App Review Emsisoft Anti-Malware vs Kaspersky Total Security Comparative

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra

Shadowra

Level 33
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,247
Hello and welcome to this comparison!

Today we will compare Emsisoft with Kaspersky.
The interfaces of the 2 antivirus are quite similar, they can be adapted to a novice or expert public due to their numerous settings.

On the web and on the fake crack, the 2 software are identical and pass the test.

On the pack, it is different. Kaspersky makes a machine completely safe. This is not the case with Emsisoft!
Emsisoft certainly defends itself, but lets some infections through, including a Java infection...

Kaspersky wins this duel!



@anirbandutta01 request
 

Andrezj

Level 6
Nov 21, 2022
248
it was kinda crazy to think Emsisoft can protect you as well as Kaspersky
Thanks for the test @Shadowra
emsisoft and outpost were the only av suite that prevented nation state finspy, kaspersky let finspy infect everything
kaspersky block .jar files by default, emsisoft does not block any files by default, but it does not matter about the .jar file sitting in appdata with no execution engine on system to run, the .jar is inert and poses no security risk, the only way there would be security risk for .jar file is if java virtual machine was also downloaded and installed by the malware in the background
the video is misleading in saying there is a java infection, there is only a .jar file sitting in appdata doing nothing
 

Shadowra

Level 33
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,247
the video is misleading in saying there is a java infection, there is only a .jar file sitting in appdata doing nothing
Deceptive? Check out my KillSwitch

Capture d’écran 2022-12-18 230435.png
 

Like a Western!

Level 9
Verified
Well-known
Apr 6, 2016
440
emsisoft and outpost were the only av suite that prevented nation state finspy, kaspersky let finspy infect everything
yea well Trusport was also one of those few anti-viruses that blocked it too.
And Comodo also is one of the other few ones that blocked it.
both trash nowadays.
Also there was a ransomware that avoid to start encryption on victim system if there is a McAfee or Dr.Web process running on it's task manager.
you're welcome to bet your online safety on any of mentioned products.
Emsisoft is better than them all, just not "that" better.
 

Andrezj

Level 6
Nov 21, 2022
248
Deceptive? Check out my KillSwitch

View attachment 271388
the icon is java and the file name is java.exe (easily replicated), that does not prove it is actually java runtime from oracle, you are assuming that it is oracle java runtime without ever manually inspecting it
you do zero analysis, you just accept whatever results the av scanners tell you
so what if a process is running?, do you actually believe that showing a process obtained from a malware pack loaded into memory in killswitch is definite proof that it is actively doing something malicious?
this is the main problem with this type of testing
 

Andrezj

Level 6
Nov 21, 2022
248
yea well Trusport was also one of those few anti-viruses that blocked it too.
And Comodo also is one of the other few ones that blocked it.
both trash nowadays.
Also there was a ransomware that avoid to start encryption on victim system if there is a McAfee or Dr.Web process running on it's task manager.
you're welcome to bet your online safety on any of mentioned products.
Emsisoft is better than them all, just not "that" better.
how good emsisoft protects is not the point
what is important is that the testing has certain flaws
 

Shadowra

Level 33
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,247
the icon is java and the file name is java.exe (easily replicated), that does not prove it is actually java runtime from oracle, you are assuming that it is oracle java runtime without ever manually inspecting it
you do zero analysis, you just accept whatever results the av scanners tell you
so what if a process is running?, do you actually believe that showing a process obtained from a malware pack loaded into memory in killswitch is definite proof that it is actively doing something malicious?
this is the main problem with this type of testing

You are entitled to your opinion, but not to distort my work.
Before I answer you, please know that my tests are serious, and that I have a good reputation here. I would never bother to falsify a result, it would not make sense.

Secondly, yes I have seen it with NPE. I did a VirusTotal (out of video) which was detected by AhnLab and 2 other unknown AVs.
I did not put it in the video, I was not filming at the time.

And yes, Emsisoft did leave the infection when I ran the sample.
By the way, I always submit my packs at the end of the test, it is detected now.
 

Like a Western!

Level 9
Verified
Well-known
Apr 6, 2016
440
how good emsisoft protects is not the point
what is important is that the testing has certain flaws
I mean you quoted me when i was stating a fact about how well can products protect users and again you stated a fact about products protection abilities against state-sponsored attacks
so the point of our conversation was how good products can protect users, it is also the point of Shadowra tests i believe.
flaws of the tests are another conversation that you're continuing with Shadowra itself
 

Andrezj

Level 6
Nov 21, 2022
248
Secondly, yes I have seen it with NPE. I did a VirusTotal (out of video) which was detected by AhnLab and 2 other unknown AVs.
nobody said you are falsifying tests

anhlab is notorious for false positives
ahnlab + only 2 "unknown av" detections, anything less than 5 detections by reputable scan engines is likely false positives
you still are relying upon what av signature tells you, you assume that if av scanner says malicious then it is malicious

you can run test, execute a file that does malicious things on system, terminates, deletes itself and never appears in killswitch, and every av scanner you use can miss it, but you would say system is clean because av scanner does not show that file

you do know that av copy signatures from each other on virustotal without ever doing analysis of their own to determine if a file actually does anything malicious?
this is well established flaw of virus total with discussions everywhere on web
you know who proved copying without analysis on virustotal? eugene kaspersky
so detection now after submission to virus total is scant eivdence that it is malicious, i can submit hundreds of safe files to virustotal that will be detected by every scan engine

this is limitation of the type of testing done, it ius not personal
 

Andrezj

Level 6
Nov 21, 2022
248
I mean you quoted me when i was stating a fact about how well can products protect users and again you stated a fact about products protection abilities against state-sponsored attacks
so the point of our conversation was how good products can protect users, it is also the point of Shadowra tests i believe.
flaws of the tests are another conversation that you're continuing with Shadowra itself
all tests has inherent problems, it is not criticism, it is limitation
such tests must be considered critically, thoroughly
the flaws is no secret, not wrong to point out and discuss
 

RansomwareRemediation

Level 4
Verified
Well-known
Jun 22, 2020
163
there is not much to say here. Clearly Kaspersky is superior. And that the Kaspersky version is not the new one. By the way, kaspersky released a new version 21.8 (basic-standard-plus).
Your tests always make me happy.
Greetings :3
pd: personal opinion, the result of Emsisoft seems mediocre, considering that they use two detection engines (engine A= their own and engine B = Bitdefender)
 

Shadowra

Level 33
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,247
there is not much to say here. Clearly Kaspersky is superior. And that the Kaspersky version is not the new one. By the way, kaspersky released a new version 21.8 (basic-standard-plus).
Your tests always make me happy.
Greetings :3
pd: personal opinion, the result of Emsisoft seems mediocre, considering that they use two detection engines (engine A= their own and engine B = Bitdefender)

I had a little problem with KPlus because I had already tested it. I know that with some avs, I can't install them anymore if I already test them. This problem should be solved because I will make several Ghost to bypass this problem :)
 

Andrezj

Level 6
Nov 21, 2022
248
there is not much to say here. Clearly Kaspersky is superior. And that the Kaspersky version is not the new one. By the way, kaspersky released a new version 21.8 (basic-standard-plus).
Your tests always make me happy.
Greetings :3
pd: personal opinion, the result of Emsisoft seems mediocre, considering that they use two detection engines (engine A= their own and engine B = Bitdefender)
do you not think that is an exaggeration to call emsisoft "mediocre"?
the difference between emsisoft and kaspersky in terms of indicators of compromise - if you assume the av scanner results are accurate - is only 2 files\objects
emsisoft 190/194 = 97.938%
kaspersky 192/194 = 98.969%
the difference between emsisoft and kaspersky not statistically significant, < 1% difference
 

RansomwareRemediation

Level 4
Verified
Well-known
Jun 22, 2020
163
do you not think that is an exaggeration to call emsisoft "mediocre"?
the difference between emsisoft and kaspersky in terms of indicators of compromise - if you assume the av scanner results are accurate - is only 2 files\objects
emsisoft 190/194 = 97.938%
kaspersky 192/194 = 98.969%
the difference between emsisoft and kaspersky not statistically significant, < 1% difference
consider that emsisoft has dual engine, and still lose the battle.
Greetings
 
  • Like
Reactions: Manifestation

Andrezj

Level 6
Nov 21, 2022
248
consider that emsisoft has dual engine, and still lose the battle.
Greetings
but 2 engines does not equal to 2X more detection, that is not how it works
detection rate and number of scan engines is not linear, if it was all av would put everybody else's scan engines into their product
emsisoft a engine, their own with solid signatures for the types of malware engine a targets, only has signatures for pups, warez, keygens, malware gotten from dark web, with focus on difficult infections and meticulous removal
 

peterfat11

Level 11
Verified
Top Poster
Well-known
Mar 25, 2021
515
but 2 engines does not equal to 2X more detection, that is not how it works
detection rate and number of scan engines is not linear, if it was all av would put everybody else's scan engines into their product
emsisoft a engine, their own with solid signatures for the types of malware engine a targets, only has signatures for pups, warez, keygens, malware gotten from dark web, with focus on difficult infections and meticulous removal
But Bitdefender's engine is already very powerful, with Emsisoft's engine would make what is already there stronger by focusing on difficult infections and meticulous removal(quote). Yet it is still lost to Kaspersky in terms of detection. So no matter if the number of engines liner with detection rate, Emsisoft lost this one to Kaspersky even with another engine backing it up.
They are still great products; as you said less than a 1 percent difference, but it did lose with two engines to one.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top