Emsisoft Public Beta V6

[Deleted member 178]

yes the animation is far nicer.

@dark: no i will stick with EAM, i like it and it fit to my system.

 

[jamescv7]

The animation was more professional and looks good.

 

[NathanF1]

Well, I got some serious FPs after the massive definitions update [20 MB] yesterday.

I re-scanned the folder only and got the same detection for a different file:

Scanning the files on-demand would intermittently alternate between clean and malware detection.

Scanned the files with PrevX SafeOnline [FE] - clean.
Submitted all 3 files to VT and re-scanned again - got 0/43, interestingly EAM used on VT was version 5.1.0.11.

Logged in the "infected" OS - XP with NIS 2011.
Scanned with HMP ad NIS - clean.
Scanned with EAM 5.1.0.19 [had to check if 5.1 detects the same so I installed it] - clean.

After upgrading to 6.0.0.31 and the latest definitions update the scan came clean [did both Deep and Custom Scan], so I suppose whatever the issue with the signatures was, has been fixed.

Sweet watching the scan, though - Deep Scan now runs for under 1 hour Outstanding feat considering it would go for almost 4 hours before, and my understandable reluctance to run it .

Version 6.0.0.31 is now available through the online update.

Changes from 6.0.0.28 to 6.0.0.31:

• License renewal links are now displayed 90 days before a license is about to expired instead of 45 days.
• The a2user.dat read error has been fixed.
• When pausing a scan the scan animation is now paused as well.
• A memory leak has been fixed when combining the Rootkit scan with other scan types.
• The "Cancel" button inside the "Action on scan end" dialog is now working as expected.
• NTFS reparse points weren't handled correctly in all cases which caused files in certain directories to be scanned multiple times.
• Whitelisting detection names is now working correctly again.
• Emsisoft Anti-Malware for Servers licenses are now recognized and handled correctly.
• The confirmation dialog when aborting the wizard is now always displayed correctly.

 

[Deleted member 178]

thanks for the share.

 

[NathanF1]

Hmm, EAM 6 switches to Freeware [on-demand scanner] if unable to connect to their servers [and validate the license, obviously] :s And I was wondering why the connection attempt straight after loading.

One minute you have 3 months left on your license, the next you're without real-time protection...

 

[Deleted member 178]

never happened to me, strange issue.

 

[NathanF1]

never happened to me, strange issue.

I think this only happens if Emsisoft's servers are down on system startup - EAM does check the license on initial startup and if unable to connect to their license server will revert to Freeware license. I managed to reproduce it on another system as well.

If that's how the licensing will work for v6, it seems a bit unwise your license verification and, as a result your real-time protection to be so dependent on the cloud, instead of having a host-based check as well.

Certainly makes me think whether I should rely solely on EAM.


P.S. It has been reported on Emsisoft's forums, quoted reply from the CEO below:

Because of a bug in beta, the license was changed to freeware mode during a server downtime today. We're already investigating in that. Thanks for reporting!

Thread Link

 

[Deleted member 178]

good, they react fastly

 

[NathanF1]

Courtesy of Wilders, couldn't find an entry in the Emsisoft change blog

Update 6.0.0.32

What has changed since the last build:
Bug #2411: Fixed a crash in the updater module.
Bug #2419: Replaced an outdated boxshot image in the wizard.
Bug #2421: Fixed a problem with remapping licenses during update process in case of server errors
Bug #2415: Modified the default name of the scanset file.
Bug #2402: Fixed a problem with localization in context menu libraries.
Bug #2003: Updated the list of registry entries monitored by the behavior blocker. This will also greatly increase the accuracy of service installation, browser hijacking, browser settings change and autorun alerts.
Bug #2404: Updated code injection detection to cover certain previously unmonitored injection methods.
Not related to any ticket: Fixed crash on service shutdown.
Not related to any ticket: Fixed crash in the command line scanner.
Not related to any ticket: Quarantined items are now migrated correctly when switching to Emsisoft Anti-Malware 6.0 using the updater.
Not related to any ticket: The setup now checks for an already existing installation of Emsisoft Anti-Malware or Mamutu and requests uninstallation first.

Bug fixes for #2003 and #2404 [see above] should be instrumental in further improving protection. If only the prompts displayed more detailed information [similar to Online Armor or Outpost] - not just a "suspicious activity", but what exactly it is...

Another interesting thread [although a month old] on ZeroAccess and EAM/OA ability to protect against it.

 

[Jack]

Updated, the changelog looks good, like you've said Bug fixes for #2003 and #2404 should improve the detection.
I'm using EAM 6 on my testing PC and sometimes it lags my system.Is this happening to anyone?

 

[Deleted member 178]

nope , only at startup.

 

[NathanF1]

I'm currently using EAM 6 BETA & OA 5.1 Release and haven't noticed any impact on startup, if anything the improvements they've achieved with the BETA are really impressive, kudos for managing to optimize EAM so much - very low, almost unnoticeable impact on performance [File Guard set as anti-executable, though, as opposed to the default setting Additionally scan all files when they are changed or modified]

I haven't experienced lags other than the slow interaction and responsiveness of the context menu on the tray icon, although even this seems to not be such an issue in the last few days.

Response from Emsisoft on Wilders:

The GUI part is loaded in a separate process, that's why it takes a while to show up.

We decided for this concept to not always keep the rarely used GUI stuff in memory while the realtime protection is active.

Speed up could be done by pre-loading (see Adobe Acrobat or MS IE stuff), but I doubt that would be in favor of the majority of our users.

However, I'll have a look if we can do some fine tuning.

And once again, I just can't stop commenting on the outstanding improvements in scan speed, my latest scan durations:

• Smart Scan - 10 minutes for 570K+ objects
• Deep Scan - 48 minutes for 750K+ objects

It's getting harder and harder to criticize Emsisoft, doesn't it?

 

[Jack]

It's getting harder and harder to criticize Emsisoft, doesn't it?

Yes, indeed!They are improving their product which release , I was a good surprise to see their name in the Top 15 most used Antivirus. .
PS. Thank you guys for your feedback on the resource usage.Very appreciated.

 

[Deleted member 178]

yes i prefer use it than NAV

 

[Valentin N]

Anyone know if it's optimized for multicores cpu ?

 

[Deleted member 178]

Anyone know if it's optimized for multicores cpu ?

honestly i dont know.

 

[djenka]

Emsisoft used modified IKARUS T3 engine.This version of the engine is optimized for multicores cpu.

 

[Jack]

Anyone know if it's optimized for multicores cpu ?

Yes it is , and according to Emsisoft , EAM 6 is approximately 450% faster due to new multi-core support.

 

[NathanF1]

From EAM 6.0 public beta thread on Wilders:

Emsisoft Anti-Malware 6.0.0.33:

What has changed since the last build:
Feature #2423: Added a quick way to disable update notifications.
Feature #2431: Made a few changes to make the referral program a bit more noticable. They aren't finished yet and there are some graphical issues with the transparency on OSes prior to Vista.
Feature #2414: Polished the news notification a bit.
Feature #2448: Updates the context menu extension to no longer disable ASLR for processes it is loaded into.
Bug #2427: Enabling the "silent scan" option of a scheduled scan should now always result in a silent scan no matter what the settings are.
Bug #2426: Detections contained within archives are submitted correctly now, if you try to submit them from the scan result window.
Bug #2422: Scan reports should now include a mention of the rootkit scan if it was enabled.
Bug #2416: The left handed menu should no longer flicker.
Bug #2410: Fixed a rare crash within the wizard that we became aware of through the bug report telemetry.
Bug #2185: The license dialog should no longer appear if the user wakes up a machine from suspension or hibernation.
Bug #2417, Bug #2418, Bug #2420, Bug #2428, Bug #2451: Various localization fixes.

 

[NathanF1]

From Emsisoft changelogs

Emsisoft Anti-Malware 6.0.0.35

Implemented new header image design.
Removed HiJackFree item in left side main menu. It’s still available in start menu and via tray icon context menu.
Promo box for referral rewards program can be hidden now.
Problem with some white label backgrounds on XP fixed.
Submit file problem fixed.
Increased speed of host rules sorting.
Missing program files folder in smart scan defaults fixed.
Potential freeze bug in guard fixed.
Guard performance tuning.
License key is hidden by default and can be copied to clipboard now.
Minor GUI and internal bugfixes.

Screenshot of Configuration with the hidden license key. Just select another tab to hide it again after clicking Show Key. The reference to hiding the promo box only applies to Security Status, referral is always displayed in Configuration : License.