App Review Emsisoft AntiMalware 2018 vs Ransomwares

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.

Comment your opinion

  • Would you use it ?

    Votes: 27 75.0%
  • If no ... plz comment the reason .

    Votes: 9 25.0%

  • Total voters
    36

tf44

Level 1
Apr 6, 2014
9
I have used this software and really liked it,very light and effective.I used it for 3 years,but when they did away with their firewall,that was it for me.I really don't like windows firewall,so I went with another company's securities software.I really like emsisoft as a company and respect there decision to discontinue their firewall.
 
I

illumination

You should not. This statement assumes that the product is proof against all malware whose activity could have been detected by an OutBound connection alert from the firewall. Can one really make this assumption?


-Emsisoft Anti-Malware has always had an application filter as part of its Behavior Blocker and that will continue to be true. The difference between the outbound firewall in Emsisoft Anti-Malware and Emsisoft Internet Security is that the former makes decisions autonomously, while the later, at least in theory, allowed you to also use your manual rules. In practice, the default for Emsisoft Internet Security was to automatically allow all outbound connections and the majority of all our users never changed it.

-Intelligent outbound firewall: The outbound firewall part of the Windows Firewall will by default allow every application to connect. This behaviour is actually identical with Emsisoft Internet Security, which also allowed any application to connect to the network or the internet unhindered by default. While both products can be manually configured to block programs from accessing the internet, most users don’t want to deal with this responsibility. This is where the intelligent outbound firewall that is part of our Behavior Blocker comes in, which will prevent malicious applications from communicating with the internet automatically while not getting in the way of benign applications.

-Windows Firewall Fortification: The functions Windows Firewall provides to software vendors to automatically create rules for their applications in the Windows Firewall for ease of use are also pretty much unprotected. That means that malware can and does create rules for itself automatically. In version 2017.8, we extended our Behavior Blocker technology to protect the exposed Windows Firewall functions from malicious usage. This gives you control over which of your applications are allowed to create Windows Firewall rules for you and which aren’t. This is what we refer to as “Windows Firewall Fortification”.

That protection is supposedly still in place, just administered differently. As to how effective it is, i could not state, as i have never tested it.
 

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
You should not. This statement assumes that the product is proof against all malware whose activity could have been detected by an OutBound connection alert from the firewall. Can one really make this assumption?

Some ransomwares can be stopped in their tracks by simple blocking outbound connections, most downloaders and "fileless" malwares too and it isnt even necessary to talk about keyloggers and RATs ...

I think Emsisoft trust its behavior blocker to stop most of those malicious connections, but I still miss and like outbound protection (I "blame" Cruel Comodo for that haha).
 

tf44

Level 1
Apr 6, 2014
9
I just believe a company has the right to do what they think is best for them.I didn't like their decision and I moved to different security solution,but I still respect their right to go in the direction they chose.
 
D

Deleted member 178

You should not. This statement assumes that the product is proof against all malware whose activity could have been detected by an OutBound connection alert from the firewall. Can one really make this assumption?
IMO, if a malware manage to create an outbound connection, you have already lost the battle. Malware must be stopped right away its execution, if not it doesn't matter what happens next.
Emsi's BB deny the creation of suspicious/malicious rules in the Windows Firewall, which is enough for most users.
Security vendors don't care of amateur testers throwing hundreds of malware against a product, because this isn't a real-world scenario; so it doesn't matter.
Outbound connections monitoring is only useful when the user want to control connections from legit softwares for whatever reason. Malicious ones shouldn't even be able to be created if the AV do its job properly.
If your firewall (the last in the attack chain) is the only module blocking a malware, you can start looking for a new security solution.
 

KevinYu0504

Level 5
Verified
Well-known
Mar 10, 2017
227
  • Like
Reactions: Azure

show-Zi

Level 36
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
As an aside, the area in the northeastern part of Japan was called '蝦夷' (emishi) in the past.
The inhabitants are never volunteering against malware.:ROFLMAO:(y)
 
  • Like
Reactions: KevinYu0504

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top