Emsisoft Anti-Malware Pros
- Managed to score exceptionally well in malicious URL blocking and malware block tests
- Above average scores in independent lab tests
- Very efficient against behavior-based attacks.
Can detect ransomware as well.
- The user interface is clean and simple.
Emsisoft Anti-Malware Cons
- Not great in anti phishing tests
- Behavior based detection goes overboard by warning about both malware and valid programs
Emsisoft Anti-Malware Bottom Line
As the name suggests, Emsisoft Anti-Malware tries to focus on an antivirus product’s core functionality such as protecting the user’s computer machine against malware.
And it does more than a reasonable job of that.
Emsisoft has a nice simple and clean user interface and because of that, overall, it looks smart.
Emsisoft Anti-Malware Full Review
What are they?
Where did they come from?
Well, no one knows the exact answer to that question.
What we do know is that the earliest malware came in the form of computer viruses.
Security researchers quickly designed products that thwarted viruses and other bad stuff from hurting computer machines.
These products are what we call today antivirus products.
Now, the landscape has changed.
Computer viruses, per se, are not very common now.
But other types of malware such as ransomware, trojans, and spyware have become a lot more common than before.
In fact, we think that antivirus products should now go by the name of Anti-malware products.
But since the term “antivirus” has such great history in the industry now, no one wants to change it.
Emsisoft seems to have recognized this fact and has appropriately called its product Emsisoft Anti-Malware.
Emsisoft, as an antivirus company, had stopped releasing its antivirus products every year with small updates.
It has also tried to move away from numbered versions of its antivirus products every year.
Now, the company releases antivirus products new better and improved functionalities every month.
And the version number of its antivirus products reflect when the company released them.
This Emsisoft Anti-Malware review will take a look at the one that Emsisoft released in April 2017.
Emsisoft Anti-Malware Price
Emsisoft Anti-Malware will cost you $39.95 per year for a standard package.
This pricing range matches all the other top antivirus products in the market as well.
And when you think about Emsisoft Anti-Malware’s competition, the above statement is saying a lot.
Emsisoft Anti-Malware, from a price point of view, can comfortably compete with the likes of,
- BitDefender Antivirus Plus
- Webroot SecureAnywhere Antivirus
- Norton Antivirus Basic
- Kaspersky Anti-Virus
Other good antivirus products such as McAfee AntiVirus Plus cost users around $59.95 per year.
And although that price seems steep, it is not.
Because McAfee gives you an unlimited amount of licenses.
With just one subscription you can install McAfee on any number of devices.
Emsisoft Anti-Malware main window has about four big panels.
These panels basically take up most of the real estate that is available on the screen.
The four panels are basically categories of options that users can avail.
They are as follows,
Each of the four big panels provides useful information about how the antivirus program works and its tests and its results.
If you click a panel, then it shows you extra information.
These panels also show users less common configuration options.
The overall theme of the antivirus program is simple.
And it only burdens the user with controls and settings that are absolutely necessary.
Emsisoft Anti-Malware Independent Lab Results
We try to rank antivirus products by looking at five different independent labs.
And that is more than enough to gauge how good an antivirus product really is.
Unfortunately, of the five tests we follow, Emsisoft Anti-Malware participates in only two of them.
Virus Bulletin Reactive And Proactive
Emsisoft Anti-Malware scores extremely close to the average antivirus product in the market on Virus Bulletin Reactive and Proactive, RAP, test.
Speaking in terms of numbers, Emsisoft Anti-Malware scores around 80 percent.
AV-Comparatives carries out lots of tests to rank antivirus products.
We think that of all those tests, only five are worth following.
If AV-Comparatives see that an antivirus product has met the minimum requirements to pass one of its tests, then it awards that antivirus product with a Standard certification.
Antivirus products that perform better in more than one tests can earn the Advanced Plus and Advanced certifications.
Emsisoft Anti-Malware competed in four of the five tests.
And in those, it earned three Advanced certifications and one Advanced Plus certification.
These results are the reason that we feel Emsisoft Anti-Malware deserves a score of eight and a half stars out of a possible ten.
As you can probably imagine, Emsisoft Anti-Malware scores more than what is considered as acceptable.
But there are plenty of other antivirus products that have done better than Emsisoft.
Antivirus products such as Bitdefender Antivirus Plus along with Kaspersky score way higher than Emsisoft.
All the good independent labs, of which we follow five, include both Kaspersky and Bitdefender in their malware tests.
Both Kaspersky and Bitdefender managed to score an aggregate score of 9.8 points out of ten.
Emsisoft, as mentioned before, only managed to score 8.2 out of possible ten.
Emsisoft Anti-Malware Scan Options
Most of the top antivirus products offer about three types of scans.
They have the quick scan.
This scan basically looks for malware problems that reside in the user machine’s memory.
These scans also check common places where malware may exist.
Antivirus products also have the full scan feature.
This type of scan carefully monitors and searches the user’s whole computer system.
As just mentioned, it keeps an eye out for any sign of malware on the system.
The third type of scan is the custom scan.
This scan only performs a specific set of scan operations.
Moreover, users can limit the scan’s completeness and/or scale.
Emsisoft Anti-Malware is a bit different.
In other words, it has different scan choices.
It has the QUick scan which only keeps an eye on active computer programs.
There is also a Malware scan.
If you choose this type of scan, you will get what most other top antivirus products call the quick scan.
As mentioned before, this scan will look at your memory and all the common locations where malware tends to hide.
If you want to perform a full scan of your machine then you will have to choose the Custom Scan.
And then choose all the hard disk drives that exist on your computer machine.
Emsisoft Anti-Malware Scan Times
If you perform a full system scan on your computer with Emsisoft Anti-Malware, then expect it to last around 50 minutes.
That is very close to the industry average.
If you perform a second scan after the first full scan, Emsisoft will not complete it any faster.
Other antivirus products sometimes note down the list of safe files they come across during the first full system scan.
Then, on the second scan run, they omit those files from their operations if they find out that those files have not gone under any changes.
Hence, antivirus products such as BullGuard only take five minutes for their repeat full system scans.
ESET NOD32 Antivirus 10 takes around 30 seconds to finish its repeat scan.
Which is mind-boggling, to say the least.
Emsisoft Anti-Malware Malware Protection
As mentioned before, Emsisoft Anti-Malware is effective vs most kind of malware.
And as we have pointed out so many times before, the best antivirus products do a few things which are extremely important.
First, they stop malware attack before the malware can ever launch a program.
Top antivirus products tend to provide malware protection way before a malware can install any program on your computer.
And perhaps that is the best time to block malware as well.
There are other antivirus products that only check files for any kind of malware when the user tries to access them.
Do take note that even if you use the Windows Explorer to get your computer to display information about the file’s data, that will still count as an access action.
Though it is minimal access, it is “access”.
There are also those antivirus products that wait a long time to scan files and only do so once the user moves or changes the program.
And then there are those that never run as scan unless and until the malware program executes first.
Emsisoft Anti-Malware allows the users to choose any of the above-mentioned methods.
If we’re talking about default configurations, then Emsisoft Anti-Malware uses the Balance mode.
This mode enables Emsisoft to scan files when the user or the computer machine modifies the files.
Emsisoft also has a Thorough mode.
This mode scans files on each and every access.
There is also the Fast mode and it only performs the scan once the user or the computer launches the program.
How to Test Emsisoft
To test any antivirus product you have to test it with some malware samples.
Finding malware samples is not difficult.
Our research for this Emsisoft Anti-Malware review tells us that Emsisoft can comfortably wipe out 80 percent of the malware samples when they move to a new folder.
Emsisoft doesn’t burden the user with multiple pop up notifications though.
It stacks them up.
In other words, if you have pending notifications, then Emsisoft will display them in one simple notification box.
Of course, placing all notification in such an arrangement is odd.
The notifications slide to the right of the user’s screen from the middle of the screen.
However, the user can tweak the Emsisoft notification system.
They can slide from top to bottom, left to right, or center.
Moreover, Emsisoft also allows users to control how long the notification messages stay visible.
After the first malware test, one must perform the test one more time just to tighten things up.
The best way to carry out the second test is to use a second set of samples that are basically copies of the first.
Then, one should change their filenames and then add zeroes to the end in order to change the second set’s malware file size.
It also helps if one can overwrite a few non-executable bytes.
Then one has to copy this second set to a new location.
Our research for this Emsisoft Anti-Malware review shows that Emsisoft didn’t detect about 27 percent of the malware the second time around.
It had removed the same malware samples the first time around though.
But Emsisoft has multiple layers of protection.
And one of those layers is signature-based detection.
When Emsisoft brings this to the party, things start to change a little bit.
Second Malware Test Result
As mentioned before, initially Emsisoft massacred about 80 percent of all malware samples.
What about the test though?
Well, Emsisoft killed the surviving malware samples as well then they tried to launch themselves.
Moreover, Emsisoft first detected and then stopped each and every malware sample.
It flagged some of those malware samples as PUPs or Potentially Unwanted Programs.
We think the best option to take in such as case it to move these files to the quarantine zone.
Emsisoft can quarantine files so that’s great as well.
Emsisoft, through its own analysis, moved one of the unwanted toolbars to the quarantine zone as well.
It then quarantined other samples by determining their suspicious behavior.
Our research also tells us that a small number of executable files (actually malware samples) managed to make their way onto the test user’s computer machine.
That is the reason why Emsisoft earns a great a 9.4 out of 10 rather than a perfect score.
If an antivirus product can detect a hundred percent of malware samples, which Emsisoft does, then that is good too.
More Malware Results
As mentioned before, you have to test an antivirus product multiple times in order to come to conclusion about its quality.
One has to change malware samples from time to time to keep things straight.
The best way is to test the antivirus product with the latest malware samples.
This ensures that average antivirus products such as IObit Malware Fighter 5 Pro, can make other good products such as Emsisoft Anti-Malware look good.
But the problem is, when you test antivirus products with a different set of malware samples, then you can’t really compare results.
Webroot SecureAnywhere AntiVirus, when subjected to the same malware samples, detected a hundred percent of the samples.
And hence scored 10 out of 10.
Comodo and PC Matic scored the same as well.
As mentioned before, an antivirus product has to protect users against all malware including the new ones.
So, to test an antivirus product against the latest malware samples, one has to start off by feeding the test antivirus product with malware-hosting URLs.
MRF-Effitas is generous enough to supply everybody with those.
How To Test For Malicious URLs
To test an antivirus product, one has to load the malicious URL list directly into the test environment and then launch each malicious URL.
Then we have to note whether the test antivirus product prevents all types of access to the malicious URLs.
A good antivirus product has to delete malware downloads as well.
Bad antivirus products space out and let malicious URLs do their thing until it is too late.
To have a comprehensive test, one has to test each antivirus product with at least 100 of these malicious URLs.
And then end the test.
Emsisoft Anti-Malware Score On Malicious URLs
As far as malware downloads go, Emsisoft Anti-Malware managed to block an excellent 94 percent of them.
Moreover, it blocked more than sixty-six percent of them by blocking the user’s and the computer’s access to hose malicious URL.
Most good antivirus products go ahead and replace the malicious URL page that appears in the web browser with their own warning page.
Emsisoft doesn’t do that.
Instead, it slides one of its own notification and informs the user that the antivirus product has detected a malware host.
In other words, it detects the known threat and then leaves it to the web browser to show its own error notification.
Other antivirus products that have performed better than Emsisoft Anti-Malware include,
- Avira Antivirus Pro which can detect around 95 percent malicious URLs.
- Norton, which has held its thrown for a long time now with 98 percent detection rate.
Apart from these two, Emsisoft Anti-Malware performed better than almost all other antivirus products.
What About Phishing Protection Feature?
Let’s talk about those as well.
Emsisoft is so good at blocking malicious URLs due to its Surf Protection feature.
This same Surf Protection feature helps Emsisoft to prevent its customers from falling victim to phishing sites and scams as well.
What are phishing sites anyway?
They are fake web sites that hackers design just so that they can steal your login credentials.
Usually, these phishing sites try to mimic real secure websites that have a good reputation in industries such as online gaming and banking.
If a user goes to these fake sites and logs in, then that user has effectively given away all access to his/her bank account.
And if the hackers wanted to steal your gaming data, then that means you’ll have to say goodbye to your level 10 Paladin as well.
How To Evaluate Antivirus Programs?
Of course, antivirus products have to manage these phishing sites rather well.
To test antivirus products, one has to collect the latest phishing site examples that exist of fraud-reporting sites.
To make the test more demanding, one has to try to collect those phishing sites which are absolutely brand new.
Because if they are brand new then no blacklist site would have analyzed and then blacklisted these phishing sites.
Phishing sites that are new are actually the ones that present the most danger.
Then to begin the testing, one has to launch each of these phishing site’s URLs in five different web browsers simultaneously.
One of the web browsers must have the test antivirus protecting it.
Another web browsers must come under Symantec Norton Antivirus Basic protection because it is the king of anti-phishing effectiveness.
The other three web browsers should have nothing but built-in phishing tools to protect them.
Moreover, the three browsers that we’ll analyze are as follows,
- Internet Explorer
Emsisoft Anti-Malware Antiphishing Results
Why is Norton the king when it comes to anti phishing protection?
One reason is that Norton uses heuristic analysis component as its critical feature that analyzes web pages in real time.
It then keeps an eye on these pages for potential fraud.
Emsisoft is different.
It only relies on an online blacklist.
In other words, there is no real-time component.
And frankly, the results speak for themselves.
Emsisoft could not even compete with Norton as it scored 32 percentage points less than Norton’s magnificent detection rate percentage.
Moreover, Emsisoft couldn’t even beat the web browser built-in anti phishing features.
There is a plus side though:
Emsisoft has actually improved its score since its last version came out.
Back then, Emsisoft scored a mammoth 61 percentage points less than Norton’s percentage.
We can’t name many antivirus products that can beat Norton at antiphishing protection.
The only ones we know for sure are as follow,
- Kaspersky Anti-virus
But these too barely edged out Norton.
And perhaps that is a good sign of competition in the industry.
Emsisoft Anti-Malware Ransomware Features And Behavior Blocking
Emsisoft and its behavior blocking feature already protect users against malware and malicious URLs.
Upon further exploration, we now know that it can do more as well.
To test for ransomware protection, one can always use really old system utilities that try to bite their way into deep system properties that may seem suspicious.
Well, Emsisoft surprised us.
Let’s explain that a bit.
Our research for this Emsisoft Anti-Malware shows that it displayed (or more like slid out) its proprietary notification which indicated suspicious behavior.
But then it changed its notification.
This happened once it had contacted the cloud with a qwerty and found out that the old utilities didn’t pose any threat.
However, this method caused an interruption to these programs.
And hence these utilities could not work because the cloud query had disabled some relevant services.
All good right?
Well, let’s discuss what Emsisoft did with other utilities before we can come to a conclusion.
Emsisoft treated other utilities a bit differently.
In other words, it displayed a huge behavior-alert-banner ridden yellow-colored window.
This window looked pretty much like the window that Emsisoft slid out for the PUP warning message.
What caused this warning?
Well, a plain and singular action that caused a change in the autorun settings triggered the above-mentioned warning message.
A better solution would actually display a complete behavioral analysis.
Good antivirus products have systems that can learn behavior patterns and not just individual behaviors.
Emsisoft systems may result in the user blocking or quarantining harmless programs.
Some users may also, eventually, stop considering these warnings as serious.
More On Behavior Based Blocking
To further test an antivirus product against ransomware, one can just turn off the real-time antivirus component.
And then launch some bad ransomware samples.
Our research for this Emsisoft Anti-Malware review shows that Emsisoft managed to display a behavior based alert message when it encountered the first of these samples.
The message came in the form of a red banner and a message that the malware tried to manipulate other system processes.
If the user ignores these warnings and others that follow it, the Emsisoft takes over.
In other words, Emsisoft slid its onscreen pop up malware-detection again.
And also stated that the antivirus product had quarantined the crypto-malware sample.
That is all great.
What About The Second Ransomware Sample?
Emsisoft, again, reacted well with a behavior based red-banner warning message.
It stated that the ransomware program attempted to modify the user’s documents in a very suspicious manner.
With that said, Emsisoft didn’t call this suspicious behavior as ransomware.
But we would like to believe that all serious users would Quarantine such an alert message.
If the user does decide to quarantine the suspicious program, then Emsisoft moves ahead to remove the malware.
To sum up, Emsisoft, with its behavior-based detection is effective in catching malicious behaviors.
It can even catch some ransomware behaviors.
But as we have alluded to before, it doesn’t look like it is ransomware-specific.
With that said, it does display alert messages for bad and good programs.
That, in our point of view, decreases this feature’s effectiveness.
Emsisoft Anti-Malware Conclusion
As we mentioned in the beginning of this Emsisoft Anti-Malware review, Emsisoft’s single focus is on protecting the user and the user’s computer system from malware.
It doesn’t have other extra features such as spam filtering and firewall.
Moreover, it doesn’t spend valuable resources on other tangential tasks.
In other words, it doesn’t really scan for potential vulnerabilities.
Emsisoft, also doesn’t take care of wiping web browser’s traces.
And no, it does not block those annoying ads on web pages either.
If you feel that you can live with that, then Emsisoft Anti-Malware is a reasonably effective choice.
The minimalistic configuration settings and the light user interface just put the icing on this Emsisoft cake.
With That Said
It is better if you also consider some of the other top antivirus products in the market.
For example, Kaspersky Anti-Virus along with BitDefender Antivirus PLus are the absolute masters of scoring top marks with independent lab tests.
MOreover, Symantec Norton anti-virus Basic has decent scores as well and its intrusion prevention feature along with password manager and spam filter gives it the edge over its competitors.
Webroot SecureAnywhere Antivirus is the smallest and the lightest antivirus product in the world today.
And its comprehensive behavior-based malware detection system can even manage zero-day cyber attacks.
Finally, McAfee Antivirus Plus allows users to protect an unlimited number of devices with just one subscription.
It doesn’t score top marks (relatively speaking) with independent labs though.