5-5200U with 4 Gig RAM.


    Edit: I found the culprit. It's Process Lasso. As soon as I exited it, a2service.exe runs at 0% CPU. I guess I have to report this to Process Lasso. EIS triggered "tamper protection", I believe.
     
    Last edited: Aug 16, 2015
  2. TNO_sec

    TNO_sec Registered Member

    Joined:
    Sep 26, 2010
    Posts:
    46
    I haven't heard previously of a behavior blocker using signatures, or needing updates anywhere near as often as an AV. Obviously it needs to be updated from time to time when the behavior of malware changes (that could be called signatures I guess), but it wasn't my impression that it would be required that often. It's really interesting though and if you have time I'd love to hear some details about how this works.

    Edit: While looking for some documentation for the behavior blocker I came across this article from 2012 which explains how the Emsisoft behavior blocker works: http://blog.emsisoft.com/2012/10/16/tec121016/
    Quote: "It is a technology that is able to detect and block dangerous malware without the need for signatures."
     
    Last edited: Aug 17, 2015
  3. ReverseGear

    ReverseGear Registered Member

    Joined:
    Mar 21, 2010
    Posts:
    1,545
    Location:
    Mumbai
    Having this error few times a day
     

    Attached Files:

  4. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    I'm using it quite safely actually. I wouldn't recommend it to others but if you know what you're doing you can make get by just fine, and maintain a modicum of privacy while you're at it too.

    And there are also patches to be found actually, through 2019 at least. But they're usually moot because these vulnerabilities depend upon a handful of circumstances that simply don't apply to me.

    I'm still waiting for this day to come when the XP avalanche of doom will hit, and I have a feeling I could wait until I leave this Earth before it happens.

    But if one is relying on an AV/AM/all in one suite as their main/sole line of protection then yeah, it's a lost cause.
     
  5. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    If it's any consolation, I don't care about it. I won't presume to speak for you but I can only surmise that there are other/better layers a person should be deploying to cover those vectors instead of an AV product. Especially if you're an advanced user, which I would just assume most of the people in here are.

    I personally saw the introduction of BB's and other shields/guards/modules bloated, err... thrown into AV products as the high water mark where AV's began their gradual decline and lost their luster to me. Just give me an AV that does what an AV should do and let me use other dedicated/stand alone means to take care of the other stuff, that's better suited for the job. Just my 2 cents.

    And your product in my estimation was the best I found in this current landscape. Probably my favorite AV since Avira Free during the v5-6 days. That product was a model of beautiful, effective simplicity.
     
  6. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    5,645
  7. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,679
    I wasn't optimistic, but I went back into the disabled snapshot, yesterday...I successfully, uninstalled EIS and rebooted the system. Now, I have to download the latest EIS exe, then reinstall.
     
  8. Ripcord

    Ripcord Registered Member

    Joined:
    Jun 18, 2011
    Posts:
    117
    I tried lots of the big boys when it comes to Antivrus programs... Gdata,F-Secure,Kaspersky and the list goes on but in the end I decided to go w/ the best in my opinion,Emsisoft Internet security for my Asus ZenBook Pro. Thank you Emsisoft for your efforts in making a world class product w/ top notch support.
     
  9. Nitty Kutchie

    Nitty Kutchie Registered Member

    Joined:
    Apr 10, 2015
    Posts:
    132
    Windows 10 Microsoft has developed and incorporated the Antimalware Scan Interface (AMSI). AMSI essentially is a sort of Dynamic Analysis platform that will inspect at a deep level those Scriptors that use Windows built-in scripting hosts, detecting questionable behavior, is Emsisoft going to use this?
     
  10. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    We don't at the moment, but we are considering to add support for AMSI in the next major release.
     
  11. Nitty Kutchie

    Nitty Kutchie Registered Member

    Joined:
    Apr 10, 2015
    Posts:
    132
    Well thank you Mr. Wosar hope everthing runs up to speed.
     
  12. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,076
    Are there any deals upcoming for Emsisoft by chance? Thank you.
     
  13. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Not that I know of. Then again, I am not a sales person, so I may not be fully up-to-date on future deals.
     
  14. Trooper

    Trooper Registered Member

    Joined:
    Jan 26, 2005
    Posts:
    4,076
    Thanks for getting back to me. I will just keep my eye out.

    Cheers.
     
  15. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    5,645
  16. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,246
    Very quick question; as far as I know Emisoft Anti -Malware and Emsisoft Internet Security do not have exploit protection, right?

    Also: I'm not sure what to install and use in my Windows 10 when I buy new and fresh computer; should install Emisosft anti-malware with Windows 10 firewall, or should I have Emsisoft Internet Security with its own firewall?

    What are differences, advantages and advantages between both Emsisoft's firewall and Windows 10 firewall?

    Are there any security and protection related issues, are there an options that Emsisoft Internet Security has, and Emsisoft Anti-Malware does not (besides firewall)-this is probably crucial in my final decision, Fabian, so hopefully, you can answer me here-big thanks in advance.
    Where is the catch?
    I already posted here questions about this:
    https://www.wilderssecurity.com/threads/how-good-is-emsisoft-firewall.379304/

    Hopefully, Fabian you can help me with my decision-I want to try and most likely buy the Emsisoft license, but I don't know should I buy the license for Emsisoft Antimalware or should I buy the license for Emsisoft Internet Security-since I've been responded/answered that even Windows 10 firewall (plus Windows Firewall Control) is actually much more than enough-when it comes to pure firewall tasks.
     
  17. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    7,248
    Location:
    U.S.A.
    My recent testing of memory based exploit methods showed EAM/EIS behavior blocker was excellent in detecting this activity originating from unsigned and unknown processes. Whether it would be so against signed malware such as variants of Zeus Trojan remains to be determined.
     
  18. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    No, we don't at the moment. In most cases we do detect and block the payload just fine. But we make no attempts to prevent the exploitation.

    Personally I am using Emsisoft Anti-Malware with the Windows Firewall and it is what I would recommend. If you want more control than what the Windows Firewall offers or if you are concerned about malware manipulating the firewall rules, you can either choose to use Emsisoft Internet Security or complement Emsisoft Anti-Malware with a firewall of your choice.

    No, they are otherwise identical.
     
  19. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,246
    Thanks, Fabian for your answers, basically the reason I wanted to ask you about the firewall thing is because, for some time I will be completely without router (and that means without SPI and NAT firewalls, this is why I have to know what to choose when it comes to firewall issue).
    I asked on Wilders security forum about Windows 10 firewall, and they answered to me that Windows 10 firewall (with Windows Firewall Notifier or Windows Firewall Control or Tiny Wall and similar is more than enough to deal with outbound and inbound protection.
    Emsisoft is the only software product that I have not tried yet, but based on experience of users, it seems to me that I will keep it with some more security products like AppGuard and Sandboxie.
     
  20. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    3,376
    Location:
    Under a bushel ...
    I switched my EAM and EIS software around yesterday, moving EAM from my Win 7 machine to my Win 8.1 machine, and EIS from my Win 8.1 machine to my Win 7 machine.
    Interestingly, EIS warned me to apply a MS hotfix on the Win 7 Machine. (I had not had to do this previously on my 8.1 machine. Also EAM had not previously asked for this on my Win 7 machine).
    I have Oracle VirtualBox on my Win 7 machine, and EIS also warned me to remove this completely. Previously EAM had not asked for this also.
    So it seems EIS is quite fussy with Win 7 (64-bit). @Fabian Wosar: My question is though - is Oracle VirtualBox completely incompatible with EIS on Win 7?
     
  21. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    It is certainly enough for inbound protection. Outbound protection is covered by EAM at least partially though as it keeps an eye on outgoing connections and the circumstances these outgoing connections happen in as part of the overall behavior monitoring.

    VirtualBox is not completely incompatible with EIS. The VirtualBox bridged and host-only network drivers are. This isn't a problem that affects us only either. Oracle has known about these issues for years but they refuse to fix their driver. The last time they were thinking about just "blacklisting" those drivers their driver is incompatible with in their setup. That was 6 years ago:

    https://www.virtualbox.org/ticket/6057

    Nothing has changed since then as far as I know. If you don't need bridged networking or the host only networking, you can simply uninstall VirtualBox and reinstall it with those two features disabled. You will still be able to use NAT, so your VMs can still access the internet if that is what you need.
     
  22. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    7,248
    Location:
    U.S.A.
    I didn't know that. Any potential conflicts with other third party firewall outbound monitoring? Also does it use the WIN firewall WFP facility?
     
  23. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    Conflicts with other third party firewalls are unlikely due to the way we chose to implement it. WFP isn't used by EAM, but it is used by EIS. We do have plans to transition the EAM monitoring to WFP as well once we drop Vista and XP support next year.
     
  24. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,246
    Sorry for this, but what is WFPo_O?
    And, yes, big thanks, it's good to know that Windows 10 firewall, even without router and its SPI and NAT firewalls protections, blocks everything inbound!
     
  25. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    WFP is the Windows Firewall Platform. Essentially a set of Windows APIs that were added by Microsoft to make the development of firewalls and network filters easier.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.