Tuesday, June 27, 2017

Emsisoft Anti-Malware

Emsisoft is a New Zealand-based company which has been providing antivirus solutions since 2003. Recently it's been doing particularly good work fighting ransomware, and the company regularly releases free decrypters to recover files without paying the ransom.

Emsisoft's core product is Anti-Malware, a versatile offering which uses two engines (Bitdefender's and Emsisoft's own) to detect and block viruses, ransomware, ‘potentially unwanted products’ and more. 

The package seems expensive at £34.40 ($43) for a one-computer, one-year licence, and adding more devices doesn't help as much as usual. A 10-computer, three-year licence costs £413 ($525); Bitdefender's equivalent would be £110 ($140).

There are some pluses hidden in the small print. If there's a major new release of the product within the licence period, you get it for free. There's a 25% discount on the renewal price for year two, and an extra 5% for every subsequent year, up to a maximum of 60%. Using Emsisoft long-term will eventually cost you less than many other products.

If you might be able to live with the price tag, an Emsisoft Anti-Malware trial enables trying out the product before you buy, and there's also a 30-day money-back guarantee as extra protection.

Setup

The Emsisoft Anti-Malware trial was easy to find and download. There's no registration involved and no need to provide your email address, which is now commonly requested with other products.

At the end of the setup process the installer offers to activate Emsisoft Anti-Malware as a trial or to order a full licence. When you choose the trial option, setup closes and the program runs its first full update.

We browsed the Emsisoft program files to run a few checks, but couldn't see any issues. All the executables were correctly signed, including third-party components like OpenSSL and the Bitdefender engine, and the package as a whole was noticeably smaller than most of the competition (the core executable code requires barely 100MB drive space).

The full system impact is a little different. The main Emsisoft Protection Service was using a sizeable 340MB of RAM (private working set) post-installation, and even after rebooting it grabbed 260MB. With two other background processes consuming a minimum of 40MB RAM, the application is noticeably more resource-hungry than many competitors.

Features

Emsisoft Anti-Malware may only be an antivirus package, but the interface displays more tabs, links and buttons than some suites. There are dialogs covering web protection, file monitoring, the behaviour blocker, anti-ransomware module, various scan types, quarantine area, program logs and more.

This doesn't necessarily make the program difficult to use. If you're not technically inclined, you can ignore most of the options, and just click Quick Scan to run a basic malware check, or Logs to review what's happened recently.

The real value here, though, is for more experienced users who'll appreciate Emsisoft Anti-Malware's extreme configurability. The URL filter can be extended with your own rules, or by importing your HOSTS file. You can precisely define when files are scanned, set up email notifications if malware is detected, customise when and how the program runs updates, decide which program events generate notifications, and control which user accounts are able to access Anti-Malware (great for stopping the kids changing your settings).

Our real-world experience wasn't always as positive. The Behaviour Blocker raised alerts about an entirely legitimate file on our test system, an MSI program no other antivirus has complained about, ever. We checked the Behaviour Blocker panel and it listed processes including SkypeHost, Windows Calculator and even the Windows Store. Bizarre.

Scans took longer than usual – even the ‘quick’ scan – but accuracy was excellent, perhaps the result of combining Bitdefender's and Emsisoft's own engine.

URL filtering was relatively weak, with the program catching barely half our test URLs. That's not as dangerous as it sounds – the antivirus engine correctly detected and blocked every malware download – but it's a definite weakness in the system.

Emsisoft Anti-Malware makes a good impression overall, and it certainly has what it takes to keep you safe, but the various hassles and weak spots are a concern.

Protection

While we run some malware detection tests during reviews, they can't compete with the large-scale efforts of the independent antivirus testing labs. Comparing and combining our results with their reports is the best way to get the big picture.

AV Comparatives' regular real-world protection tests have placed Emsisoft at or near the bottom of the list in the first four reports of 2017, but that may not mean what you think. Detection rates are good – 100% in some cases – but in many instances the app will ask you to confirm that a program should be blocked. Some people might say it's good to be given that control, but if running a threat will compromise your system, AV-Comparatives counts it as a ‘user-dependent’ fail. 

AV Comparatives' March Malware Protection test puts this in perspective. The Emsisoft test system faced almost 38,000 samples, and was directly compromised just five times: only Trend Micro and Avira did better, and others did much worse (113 for ESET, 145 for McAfee). But Emsisoft also gives more control over what happens after detection, and in the worst case each time – you allow a threat to run and it infects the system – there would be 117 more system compromises. That's what bumps up Emsisoft's ‘fail’ count and turns its results from good to poor.

Elsewhere, VirusBulletin's VB100 averages present a similar mixed picture. Emsisoft beats some big names in a few areas, but falls behind in others. It's good, but it's not quite good enough.

We completed our report checks with a look at AV-Comparatives' May 2017 Performance Test, which measures the performance impact of installing 21 top security products on your PC. Emsisoft was marginally behind several products, but trampled over many others (F-Secure, Panda, BullGuard, Trend Micro to name a few), and was awarded the top Advanced+ rating for the test.

Final verdict

Emsisoft Anti-Malware catches all sorts of PC pests and can be very accurate, but some modules aren't so effective, and the high price makes it hard to recommend.

0 comments:

Post a Comment

!!!!!!!!!!

Popular Posts

Categories

Blog Archive