New in 2017.7: Forensic Log and Auto-resolve mode for Behavior Blocker alerts

New in 2017.7: Forensic Log and Auto-resolve mode for Behavior Blocker alerts

2017-7-forensic-log-banner

New Forensic Log: A timeline to reproduce what happened

Do you remember the details of every single interaction you had with your malware protection software?

Of course not.

Whether it’s the wording of a particular alert or notification, or trying to recall what exactly you clicked on, it’s almost impossible to mentally keep track of every single malware-related event and what actions you took in the heat of the moment. To address this problem, we’ve introduced a new feature that we call Forensic Log, a condensed timeline that shows all events and user actions of Emsisoft Anti-Malware and Emsisoft Internet Security in an easy to read form.

The Forensic Log allows you to:

  • Reproduce exactly what happened and when. It puts all events from all areas of the software in a chronological order.
  • See all alerts of suspicious websites and programs and how they were dealt with, either by the user or by automatic actions.
  • See when malware scans were started and finished, along with all infections that may have been found.
  • See which settings have been changed and when.
  • See when online updates and scheduled scans were triggered by the scheduler.
  • Search the entire log flexibly for any keyword by using the live-search box.
  • Submit an entire timeline to customer support to analyze any issues that you may have.

New in Emsisoft protection 2017.7: Forensic log

New Auto-resolve mode for Behavior Blocker alerts

We get a lot of queries about whether it would be possible for our software to automatically deal with all Behavior Blocker alerts, as many users feel they’re not up to making the right decision on alert windows that look technically complex. We’ve listened to your feedback and decided to go one step further by not only providing a recommended action on those alerts (allow or quarantine an alerted program) but also offering a new Auto-resolve option for the Behavior Blocker that makes decisions all on its own.

Do note that even with Auto-resolve enabled, you are still in full control! Behavior Blocker may occasionally block good programs if their behavior patterns look similar to those of malicious programs, so we implemented the Auto-resolve mode in a way that still allows you to jump in and decide differently if needed.

New in Emsisoft protection 2017.7: Auto-resolve for Behavior Blocker alerts

Please note that the new Auto-resolve mode is enabled by default. You can still switch back to large alert windows with more details in the “Protection” > “Behavior Blocker” panel.

All 2017.7 improvements in a nutshell

Emsisoft Anti-Malware & Emsisoft Internet Security

  • New Forensic Log to reproduce all actions that happened in the software.
  • New Auto-resolve mode for Behavior Blocker alerts.
  • Fixed a bug that showed the scanner result window in scheduled scans even if silent mode was enabled.
  • Several minor tweaks and fixes.

Emsisoft Enterprise Console

  • Improved: Deployment dialog now also shows IP addresses in Active Directory networks.
  • Improved product stability and general fine tuning.
  • Fixed: Certificate issues that led to connectivity errors.
  • Several minor tweaks and fixes.

How to obtain the new version

As always, so long as you have auto-updates enabled in the software, you will receive the latest version automatically during your regularly scheduled updates, which are hourly by default. New users please download the full installer from our product pages.

Note to Enterprise users: If you have chosen to receive “Delayed” updates in the Update settings for your clients, they will receive the new software version no earlier than 30 days after the regular “Stable” availability. This gives you time to perform internal compatibility tests before a new version gets rolled out to your clients automatically.

Have a great (malware-free) day!

  • Alysson

    Mas que ótima notícia !

    Continuem com o excelente trabalho de vocês.

    • Obrigado Alysson! Vamos sim, pode contar com Emsisoft :)

      • Alysson

        Gostaria de sugerir que o mesmo fosse feito com os PUP.

        Ao invés do usuário tomar uma decisão o bloqueio fosse feito automaticamente.

        • Obrigado pela sugestão Alysson. Vou passar para o equipe.

  • Rogata Dusza

    Można poprosić o link do tapety?

  • As long as that that “Auto-Resolve”… thing (I tend to have unpleasant terms for anything that makes software make decisions for the user) can be set to off again and stay off for good, never to trigger under any circumstances for those who don’t want it, fine I guess.
    Still doesn’t seem to me that recommended actions are recommended properly though, as in if look up reputation is on but automatically allow/deny is off, prominently display the retrieved reputation and make the recommendations based on it.

    • Hi Robert, thanks for your feedback on our latest release. As we mentioned in the announcement, you can absolutely turn off the auto-resolve option by navigating to “Protection” > “Behavior Blocker” in the software.

      Regarding your comment about the recommendations, we are constantly looking for ways to improve how to find the right balance between giving the right information to the user while not being too obtrusive. The opinion of our customers is a key influencer in our development process, so constructive suggestions will always be forwarded to the respective teams for consideration for future releases.

      • Laura Jennison

        I have no idea what just happened here, but the program quarantined my regular Windows Mobility section where i disable the touch pad. Then another pop up said it was a mistake and I could click on yes to enable it. I did so, but the box that allows me to disable the touch pad is missing still…and I use a mouse so I really want this disabled, how do I do this?

        • David Biggar

          Hi Laura – fixing this is likely going to go beyond just a post or two, so please send an email to support@emsisoft.com, and I’ll be happy to help you!

      • Well, that balance can never be achieved by the software itself for all users, because users are different. What the software can do is allow each user to reach it for themselves by providing lots of options. Then surveys and usability tests can be used to determine what the defaults should be, to be appropriate for most of those who just want to install and not bother with it any more, while the rest should have said options and proper readily-available documentation to customize the experience for their own preferences and purposes.