Emsisoft Internet security 10 review & settings

malware detection rate is very good

malicious & phishing website blocking is very good

After doing some setting it will be light on system resources

Cloud based detection helps in detecting new malware

Proactive protection is very good in protecting from new zero day malwares.

Emsisoft takes most of the decision itself. Sometimes user will be asked to take decision, especially when installing/executing new software’s.

Heavy on system resources. Hard disk usage is high. It scans every action in the system which eventually leads to slowdown.

 

 

DOWNLOAD LINK :  http://dl.emsisoft.com/EmsisoftInternetSecuritySetup.exe

To get version 10 tick “Enable beta updates” in Settings -> update

 

OVERVIEW

Below the menu is the activity bar which displays the real-time activity of Emsisoft Anti-Malware or Emsisoft Internet Security and lists your protection status. The color of the activity bar and status message change according to the current protection status:

  • Green (Your computer is protected!) – All protection features are enabled and signatures are up-to-date.
  • Orange (Your computer is partially protected!) – Either one or more protection features are disabled or signatures are out-of-date.
  • Red (Your computer is at risk!) – All protection features are disabled.

The top row contains the following larger interactive tiles:

  • Protection – Clicking on this tile takes you directly to the Protection section of the program. The lower half of the tile lists the individual protection components of Emsisoft Anti-Malware or Emsisoft Internet Security. Clicking on a component’s name takes you directly to that component’s section. You can also quickly enable or disable individual components by clicking on the icon to the left of the component’s name.
  • Scan – Clicking this tile takes you directly to the Scan section where you can select your scan type and configure detailed settings related to scans. The labels on the lower section of the tile allow you to quickly initiate a scan of your chosen type.
  • Quarantine – Clicking on this tile takes you to the Quarantine section.
  • Logs – Clicking on this tile takes you to Logs section.

PROTECTION

The Emsisoft Anti-Malware or Emsisoft Internet Security core, subdivided into Application Rules, Surf Protection, File Guard, Behavior Blocker and Firewall, allows for easy fine tuning or removal of behavior rules.

Application Rules

The Application Rules section lists all application rules that have been defined, with columns for Filename and Behavior Blocker and in the case of Emsisoft Internet Security, columns for Firewall In and Firewall Out. The Filename field shows the file path of the program for which the rule was created. The Behavior Blocker column shows whether the program is blocked from running [Program is blocked], allowed to run freely [All allowed] or has customized rule settings [Custom]. The Firewall In and Firewall Out columns show whether a program is permitted to make connections [All allowed], blocked from making connections [All blocked] or has customized rules settings [Custom]. Custom allows you to configure your own rules specifying exactly what behaviors and/or connections are allowed or blocked for a program.

 

FILE GUARD

The File Guard not only scans files before they are executed, but depending on your chosen settings, it can also scan before all other file actions such as moving or downloading from the Internet.

The following options are available for customization of the File Guard:

  • Scan level – The slider control allows you to balance the File Guard’s scan level between best performance and best protection as follows:
    • Fast – Scans programs when they are started. This option has the least effect on the performance of your system while still ensuring that Malware is prevented from executing. Inactive Malware may remain undetected until you run a manual scan.
    • Balanced – Scans all files when they are created or modified, e.g. when a file is downloaded or copied onto your computer from a USB stick. Balanced is the recommended setting.
    • Thorough – Scans all files when they are read by any program so that simply selecting a file is sufficient to cause it to be scanned. This option has the greatest impact on system performance and doesn’t offer a significant advantage in detection when compared to the other options.
  • Only scan files with specific extensions – When this check box is selected, the File Guard only scans files with extensions that are specified in the list. On the one hand this setting can improve the speed of your system because only some files on the hard drive are scanned but on the other hand this also reduces the level of system protection. You can edit the list of specified file extensions by using the Edit button.
  • Protect the computer even if no user is logged on – Ensures that the File Guard is started during system boot and that it remains running in the background even if real-time protection is shut down. You may wish to enable email notifications in conjunction with this option to ensure you are alerted to quarantined objects. If the option is disabled, File Guard starts when the first user logs on.

You can configure the default actions to take for each of the following types of File Guard detections:

  • Malware detections – Choose how you want the File Guard to behave when Malware is detected by selecting either [Alert], [Quarantine silently], or [Quarantine with notification] from the drop down menu.
  • PUPs detections – Choose how you want the File Guard to behave when Potentially Unwanted Programs are detected by selecting either [Alert], [Quarantine silently], [Quarantine with notification], or [No detection] from the drop down menu.

The Manage whitelist button allows you to specify files or folders to exclude from scanning and/or from real-time monitoring.

  • Ticking “only scan specific extensions” will minimize the system resource usage by emsisoft

Behavior Blocker

The Behavior Blocker reports the behavior of programs that are sometimes clearly dangerous but sometimes also only possibly dangerous. With some benign programs a clear decision between benign and malicious behavior is not technically possible. Emsisoft Anti-Malware or Emsisoft Internet Security always report this type of suspicious behavior unless you activate alert reduction to reduce the number of false alerts relating to benign programs.

The following options allow for control over the amount of alerts you receive:

  • Community-based alert reduction – Emsisoft Anti-Malware or Emsisoft Internet Security rely on the intelligence of the masses. When this option is activated, an online query is sent to the Emsisoft Anti-Malware Network to check what other users decided to do with the reported program.
    • Assume control of “allow” decisions – This option allows you to define whether programs should be automatically allowed using community-based alert reduction.
    • Assume control of “block” decisions – This option allows you to define whether programs should be automatically blocked using community-based alert reduction.
    • % threshold required to assume control of decisions – Allows you to select the percentage of total users that are required before a program can be automatically blocked or allowed using community-based alert reduction. For example, using the default threshold of 90%, this means that if 90% of users have allowed the program to start then an application rule would be created to automatically allow it on your system.
  • Activate paranoid mode – Alerts for additional possibly malicious activity by applications with a suspicious or Malware-like file layout. This option is deactivated by default because it can produce many false alerts and is only recommended for advanced users.

Monitored Behavior

You can define the individual types of behavior that should be monitored system-wide by Emsisoft Anti-Malware or Emsisoft Internet Security as follows:

  • Watch for possible backdoor related activity
  • Watch for possible spyware related activity
  • Watch for possible hijacker related activity
  • Watch for possible worm related activity
  • Watch for possible dialer related activity
  • Watch for possible keylogger related activity
  • Watch for possible trojan downloader related activity
  • Watch for applications trying to inject code into other applications
  • Watch for programs editing (patching) other executable files
  • Watch for programs installing something invisibly
  • Watch for rootkit programs using a hidden process
  • Watch for installation of services and drivers
  • Watch for programs modifying startup areas
  • Watch for programs changing the Hosts file
  • Watch for browser settings changes
  • Watch for debugger installations on the system
  • Watch for programs simulating mouse or keyboard activities
  • Watch for direct disk sector access on harddisk
  • Watch for system’s group policy changes

To exclude particular types of behavior from monitoring, remove the tick next to the relevant entry. Only deactivate behavior types if you are sure that this will not compromise your system’s security.

 

FIREWALL

The Firewall section lists all global packet rules. These rules are processed prior to your custom Application Rules:

Each global packet rule is defined by a set of criteria that a packet (data unit) must match. Emsisoft Internet Security analyzes each incoming or outgoing packet and cross references it against each rule (in order of appearance from the top of the list to the bottom of the list). If a rule matches, then the specified action is taken. If a rule doesn’t match, the packet is cross referenced against the next rule.

Manage Networks

The Manage networks button opens a dialog that lists all your network adapters and connected networks and allows you to configure their settings. This is especially useful for protecting laptops from unauthorized access by others when you are connected to an unknown or untrusted wireless network or an office network.

Clicking on a network adapter in the list displays the following settings for that adapter:

  • Category for new connections – Lists the trust level that will be applied to new connections made using this adapter. You can adjust the default setting by selecting [Public network] or [Private network] from the drop down menu. If the option to Use Windows settings for new connections is enabled, the trust level will instead be determined by the operating system’s default settings.
  • Type – Lists whether this is a wired or wireless adapter.
  • Use Windows settings for new connections – All adapters are initially set to use the operating system’s own default settings but you can disable this option if you prefer to use Emsisoft Internet Security to configure your own settings.

Clicking on a connected network in the list displays the following connection properties for that network:

  • Category – Lists the current trust level for this network connection. You can adjust this setting individually for each connected network by selecting [Public network] or [Private network] from the drop down menu.
  • Type – Lists whether the network is wired or wireless and whether or not it is currently connected.
  • Addresses – Lists all IP addresses associated with the connection.

Automatic Rule Settings

The Automatic rule settings button allows you to configure how Emsisoft Internet Security should behave with regards to automatic creation of firewall application rules. Settings are selected separately for Trustworthy programs and Unknown programs from the following choices for incoming and outgoing connections:

Incoming connections

  • Ask – An alert is displayed with the options [Allow connection], [Block connection], [Allow all connections], [Block all connections] or [Create custom rule].
  • Allow – An allow rule is automatically created for this connection.
  • Block – A block rule is automatically created for this connection.

Outgoing connections

  • Ask – An alert is displayed with the options [Allow connection], [Block connection], [Allow all connections], [Block all connections] or [Create custom rule].
  • Allow – An allow rule is automatically created for this connection.
  • Block – A block rule is automatically created for this connection.

Programs are defined as trustworthy if they were made by a software vendor with a good reputation. Executable files must also be digitally signed to ensure that their integrity has not been tampered with.

Programs are defined as unknown if they are not digitally signed and are therefore unable to be definitively linked to a specific software vendor.

  • Advances firewall settings for better security will be the setting as shown below

  • If you want more control on which trustworthy application access the internet, then you can do setting shown below

SCAN NOW

The Performance settings button opens a dialog with the following advanced options for controlling scan performance:

  • Use the following processors for scans – Advanced users may wish to limit scans to use only a certain number of processors if they require individual processors to be reserved for other tasks. By default all processors are used.
  • Number of threads – Specifies the number of worker threads active during a scan. The default is the number of processors being used for scanning plus one for reading the data.
  • Scan thread priority – Advises Windows to give the scanning threads the specified priority over other running processes. Priority can be set to a minimum to avoid negatively affecting the performance of other active tasks, e.g. when running lengthy background scans.
  • Use advanced caching – Allows intelligent self-optimization of scans on a continual basis by avoiding the need to re-examine known safe files if their contents remained unchanged.

 

  • You can untock Processor1 in multicore system so that it remains available for use to other applications
  • Set the number of threads equal to the number of processor ticked. If three processors are ticked then set thread to three.

Custom Scan

The custom scan method warrants describing in more detail. You can use this scan type to individually configure the scan behavior to suit your needs.

Use the Add folder and Remove folder buttons to add or remove folders to be scanned.

Under Scan Objects you can enable or disable the following options:

  • Scan for active Rootkits – Rootkits are a type of Malware that manipulate the system in a way that causes it not to show specific information or files anymore.
  • Scan memory for active Malware – Scans all currently loaded programs and their components.
  • Scan for Malware Traces – Malware Traces are manipulated registry settings or non-executable malware data or configuration files that are indicative of an infection.

If you only want to scan files within a certain folder, you will want to disable the above options as they apply to scanning for malware system wide rather than only in selected folders.

Under Scan Settings you can configure detailed settings for the actual scan by enabling or disabling the following options:

  • Detect Potentially Unwanted Programs (PUPs) – PUPs are programs that are not dangerous by definition, but are usually unwanted by most users as they display ads or manipulate browsers.
  • Scan in compressed archives (zip, rar, cab) – Malware sometimes hides in compressed archives. Please note that scanning of archives may take extra time.
  • Scan in NTFS Alternate Data Streams – Data streams are hidden layers in regular files that may be used to hide malicious code.
  • Use file extension filter – Limits the scan to the specified list of file extensions.
  • Use direct disk access – Direct disk access is a more effective (but slower) alternative method of reading files from the hard disk for scanning. It should be used only for finding Rootkits, not for scanning the entire hard disk.

If you wish to repeat a custom scan in the future, you can save the configuration to a scan settings file via the Save settings. button and load it at any time via the Load settings button.

Click the Next button to start the custom scan.

  • Tick “use file extension filter” so that only files with certain extension will be scanned

SETTINGS

The Settings screen allows you to configure general program options, and preferences for Scheduled Scans, Updates, Notifications, Permissions and License

General

Main

  • Enable real-time protection at startup – To prevent new Malware infections, it is essential that real-time protection is always enabled.
  • Enable self protection – Protects Emsisoft Anti-Malware or Emsisoft Internet Security from any external modification attempts to the software’s installation folder and configuration. It is recommended that you leave this option enabled.
  • Enable captcha protection on program shutdown – Displays a challenge-response test to determine whether or not the user is human. This prevents automated termination of Emsisoft’s real-time protection by Malware.
  • Enable memory usage optimization – When enabled this option reduces the amount of RAM being used by swapping out non-active data (such as signatures) to the pagefile. On older computers this may result in system slowdowns. If you have sufficient RAM, you may wish to disable this feature to ensure maximum speed.

Explorer Integration

  • Enable Explorer integration – Allows scanning of individual files or folders via the Explorer context menu (right-click).

Logging

  • Enable logging, maximum records: – Define the maximum number of entries to be kept for activity logging. Use a value of 0 for unlimited logging. The default value is 3000.

Backup and Restore Settings

  • Import settings – Allows you to restore the General software settings, Application and global firewall rules, Host rules, Permissions, and Whitelist.
  • Export settings – Allows you to save the General software settings, Application and global firewall rules, Host rules, Permissions, and Whitelist to a specified folder.
  • Factory defaults – Opens a dialog where you can specify which settings (General software settings, Application rules, Host rules, Permissions, Whitelist, Global firewall rules) you would like to reset to their default settings. There is also the option to clear all logs and reset counters.

Language

  • The dropdown menu allows you to define the language used for the user interface and alerts. Around 30 different languages are currently available.

Quarantine Re-scan

  • The dropdown menu allows you to customize the re-scanning of quarantined objects after each signature update to identify any false detections (false alerts) and restore them if necessary. You can select from [Automatic], [Manual] or [No re-scan].

 

  • Untick “activate memory usage optimization” to improve the overall performance if you have 4 GB or more RAM installed in the system

Update Settings

Select your preferred update settings by selecting or deselecting the following check boxes:

  • Maximum simultaneous update connections – This option allows you to adjust the maximum number of connections (1-10) that may be used simultaneously for downloading updates. Use of multiple connections speeds up the transfer of online updates. If you experience problems with simultaneous downloads due to a slow or unstable connection, please enter a value of 1 to use consecutive downloads instead.
  • Enable beta updates – Select this option only if you always want to use the latest, untested Beta versions of the program files. We recommend that only experienced users select this option, or when you are requested to do this for fault-finding purposes. Beta updates may still contain bugs and cause unpredictable problems.

If your Internet connection uses a Proxy Server then you can configure the corresponding settings such as server address and user information in the dialog displayed when you click the Proxy settings button.

Notification Popups

The Notifications section allow you to configure the behavior of Emsisoft Anti-Malware or Emsisoft Internet Security’s notification popups:

  • News notifications – When this box is checked (default setting) a notification is displayed during online updates when a new Emsisoft news article become available.
  • Update notifications – When this box is checked (default setting) a notification is displayed after a successful update.
  • Computer restart notifications – When this box is checked (default setting) a notification is displayed when a computer restart is required (e.g. after certain Emsisoft Anti-Malware or Emsisoft Internet Security program updates). When unchecked, restarts are performed automatically.
  • Application restart notifications – When this box is checked a notification is displayed when Emsisoft Anti-Malware or Emsisoft Internet Security needs to restart (e.g. after an Emsisoft Anti-Malware or Emsisoft Internet Security program update). When unchecked, application restarts are performed automatically.
  • Removable devices notifications – When this box is checked a notification is displayed when Emsisoft Anti-Malware or Emsisoft Internet Security detects the connection of a removable storage device such as a USB stick or external harddisk.

Notifications for News, Update, and Application restarts can also be separated configured to display for your desired number of seconds.

Permissions

The default settings for Emsisoft Anti-Malware or Emsisoft Internet Security allow all users unrestricted access to all program functions. However, if your system has multiple Windows user accounts then you may prefer to prevent individual users from changing the configuration of Emsisoft Anti-Malware or Emsisoft Internet Security.

You must first be logged in as an administrator for the Permissions section to be visible. You can use the Set password button to set a password if you need to prevent other administrators from changing the settings in the Permissions section. In a business environment for instance, system administrators may want to prevent local administrators from changing these settings. Setting a password also provides the added convenience of being able to to temporarily overwrite any restrictions for the logged on user.

Select the user that you wish to restrict from the Restricted users list. If your computer belongs to a domain, then select the Use domain users checkbox to change the user list.

Now select the functions that you want this user to be allowed to access from the list of Allowed actions:

Logs

Logs are an important tool for tracing purposes. The Logs screen is divided into the following sections:

  • Surf Protection – A record of all logged Surf Protection actions with Date/Time, PID (Process ID), Application, Action and Detection columns. For example, the last column shows the detected URL.
  • File Guard – A record of all logged File Guard actions with Date/Time, PID (Process ID), Application, Action and Detection columns. For example, the last column shows the name of the detected object.
  • Behavior Blocker – A record of all logged Behavior Blocker actions with Date/Time, PID (Process ID), Application, Action and Detection columns. For example, the last column shows if a program has been allowed as the result of alert reduction.
  • Firewall (Emsisoft Internet Security only) – A record of all logged Firewall actions with Date/Time, Action, Application and Description columns. When a rule is added or edited, double clicking its log entry opens the relevant application rule.
  • Scan – A record of all logged scans with Date, Scan Method, Scanned, Detected, Duration and Type columns.
  • Quarantine – A record of all logged quarantine actions with Date, Source (Path), Action and Detection columns.
  • Update – A record of all logged updates with Update Started, Update Ended, Result and Type columns.

The Export button allows you to export a log as a text file. This can be useful for providing extra information in the case of queries or problems. The Delete button allows you delete individual log file entries in the list and the Clear button allows you to clear the entire list.

The View details button in the Scan section opens the corresponding report file with detailed information about the scan. The button of the same name in the Update section opens a dialog with information on each update action, such as the number and names of updated program components and the size of the updates.

Quarantine

Quarantine provides a safe place for storing dangerous or suspicious files. Files in quarantine no longer present any kind of threat to your computer. A file can also be restored from quarantine when (e.g.) it was moved by mistake or as the result of a false alert.

The quarantine list has Source (file path), Detection, Risk level, Date and Submitted columns. The buttons below the list provide the following administrative functions for quarantined files:

  • Save copy – Allows you to save an exact copy of the file to any desired location, e.g. to manually examine the file.
  • Submit file – Sends the file to the Emsisoft Anti-Malware Network, allowing our developers to perform further analysis. This helps to classify new currently unknown Malware and add it to the signature database.
  • Re-scan – Re-scans all quarantined objects using the latest signatures in order to detect previously unknown files or correct any false detections and allow them to be restored.
  • Add file – Allows you to manually move suspicious files into quarantine.
  • Restore – Moves a file from quarantine back to its original location.
  • Delete – Permanently removes selected objects from the hard drive so that they can no longer be restored.
  • Save quarantine list – Allows you to export the contents of the quarantine list as a text file.

Right-clicking in the quarantine list displays a context menu with Select all, Select none and Invert menu items to make selection and editing of multiple objects easier.

 

USING APPLICATION RULES

Below the list are the buttons Add new rule, Edit rule and Remove rule to assist with managing your rules. Rules can also be edited or removed via the context menu that is displayed when right-clicking on the selected rule’s Filename column.

When adding a new rule for a program, the first step is to click the  button next to the File field on the Application rule dialog and select the appropriate executable file so that the complete path is displayed.

Now select your rule type from the following settings:

  • Always block this application (impossible to run) – Completely blocks program X so that it can no longer run. Emsisoft Anti-Malware or Emsisoft Internet Security reliably prevent program X from running, without modifying the program file. An alternative solution is to place the program in quarantine. This moves the file to a secure environment from which it can no longer be started.
  • Monitor this application, but allow/block specific activities – Use this option to define exactly what activity is allowed or blocked for program X. The separate protection components below can be individually set to either [All allowed] or [Custom monitoring]/[Custom rules] for program X.
    • Behavior Blocker – If you choose Custom monitoring you can select the desired options in the behavior type list as follows to define permitted or blocked behaviors. If you don’t specify an [Allow] or [Block] setting for a particular behavior type, then you will receive an alert if that behavior is detected for program X.
      • Backdoor related activity
      • Spyware related activity
      • Hijacker related activity
      • Worm related activity
      • Dialer related activity
      • Keylogger related activity
      • Trojan downloader related activity
      • Inject code to other application
      • Edit (patch) another executable file
      • Install something invisibly
      • Use of hidden (Rootkit) processes
      • Install services and drivers
      • Modify autorun entries
      • Change the Hosts file
      • Change the browser settings
      • Register a debugger on the system
      • Simulate mouse or keyboard activities
      • Access disk sectors directly
      • System’s group policy changes
    • Firewall Incoming – If you choose Custom rules you can use the buttons Add new rule, Edit rule, or Remove rule to manage your own incoming firewall rules for program X. You can also adjust the order your rules are processed in by using the Move up and Move down buttons. If program X attempts to create an incoming connection that is not defined by one of your Custom rules, then your Firewall Automatic Rule settings for Trustworthy and Unknown programs will determine the action taken.
    • Firewall Outgoing – If you choose Custom rules you can use the buttons Add new rule, Edit rule, or Remove rule to manage your own outgoing firewall rules for program X. You can also adjust the order your rules are processed in by using the Move up and Move down buttons. If program X attempts to create an incoming connection that is not defined by one of your Custom rules, then your Firewall Automatic Rule settings for Trustworthy and Unknown programs will determine the action taken.The following configuration options are available when adding or editing incoming or outgoing rules:
      • Template – Select [Custom] to create a rule from scratch or select one of the pre-filled templates for different programs.
      • Name – Enter a descriptive name for your rule.
      • Action – Select whether you want this to be an [Allow], [Block] or [Ask] rule.
      • Protocol – Select whether the rule should apply to [TCP], [UDP], [TCP/UDP] or [ICMP].
      • Ports – Enter the port number/s or port range that the rule should apply to. When entering multiple ports or port ranges, they must be separated by commas, e.g. 137-138, 445
      • Addresses – Select whether this rule should apply to [All Addresses] or [Custom Addresses]. If you choose Custom Addresses, you can enter them into the field that appears below. When entering multiple addresses or address ranges, they must be separated by commas, e.g 192.168.0.5, 192.168.1.0-192.168.2.200

The option Don’t alert when this file changes should only be enabled if you are sure that the file cannot be manipulated or changed. Otherwise this setting should remain deactivated.

  • to block internet access to an application, select “All blocked” in firewall incoming

  • to block internet access to an application, select “All blocked” in firewall outgoing

To completely block an application from starting select “Always block this application” as shown below

  • Blocking just the firewall outgoing will block internet access to that application

 

CREATING A SCHEDULED SCAN

Enable Scheduled Scans

The Scheduled Scans section allows for easy configuration of automated and scheduled scanning of your computer at set times and frequencies:

Run At

  • Every [x] hour [x] min between [x] and [x] – At specified hour/minute intervals during selected time frames (e.g every 5 hours between 12:00 AM and 11:59 PM).
  • Once a day at [x] – Run daily at a set time (e.g 1.00 PM).

Schedule Scan

  • Monthly – On a particular day of the month (e.g. the 1st of every month).
  • Weekly – On selected days of the week ( e.g. only on Fridays and Saturdays).
  • Daily – Every day.

Additional Settings

  • Use silent mode for scan process – Configures scheduled scans to run invisibly to prevent distracting windows while you are working on the computer. Only an animated Emsisoft Scanner icon is displayed in the Taskbar. The Scanner window will only appear if an object is detected, to provide you with information. If nothing is detected the Scanner automatically terminates when it is finished.
  • Run missed scans on next program startup – If the computer is not turned on at the time of the scheduled scan, Emsisoft Anti-Malware or Emsisoft Internet Security will run the missed scan when you next start the computer.
  • Scan settings file – If no scan settings file is specified, a smart scan will be performed by default. You can use your own custom configuration file by clicking the “…” button and selecting a scan settings file (.a2s) that you saved earlier. Scan settings files can be saved by using the Save settings button when using the custom scan option. Scan settings files are saved to ProgramData\Emsisoft\Scansets by default.

 

SURF PROTECTION

Surf Protection provides an extra layer of security to protect you from suspicious websites when you are surfing the Internet.

The Surf Protection module lists all rules created for blocked and allowed hosts with Hostname, Mode, Category and Date.

You can display or hide the built in rules by selecting or deselecting the option to Hide built in list. The search box allows searching for specific hosts by entering strings.

You can configure the default mode [Don’t block], [Alert], [Block and notify] or [Block silently] to take for each of the following categories of hosts:

  • Malware hosts – Hosts engaged in Malware distribution (e.g. Adware, Spyware, Trojans, and Viruses, etc).
  • Privacy risks – Hosts that are used for advertising or tracking purposes.
  • Phishing hosts – Hosts that are involved in phishing. Phishing is a method that uses fake websites to capture passwords and other private data.

Below the hosts list are the buttons Add new rule, Edit rule and Remove rule (only available for rules you have created yourself) to assist with management of single rules.

The Import hosts file button allows you to add multiple rules at once by importing a custom hosts file. You can then select the desired mode for your list from the following options: [Don’t block], [Alert], [Block and notify] or [Block silently].

  • you can manually add a website or ip address to allow/block it

  • You should select “Block and notify” for PUP hots and Privacy risks

 

EMSISOFT ALERTS

  • When malware by File  Guard then this alert is shown

EMSISOFT INTERNET SECURITY 10 FILE GUARD _30-04-2015_07-43-57

 

EMSISOFT INTERNET SECURITY 10 FILE GUARD _30-04-2015_07-46-24

  • Alert asking the user what action to take when a PUP is detected by File Guard

EMSISOFT INTERNET SECURITY 10 FILE GUARD _30-04-2015_07-44-44

 

EMSISOFT INTERNET SECURITY 10 FILE GUARD _30-04-2015_07-44-53

  • Firewall alert asking user take decision whether to allow an unknown application to connect to internet or not

 

 

EMSISOFT INTERNET SECURITY 10 FIREWALL ALERT _30-04-2015_08-03-31

  •  While updating or upgrading software’s you will get this alert. If you know this application is safe select “Update rule”

EMSISOFT INTERNET SECURITY 10 ALERT_01-05-2015_01-12-29

 

EMSISOFT INTERNET SECURITY 10 ALERT_01-05-2015_01-13-33