What in god's name is going on with Emsisoft Anti Malware?

[Emsisoft]

Terri Ganzi, sorry to say but you should first learn how the software works before you start drawing any misleading and wrong conclusions.

Our products use Bitdefender + our own scan engine. Our first goal is to provide the best overall protection, while in the end it doesn't matter at all which engine detected a specific threat. Our second goal is to keep resource usage and memory consumption as low as possible. Which means we have to avoid loading two full scan engines, as they would require more than 500 MB of RAM and slow down the computer. However, since we are in full control over the sourcecode of our own one only, we can only apply modifications to our own part.

More precisely: We continuously check which threats are already detected by Bitdefender and disable all signatures in our own engine that were created to detect the same threats. At the moment we have own signatures for about 85 million different types of malware, but only about 1-2 million signatures are actively distributed via online updates to our software clients.

As a result you of course will see 99% "(B)" detections when scanning large malware archives. That's because we focus on the tiny delta on top of Bitdefender (which does a quite good job btw). Our own signatures mostly focus on brand new outbreaks. Hours later Bitdefender then usually publishes the same signatures so we can disable ours again.

If you really want to compare detection, get some brand new malware samples that are not yet shared across the whole antivirus industry and check which products are able to stop them. Tony Cole did an awesome real world test on Emsisoft Anti-Malware 9 beta lately: http://malwaretips.com/media/emsisoft-anti-malware-9-beta-youtube.61/

 

[Tony Cole]

Thank-you Emsisoft!

 

[BoraMurdar]

 

[Moose]

>
> Blame Umbra Polaris for what?
> With Microsoft, Windows 8.1 & Emsisoft?
> Not sure about this printed material, where is this printed?
> Escape Goat for who & why?
> Name calling and Profiling,why?
> Umbra Polaris is also, on Wilder Security ect....
> Labeling of MalwareTips?

Can some answer the above questions?

 

[BoraMurdar]

>
> Blame Umbra Polaris for what?
> With Microsoft, Windows 8.1 & Emsisoft?
> Not sure about this printed material, where is this printed?
> Escape Goat for who & why?
> Name calling and Profiling,why?
> Umbra Polaris is also, on Wilder Security ect....
> Labeling of MalwareTips?

Can some answer the above questions?

It's a joke

Fake newsletter template, don't take it serious

 

[Moose]

First thing that read today on the MalwareTips in which I was taking very serious!
I was half a sleep while reading. So, I guess the joke is on me!

 

[Rahadian Putra]

Now this is interesting,after reading this I told my neighbor, he is Frodo, he said he's gonna help Gandalf to break Umbra's spell. It's not an easy task he said! since Umbra is Sauron's apprentice and descendant of mordor

Emsisoft is great product by the way, I like it how emsisoft using dual engine along with BD engine, what emsisoft's staff mentioned above is also explained my curiousity, thanks!

 

[Malware1]

Note that Emsisoft doesn't add a file if it's already detected by Bitdefender. Their engine doesn't have the best detection, but remember they have Bitdefender + the behavior blocker.

 

[Terry Ganzi]

Well guys i'm in my father's G7 plane to meet with the parties at an undisclosed location where things could get sticky icky or go down smooth, at least that what the ladies in stilettos & mini skirts that i'm bringing are looking forward to cheers peeps

 

[Deleted member 178]

9.15pm here , it is time for me to hide in my secret facility and do horizontal sport, i will give a press conference about those infamous blames i am victim now !!! with what i will say , John Snowden revelations will look likes village's gossips

 

[Terry Ganzi]

9.15pm here , it is time for me to hide in my secret facility and do horizontal sport, i will give a press conference about those infamous blames i am victim now !!! with what i will say , John Snowden revelations will look likes village's gossips

Dam straight iyah

 

[BoraMurdar]

Now this is interesting,after reading this I told my neighbor, he is Frodo, he said he's gonna help Gandalf to break Umbra's spell. It's not an easy task he said! since Umbra is Sauron's apprentice and descendant of mordor

I think that Umbra is Morgoth himself

 

[Ink]

At the moment we have own signatures for about 85 million different types of malware, but only about 1-2 million signatures are actively distributed via online updates to our software clients.

I never knew this. Are the unused signatures used by your cloud network?

 

[BoraMurdar]

9.15pm here , it is time for me to hide in my secret facility and do horizontal sport, i will give a press conference about those infamous blames i am victim now !!! with what i will say , John Snowden revelations will look likes village's gossips

 

[Emsisoft]

Are the unused signatures used by your cloud network?

Yes of course.

You can browse the known program files at www.isthisfilesafe.com

 

[nsm0220]

you know that gdata already found a to keep their ram usage to 30-40 mb of ram so why not if you so worry about loading two full scan engines, as you claim they would require more than 500 MB of RAM and slow down the computer do some do some trial and error on your am software

 

[Nightwalker]

you know that gdata already found a to keep their ram usage to 30-40 mb of ram so why not if you so worry about loading two full scan engines, as you claim they would require more than 500 MB of RAM and slow down the computer do some do some trial and error on your am software

Antivirus performance or memory usage should never be measured by Task Manager alone, almost all antivirus solutions nowdays "cheat" using Windows Page File or they hide the real usage using some OS mechanisms.

For me this is stupid and it hurts performance, Eset and Emisisoft are among the few players that are honest about their memory usage and are fast because they actually use RAM memory to keep signatures.

In the end performance it is what matters, not fake ram usage, it is hilarious to see people thinking that their antivirus only use 20 ~ 40 mb (except cloud antivirus solutions). The engine and database should be loaded somewhere right ?

 

[nsm0220]

Antivirus performance or memory usage should never be measured by Task Manager alone, almost all antivirus solutions nowdays "cheat" using Windows Page File or they hide the real usage using some OS mechanisms.

For me this is stupid and it hurts performance, Eset and Emisisoft are among the few players that are honest about their memory usage and are fast because they actually use RAM memory to keep signatures.

In the end performance it is what matters, not fake ram usage, it is hilarious to see people thinking that their antivirus only use 20 ~ 40 mb (except cloud antivirus solutions). The engine and database should be loaded somewhere right ?

fake ram usage what you talking about and us av reviewers always use task manager to see how much ram usage that an av takes up

 

[Nightwalker]

fake ram usage what you talking about and us av reviewers always use task manager to see how much ram usage that an av takes up

You and some Av reviewers are simple doing it wrong, you should use something like Process Explorer and examine Working Set and Private Working Set (not enough for some Av ).

Please take a look here

https://www.raymond.cc/blog/which-free-antivirus-is-the-lightest-on-system-memory-usage/


In Wilders Security forum there are many threads about this, I will post the links soon ...

 

[Deleted member 178]

fake ram usage what you talking about and us av reviewers always use task manager to see how much ram usage that an av takes up

and you do wrong; RAM usage must be taken just as an indicator not the real resources usage; for example ; Webroot's processes use very few Mb of RAM but the pagefile usage is around 300mb ; of course the system responsiveness is not much affected but my RAM is still ate up. Why do you think i removed WSA from my setup.

testing AV is not just throwing bunch of malwares against an AV but to know the product in a deeper level. if i wanted i could do 1000+ review a year but i do very few because if i have to do a test, i need to know the product very well in all aspects and it will take more than a month for each.

i prefer be a closed-beta tester than a malware-tester; at least i know all implication of the software; and devs give me answers to my feedbacks in a accurate level since they need my feedbacks to improve their product.

it is ok to test malware but if you draw quick conclusions after the said product fails against one of them , you are wrong, you have to know why the product failed and doing a report to the support and ask for a reason ; ONLY THEN you can issue a statement.