Emsisoft Anti-Malware as primary AV?

Discussion in 'other anti-virus software' started by gud4u, Jul 26, 2010.

Thread Status:
Not open for further replies.
  1. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    When you install it choose custom installation and uncheck the parts you don't need, like the guard, mail, proactive and web thingie. Then you only have the updater and tray app running. It will keep itself updated and you can still do right-click scans. Since I use LUA and SRP I only need it to scan files I download and run a system scan once a month or so just for the hell of it.
     
  2. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Why not indeed? If I install Avira with guard component unchecked, & later decide that I want it to run in real-time, I would have to reinstall, right?

    The method I suggested was what I actually did after running Avira in real-time for several weeks, & then deciding to put it into on-demand status & instead run Prevx in real time.

    Sometimes I run Avira in real-time. Sometimes I don't. Sometimes I don't run any AV at all. Bother you? :ninja:
     
  3. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    Me, no, but looks like questioning your approach definitely bothers you.
     
  4. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    Not really. You can add and remove the different components with the add and remove programs in the control panel. When you click the Avira entry you have the choice to change it or uninstall it.
     
  5. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    I think it would be short-sighted to ditch a good AV (Avira) for that one incident. From what I recall you stated that this process (something you'd never seen before) made outbound connection attempts just before Avira flagged it as malware. So whatever this was (it's now been established beyond much doubt as legitimate), it was certainly exhibiting the behavior of malware. Your AV's are there to sniff out behavior like this. Turns out it was a FP in the end. This happens with sharp heuristics. This is what makes KAV's recent test results so impressive. To detect the % of samples it did with 0 false positives is just ridiculous. And I'm not trying to turn this into a war here, just giving credit where it's due. If you note the sig I actually use a rival product of both of the AV's I'm giving credit to here.

    But now it sounds like you're trading it in for a product known even more for FP's. This is JMO, but I don't think it wise.
     
  6. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    Just an observation: I wouldn't consider switching an AV because it made the mistake of marking part of a legitimate product as a worm. I'd work with the AV in question to get that corrected. I appreciate not everybody is able or competent enough to do that, but it's something to bear in mind as all AVs do make errors from time to time.
     
  7. gud4u

    gud4u Registered Member

    Joined:
    Nov 9, 2004
    Posts:
    206
    I may very well be unwise, but there's a bit more involved:
    - Trials are for evaluating the current state and performance of a product.
    - This is Emsisoft Version 5.0.0.64, not A2, offering features unavailable from Avira or any other vendor, such as:
    - Melding of 2 scanners.
    - 3 guards, including embedded Mamutu behavior blocker.
    - HiJackFree process monitor/control.

    I do appreciate and thank you for your comments.
     
  8. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    None of which is a true web scanner. All it has is a blocklist.
     
  9. Ibrad

    Ibrad Registered Member

    Joined:
    Dec 8, 2009
    Posts:
    1,972
    Emsisoft has a webshield, it is based on two black lists: The Emsisoft Blacklist and the Hphost black list.
     
  10. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Aha! Good point. Hadn't thought of that. :thumb:

    Even so, using autoruns to activate/inactivate Avira's real-time only involves checking or unchecking 2 boxes. {I often switch between firewalls, AVs, & other apps by using autoruns -- it's a beyootiful tool!}
     
    Last edited: Jul 28, 2010
  11. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    Doesn't change the fact that it does not scan page rendering in real time.
     
  12. Narxis

    Narxis Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    477
    Don't need that, slows down the browser and the page loading.
     
  13. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    You mean to say that you don't think its important. It would be beneficial to mention one thing though - with MSE version 1, MS tried to convince everyone about the same - MSE does not need a dedicated web or mail shield. Later, they thought better and finally incorporated a script scanner BHO in IE with MSE 2 beta. Not related directly to Emsisoft, but sure puts things in perspective. Web scanning has a purpose, its not a marketing ploy, and surely not a feature made to slow you down.
     
  14. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    There's always more than one way to skin a cat. ;)

    BTW, looking in services.msc I see that the guard, mail and web services are there, but deactivated although I unchecked these during the installation. It might be enough to just activate/deactivate these as you need. I've got the suspicion that that's all the change feature in add/remove programs is doing.
     
  15. progress

    progress Guest

    I agree, a webshield is as useless as a mail shield :rolleyes:

    But hey, this is a thread about Emsisoft, not about Avira or Avast ...
     
  16. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,530
    Location:
    St. Louis, MO

    I'm not saying the HTTP scanner is useless but, I'm just not sure what people think the HTTP scanner will catch that the real-time on-access scanner won't. It's not like they use different engines or definitions.
     
  17. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    As a famous saying goes - the devil lies in the details. Its not the question of what will be caught, the point is when will it be caught. Consider for e.g. a script embedded in a page that exploits a vulnerability in JRE. If the script fully loads, it will launch the JRE and exploit will be successful. But, if an HTTP scanner is able to scan the page in-transit, and recognize the malicious script, the exploit will be blocked. In such a case what will the file scanner catch - probably the parts of JRE install that have been infected. But as you can see, the damage has already been done.
     
  18. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    HTTP scanning is an oft-discussed issue, such as HITHER & THITHER & YON - plus several others.

    My 2 unscientific reasons for not using HTTP scanners are:
    1- Negative reason: They slow down my surfing
    2- Positive reason: I have Spyshelter (antikeylogger) & Image for Windows.

    Rationale: With imaging, my only real paranoia is the keylogger genre. With astute, periodic imaging, any infection other than a keylogger is little more than a minor inconvenience. But a keylogger can be a downright disaster.
     
  19. Narxis

    Narxis Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    477
    Yep, under my nickname it's my opinion.;)

    Why i really don't want http scanner because with Outpost it would cause major slowdowns in my browser. Maybe in the future they will add http scanner but hey...they are number 1-3. in detecting malware.
     
  20. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,530
    Location:
    St. Louis, MO
    If the real-time scanenr isn't catching the malware as soon as it tries to run or gets created then it isn't doing its job correclty.
     
  21. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    they have no plans on adding a webshield from when i asked them during v5 beta.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.