Emsisoft Anti-Malware & Emsisoft Internet Security 10 available

Discussion in 'other anti-malware software' started by emsisoft, May 10, 2015.

  1. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    Yes that is all I would need. Thanks @Fabian Wosar
     
  2. Nitty Kutchie

    Nitty Kutchie Registered Member

    Joined:
    Apr 10, 2015
    Posts:
    160
    I have a serious question to ask? Is Emsisoft detection rate dropping way below average or is it me? Reason being is that sometimes i run test or check sites that run test & the end result is not like the results i encountered with Emsisoft version 8 & down, is it that Emsisoft is trying to fully prepare them self for windows 10 so they can't be focus to deeply at this time on other stuff? I have windows 7 ultimate & windows 10 Pro remember it is just a questiono_O Oh & let me be clear i'm talking about live testing not testing sites stats or testing sites reports. I'm a long time user of Emsisoft.
     
    Last edited: Sep 8, 2015
  3. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    I don't know about test stuff, but any malware I've encountered and tested my setup against, EIS stops it sometimes with AV sometimes with BB, but it stops it.
     
  4. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    I have the same experience as @Peter2150
     
  5. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    1,340
    Location:
    Québec, Canada
    My question has to do with the Emergency Kit.
    I have installed it on my wife's computer. (running Windows 10 Home x64)
    It had no been updated since a month. (it says 28 days)
    I'm simply unable to perform an update. Update begins and stops after a few seconds.
    Yes, I'm running it with Admin rights.
    I downloaded and installed the last version available, over the one already installed, but same result.

    Thanks in advance!
    François

    Later edit:
    Sole solution was to delete the C:\EEK folder altogether and reinstall again.
     
    Last edited: Sep 13, 2015
  6. ReverseGear

    ReverseGear Guest

    Do I need hitmanpro alert and/or mbae with EAM ?
     
  7. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    Quote from Fabian
    https://support.emsisoft.com/topic/18161-emsi-anti-exploit/
    "That is the same question as the file-less infection one. No, we do not provide anti-exploit capabilities. We do protect from the payload these exploits drop, but we do not attempt to mitigate the exploit itself."

    So technically, no, you don't need it. However I don't think there's any harm having it with Hitmanpro alert for extra precaution. I currently have Emsisoft Internet Security with HMP.Alert without any issues.

    Regarding MBAE, supposedly there are some issues with it and Emsisoft, which I read in the Emsisoft forum, however I don't know the details of what those issues really are.
     
  8. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Here I have no issue whatsoever running EIS and MBAE together. On the contracry, seems to complement each other very well.
     
    Last edited: Sep 14, 2015
  9. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    There appears to be a possible issue with EIS and MBAE using Firefox: http://support.emsisoft.com/topic/18630-had-to-uninstall-emis-10-after-todays-81915-update/?hl=mbae

    Best way to eliminate conflicts with MBAE is to create allow all rules in EIS/EAM behavior blocker for all .exe's that reside in the MBAE directory.

    Also as Fabian explained, EIS/EAM will alert on the memory injection attempt from the exploit download. At that point it, you can block and quarantine it. However, the malware by that time might have elevated privileges and the like and EIS/EAM will not protect you against that.
     
  10. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    ah...ok. Don't use Firefox, therefore I could not see it. Thanks!
    EDIT: FYI, already main MBAE in EIS are whitelisted by default.

    Yes, but should already MBAE blocked it before EIS/EAM?
     
    Last edited: Sep 14, 2015
  11. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Both work differently.

    EAM/EIS is monitoring the malware process for malicious activity. MBAE/EMET/HMPA are monitoring the target process e.g. browser for malicious activity against it by anyone. So in most cases, EAM/EIS will detect the malware activity before it touches it's intended target. However, there are exceptions. The malware could be the stealth type that hides its malicious actions when it detects resident behavior blocking and/or sandboxing.

    Also note that if your OS is WIN 7, neither MBAE or EMET are not very effective against heapspray attacks; the most common exploit memory attack. Their test scores are in the low 80% range.
     
    Last edited: Sep 14, 2015
  12. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    Yes, the latest beta of MBAE should have addressed this weakness as well the conflicts reported in the hyperlink you posted.
     
  13. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    I forgot to add that EIS/EAM not very effective against shell script based attacks as is the case for most behavior blockers. Fabian previously stated that Emsisoft currently working on this issue.
     
  14. ReverseGear

    ReverseGear Guest

    Thanx for the info . I will add both mbae and hmp alert to my setup
     
  15. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    My subscription is about to run out, so I switched back to allowing beta updates....Following the update, and required reboot, I opened the GUI, to see how the update proceeded. Then asked for a further update, but it has been stuck for over twenty minutes...

    ScreenShot_EAM_won't initialiize after update reboot_01.gif
     
  16. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Trying to cancel... Doesn't seem to work.

    ScreenShot_EAM_won't initialiize after update reboot_02.gif
     
  17. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    It's a known issue on XP at the moment. I suggest you stick to the stable version for now.
     
  18. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    5,285
    Thank you for your response to my problem...

    I refer to recent comments and this one in particular:

    https://www.wilderssecurity.com/thre...rity-10-available.376071/page-11#post-2515829

    As you can tell from my earlier post this evening, my subscription to EAM is expiring in the next few days.

    However, I would like to keep testing your product. Would it be possible for Emsisoft to issue a beta license to me, so that I may continue testing until support is withdrawn for XP in April 2016? I have been a longtime user of your software over the years.
     
  19. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
    I'm getting registry detections about disabled taskmanager, cmd etc. but they're all working fine:
     
  20. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    23,933
    Location:
    UK
  21. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    7,980
  22. shogun_r

    shogun_r Registered Member

    Joined:
    Aug 17, 2013
    Posts:
    22
    Location:
    Sweden
    Emsisoft uses Bitdefender AV-engine as I have understood it, and also their own. How can Emsisoft get so much worse test result at this test for example? http://chart.av-comparatives.org/chart1.php

    I have wondered over this a long time and it has stopped me from testing Emsisoft so far. Why is the big reason to use just this solution?
     
  23. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    You seem to just compare the perfomance based on one month. At least you should look over a longer period of time.
    For example, between March and June 2015 the difference between Emsisoft and Bitdefender (compromised) is only 0.1%. i.e. null
     
  24. Fabian Wosar

    Fabian Wosar Developer

    Joined:
    Aug 26, 2010
    Posts:
    838
    Location:
    Germany
    In general the real-world test aims to replicate real world scenarios, where a user with slightly outdated browser and plugins goes to malicious websites that would normally lead to an infection. The goal for any application undergoing testing is to prevent that from happening and it can do it in various ways:
    • It can prevent you from accessing the malicious URL in the first place.
    • It can prevent any exploitation or drive-by attempts on those websites, so the malware never makes it to your system.
    • It can prevent the malware from running based on file based detection.
    • It can prevent the malware from doing harm to the system while running by using either behavior blocking techniques or sandboxing.
    The only part we use from Bitdefender is the file based detection stuff, which as you can see is only part of the puzzle. So variations are completely normal. It is true that we had more misses than usual in the past 2 or 3 tests. Most of them were caused by one single malware family. We fixed it in the latest update we released yesterday. It took us a bit longer than usual, as the update was blocked by a few other changes we made to prepare for version 11. But that is just how it goes sometimes.
     
  25. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Shell script protection included now with this latest update?

    Received an alert from EAM behavior blocker for the first time for a .bat script I run from my desktop.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.