Emsisoft Anti-Malware has been recently updated to version 6.0 and scan speed is among the most notable changes. Other remarkable changes include the completely re-written dual scan engine framework.
The application comes at a price of $40 (€40), but you can fully test it during the 30-day trial period. Installation has been re-worked and now you only need two clicks to complete it. After this comes a configuration wizard that allows you to tweak the update system and perform an scan to ensure your computer is malware-free.
The latest version brings in a slightly redesigned interface, which is easier to navigate and handle, especially to beginner users. Menus are docked to the side, except for the one showing the current protection status of the application.
This is where you get to initiate scans, schedule verifications of the system or manually start the update procedure or skip to the other menus and access quarantined files, logs, Guard menu, which is the core of Emsisoft Anti-Malware or the configuration panel.
Scanning is versatile, as it enables you to start a verification of the areas where malware is most likely to insinuate, or perform a full check of the computer. There is also the possibility of on-demand scan, which lets you inspect the entire computer.
This can also be started from the right-click menu of every file stored on your hard disk(s). However, we noticed that by doing this the verification is not always accurate.
During our on-demand scan tests we started the procedure on a folder full of malware samples and the result showed no problem. Re-doing the test from the program’s Scan menu, results were totally different and plenty of threats were uncovered.
A total of 371 samples were used for the evaluation, out of which only 9 survived. Quick math showed that the detection rate was 97.6%, one of the highest we recorded during our tests on security suites. All types of malware were used for the test, from rootkits, loggers and spyware to viruses, Trojans, rogues and backdoors.
The entire operation went very fast and the stress on system resources was extremely low, with CPU% averaging around 50% and RAM peaking at 133MB, but averaging 70MB.
However, when we ran a full scan of the computer, system resources experienced a serious blow, with RAM going as up as several hundred MB and CPU rising above 80%, which came as a surprise provided the results recorded with on-demand scanning.
Resource usage would rise up to a certain point (very high) and then drop significantly to normal values. Then the numbers would go up again.
Real-time protection made its presence known when we tried to download and run some samples from an online location, as the behavior blocker component kicked in and alerted us of the danger. File guard also showed that it can nail malware as soon as we unpacked them to a new folder.
One of the neat features in Emsisoft Anti-Malware is the ability to define what sort of actions are specific processes allowed to carry out and which should be blocked. Through application rules you can instruct the program to monitor particular items and alert you when malicious activity is detected.
This comes in handy in the case of false positives, which is still an issue in this release, because you can permit activities specific to malware (backdoor, spyware, worm, keylogger, code injection, silent installs, etc.) to legitimate apps.
We were alerted for plenty of legitimate software, TweetDeck
among others, and thanks to application rules we were able to instruct Emsisoft Anti-Malware to allow their activity.
Surfing the Internet is not without alerts, either. Plenty of the notifications that popped on our screen were caused by various ad services embedded in web pages, despite the fact that blocking of “ad/tracking hosts” under Surf Protection window was disabled.
Alert system can be customized so that it throws less popups, through intelligent alert reduction, but this could lead to a lower detection rate. The default configuration, however, has enabled community-based alert reduction. This means that the app shows you an alert based on the decision of the users that already dealt with the same situation.
Although it is a security program, configuring Emsisoft Anti-Malware is not a difficult task since all options and settings are easy to understand. You can set up schedules for scanning your system or updating the program with the latest malware definitions as well as permissions for different types of users.
An extra tool, not featured in the application window, is HiJackFree
, a freebie designed to help more advanced users detect and eliminate malicious processes manually. It displays all running processes and items loading up with Windows as well as ports and services.
The app gives you an overall look at what is happening on your system, providing information about each process: digital signatures, modules it loaded, CPU usage, number of threads and current priority.
The startup manager is not a simple one as it shows the location of all the items loading up with the operating system, Windows elements included. You will also be able to see Windows scheduled events. The Good
Installation is extremely swift and you get to go through a simple pre-configuration wizard before accessing the interface. It showed impressive results as far as detection rate goes and all verification was very fast. Once set up, you can let it do its job without further altering its configuration. The Bad
False positives issues, if ameliorated, have not been eliminated. We had problems starting on-demand scans from the right-click menu of a file. We experienced extremely high resource usage during full system scans. The Truth
Emsisoft Anti-Malware definitely improved its scan speed and malware detection during our tests was one of the highest, but we also saw it report false positives. It is very light in resource usage and offers easy configuration settings.
Although it is not as rich in protection layers as other suites, it manages to keep your computer safe from malware through its behavior blocker, file guard and surf protection modules.