ANTI-MALWARE TESTED
LATEST VICTORIES:
November 2011:
1. place for Emsisoft Anti-Malware
MRG Flash-Tests in 2011!
malwareresearchgroup.com
April 2010:
Best reactive scan - 60 products
98.72% in VB100 april test!
Virus Bulletin VB100
April 2010:
1. place for Emsisoft Anti-Malware
99.8% in MRG scanner test #23!
malwareresearchgroup.com
September 2009:
Best detection in all categories!
COM! Magazine test (German)
August 2009:
1. place: Emsisoft Anti-Malware
99.9% in static detection test of
PC Security Labs
REVIEWS/AWARDS
100% Wildlist detection
and 0 false alerts!
Emsisoft Anti-Malware was
awarded for its outstanding
total performance.
MRG: Best result in test!
Best static detection!
PC Magazine:
"Near-Perfect Protection:
It blocked every single one of the
samples the moment each one tried
to execute, scoring a perfect
10 of 10 points."
Best Free Trojan Scanner!
"Our favorite malware-masher:
Emsisoft Anti-Malware!"
SecuritySoftwareZone best rating
Tucows 5 cows!
"In terms of worms and spyware,
but also trojans, Emsisoft Anti-Malware can hardly be beaten."
ZDNet best rating
Emsisoft Anti-Malware with
best rating at Softpedia.com
MajorGeeks.com
Editor's Pick
Softpedia.com
Reviewer's pick
SoftWorld.com
Editor's Pick
FreeSharewareDepot.com
Editor's Pick
Recommended by:
Programmi Gratis
Behavior Blocking
What is Behavior Blocking? How does it work?
Malware protection without signatures?
The Emsisoft Anti-Malware Guard scans all running programs with a signature scanner the same as all other antivirus guards. The scan can only detect the malware if it has the correct signature. Although the Emsisoft Team wish to create signatures for new malware and provide them as fast as possible via the online update, the process of creating a new signature can take a while. During this time you are not protected against new dangers.
This is where our Behavior Blocker comes in. This is a special system which is able to detect and block malware without the need for signatures. The Behavior Blocker is part of Emsisoft Anti-Malware and Mamutu.
Behavior Analysis
Usually, Malware is detected with the help of heuristics. Heuristic scanning analyses the code in a file and decides whether or not it is harmful. The Behavior Blocker works differently, as it watches any active program and stops it if it notices anything suspicious. If a program is trying to change something, you will be told immediately, and given the chance to authorize this change. If the Behavior Blocker pops up a warning when you are not doing anything on your computer, you can be fairly sure that the program is working without your approval.
And this is the way it works..
Malware always wants to achieve a particular result. A virus always infects, a worm always spreads, a trojan always sends files and a dialer always dials. Their methods may differ, but the result is the same.
It is at this point that the Behavior Blocker interrupts the program. It analyses the behavior of all active programs, and alerts you if anything harmful is detected. The program is stopped and cannot continue until you decide whether or not to authorize the behavior.
All this probably sounds too good to be true, and there is one disadvantage: the Behavior Blocker only recognizes behavior, and cannot give you the actual name of the malware in question. In other words, you will know if it's a worm, but not if it's the NetSky or Bagle worm. Of course, this doesn't really matter - the important thing is that you know it's there, and you can run the appropriate removal program.
What does it detect?
Currently the Emsisoft Behavior Blocker can detect the following malware types:
-
Email worms
-
Spyware/Adware
-
HiJackers
-
Backdoor trojans
-
Trojan downloader with reverse connection logic
-
Dialers
-
Keylogger
-
Rootkits
-
Viruses
In addition, the Behavior Blocker can monitor and stop any of the following actions:
- Installation of new drivers and services
-
Any kind of process manipulation like DLL-injection, code-injection, patching, termination, etc.
-
Installation of new BHOs (Browser Helper Objects)
-
Changes to your Internet Explorer configuration
-
Hidden installations of software
-
Changes to your Hosts file (redirects domains)
-
Installations of debuggers on the system
What should I do if it gives me an alert?
The Behavior Blocker is a system which was designed to detect suspicious behavior. The behavior of programs and malware is sometimes very similar, so the system may give you a false alert from time to time. It is important to consider what you are doing with your computer at the time of the alert and whether you recognize the program the alert is about before clicking allow or terminate. If you are unsure you should close the program and send it to us for further analysis.
-> Read more about Behavior Blocker alert messages and how to handle them
A general tip for using the Behavior Blocker:
After installing the software, please ensure that the guard is running. Then start your most used programs one by one so that you can tell the Behavior Blocker that these programs are allowed. This procedure only takes a few minutes to correctly configure the Behavior Blocker on your PC.
Who can I ask if I have a problem?
If you are not sure if a specific program is really dangerous, please ask our specialists at the discussion forum. Your questions will be quickly answered.
