Emsifoft can be compared with the best AVs?

[Tiamati]

Forgive me for asking, but, why so many people put Emsisoft side by side with Kaspersky, Bitdefender and ESET. The last 3 have a lot of tests showing they are very good and consistent AVs throught the last years. Emsifot on the other hand has few tests, and a lot of them showing not so good results. And currently I didnt find a lot of Emsisoft tests (except for a few in our forum...)

Don't get me wrong. I like some of their softwares as a second opinion, like the Emsifot Emergency Kit or Emsisoft anti pishing extension. They ARE good! But are they really SO good?

 

[ForgottenSeer 55474]

In my opinion Emsisoft is no match for Bitdefender or Kaspersky etc.

 

[Azure]

1. Because Emsisoft has been tested here on the Hub. And last time I checked it did well. No idea how it is nowadays though.

2. Because people who understands how Emsisoft BB works should be aware that in general despite what some AV test might imply user-dependent doesn't necessarily mean bad.

 

[ForgottenSeer 823865]

Forgive me for asking, but, why so many people put Emsisoft side by side with Kaspersky, Bitdefender and ESET.

Because Emsi is just good, and its lead developer is among one of the best security expert.

The last 3 have a lot of tests showing they are very good and consistent AVs throught the last years. Emsifot on the other hand has few tests, and a lot of them showing not so good results. And currently I didnt find a lot of Emsisoft tests (except for a few in our forum...)

Because Test Labs are marketing puppets of AV vendors, don't base your opinion from them.

Don't get me wrong. I like some of their softwares as a second opinion, like the Emsifot Emergency Kit or Emsisoft anti pishing extension. They ARE good! But are they really SO good?

Emsi is not about being better than other, it is doing what it is supposed to do the best way possible for the average user.
What Average Joe need? simplicity, Set & Forget product, and quick-to-reply support. Emsi do all these.
BD well...not so much.

One should understand here that there no use of compairing bitdefender with emsisosft since emsisoft is totally dependent on bitdefender signature based engine with its own pup engine.

not at all.
1- Emsi uses BD engine because it is cheaper than developing a full-house engine. Emsi devs have enough skills to do their own, but for that they have to invest a lot more , which they aren't willing to do. Emsi is a small company.
2- Emsi engine is not just about PUP but also focuses more on 0-days.

The only thing you can compare is behaviour blocker, again comparing bb of emsisoft with bitdefender is no match. Bitdefender is an outstanding product. Only kaspersky can come next to it.

Anyway, you don't compare a full suite with tons of bloat , umm sorry "features" with a simple AV with a BB.

 

[Dex4Sure]

Well its just my opinion, but I think one of Emsisoft's current shortcomings is using Bitdefender engine. Bitdefender has always a lot of false positives, but they have been starting to fall behind Kaspersky and few others recently also in detection rates. And again, BD engine is rather poorly maintained, almost all detections are just named "trojan.generic" or something along those lines, while Kaspersky and ESET for instance take their time to actually name their detections more accurately... So you actually get an idea whether you're dealing with rootkit, trojan, potentionally unwanted software, adware etc. And that combined with high number of false positives, not good tbh. Its for this reason why I wouldn't use Emsisoft, or any other product that uses Bitdefender signatures for that matter.

 

[ForgottenSeer 823865]

Well its just my opinion, but I think one of Emsisoft's current shortcomings is using Bitdefender engine. Bitdefender has always a lot of false positives,

Luckily you didn't try Emsisoft when it had the Ikarus engine, it was abandoned for BD especially because of BD having less FPs.

 

[Tiamati]

1. Because Emsisoft has been tested here on the Hub. And last time I checked it did well. No idea how it is nowadays though.

I like to check those tests, but despite the good intention of our friends here, they represent just a very small share of the universe, and they don't follow a consistent methodology (with a few exceptions) over the tests. I think they are a good tool to check how AVs are doing with our own hands, but not the only tool. I usually make my opinion using the tests on Hub with others independent tests

Because Test Labs are marketing puppets of AV vendors, don't base your opinion from them.

I agree that there are a lot of fake tests, but i think it's difficult to say that they are ALL fakes. Furthermore, if you check some of the major tests, there is a consistency on tests' results. If we get paranoid above them all, so there is no point in comparing any of them anymore; at least considering tests

BD well...not so much

Well, I don't agree. I used BD for at least 8 years on my computers (paid version) and my parents computers (free version) and neither me or them faced any problem learning how to deal with it. Specially the free version is just install and forget for the average user. Before i gave it a chance on my parent's PC, i tried avira, avg, avast and even comodo haha. I was always having to change AVs every 6 months on their system because the PC was always infected with virus (and because my parents didn't have a clue about web security at that time). Since bitdefender, i never had that problem anymore. Anyway, last month i changed all my AVs for Kaspersky, and i'm really liking it! Even more than Bitdefender.

. And that combined with high number of false positives, not good tbh

The majority of tests i've seen dont show BD having a lot of FP...

Bitdefender in past 4-5 years has drastically improved itself.

Indeed

Best testing is always done when it happens in front of you.

I would, if i had the time and knowledge to do it

 

[ForgottenSeer 823865]

A signature can be made from multiple malware of the same family but slightly different from each other, so a unique name isn't possible.

Unique name are often given to newly detected malware, when they got older they often have variations so they are grouped together under a generic name.

 

[Tiamati]

When it comes to proper renaming, proper means proper, eset is the best, not even kaspersky because they have irrelevant naming when it comes to renaming the sample as 32 bit or 64 bit.

Till date the best detection name has been of Eset.

Well I had a chat with bitdefender support who inturn connect with malware researchers in order to get reply back to customer queries.
As per research team internally they have proper knowledge of what is for example wannacry ransomware, analbelle ransomware etc and will respond back to customer in that manner only but they will detect the sample as either trojan.ransom, trojan.generickd or etc, for them detecting a sample is more important than stating a correct name. According to them they name the sample such that internally they know what type of sample they are dealing with.
This was reported by malware researchers to support team and which inturn was reported back to me.
They are not fancy about detection names, and in the world where every second a malware is created, protection is more important than renaming a sample.

There was once a time when norton had a huge databse which was outsed by bitdefender. I am not like favouring pros. of bitdefender, but companies knows it better how do they want to handle stuffs and yes where they feel like detection is not correct they do correct it like sometimes i had sent them keyloggers sample or pup sample which they detected as trojan.generickd. As per now any pup with the latest detection engine is detected as Application.Deceptor or any keylogger is detected as Application.Keylogger, they do name the type of keylogger only when they feel like the said keylogger is famous in wild.

Very interesting. Ty for telling us. I didn't know all those details.

 

[low L!fe]

They are all strong
Without bias
The arrangement from the strongest to the least powerful is as follows :
1-Kaspersky
2-Bitdefender
3-ESET
4-EMSISOFT

My Favorite program is Bitdefender
If you care about performance go to ESET or Mcafee
I don't care about performance
Because I have Workstation
So its better GDATA or Bitdefnder

 

[show-Zi]

My interpretation. If other AV software is a straight ball, emisi is a changing ball. The core of the software is not the detection by the list of the database, but the alert to the unknown. Therefore, the possibility of false detection increases.

 

[bribon77]

Emsisoft
Kaspersky
ESET
Bitdefender
With any of them they are not wrong.

 

[Dave Russo]

Emsisoft is a nice program ,I never had a virus while having it installed, I just got perturbed with them dropping there firewall online armor,which had gotten really bad test results,so shortly after they added a so called by them(kick ass firewall),then they decided no firewall,just use windows. I stopped using, when no explanation of why there kick ass firewall kicked the bucket

 

[ForgottenSeer 823865]

1- firewall online armor,which had gotten really bad test results
2-,so shortly after they added a so called by them(kick ass firewall),
3-then they decided no firewall,just use windows. I stopped using, when no explanation of why there kick ass firewall kicked the bucket

1- Online Armor was the best Firewall + HIPS at that time, its only contender was Comodo Firewall.
2- Because OA was abandoned due to sales that couldn't finance its development. The sad truth of business reality.
3- Yes because there was more issues (aka support tickets), it had the merits of being a true firewall (not just a GUI like we see in many suites) but the Average Joes (main Emsi customers) had issues with it, so logically it was also abandoned, no reason to keep it when Windows Firewall is very good and can be just reinforced by EAM to protect it from malicious modifications.

Personally i'm just using an hardened Windows Firewall, most home user firewalls are worthless, and afford nothing much in term of security but instead introduce more bugs and connections issues.
If people want an outbound connection alerts, just install WFC or similar.

 

[Tiamati]

1- Online Armor was the best Firewall + HIPS at that time, its only contender was Comodo Firewall.
2- Because OA was abandoned due to sales that couldn't finance its development. The sad truth of business reality.
3- Yes because there was more issues (aka support tickets), it had the merits of being a true firewall (not just a GUI like we see in many suites) but the Average Joes (main Emsi customers) had issues with it, so logically it was also abandoned, no reason to keep it when Windows Firewall is very good and can be just reinforced by EAM to protect it from malicious modifications.

Personally i'm just using an hardened Windows Firewall, most home user firewalls are worthless, and afford nothing much in term of security but instead introduce more bugs and connections issues.
If people want an outbound connection alerts, just install WFC or similar.

Hey @Umbra i've already seem a lot of people saying that home user firewall can actually be worst them the windows own version. Did you see any info that support that position? BTW did you hardened Windows only with Hard_Configurator?

 

[ForgottenSeer 823865]

Hey @Umbra i've already seem a lot of people saying that home user firewall can actually be worst them the windows own version. Did you see any info that support that position? BTW did you hardened Windows only with Hard_Configurator?

All firewalls have to use WFP (Windows Filtering Platform) as core components.
3rd party firewall add their code on top.
So obviously Windows Firewall compatibility is optimal. Also like any softs, 3rd party firewalls may introduce bugs and vulnerabilities.

You don't need evidences, if you ever tried several 3rd party firewalls on long terms, you always had some connections issues in some points. Since I used Windows Firewall I never had any.
Not a big argument, sure, but for me it is more than enough.

I don't use H_C, because I'm on Windows 10 Enterprise, and @Andy Ful confirmed there is no much gain. H_C is basically enabling some Enterprise security features for Home version users, plus some other tweaks.

Most of my hardening are made via GPO.