14 DAY TRIAL // Emsisoft Anti-Malware started out as a complementary solution for protecting the computer system from cyber threats, but it soon evolved beyond this state and became a full-blown suite ready to tackle malware all by itself, although it still works fine along other security bundles.
Although looks have remained the same in version 8.1 of the package, the modifications available are significant. They range from improvements leading to less stress on the system to lighter updates and better malware cleaning.
The price of the application is unchanged, namely $39.95 / 39.95 EUR, but discounts are applied for students and schools. Lower prices are also available for users in some countries.
Before making a purchase, Emsisoft Anti-Malware can be tested for a period of 30 days, with all features turned on. After that, the real-time protection is dropped and only the scanner can be used, as part of the freeware mode of the bundle.
Installing the software does not take long, but the procedure is followed by the initial configuration wizard, which delays seeing the main screen quite a lot.
The steps you have to go through include pulling in the latest malware signatures and setting up how the update component should work: define the maximum number of simultaneous connections, include beta updates for the application, or contribute to the Emsisoft community with details about detected malware, program behavior, and blocked hosts.
During the setup process you can also enable the detection of PUPs (potentially unwanted programs), run a computer malware check, as well as make the real-time protection settings.
The main application window is the same as in the previously reviewed version. Compared to other products of the same feather, Emsisoft Anti-Malware seems a bit cluttered, with plenty of details the user could do without being available; these include links to the developer’s website: support forum, homepage, contact page, and various security articles.
Nevertheless, this is the command and control center of the application, where protection components can be enabled/disabled and configured, scans and updates can be initiated.
Running a custom scan with Emsisoft Anti-Malware is quite a fast process, even with large numbers of files. The options at hand include verification of the active programs, a smart scan (also checks Windows areas), a full scan, which is the most thorough as it looks everywhere, and a custom one.
The settings for a custom scan can be saved and loaded at any time, including for scheduling purposes. If no scan settings are provided in the schedule panel under Configuration module then the application runs a deep verification.
The application provides some control over the speed of the scan process by turning on/off multiple processors, or defining the number of threads to be used or their priority; use of advanced caching also speeds up the operation. This feature is not common in similar software.
Our malware detection and elimination tests were conducted with the same database used for avast! 8 Free Antivirus and Ashampoo Anti-Virus 2014.
Out of the 1,414 samples, the two scanners in Anti-Malware (Emsisoft’s and Bitdefender’s) managed to identify and remove 97% of them, which is slightly more than Ashampoo’s newly launched product, which features the same scan engines.
Additional samples were detected by the behavior-based protection component and increased the rate to 97.6%.
Removing the malware put us on hold for a while as the procedure proved to be lengthy. However, despite our low-specced test system, we could still work on the computer.
Upon finding a threat, Emsisoft Anti-Malware is direct and automatically blocks its action and sends it to quarantine.
Surf Protection component is designed to keep you safe from risks when browsing the Internet. It can prevent malware from piping in, block phishing attempts, or limit access to websites posing privacy risks (advertising or tracking).
By default, Anti-Malware blocks access to said hosts and notifies about the action. Obviously, if the user deems a site safe, restrictions can be lifted.
Emsisoft Anti-Malware may look old-school, with complicated nooks and crannies, but configuring the protection core (Guard) is not a tough job. Beginner users can leave the settings for the components to their default and customize only the alerts, in order to reduce them, by creating rules based on the decision taken by the larger part of the community.
More advanced users can create application rules that monitor a specific process for various malicious-like activities (backdoor, spying, hijacking, worm-related, keylogging, rootkit, etc.).
This comes in handy for trusted programs that work in a similar way as a threat and the behavior blocker kicks in. Legitimate keylogging utilities, patching tools, or scripts that automate tasks generally fall into this category, especially if they are custom-made.
The behavior blocking component acts according to user-defined actions that should be monitored and that should trigger an alert. Combined with the rules for applications, false positive flagging is bound to decrease.
File Guard module can react only upon executing programs as well as all the files when they are created or modified. Its activity can become more intensive and check all the items, when they are read.
Further tweaking refers to enabling scanning only for certain extensions and skipping user-defined files, folders, or processes (create a whitelist).
Emsisoft Anti-Malware is prepared to keep malware at bay even if it tries to sneak in via Outlook email client. It integrates perfectly in the ribbon bar and provides control over which messages should be checked (incoming/outgoing) and the action to be taken when a threat is found (send to quarantine, wait for user decision, or just report the finding).
Optionally, a footer message with the scan result is added to the email, showing that an attached file has been verified by Emsisoft Anti-Malware and is clean. If the attachment is infected, sending it is prevented.
One of the interesting choices in the package is restricting access to carrying out tasks to non-administrator users. Restrictions can protect against unauthorized turning off of the protection modules or editing various settings.
The default configuration fits multiple user types and is flexible enough to offer more advanced users the possibility to customize how their system is protected. Notifications and the number of alerts can be cut down automatically, based on community input and other settings. However, the availability of some extra layers of protection (e.g. for financial online transactions, exploitation of vulnerabilities), would make it more appealing.
The Good
The Bad
The Truth
