Q&A What's good about Emsisoft?

Digmor Crusher

Level 13
Verified
Top poster
Well-known
Jan 27, 2018
632
I'm agreeing with you quite often lately. Some of the "layered" setups I see on other forum(s) are absolute overkill+. Incredible!

On this forum and others its been overkill for many years, but I've noticed in the past year or so that many are moving away from the overkill syndrome and are going with a simpler setup, many using WD which they would have never done in the past. I think its an evolution of people on the forums, a collective wisdom , from going with as many programs as you can without your computer blowing a kidney to "Why am I doing this, all I need is 1 or 2 good programs."
 

paulderdash

Level 6
Verified
Well-known
Apr 28, 2015
277
Re layered setups ...
If people like to do it in short term for learning/testing purpose, it is fine.
:D But this can be a permanent state!

Different configs on different machines ... simplest is just WD with ConfigureDefender (maybe OSA).
With my computing habits, I doubt I actually require anything else. Always image backups (most comfortable with Macrium Reflect).

On my 'prod' machine I do have EAM and HmP.A, but I'm pretty sure Fabian would say that latter is superfluous also.

But I think Digmor is right, members are moving to simpler setups. EAM would be my first choice for 3rd party (BB, ethics)..
 
Last edited:

upnorth

Moderator
Verified
Staff member
Malware Hunter
Well-known
Jul 27, 2015
4,769
Em due to BD Engine is not cheap , why not Avira?
I See F-Secure also removed Bug Defender Engine & change it with Avira (All of us know F-Secure is one of the Well Respected company[in level of privacy I mean] around the world) if this Engine is good? why they change it? :D
BD Engine is one the bad cons of Emsisoft & this is why I do't use it (I mean BD FPs) you may know it.
and another one , we see that these days BD Engine detection rates is fallen ....(HuB memebers confirmed it)
It's a huge difference using the engine itself and a very different matter using the complete suite from Bitdefender. IMO the suite is way too bloated and if all that software doesn't work well together, it's no brainer it will cause issues.

F-Secures decision was of course money related but also, and it seems many people forget or don't know this but, Aviras engine and DeepGuard is not the only modules that is in place in F-Secure as F-Secure also uses several other in-house own created engines. F-Secure even used other engines before Bitdefender.

F-Secure found that along with their others in-house engines/modules, Aviras engine simply works better. That doesn't automatic means it's the same for every other company/vendor. Research and progress is a key factor as of course even Emsisoft do if though in a smaller scale as it's a smaller company. I have no doubt that if Emsisoft and it's developers would see and notice actual genuine Issues with the Bitdefender engine, they will eventually switch and not necessarily to Avira.
 

omidomi

Level 70
Verified
Helper
Top poster
Malware Hunter
Well-known
Apr 5, 2014
5,993
"Bug Defender" has a good "engine" poorly implemented.:oops:
I like Emsisoft but had to move elsewhere because they stopped developing the firewall...
in year 2019 the detection rates of BD was fallen badly(you can check MH & compare it with year 2018)
it still Bugy , False postives & many more problem in their software (you may know that the free version of BD Security flaw in Bitdefender Antivirus Free 2020 leaves millions at risk)
I do't think leaves millions BD users at risk "implemented" good job :)

It's a huge difference using the engine itself and a very different matter using the complete suite from Bitdefender. IMO the suite is way too bloated and if all that software doesn't work well together, it's no brainer it will cause issues.

F-Secures decision was of course money related but also, and it seems many people forget or don't know this but, Aviras engine and DeepGuard is not the only modules that is in place in F-Secure as F-Secure also uses several other in-house own created engines. F-Secure even used other engines before Bitdefender.

F-Secure found that along with their others in-house engines/modules, Aviras engine simply works better. That doesn't automatic means it's the same for every other company/vendor. Research and progress is a key factor as of course even Emsisoft do if though in a smaller scale as it's a smaller company. I have no doubt that if Emsisoft and it's developers would see and notice actual genuine Issues with the Bitdefender engine, they will eventually switch and not necessarily to Avira.
Good point I agree with you, but I have a question , the only question that matter , Emsisoft should have Issues with BD for change it? my goal is not specific "Avira" Just remove & change this Engine....
there is no problem if they want to improved their software for their own satisfaction, Ok , we will leave Emsisoft & they can use their own software ! :ROFLMAO:
listen to me , BD Fps is really annoying , their detection rates was fallen in 2019 & Also make Emsisoft as heavy Software, these point will Decrease Emsisoft popularity....
Its not just voice of me....btw its their company, its their business...& bla bla bla :)
 
Last edited:

MacDefender

Level 16
Verified
Top poster
Oct 13, 2019
773
F-Secures decision was of course money related but also, and it seems many people forget or don't know this but, Aviras engine and DeepGuard is not the only modules that is in place in F-Secure as F-Secure also uses several other in-house own created engines. F-Secure even used other engines before Bitdefender.
Yeah that’s a really good point. F-Secure has like 5 separate modules including dedicated certificate reputation and script scanning engines, plus DeepGuard is some weird hybrid between being a heuristic analyzer, BB, HIPS, and cloud reputation engine. It seems like they would likely have less reliance on signatures from their classic AV engine.
The other thing is all these engines makes update speed a big concern for F-Secure. That is probably the reason why they like Avira and their cloud based approach. Even DeepGuard has a signature database — in the BD days it would take forever to do the initial update after an install.
 

Nightwalker

Level 23
Verified
Helper
Top poster
Content Creator
Well-known
May 26, 2014
1,260
Em due to BD Engine is not cheap , why not Avira?
I See F-Secure also removed Bug Defender Engine & change it with Avira (All of us know F-Secure is one of the Well Respected company[in level of privacy I mean] around the world) if this Engine is good? why they change it? :D
BD Engine is one the bad cons of Emsisoft & this is why I do't use it (I mean BD FPs) you may know it.
and another one , we see that these days BD Engine detection rates is fallen ....(HuB memebers confirmed it)

Fabian has already addressed this question, the reason is that Avira engine relies on cloud to have good detection, while Bitdefender doesnt, for privacy reasons Emsisoft isnt willing to submit its clients files to Avira cloud.

Ps: By Fabian posts, you can change Avira to any other engine and it will still be "true".
 

MacDefender

Level 16
Verified
Top poster
Oct 13, 2019
773
Fabian has already addressed this question, the reason is that Avira engine relies on cloud to have good detection, while Bitdefender doesnt, for privacy reasons Emsisoft isnt willing to submit its clients files to Avira cloud.

Ps: By Fabian posts, you can change Avira to any other engine and it will still be "true".

And of course what Fabian said about Avira is true. The flow chart says that if their cloud recognizes the hash of the file, there isn’t an upload. But if they do not, then their cloud expects the client to upload the whole file. The statement is made that only executables and DLLs are uploaded.

I assume Fabian’s implication is that as a license of their engine, you cannot opt out of contributing to their cloud. I’m curious about whether or not that’s true. I will have to do a couple tests with F-Secure and monitor its upload traffic.
 

Fabian Wosar

From Emsisoft
Verified
Developer
Well-known
Jun 29, 2014
260
Thanks ! I think it makes sense, to use a scale to rank signatures based on how well the signed binaries have been behaving so far - but just one caveat, signed malware has so far come out of small companies which haven't released malware before, probably the malware authors stole their private keys and has never been signed by a non-revoked key from a big tech co, is this reflected in your certificate trust system ?
When you track signed malware, you will find that we are consistently one of if not the first to spot these malicious certificates. It's because our system works pretty well in spotting these anomalies. We literally have detection signatures targetting fraudulent digital certificates.

Do you know if Emsisoft works well with GPO hardening, eg Australian Cybersecurity Guides on GPO hardening (excluding the policies on having Windows Defender always on of course)?
It does.

Also, how well does Emsisoft work together with an anti-exe like Voodooshield or SecureAPlus? - the reason I ask is this is another
Depends on how they are implemented. But if they use the documented APIs, it should work just fine.
 

show-Zi

Level 33
Verified
Top poster
Well-known
Jan 28, 2018
2,273
We expect that simple setups are becoming mainstream, related to the instability of recent updates. In addition to making the foundation unstable by installing multi-layered software, it is in a state of performing unstable reconstruction work. Paranoia can bring out a spiral situation.
For that reason, I changed comodo, which coexisted with emisi, to tinywall. comodo is in use on another pc with vs + wd.
 
F

ForgottenSeer 823865

HIPS, anti-exe were, are and will be forum geeks toys, the masses aren't skilled/knowledgeable/ready for such tools. They want simple "all-in-one-automated-do-it-all-for-me-without-me" kind of solution.
 
Last edited by a moderator: