Leaderboard

You must have had Beta Updates enabled as EIS 11 is still beta, and that kind of problems can happen with Betas Remedy. Uninstall 11 and then install 10 again and make sure that "Beta Updates" is disabled (unchecked)

Upgrade from EIS 10.0.0.5735 to EIS 11.0.0.5847 (Beta) I currently have for the 'Advanced Firewall Settings' to "Ask" to allow incoming/outgoing firewall rules. (all 4 options are set to Ask) Application Rules did not Update after Upgrade ----------------------------------------------------------- After the upgrade/restart i deleted the custom rules to allow ports 80/443 and yet it still allowed the connection even after restarting firefox and did not prompt me to allow it again either. So I went to Settings -> "Factory Defaults" this seemed to do the trick, and this time asked me to allow the port connections 80 / 443. Real-Time Firewall Blocking ------------------------------------ At first I allowed port 80 / 443, and then tried adding a BLOCK TCP/UDP 0-65535 (below to the first rule) i could still browse successfully (where before in v10, 0-65535 was over-riding everything) However then i removed the rules, then tried this time to "block" the connections, except it was still allowing the connection, even though 80 / 443 were blocked. It wasn't until I restarted firefox that the blocking rule took effect. so it appears real-time firewall blocking of the application is not quite working. Real-time Application Blocking (or Suggestion) ------------------------------------------------------------------- Another issue ,prevalent in v10 also, is when you block an application in Application Rules or Behaviour Blocker, it does not close the application once blocked, it just prevents it from running the next time. Where in v9 i remember it used to close the application immediately once blocked. Automatic Custom Montioring (Suggestion) ------------------------------------------------------------------- Even though I have automatic firewall settings set to "Ask" about trustworthy applications, the behaviour blocker still sets everything to "All Allowed", so each time I do say.. a Factory Reset or new install, I have to reset each application to "Custom Monitoring" if I want to be confronted with potential behavioural threats. The behavioural blocking is the pride and joy of EIS, so I think it should be an option in "Advanced Firewall Settings" to set "All Allowed" to "Custom Monitoring" by default. Which will warn you about code injection and such. Automatic Behavior Blocking Template(Suggestion) ----------------------------------------------------- Also think you should be able to create something like a Template that applies to all applications by default, for example.. "Block Backdoor Related Activity" "Block Spyware Related Activity" could be set by default, based on your template you created. More Detailed Information About Intrusions (Suggestion) ---------------------------------------------------------------------------------- I mentioned in the previous suggestion about behavioural blocking, and how it warns you about code injection and potential intrusions. These errors can come from system applications, for example... when changing personalize settings, a message appears saying Explorer.exe wants to change something, or when Firefox tries to run a program from the downloads menu, it will say something along the lines that Firefox is acting like a trojan or something to that nature. These are scenarios where it was likely a false detection, but was warning of a potential problem, which is great! However, there are also scenarios where Explorer.exe or Firefox.exe may be doing something it shouldn't, and yet the options are to Allow something potentially bad, or Block, which closes the application, not really knowing what you just blocked. So what i'd really love to see.... is the offending command, i believe v9 had it right... when it popped up the behaviour, it gave you much more verbose input, like Explorer.exe -> Shell32.dll -> hotdog.dll -> somethingweird.exe then i could tell the difference between, a simple desktop entry being modified, or of an actual threat that needs to be dealt with. So would really really love to see an option in "Advanced rule settings" for [ X ] verbose behaviour messages Application Rules & Behavior Rules Merging (Suggestion) ---------------------------------------------------------------------- I think v9 also had it right in this case.... all of the application rules were all in one neat tidy window, maybe i'm a little daft, but i don't quite understand why these two are seperated, and why some applications will show up in Behavior Blocker and not in Application Rules, and if i want one in the other, i have to create the rule myself. Then tediously set everything to Custom Monitored, to get it to monitor its behavior. Theming (Suggestion) ---------------------------- I know i've said this before, but i'll say it again... i'd love to have an option to theme/skin the EIS application, maybe to something with more neutral colors. Insights ---------- If everything gets automatically allowed, then its only passively protecting the system for the sake of letting Windows run smoothly, The goal here is easy to use security, i think its important not to let security take a back seat for the sake of making it easy to use. In the Blog you make mention that everything should be kind of behind the scenes without much intervention and fiddling around with settings, however I think a lot of people don't really mind the extra popups as long as they know their system is actually being protected. Special Thanks -------------------- I'd like to thank the emsisoft team for their dedication and hard work on this amazing application. I hope everything i've said has not been discouraging but has inspired you to keep working to make this program even better. Keep up the good work, and please tell Santa about everything on my wish list.

Why bother. That test is just a test by Comodo to prove Comodo is the best. Kind of reminds me of the silly tests that to get to run you have to disable most of your security and then the test says you failed. I've tested EIS/EAM against real malware and I am protected.

I believe that if you do a fresh install then the installer automatically select the correct version for you. For those with x64 systems that upgraded from 10 to 11, the EAM/EIS folder will remain in Program Files (x86).

Read my post again please. If you're not ready to deal with betas, don't use them