What in god's name is going on with Emsisoft Anti Malware?

Ulikedat · May 26, 2014

BoraMurdar said:

That just made my day.

Deleted member 178 · May 26, 2014

Emsisoft · May 26, 2014

nsm0220 said:
you know that gdata already found a to keep their ram usage to 30-40 mb of ram..

No they didn't.

They actually found the (well known) way to hide their RAM usage. Windows provides a simple API that pushes all non-used RAM data to the pagefile (like a memory file on the harddisk, google it). It's actually one line of code and the visible usage goes down from several hundred megabytes to about a dozen. That looks neat, but has a downside: The harddisk is by far not as quick as RAM. That means when the signatures are needed, the harddisk first has to read all data back to memory. Depending on the age of your hardware that may be a significant period of time and you will notice poor overall system performance. On a newer hardware, the difference may be neglectable.

In Emsisoft Anti-Malware you have full control over this 'feature'. If you enable the setting "Memory usage optimization", the pagefile is used and visible RAM goes down by time to less than 1 MB. If you disable it, more RAM is used but the overall performance of the PC will be best.

RAM is to be used to get most of the hardware's power, not to be kept free as much as possible. Actually most people don't know this simple fact.

An alternative to using the pagefile is to load the signatures in kernel mode, from within a driver e.g. Then you still won't see it in Task Manager, but if you simply sum up memory usage of all active programs and compare with your total memory used, you'll notice there is something hidden.

Deleted member 178 · May 27, 2014

Emsisoft said:
No they didn't. They actually found the (well known) way to hide their RAM usage. Windows provides a simple API that pushes all non-used RAM data to the pagefile (like a memory file on the harddisk, google it). It's actually one line of code and the visible usage goes down from several hundred megabytes to about a dozen.

exactly what Webroot does , but on Win8.1.1 x64 it is really visible via Explorer.exe and other processes doubling or tripling their RAM usage and when some beta-testers asked if it will be fixed ; they answered , it is not their priority right now...

Oxygen · May 27, 2014

Umbra Polaris said:

Lol... nice one.

nsm0220 · May 27, 2014

Emsisoft said:
No they didn't. They actually found the (well known) way to hide their RAM usage. Windows provides a simple API that pushes all non-used RAM data to the pagefile (like a memory file on the harddisk, google it). It's actually one line of code and the visible usage goes down from several hundred megabytes to about a dozen. That looks neat, but has a downside: The harddisk is by far not as quick as RAM. That means when the signatures are needed, the harddisk first has to read all data back to memory. Depending on the age of your hardware that may be a significant period of time and you will notice poor overall system performance. On a newer hardware, the difference may be neglectable.

In Emsisoft Anti-Malware you have full control over this 'feature'. If you enable the setting "Memory usage optimization", the pagefile is used and visible RAM goes down by time to less than 1 MB. If you disable it, more RAM is used but the overall performance of the PC will be best.

RAM is to be used to get most of the hardware's power, not to be kept free as much as possible. Actually most people don't know this simple fact.

An alternative to using the pagefile is to load the signatures in kernel mode, from within a driver e.g. Then you still won't see it in Task Manager, but if you simply sum up memory usage of all active programs and compare with your total memory used, you'll notice there is something hidden.

people like me,malware doctor,malware geek are not lying about the ram usage all of was doing was reading data thats all

Ulikedat · May 27, 2014

Umbra Polaris said:
exactly what Webroot does , but on Win8.1.1 x64 it is really visible via Explorer.exe and other processes doubling or tripling their RAM usage and when some beta-testers asked if it will be fixed ; they answered , it is not their priority right now...

And because of this on Wilders they claim Webroot is the lightest anti-virus out there?

Nico@FMA · May 27, 2014

Huracan said:
I never knew this. Are the unused signatures used by your cloud network?

Actually this is nothing new, Norton & Symantec do the same with their smart definitions and so are others.
This way you still provide accurate protection without having to carry huge updates and a huge local signature database.
Its usually done to allow the program less memory and CPU footprint while dramatically increasing scan speed.

Deleted member 178 · May 27, 2014

nsm0220 said:
people like me,malware doctor,malware geek are not lying about the ram usage all of was doing was reading data thats all

we don't say you lied , just that referencing the true lightness/RAM usage of an AV via Task Manager is not accurate

you can use the datas from TM as an indication but not as a truth. Process Hacker, System Explorer, Comodo Killswitch will give you more accurate infos.

The most important is to know how the product manage its resource usage ( why he use lot of RAM , why so much CPU usage, does it use pagefile, how much is its I/O write, etc...). Then you can truly assess a product.

Note: RAM is supposed to be used ! More RAM you have , more applications you can use simultaneously. that is all. Sometimes I smile upon some users that buy 16gb RAM when all their apps run simultaneously use at max 4gb

a good example: ESET use more RAM than some other AVs because it caches its signature in it , it is why ESET is considered as one of the lightest AV out there.

nsm0220 · May 27, 2014

Umbra Polaris said:
and you do wrong; RAM usage must be taken just as an indicator not the real resources usage; for example ; Webroot's processes use very few Mb of RAM but the pagefile usage is around 300mb ; of course the system responsiveness is not much affected but my RAM is still ate up. Why do you think i removed WSA from my setup.

testing AV is not just throwing bunch of malwares against an AV but to know the product in a deeper level. if i wanted i could do 1000+ review a year but i do very few because if i have to do a test, i need to know the product very well in all aspects and it will take more than a month for each.

i prefer be a closed-beta tester than a malware-tester; at least i know all implication of the software; and devs give me answers to my feedbacks in a accurate level since they need my feedbacks to improve their product.

it is ok to test malware but if you draw quick conclusions after the said product fails against one of them , you are wrong, you have to know why the product failed and doing a report to the support and ask for a reason ; ONLY THEN you can issue a statement.

Umbra Polaris you know how my av tests works i don't know if still upset at me for the Emsisoft AM 8 review i done last year but if hitman pro haven't mislead me on the file things would been diffident

Search

What in god's name is going on with Emsisoft Anti Malware?

Ulikedat

Level 7

Deleted member 178

Emsisoft

From Emsisoft

Deleted member 178

Oxygen

Level 44

nsm0220

Level 21

Ulikedat

Level 7

Nico@FMA

Level 27

Deleted member 178

nsm0220

Level 21

Similar threads