What in god's name is going on with Emsisoft Anti Malware?

Status
Not open for further replies.

Ulikedat

Level 7
Verified
Well-known
Apr 20, 2014
331
15x64hl.jpg

That just made my day.
 

Emsisoft

From Emsisoft
Verified
Developer
Jul 27, 2013
43
you know that gdata already found a to keep their ram usage to 30-40 mb of ram..

No they didn't. ;) They actually found the (well known) way to hide their RAM usage. Windows provides a simple API that pushes all non-used RAM data to the pagefile (like a memory file on the harddisk, google it). It's actually one line of code and the visible usage goes down from several hundred megabytes to about a dozen. That looks neat, but has a downside: The harddisk is by far not as quick as RAM. That means when the signatures are needed, the harddisk first has to read all data back to memory. Depending on the age of your hardware that may be a significant period of time and you will notice poor overall system performance. On a newer hardware, the difference may be neglectable.

In Emsisoft Anti-Malware you have full control over this 'feature'. If you enable the setting "Memory usage optimization", the pagefile is used and visible RAM goes down by time to less than 1 MB. If you disable it, more RAM is used but the overall performance of the PC will be best.

RAM is to be used to get most of the hardware's power, not to be kept free as much as possible. Actually most people don't know this simple fact.

An alternative to using the pagefile is to load the signatures in kernel mode, from within a driver e.g. Then you still won't see it in Task Manager, but if you simply sum up memory usage of all active programs and compare with your total memory used, you'll notice there is something hidden. ;)
 
D

Deleted member 178

No they didn't. ;) They actually found the (well known) way to hide their RAM usage. Windows provides a simple API that pushes all non-used RAM data to the pagefile (like a memory file on the harddisk, google it). It's actually one line of code and the visible usage goes down from several hundred megabytes to about a dozen.

exactly what Webroot does , but on Win8.1.1 x64 it is really visible via Explorer.exe and other processes doubling or tripling their RAM usage and when some beta-testers asked if it will be fixed ; they answered , it is not their priority right now...
 

nsm0220

Level 21
Verified
Sep 9, 2013
1,054
No they didn't. ;) They actually found the (well known) way to hide their RAM usage. Windows provides a simple API that pushes all non-used RAM data to the pagefile (like a memory file on the harddisk, google it). It's actually one line of code and the visible usage goes down from several hundred megabytes to about a dozen. That looks neat, but has a downside: The harddisk is by far not as quick as RAM. That means when the signatures are needed, the harddisk first has to read all data back to memory. Depending on the age of your hardware that may be a significant period of time and you will notice poor overall system performance. On a newer hardware, the difference may be neglectable.

In Emsisoft Anti-Malware you have full control over this 'feature'. If you enable the setting "Memory usage optimization", the pagefile is used and visible RAM goes down by time to less than 1 MB. If you disable it, more RAM is used but the overall performance of the PC will be best.

RAM is to be used to get most of the hardware's power, not to be kept free as much as possible. Actually most people don't know this simple fact.

An alternative to using the pagefile is to load the signatures in kernel mode, from within a driver e.g. Then you still won't see it in Task Manager, but if you simply sum up memory usage of all active programs and compare with your total memory used, you'll notice there is something hidden. ;)
people like me,malware doctor,malware geek are not lying about the ram usage all of was doing was reading data thats all
 
  • Like
Reactions: Ulikedat

Ulikedat

Level 7
Verified
Well-known
Apr 20, 2014
331
exactly what Webroot does , but on Win8.1.1 x64 it is really visible via Explorer.exe and other processes doubling or tripling their RAM usage and when some beta-testers asked if it will be fixed ; they answered , it is not their priority right now...

And because of this on Wilders they claim Webroot is the lightest anti-virus out there?
 

Nico@FMA

Level 27
Verified
May 11, 2013
1,687
I never knew this. Are the unused signatures used by your cloud network?

Actually this is nothing new, Norton & Symantec do the same with their smart definitions and so are others.
This way you still provide accurate protection without having to carry huge updates and a huge local signature database.
Its usually done to allow the program less memory and CPU footprint while dramatically increasing scan speed.
 
D

Deleted member 178

people like me,malware doctor,malware geek are not lying about the ram usage all of was doing was reading data thats all

we don't say you lied , just that referencing the true lightness/RAM usage of an AV via Task Manager is not accurate ;)

you can use the datas from TM as an indication but not as a truth. Process Hacker, System Explorer, Comodo Killswitch will give you more accurate infos.

The most important is to know how the product manage its resource usage ( why he use lot of RAM , why so much CPU usage, does it use pagefile, how much is its I/O write, etc...). Then you can truly assess a product.

Note: RAM is supposed to be used ! More RAM you have , more applications you can use simultaneously. that is all. Sometimes I smile upon some users that buy 16gb RAM when all their apps run simultaneously use at max 4gb :D

a good example: ESET use more RAM than some other AVs because it caches its signature in it , it is why ESET is considered as one of the lightest AV out there.
 
  • Like
Reactions: Nightwalker

nsm0220

Level 21
Verified
Sep 9, 2013
1,054
and you do wrong; RAM usage must be taken just as an indicator not the real resources usage; for example ; Webroot's processes use very few Mb of RAM but the pagefile usage is around 300mb ; of course the system responsiveness is not much affected but my RAM is still ate up. Why do you think i removed WSA from my setup.

testing AV is not just throwing bunch of malwares against an AV but to know the product in a deeper level. if i wanted i could do 1000+ review a year but i do very few because if i have to do a test, i need to know the product very well in all aspects and it will take more than a month for each.

i prefer be a closed-beta tester than a malware-tester; at least i know all implication of the software; and devs give me answers to my feedbacks in a accurate level since they need my feedbacks to improve their product.

it is ok to test malware but if you draw quick conclusions after the said product fails against one of them , you are wrong, you have to know why the product failed and doing a report to the support and ask for a reason ; ONLY THEN you can issue a statement.
Umbra Polaris you know how my av tests works i don't know if still upset at me for the Emsisoft AM 8 review i done last year but if hitman pro haven't mislead me on the file things would been diffident
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top