Jump to content

Christian Mairoll

Emsisoft Employee
  • Posts

    1307
  • Joined

  • Days Won

    117

Everything posted by Christian Mairoll

  1. A world wide ransomware outbreak, like the one we witnessed last month with WannaCry, was probably just a matter of time. At least our team was not really hit by surprise: Ransomware has been on top of our Lab’s priority list for the past couple of years, but the epidemic proportions and speed of this samples’ infection have been unheard of. The entire world media reported about it across all channels: WannaCry was a major wake-up call for everyone who had previously neglected the seriousness, or worse, the existence of the ransomware threat. We at Emsisoft see it as our responsibility to keep you safe from all kinds of ransomware, and we are confident that we can stay technological leaders in the fight against malware that encrypts your personal files. To emphasize our products’ strength in this regard, we decided to shift our existing and proven anti-ransomware capabilities into a separate protection layer component that we are calling “Anti-Ransomware”. Contrary to most self proclaimed anti-ransomware specialist tools out there, Emsisoft Anti-Malware and Emsisoft Internet Security are able to block ransomware before it even encrypts the first data file. We consider that critically important, as recent ransomware samples have shown that criminals have become selective and are prioritizing your supposedly most important files for encryption. Our licensed security solutions don’t wait until a pattern of multiple file manipulations occurs, but intercept encrypters before they can touch anything. Prevention is key. Emsisoft Anti-Malware & Emsisoft Internet Security 2017.5: New main guard component “Anti-Ransomware” to emphasize the trusted ransomware protection abilities that were previously part of the Behavior Blocker component. New scan setting “Scan in email data files” that allows you to include or to skip the scan of potentially large email files. Lowered the number of false positive alerts. User interface and user experience improvements. Several minor detection related improvements. Fixed a number of potential crash bugs. Emsisoft Enterprise Console 2017.5: Fixed a bug that caused some clients to unexpectedly disconnect during Windows 10 Creator’s Update. A new “Detect Potentially Unwanted Programs” option is now available for scheduled scans. Improvements in policies, reports, installation/uninstall and settings menus. Migrated the product to .NET 4.5 platform. How to obtain the new version As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default. New users please download the full installer from the product pages. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. That gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great (ransomware-free) day! View the full article
  2. Both products are based on the same code, but server operating systems require a different (more expensive) license key.
  3. Emsisoft Anti-Malware und Emsisoft Internet Security fangen WannaCry natürlich verlässlich ab. Ansonsten: Windows Updates aktuell halten und immer ein Backup zur Hand haben falls doch mal was schief geht.
  4. Sämtliche Software<->Server Kommunikation erfolgt über SSL. Lediglich die Downloads der Update-Dateien sind derzeit davon ausgenommen. SSL würde hier keinen Mehrwert in Bezug auf Sicherheit bieten, da unser Update-System von sich aus schon so konzipiert ist, dass Man-In-The-Middle Attacken ausgeschlossen sind. Im Gegensatz zu den Update-Systemen der meisten anderen Hersteller ist bei uns der komplette Prozess signiert und funktioniert Hash-basiert, und ist daher vor Manipulation weitgehend sicher. Nicht einmal die NSA könnte hier ein falsches Update einschleusen. Die Dateien selbst dann auch noch über SSL zu übertragen ist unnötiger Overhead, der uns bei den hunderten Terabytes an Server-Traffic jeden Monat einen nicht unbeachtlichen Mehrpreis bei den CDNs bringen würde. Außerdem muss man sich dann erst recht die Frage stellen, wie viel Sinn SSL bei CDNs generell macht, da diese in der Regel by-design die SSL Sicherheitskette brechen. Diese Information fehlt aber im besagten Testbericht leider.
  5. Following our feature-rich update last month, our team was fully focused on improving the overall product experience for Emsisoft’s product updates in April (2017.4), while squashing a few bugs that affected a handful of our customers. That said, there are still a couple of convenient new features for both consumers (scheduled scan when inserting a USB device) and enterprise customers (centrally view and modify Emsisoft Anti-Malware settings). Make sure to read the rest of the highlights and changes we’ve made for each product below: Emsisoft Anti-Malware & Emsisoft Internet Security 2017.4: Included an option to start a scheduled scan when inserting a USB drive. New option for scheduled scans: USB insertion Fixed occasional bug that would prevent Windows 10 from shutting down properly and resolved sporadic issues with user profiles. Emsisoft Enterprise Console 2017.4: Added ability for system administrators to view local changes made to the client settings, and reset them to policy defaults if necessary. Improved proxy server support when Emsisoft Anti-Malware is deployed via Emsisoft Enterprise Console. When client licenses are about to expire, the system administrator will now receive email notifications. This feature can be adjusted in the Settings. How to obtain the new version As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically within an hour of availability. New users please download the full installer from the product pages. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. That gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great (malware-free) day! View the full article
  6. Following our feature-rich update last month, our team was fully focused on improving the overall product experience for Emsisoft’s product updates in April (2017.4), while squashing a few bugs that affected a handful of our customers. That said, there are still a couple of convenient new features for both consumers (scheduled scan when inserting a USB device) and enterprise customers (centrally view and modify Emsisoft Anti-Malware settings). Make sure to read the rest of the highlights and changes we’ve made for each product below: Emsisoft Anti-Malware & Emsisoft Internet Security 2017.4: Included an option to start a scheduled scan when inserting a USB drive. New option for scheduled scans: USB insertion Fixed occasional bug that would prevent Windows 10 from shutting down properly and resolved sporadic issues with user profiles. Emsisoft Enterprise Console 2017.4: Added ability for system administrators to view local changes made to the client settings, and reset them to policy defaults if necessary. Improved proxy server support when Emsisoft Anti-Malware is deployed via Emsisoft Enterprise Console. When client licenses are about to expire, the system administrator will now receive email notifications. This feature can be adjusted in the Settings. How to obtain the new version As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically within an hour of availability. New users please download the full installer from the product pages. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. That gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great (malware-free) day! View the full article
  7. For our March (2017.3) round of product updates, we have exciting improvements for both home and business users. While the improvements to our behavior blocker and surf protection will benefit all Emsisoft customers, we’ve now added an often requested feature: the option to scan USB memory sticks when plugged in. Business customers will appreciate the additional options to configure computer policies, including customer case and license notifications. For further highlights on the changes, please see the list below: Emsisoft Anti-Malware & Emsisoft Internet Security 2017.3: Improved behavior blocker to protect against malware and ransomware that tries to disable antivirus software. Improved surf protection to block brand new malware- and phishing-hosts even quicker. When plugging in new removable drives, such as USB memory sticks, you can now quickly scan them with just one click if you fancy. Note: Manual scanning of newly connected devices is generally not required as they are automatically covered by the real-time protection anyway. Emsisoft Enterprise Console 2017.3: New computer policies to configure customer care features, such as license expiration notifications, security news box, and more. Clients overview list now shows current progress of running jobs on each managed computer. New filter of clients list based on used license key. Emsisoft Anti-Malware can be remote installed in trial mode now. Improved deployment process: Proxy and other basic settings are used earlier during setup. New grouping feature in licenses panel. New support for secure authentication in webhook notifications. Improved database maintenance and backup routines. How to obtain the new version As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically within an hour of availability. New users please download the full installer from the product pages. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. That gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great (malware-free) day! View the full article
  8. For our March (2017.3) round of product updates, we have exciting improvements for both home and business users. While the improvements to our behavior blocker and surf protection will benefit all Emsisoft customers, we’ve now added an often requested feature: the option to scan USB memory sticks when plugged in. Business customers will appreciate the additional options to configure computer policies, including customer case and license notifications. For further highlights on the changes, please see the list below: Emsisoft Anti-Malware & Emsisoft Internet Security 2017.3: Improved behavior blocker to protect against malware and ransomware that tries to disable antivirus software. Improved surf protection to block brand new malware- and phishing-hosts even quicker. When plugging in new removable drives, such as USB memory sticks, you can now quickly scan them with just one click if you fancy. Note: Manual scanning of newly connected devices is generally not required as they are automatically covered by the real-time protection anyway. Emsisoft Enterprise Console 2017.3: New computer policies to configure customer care features, such as license expiration notifications, security news box, and more. Clients overview list now shows current progress of running jobs on each managed computer. New filter of clients list based on used license key. Emsisoft Anti-Malware can be remote installed in trial mode now. Improved deployment process: Proxy and other basic settings are used earlier during setup. New grouping feature in licenses panel. New support for secure authentication in webhook notifications. Improved database maintenance and backup routines. How to obtain the new version As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically within an hour of availability. New users please download the full installer from the product pages. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. That gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great (malware-free) day! View the full article
  9. The sight of a drone flying overhead is increasingly commonplace, from open air concerts to nature documentaries. Yet, they offer more than a simple way to take breathtaking footage. Accessible drone technology is not only transforming people’s day to day lives, but also offer vital tools to better understand the dangers of our world. We were awestruck when we discovered the use of drones in humanitarian action after the 2016 Central Italy earthquake. Finding practical and innovative uses for technology is what Emsisoft does, so when we approached Surf Life Saving New Zealand (SLSNZ) to use drones to make surfing safer, they jumped on board at the opportunity. Thanks to this joint research project, these unmanned aerial vehicles have helped create valuable data in a field that found valuable research applications in the field of surf protection and prevention. Watch our video to find out how: Back in November 2016 we started out with the world’s first surf protection research using high technology drifters. Our shared initiative with Surf Life Saving New Zealand has mapped currents and rips to further understand threats and dangers that await unsuspecting surfers under the surface. Very little is known about the current behaviour at the sea bed which is particularly alarming considering that the majority of drownings occur close to shore. If researchers can understand how malicious rips and currents behave, accidents can be prevented and missing persons can be located faster. Though locally executed, the data and insight gained will have future applications for surf lifesaving organisations all over the world. Awareness for better surf protection is the ultimate goal Embarking on this journey and creating our dedicated Surf Protection project page was developed to raise awareness for the importance of the work of Surf Life Saving New Zealand and those who volunteer their time to help protect swimmers and surfers in NZ waters and beyond. Visit Emsisoft’s Surf Protection page here! You may be wondering how an anti-malware provider fits into this scenario. For the team at Emsisoft, it is equally important to protect online surfers from potential threats. Ransomware can take hold of unsuspecting web surfers with an unrelenting grip, much like a invisible rip current does.Similar to the work of SLSNZ, our efforts begin well before an emergency occurs and together we strive to keep you safe both online and in the water before the worst happens. Christian Mairoll, CEO of Emsisoft says “At first thought, you may think that the only thing our organizations have in common is the terminology ‘surf protection’, but it’s far more than that. Protecting web surfers from all sorts of internet threats requires a very similar approach to what the guys on the surf beaches do. Observation of the dangerous environment, analyzing specific threats and most importantly prevention of dangerous situations that surfers suffer from everyday. Advanced knowledge of the matter is key. It’s the same online as on the water.“ Team up for better #surfprotection! Visit our campaign page and learn more about how drifter technology works and follow along with the progress of this research. Watch the Emsisoft Surf Protection video and share it with all of your friends and family to help spread the message with our hashtag #surfprotection. Safe surfing! Be sure to keep up with the action on our social media channels! Emsisoft Facebook | Emsisoft Twitter #surfprotection View the full article
  10. The sight of a drone flying overhead is increasingly commonplace, from open air concerts to nature documentaries. Yet, they offer more than a simple way to take breathtaking footage. Accessible drone technology is not only transforming people’s day to day lives, but also offer vital tools to better understand the dangers of our world. We were awestruck when we discovered the use of drones in humanitarian action after the 2016 Central Italy earthquake. Finding practical and innovative uses for technology is what Emsisoft does, so when we approached Surf Life Saving New Zealand (SLSNZ) to use drones to make surfing safer, they jumped on board at the opportunity. Thanks to this joint research project, these unmanned aerial vehicles have helped create valuable data in a field that found valuable research applications in the field of surf protection and prevention. Watch our video to find out how: Back in November 2016 we started out with the world’s first surf protection research using high technology drifters. Our shared initiative with Surf Life Saving New Zealand has mapped currents and rips to further understand threats and dangers that await unsuspecting surfers under the surface. Very little is known about the current behaviour at the sea bed which is particularly alarming considering that the majority of drownings occur close to shore. If researchers can understand how malicious rips and currents behave, accidents can be prevented and missing persons can be located faster. Though locally executed, the data and insight gained will have future applications for surf lifesaving organisations all over the world. Awareness for better surf protection is the ultimate goal Embarking on this journey and creating our dedicated Surf Protection project page was developed to raise awareness for the importance of the work of Surf Life Saving New Zealand and those who volunteer their time to help protect swimmers and surfers in NZ waters and beyond. Visit Emsisoft’s Surf Protection page here! You may be wondering how an anti-malware provider fits into this scenario. For the team at Emsisoft, it is equally important to protect online surfers from potential threats. Ransomware can take hold of unsuspecting web surfers with an unrelenting grip, much like a invisible rip current does.Similar to the work of SLSNZ, our efforts begin well before an emergency occurs and together we strive to keep you safe both online and in the water before the worst happens. Christian Mairoll, CEO of Emsisoft says “At first thought, you may think that the only thing our organizations have in common is the terminology ‘surf protection’, but it’s far more than that. Protecting web surfers from all sorts of internet threats requires a very similar approach to what the guys on the surf beaches do. Observation of the dangerous environment, analyzing specific threats and most importantly prevention of dangerous situations that surfers suffer from everyday. Advanced knowledge of the matter is key. It’s the same online as on the water.“ Team up for better #surfprotection! Visit our campaign page and learn more about how drifter technology works and follow along with the progress of this research. Watch the Emsisoft Surf Protection video and share it with all of your friends and family to help spread the message with our hashtag #surfprotection. Safe surfing! Be sure to keep up with the action on our social media channels! Emsisoft Facebook | Emsisoft Twitter #surfprotection View the full article
  11. It’s a beautiful, warm summer day at Mount Maunganui as perfect glassy waves roll towards the shore in long, straight sets. Light winds compliment the excellent surf conditions. New Zealanders have never needed much of an excuse to grab a surfboard and hit the water and today the takeoff zone is packed. Teens are out on shortboards, children play in the sand. However, a lifeguard seen paddling his way towards a seemingly lifeless object drifting just beyond the break signals that this is not an ordinary day for the team of Surf Life Saving New Zealand. Two more lifeguards stand side by side on the beach on high alert, shoulders tense. Suddenly one turns to the other and gives the order and I look on as they leap into a rescue boat and race to meet the drifting object. Further rescue vehicles are on standby on the shore as a drone takes flight from the water’s edge. There is such a sense of urgency that we all stand on tiptoes just to catch a glimpse of the chase. Drifter trials ensure surf safety research is a success Luckily we are not witnessing the rescue of a drowning person, though these occurrences have been far too common in recent years in New Zealand. Rather, today is the eagerly awaited trial for Emsisoft and Surf Life Saving New Zealand (SLSNZ) as part of our joint surf protection project. Together we are launching GPS drifters into the sea to monitor local currents and rips, and the data gathered will support SLSNZ in their efforts to keep swimmers safe on local beaches and beyond. Emsisoft’s involvement with SLSNZ began with the repeatedly shocking drowning statistics we were seeing online. In 2015, 113 lives were lost to drowning, 25 percent up on the previous year’s total of 90. Tragically, 86 of these 113 drownings were preventable. There were 81 preventable drowning deaths in 2016 (WaterSafety.org). The incredible work of Surf Life Saving New Zealand goes hand in hand with Emsisoft’s own endeavors: monitoring behavior and looking out for potential dangers to protect people from common threats they encounter while surfing. The partnership felt like a natural fit, and we were happy to help. Drifters plot what is happening underground; drones, from above Drifters plot GPS data to map the rip currents and their behaviors to measure the physical layout of the (topographic) headland rip current across a range of different swell, tidal and wind conditions. How it works: A GPS unit is attached securely to the top of the drifter which records rip direction and rip current velocity. The drifter itself is a weighted ballast container that is specifically designed to sit at the top of the water column (just below the surface) and travels in a rip due to the three fins which pick up the current. The co-coordinator of the trial, Dan Lee, launches the experiment from the shoreline, assisted by volunteer lifeguards from Omanu, Mount Maunganui and Papamoa Surf Life Saving Clubs. Once the drifter has entered the surf, he conducts the trial from the cliff on Leisure Island with a VHF radio in hand. A lifeguard remains on shore to help with the launch and retrieval of the drifters. The two in the Inflatable Rescue Boat (IRB), helmed by Allan Mundy, are tailed by the lifeguard on the paddle board. Surf Life Saving New Zealand national lifesaving manager Allan Mundy says the custom made drifters performed as they were expected to, acting as a swimmer caught in a rip. “The trial proved just how powerful rips are. What was interesting was the fact that even with minimal surf, the drifters traveled very fast. One of the drifters broke away from where it was predicted it would go and went half a kilometer down the beach in the opposite direction. This illustrates the transient power of rip currents and the danger the Mount Maunganui rips pose to the public,” he says. Mr Mundy says the information gathered proves that rips don’t work exactly the way we thought. “There’s still a lot to learn but the early success of the project at Mount Maunganui can be used as a template for further trials at more locations across the country this summer,” he says. Surf Life Saving New Zealand explain that “the information gathered through the project will be added to a database which will assist in future current predictions during lost persons searches and the method will be used to set a data standard for future research on additional sites around the country.” The drones provided by Emsisoft are adding further weight to the research. Footage taken at the trial clearly depicts the long sweeping range of the surface currents from above and tracks the drifters visually across the headland. Recorded observations such as those captured by the drones will continue to aid in the mapping of these changeable waters and the swimmers caught in them. Surf safety is vital both online and in the water The dangers of the sea are often hidden from view so your average surfer may not be aware of the dangers lurking beneath the surface. The study of behaviors to avoid emergency situations is as vital to online protection as it is to surf protection in the water. So rather than just helping those that are already in danger, an important part of this project is to raise awareness of the dangers and the importance of putting place early intervention practices. Whether on a surfboard or on the internet: make sure you are aware of the dangers first, and seek help from experts to help you surf safely. View the full article
  12. It’s a beautiful, warm summer day at Mount Maunganui as perfect glassy waves roll towards the shore in long, straight sets. Light winds compliment the excellent surf conditions. New Zealanders have never needed much of an excuse to grab a surfboard and hit the water and today the takeoff zone is packed. Teens are out on shortboards, children play in the sand. However, a lifeguard seen paddling his way towards a seemingly lifeless object drifting just beyond the break signals that this is not an ordinary day for the team of Surf Life Saving New Zealand. Two more lifeguards stand side by side on the beach on high alert, shoulders tense. Suddenly one turns to the other and gives the order and I look on as they leap into a rescue boat and race to meet the drifting object. Further rescue vehicles are on standby on the shore as a drone takes flight from the water’s edge. There is such a sense of urgency that we all stand on tiptoes just to catch a glimpse of the chase. Drifter trials ensure surf safety research is a success Luckily we are not witnessing the rescue of a drowning person, though these occurrences have been far too common in recent years in New Zealand. Rather, today is the eagerly awaited trial for Emsisoft and Surf Life Saving New Zealand (SLSNZ) as part of our joint surf protection project. Together we are launching GPS drifters into the sea to monitor local currents and rips, and the data gathered will support SLSNZ in their efforts to keep swimmers safe on local beaches and beyond. Emsisoft’s involvement with SLSNZ began with the repeatedly shocking drowning statistics we were seeing online. In 2015, 113 lives were lost to drowning, 25 percent up on the previous year’s total of 90. Tragically, 86 of these 113 drownings were preventable. There were 81 preventable drowning deaths in 2016 (WaterSafety.org). The incredible work of Surf Life Saving New Zealand goes hand in hand with Emsisoft’s own endeavors: monitoring behavior and looking out for potential dangers to protect people from common threats they encounter while surfing. The partnership felt like a natural fit, and we were happy to help. Drifters plot what is happening underground; drones, from above Drifters plot GPS data to map the rip currents and their behaviors to measure the physical layout of the (topographic) headland rip current across a range of different swell, tidal and wind conditions. How it works: A GPS unit is attached securely to the top of the drifter which records rip direction and rip current velocity. The drifter itself is a weighted ballast container that is specifically designed to sit at the top of the water column (just below the surface) and travels in a rip due to the three fins which pick up the current. The co-coordinator of the trial, Dan Lee, launches the experiment from the shoreline, assisted by volunteer lifeguards from Omanu, Mount Maunganui and Papamoa Surf Life Saving Clubs. Once the drifter has entered the surf, he conducts the trial from the cliff on Leisure Island with a VHF radio in hand. A lifeguard remains on shore to help with the launch and retrieval of the drifters. The two in the Inflatable Rescue Boat (IRB), helmed by Allan Mundy, are tailed by the lifeguard on the paddle board. Surf Life Saving New Zealand national lifesaving manager Allan Mundy says the custom made drifters performed as they were expected to, acting as a swimmer caught in a rip. “The trial proved just how powerful rips are. What was interesting was the fact that even with minimal surf, the drifters traveled very fast. One of the drifters broke away from where it was predicted it would go and went half a kilometer down the beach in the opposite direction. This illustrates the transient power of rip currents and the danger the Mount Maunganui rips pose to the public,” he says. Mr Mundy says the information gathered proves that rips don’t work exactly the way we thought. “There’s still a lot to learn but the early success of the project at Mount Maunganui can be used as a template for further trials at more locations across the country this summer,” he says. Surf Life Saving New Zealand explain that “the information gathered through the project will be added to a database which will assist in future current predictions during lost persons searches and the method will be used to set a data standard for future research on additional sites around the country.” The drones provided by Emsisoft are adding further weight to the research. Footage taken at the trial clearly depicts the long sweeping range of the surface currents from above and tracks the drifters visually across the headland. Recorded observations such as those captured by the drones will continue to aid in the mapping of these changeable waters and the swimmers caught in them. Surf safety is vital both online and in the water The dangers of the sea are often hidden from view so your average surfer may not be aware of the dangers lurking beneath the surface. The study of behaviors to avoid emergency situations is as vital to online protection as it is to surf protection in the water. So rather than just helping those that are already in danger, an important part of this project is to raise awareness of the dangers and the importance of putting place early intervention practices. Whether on a surfboard or on the internet: make sure you are aware of the dangers first, and seek help from experts to help you surf safely. View the full article
  13. Providing you with first class anti-malware without slowing down your system is a key promise for us at Emsisoft. So for our February product update (2017.2), our developers have been busy to further optimize several areas of our anti-malware software solutions to get you an even smoother experience. Below are the key highlights: Emsisoft Anti-Malware & Emsisoft Internet Security 2017.2: Improved integration with the Windows Security Center to avoid unnecessary alerts and Windows Defender popups while rebooting and restarting the software. Improved startup speed of the software thanks to a new caching feature in the scan engine. This will also reduce the memory footprint during scans. New dialog to define scanner default settings, such as detection of Potentially Unwanted Programs (PUPs), performance settings, and default actions on scan completion. Emsisoft Enterprise Console 2017.2: New feature to manage quarantine content of connected client machines remotely. New webhook based reporting feature with updated documentation in help file. Emsisoft Emergency Kit 2017.2: New dialog to define scanner default settings, such as detection of Potentially Unwanted Programs (PUPs), performance settings, and default actions on scan completion. How to obtain the new version As always, so long as you have auto-updates are enabled in the software, you will receive the latest version automatically within an hour of availability. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings, you will receive the new software version no earlier than 30 days after the regular “Stable” availability. That gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great (malware-free) day! View the full article
  14. Providing you with first class anti-malware without slowing down your system is a key promise for us at Emsisoft. So for our February product update (2017.2), our developers have been busy to further optimize several areas of our anti-malware software solutions to get you an even smoother experience. Below are the key highlights: Emsisoft Anti-Malware & Emsisoft Internet Security 2017.2: Improved integration with the Windows Security Center to avoid unnecessary alerts and Windows Defender popups while rebooting and restarting the software. Improved startup speed of the software thanks to a new caching feature in the scan engine. This will also reduce the memory footprint during scans. New dialog to define scanner default settings, such as detection of Potentially Unwanted Programs (PUPs), performance settings, and default actions on scan completion. Emsisoft Enterprise Console 2017.2: New feature to manage quarantine content of connected client machines remotely. New webhook based reporting feature with updated documentation in help file. Emsisoft Emergency Kit 2017.2: New dialog to define scanner default settings, such as detection of Potentially Unwanted Programs (PUPs), performance settings, and default actions on scan completion. How to obtain the new version As always, so long as you have auto-updates are enabled in the software, you will receive the latest version automatically within an hour of availability. Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings, you will receive the new software version no earlier than 30 days after the regular “Stable” availability. That gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically. Have a great (malware-free) day! View the full article
  15. Whitelisting of files and programs via scanner and real-time protection exclusions isn’t anything new really at Emsisoft. But the latest version of Emsisoft’s protection products series enhances the flexibility for power users significantly. A quick showcase of typical use cases for exclusions: If you open Emsisoft Anti-Malware or Emsisoft Internet Security and navigate to “Settings” -> “Exclusions”, you will see a newly introduced dialog that’s split into two major areas: Emsisoft Exclusions Dialog 1. Scanning exclusions This feature is pretty much self-describing. You select a specific file or a whole folder, and any malware detections during on-demand scans and File Guard scans will be skipped in those places. Scenario: Remote control software There are a few remote control tools available that can be legitimately used, but malware authors often bundle them too. If you still need to use these tools, you can exclude their file path from scanning with the Emsisoft scanner. Scenario: The wanted “unwanted program” (PUP) Emsisoft’s detection signatures are rather on the more aggressive side when it comes to detection of potentially unwanted programs. At occasions, users may still want to use these programs, like browser toolbars. To avoid detection in future disk scans, simply add their installation folder to the list of exclusions. 2. Monitoring exclusions Instead of having control over which program files are excluded from scanning, here you can define that actions and behavior of specific programs shouldn’t be monitored. Scenario: A second antivirus program Each file reading or writing operation by a program potentially triggers a scan by the File Guard. But scanning a file is also a file operation that may trigger the same thing with a second antivirus program that may be installed. However, if that other antivirus opens a file for reading, it may again trigger another scan with Emsisoft, and so on. The result can be a system lockdown because all resources are used to scan a specific file again and again. To break that loop, you should always exclude any additional real-time protection programs in Emsisoft, and vice versa. Scenario: Software incompatibility In order to create world-class protection, Emsisoft’s real-time protection modules need to work closely with the core of the Windows operating system. That technology is called “hooks” and it basically means that our software sits between the operating system and the running programs, to intercept any security relevant operations if needed. Other software also uses hooks to create certain functionality and at times, this creates incompatibilities that lead to crashes or malfunction. If you experience problems like that, you can put the other program on the list of Monitoring Exclusions, to avoid that these programs are touched by Emsisoft’s code. New feature: Wildcards Some programs use random filenames, e.g. at installation time, for temporary files. You may not want to exclude the whole temp folder from scanning and monitoring, so you can exclude path patterns like this: c:\windows\temp\inst*.exe The * sign replaces a random sequence of characters. Warning! While this is a very powerful feature that adds extra flexibility, it is also very dangerous when used wrong. If you accidentally create an exclusion for c:\*, you would basically disable the entire protection functionality on your computer, as everything on drive C: would be excluded. Always make sure the wildcard symbol isn’t used at the end of the path sequence, but somewhere in the middle. If the number of random characters is always expected to be the same, you should better use the ? sign, which replaces just one character. Example if the filename always uses 3 random letters or numbers: c:\windows\temp\inst???.exe New: Environment variables Environment variables are a Windows standard feature that is mostly used by system administrators in command line scripts. They act as placeholders for common paths that may be different on individual installations of the system. Instead of manually looking up the actual path on each computer, you can let Windows do that for you. Note that environment variables are not just simple placeholders for a static path sequence. Since the protection modules work on System level, environment variables usually match one or many paths on a system. %USERPROFILE% excludes all user profile folders that typically reside at C:\Users\, not just the profile of the currently logged in user. Scenario: Excluding a specific installed program Imagine you are a network admin and manage 10 computers in your office. Some of them still run an old Windows 7 32 bit edition, a few others are on Windows 8 and the newest ones are using Windows 10 in 64 bit editions. You want to exclude a business critical custom software that occasionally triggers behavior blocker alerts. But that program is installed in different places on all of these computers. Some use C:\program files\ProgramXY\, others C:\program files (x86)\ProgramXY\ and a few machines have all programs installed on a different drive D:\program files\ProgramXY\. To exclude all these paths in one go without knowing their exact locations, you can simply create an exclusion like this: %PROGRAMS%\ProgramXY\MainFile.exe Scenario: Excluding a file on all user’s Desktops In corporate environments you will most likely have multiple user accounts used on each computer. Each user has their Desktop files stored in a different user-based folder, e.g. C:\Users\MyUserName\Desktop\. If you want to exclude all Desktops from all users from scanning, you can simply create one exclusion like this: %DESKTOP% This will exclude all matching user-specific folders at once, such as: C:\Users\MyFirstUser\Desktop\ C:\Users\MySecondUser\Desktop\ C:\Users\MyThirdUser\Desktop\ … Emsisoft currently supports 44 environment variables Click on the link “environment variables” in the upper area of the Exclusions dialog to see a tester for all available variables and how they are resolved on your specific system. Emsisoft Exclusions: Environment Variables Tester Available variables (early 2017): %ALLUSERSPROFILE% %APPDATA% %CACHE% %CDBURNING% %CHROMEPROFILE% %COMMONAPPDATA% %COMMONDESKTOP% %COMMONDOCUMENTS% %COMMONDOWNLOADS% %COMMONFILESDIR% %COMMONMUSIC% %COMMONMYPICTURES% %COMMONPROGRAMS% %COMMONSTARTMENU% %COMMONSTARTUP% %COMMONTEMPLATES% %COOKIES% %DESKTOP% %DOCUMENTS% %DOWNLOADS% %FAVORITES% %FIREFOXPROFILE% %FONTS% %LOCALAPPDATA% %LOCALAPPDATALOW% %MUSIC% %MYPICTURES% %MYVIDEO% %NETHOOD% %PERSONAL% %PROGRAMFILESDIR% %PROGRAMS% %PUBLIC% %RECENT% %SENDTO% %STARTMENU% %STARTUP% %SYSDIR% %SYSTEMDRIVE% %TASKS% %TEMP% %TEMPLATES% %USERPROFILE% %WINDIR% Conclusion: Use exclusions to avoid certain detections and to sort out incompatibilities While most home users will probably never have a need to create sophisticated exclusions, the newly added flexibility in the latest version comes very handy for system administrators who maintain larger numbers of computers. Emsisoft Enterprise Console fully supports all types of exclusions which allows expert users to define them centrally for the entire network at one single click. View the full article
  16. Like all ransomware, Hermes locks a victim’s files and demands payment to unlock them. Emsisoft battles ransomware like this on the front line daily, with the creation of free decrypters to help victims get their files back. But, what is actually involved in the creation of a decrypter? Today we explored exactly this via live stream as Emsisoft CTO and Head of our Malware Research Lab, Fabian Wosar, cracked Hermes. Fabian decrypts Hermes by attacking the encryption generator In a recent blog post, we discussed the best way to remove ransomware including the use of decrypters to unlock your files without paying the ransom. Today, in the video embedded below, Fabian demonstrated the way in which a decrypter is actually created. In the case of Hermes, Fabian was able to uncover the seed responsible for generating the file encryption and subsequently create the necessary key. Important: Though we have demonstrated that a decryptor can be made for the Hermes Ransomware, it is not yet available. We will update both the decrypters site and the Emsisoft Blog when as soon as it is ready for use. For more information on the identification and decryption of ransomware, see this interview with Michael Gillespie, security researcher at Malware Hunter Team and creator of IDRansomware. Prevention is the best cure when it comes to ransomware There are practical steps that can be taken to recover files once ransomware has taken hold, however, the key to protecting your private date lies in preparedness. Keep your software and operating systems up to date. Spring clean your system regularly. Do not install applications from unfamiliar sources or untrusted websites. Read permissions closely when requested by programs or apps. Back up data and devices frequently. Learn how on the Emsisoft Blog. Install and regularly update a quality anti-malware product such as Emsisoft Anti-Malware. Our software has a proven ability to capture and eliminate ransomware. Read about our performance against ransomware here. If infected, take every possible step to avoid paying. Remove ransomware the right way. Have a nice (ransomware-free) day! View the full article
  17. In the past week, we saw a lot of online media attention around the question whether antivirus software actually poses a threat to users’ safety because it intercepts and manipulates encrypted HTTPS online traffic. Since then, a number of customers contacted us concerned that Emsisoft uses the same practices to build its Surf Protection functionality in our Emsisoft Anti-Malware and Emsisoft Internet Security products. To answer that question right away: Emsisoft does not intercept any HTTPS traffic. Background: Why spy on HTTPS traffic? As described in an elaborated study done by security researchers, a large number of antivirus products rely on looking into your web surfing traffic in order to find malicious scripts and phishing attempts. By design, HTTPS encrypted connections don’t allow anyone to know which exact website address and path you’re surfing at. So the only way to be able to block certain bad websites is by looking into all your traffic. This is done by installing a traffic interception module between your browser and the target website server that proxies all traffic. As that would break the concept of HTTPS end-to-end encryption, antivirus software usually installs a new, so-called root certificate on your computer that basically helps to simulate the encrypted connection. Technically speaking, your browser only communicates with the local antivirus HTTPS proxy and its self-made certificate, and consequently all encrypted websites show up with the ‘safe’ lock symbol in the browser. The proxy then scans the decrypted traffic and connects to the actual web server encrypted again. This concept generally works (otherwise those vendors wouldn’t have chosen it), but the main problem with that approach is that the traffic is no longer end-to-end encrypted. The local antivirus scan proxy has to simulate web servers perfectly down to the tiniest detail in order not to weaken the encryption chain. Here is where implementation mistakes are easily made and the security problems described in the earlier mentioned study arise. Doing it differently: How Emsisoft’s Surf Protection works Emsisoft chose a different method to make sure you can’t access malicious and fraudulent websites. Instead of filtering on URL level (example: https://badsite.com/folder/malwarefile.exe), it blocks known bad hostnames (example: badsite.com) on DNS level. Host names are resolved to the servers’ IP addresses by the operating system. Emsisoft’s Surf Protection intercepts that process of address resolution independent of browser and traffic by returning an invalid IP address for hostnames that are on the blacklist. That method may not be as precise as URL filtering, but it comes with two significant advantages: It doesn’t rely on spying on any encrypted traffic, so it doesn’t provide as much surface for attackers as other concepts. It doesn’t require huge cloud-based databases to verify good and bad website addresses, which means it’s less intrusive on your privacy by design, as all matching is done locally on your computer. Why you should still use antivirus/anti-malware software In the media it was often quoted that people would be better off without antivirus software. If we would share that view, we probably wouldn’t have spent the last ~15 years developing malware protection software. We at Emsisoft believe that the main purpose of antivirus software is to prevent users from suffering from the consequences of occasional mistakes that are made by all of us. Once in a while, even the best security experts make unintended clicks on a bad file or on the wrong checkbox during a setup that installs a PUP when they are in a hurry- and regret it the second after. Antivirus software is your safety net for those (hopefully) rare situations. But let’s be honest: Perfect software does not exist. Each of the many million lines of code may contain an undetected error that somebody could use to exploit and misuse a product. Emsisoft is no exception in that regard. Yet we always aim for highest code quality and try to react as quickly as possible to any leaks that may be found by valuable security experts. View the full article
  18. As in previous years, AV-Comparatives, a renowned independent testing organization of security products, released their annual report rating various anti-malware products tested throughout 2016. We are delighted to announce that Emsisoft Anti-Malware is ranked as a Top Rated Product with four Advanced+ awards won over the course of the last 12 months. In addition, Emsisoft received a joint Silver Award for File Detection, and joint Bronze for Performance. Throughout 2016, AV-Comparatives subjected 19 security products for Windows to rigorous investigation, including Emsisoft Anti-Malware. All the programs were tested for their ability to protect against real-world Internet threats, identify thousands of recent malicious programs, provide protection without slowing down the PC, and remove malware that had already infected a PC using the following tests: Real-World Protection Test – Emsisoft Rated Advanced Performance Test – Emsisoft Rated Advanced+ File Detection Test – Emsisoft Rated Advanced+ Malware Removal Test – Emsisoft Rated Advanced Emsisoft rates high in detection rates with low system impact To be considered an AV-Comparatives Top Rated Product, the tested software had to score consistently high in both file detection and performance. Given Emsisoft’s relentless focus on keeping you protected without slowing you down, this award is an acknowledgement of these efforts. The File Detection Test evaluates the scanning ability of a product. You can learn more about our award-winning dual-scanning technique here. A high detection rate of malware – without causing false alarms – is one of the most important and reliable features of an anti-virus product. Why? It proves the accuracy of a product to detect malware without making unnecessary errors and wasting your time. The Low System Impact Test makes sure that anti-malware solutions run efficiently in the background without slowing down your system. For the test, security products must remain turned on under all circumstances, while users are performing their usual computing tasks. Some products had a higher impact than others on system performance while performing some tasks. AV-Comparatives specifically highlighted: “Emsisoft demonstrated a lower impact on system performance than other products.” Beyond performance, it’s important for us that our customers find the Emsisoft product experience effortless and a pleasure to use. AV-Comparatives seemed to think so in their report: “We liked Emsisoft’s informative setup wizard, and the very clean and modern interface design.” We are very happy to be rated so highly in these categories. Efficiency with no bloat has always been one of our top priorities and the advanced+ awards we received this year clearly reflect that. As we look to 2017, we would be thrilled to see a new category for ransomware protection as part of the AV-Comparatives’ tests, as it would reflect the rising threat of ransomware (and because we’re confident we’d do very well 😉). However, while positive test results are great to have, Emsisoft’s goal is to keep customers protected from real-world threats, such as ransomware, rather than optimising our products for testing authorities. So as in previous years, our goal remains clear: providing you with the best possible protection without slowing you down. Malware doesn’t sleep, and nor do we. For further information on the features and protection provided by Emsisoft Anti-Malware, visit this page. AV-Comparatives: industry leaders in independent testing AV-Comparatives is an independent organization and highly reputable testing authority. Their tests check whether security software, such as PC-based antivirus products and mobile security solutions, live up to their promises. To be highly-rated by AV-Comparatives is to be highly recommended to the industry and customers alike. You can compare our AV-Comparative results in all testing conditions with competing software providers, see our performance test results from past years, or read the full report from AV-Comparatives here (English). You can also see our many other accolades here. Have a great (malware-free) day! View the full article
  19. Please note that none of those hosts are static. They will most likely change occasionally. Therefore, always use a wildcard for *.emsisoft.com to unblock. SSL ports need to be enabled too. You could try to use FiddlerTool to trace all server calls from the software and find the error.
  20. Duncan, on the date you mentioned we only published a beta update. Just as a precaution: Please try to avoid using beta updates on production servers. Beta software always includes the risk of some glitch or fail. I'd rather recommend using the "Delayed" update feed instead.
  21. Darüber hinaus ist das Video kein "Test", sondern eine technische Demonstration des Behavior Blockers und klar ersichtlich von uns selbst produziert.
  22. Bezüglich des Ordner-Auswahldialogs: Da ein kompletter Malware-Scan nur rund eine Minute dauert, ist das scannen einzelner Ordner zu einer äußerst selten genutzten Funktion geworden. Entsprechend hat das Thema keine hohe Priorität, sorry. Da gibt's deutlich wichtigere Dinge, die es sich zu implementieren lohnt.
  23. Die Windows-Benachrichtigungen verwenden wir u.a. deshalb nicht, weil sie nur eine einzelne Klick-Aktion umsetzen können. Außerdem ist die Größe und daher der Inhalt begrenzt. Einige unserer Notifications benötigen 2 Buttons, bzw. unterschiedliche Textlängen. Wir wollen auch nicht die Hälfte über Windows fahren und die andere Hälfte nicht, und bleiben daher bei der selbst gebauten Lösung.
  24. Enter bestätigt grundsätzlich immer das gerade aktive Steuerelement (Button, Checkbox, etc.). Wenn der Fenster-Fokus daher (zufällig oder nicht) auf dem Button zum Löschen ist, löscht ein Drücken der Enter-Taste natürlich. Mit der Tab-Taste kann man den Fokus von einem Element zum anderen springen lassen. Das Problem hier ist, dass die Liste selbst nicht als aktives Steuerelement angesehen wird und daher die Funktion außerhalb anspringt. Ich werde das als Anregung weitergeben, damit das geändert wird. Vielen Dank!
  25. Auf der gleichen IP-Adresse kann die Lizenz leider nicht gutgeschrieben werden. Das würde Tür und Tor für Missbrauch öffnen, indem man sich einfach mehrfach hintereinander neue Betriebssysteme installiert. Schick aber bitte deine Daten (dein Key, geworbener Kunde bzw. dessen Email vom Kauf als Beleg) an [email protected] Dann prüfen wir das und lassen uns was einfallen.
×
×
  • Create New...