Emsisoft and Windows Firewall: Your questions, answered.

Emsisoft and Windows Firewall: Your questions, answered.

windows-firewall-banner

From (very) humble beginnings in a Windows XP Service Pack update, the Windows Firewall has evolved into a capable security tool. Today, its performance is on par with – if not better than – any modern third-party desktop firewall on the market.

In light of this, and after a lot of careful consideration, the Emsisoft team made a very conscious decision to rely on the Windows Firewall moving forward, which ultimately led to us merging Emsisoft Internet Security with Emsisoft Anti-Malware. This will allow us to concentrate our efforts on building a bulletproof product while using our Behavior Blocker technology to further strengthen the already rock-solid Windows Firewall.

To put it simply, using Windows Firewall in conjunction with Emsisoft Anti-Malware will provide better protection for our users, and that is our number one objective above all else.

Since our announcement of the Emsisoft Internet Security and Emsisoft Anti-Malware merger, we have received a lot of positive feedback. However, we also got a lot of questions. We want to take the time to answer the most frequently asked questions in a bit more detail:

So are you going to remove the firewall completely?

The answer to that question is not as simple as it may seem at first. Firewalls are usually divided into two parts: A so-called packet filter, which usually deals with incoming packets and is therefore often called an inbound firewall; and an application filter that deals with applications wanting to access the network or internet, which is why it is often also referred to as an outbound firewall. Emsisoft Anti-Malware has always had an application filter as part of its Behavior Blocker and that will continue to be true. The difference between the outbound firewall in Emsisoft Anti-Malware and Emsisoft Internet Security is that the former makes decisions autonomously, while the later, at least in theory, allowed you to also use your manual rules. In practice, the default for Emsisoft Internet Security was to automatically allow all outbound connections and the majority of all our users never changed it.

Why did you make the change? Was Emsisoft Internet Security less secure than the Windows Firewall?

No.

All firewalls on modern versions of Windows are based on the same technologies provided by Microsoft. In addition, inbound firewalls in particular are incredibly straightforward to implement, as they only block or allow access based on simple rules. That is why there is absolutely no difference in protection provided between any of the inbound firewalls on the market, including the Windows Firewall.

However, the Windows Firewall does have some benefits:

  • Support for Windows Networking like Home Groups is a lot better in the Windows Firewall out of the box. There is no need to tweak any rules manually as was often the case for Emsisoft Internet Security.
  • It is easier to use. This is mostly because third-party applications will take care of creating all necessary firewall rules for you. That is not an option that Emsisoft Internet Security could provide, as most software vendors don’t care about third-party firewalls.
  • The Windows Firewall also provides much better compatibility. Third-party software vendors usually test their products with the Windows Firewall as it is part of Windows, but almost never test their product’s compatibility with aftermarket firewall products.
  • Last but not least, the Windows Firewall also provides a lot more configuration possibilities to expert users and allows for much more complex rulesets than the inbound firewall offered as part of Emsisoft Internet Security.

But there are also a couple of disadvantages, which is where Emsisoft Anti-Malware 2017.8 comes in:

  • Intelligent outbound firewall: The outbound firewall part of the Windows Firewall will by default allow every application to connect. This behaviour is actually identical with Emsisoft Internet Security, which also allowed any application to connect to the network or the internet unhindered by default. While both products can be manually configured to block programs from accessing the internet, most users don’t want to deal with this responsibility. This is where the intelligent outbound firewall that is part of our Behavior Blocker comes in, which will prevent malicious applications from communicating with the internet automatically while not getting in the way of benign applications.
  • Enhanced malware protection: The Windows Firewall on its own does not provide any protection against more sophisticated attempts to bypass its outbound firewall through advanced techniques like code injection. Code injection essentially allows malware to take over a trusted program in order for its internet communication to pass through the firewall unhindered. Again, the Behavior Blocker in Emsisoft Anti-Malware is incredibly good at detecting and preventing these kinds of attacks.
  • Windows Firewall Fortification: The functions Windows Firewall provides to software vendors to automatically create rules for their applications in the Windows Firewall for ease of use are also pretty much unprotected. That means that malware can and does create rules for itself automatically. In version 2017.8, we extended our Behavior Blocker technology to protect the exposed Windows Firewall functions from malicious usage. This gives you control over which of your applications are allowed to create Windows Firewall rules for you and which aren’t. This is what we refer to as “Windows Firewall Fortification”.

To sum things up, for inbound filtering, the Windows Firewall is just as solid a choice as any other firewall product on the market, including Emsisoft Internet Security. It provides better compatibility and is easier to use for the majority of users. Its drawbacks mostly revolve around its outbound filtering capabilities, which are perfectly complemented by the enhanced Behavior Blocker that is part of Emsisoft Anti-Malware 2017.8 and later.

Where can I find the new Windows Firewall Fortification options?

The new options are part of the Emsisoft Anti-Malware Behavior Blocker. As such, you can find them under Protection/Application Rules:

emsisoft-firewall-fortification-options

In addition, whenever the Behavior Blocker sees any application it doesn’t know to be trustworthy attempting to create new firewall rules or change the firewall status, it will attempt to auto-resolve the situation by blocking the attempt:

emsisoft-firewall-modification-alert

If you have auto-resolve disabled, it will simply ask.

Where can I find the “advanced configuration possibilities” you talk about? My Windows Firewall only has a couple of options!

The default dialog to configure the Windows Firewall can be incredibly deceptive at first. The advanced configuration dialog is stashed away behind an innocuous looking link in the normal Windows Firewall configuration dialog:

windows-firewall-advanced-settings

Windows Firewall dialog with link to Advanced settings

Clicking that link will expose the real configuration of the Windows Firewall where you have full access to all the rules it adheres by.

That looks awfully complicated. Are there easier methods?

There exist a slew of additional applications that sit on top of the Windows Firewall and attempt to enhance it by making rule creation and management easier. Some of the most popular are:

That being said, we think that the majority of users probably won’t find these tools to be necessary. That is also why we decided against creating our own Windows Firewall front-end and focus our development efforts on improving the complementary and enhanced technology in our Behavior Blocker instead.

So what do you recommend I should do?

We strongly believe that the combination of Emsisoft Anti-Malware and the Windows Firewall is the best option for almost every user. For the past 12 years while developing our product, we used this exact combination in all of our internal performance evaluations of our technology. Our malware research team works hard to make sure that even the most advanced threats are blocked immediately across all our products.

So yes, Emsisoft Anti-Malware blocks the same malware that Emsisoft Internet Security blocks out of the box – no configuration, paying extra or jumping through hoops needed.

If you do feel the need to make sure that certain legitimate applications can’t access the internet, the Windows Firewall does offer the ability to do so via its Advanced Settings. If you find that method to be too inconvenient, going with one of the many front-ends may be an option for you.

We do know that a small minority of Emsisoft Internet Security users believe that the Windows Firewall must have backdoors implemented by Microsoft to allow them to spy on their users. In all our research, we haven’t found one and neither have hundreds of other security professionals that constantly review Windows for possible backdoors and vulnerabilities.

We also think it is important to keep in mind that every single firewall product for Windows Vista and later uses the very same frameworks to implement packet and application filtering. There is no difference between the Windows Firewall, Emsisoft Internet Security and any other third party firewall from a technical point of view. If Microsoft were to backdoor their products to allow unhindered communication, this backdoor would probably be part of the Windows Filter Platform or the NDIS Lightweight Filter Framework, which are the underlying technologies all firewall products are built upon, and affect every firewall product equally.

If you still prefer to use a firewall product other than the Windows Firewall, we recommend you contact the software company creating your new firewall product of choice beforehand to ask them whether they implement their own firewall or rely on the Windows Firewall as well. Most firewalls and internet security suites dropped their own implementation in favour of the Windows Firewall many years ago. So we suggest you ask them first to make sure you don’t end up with a Windows Firewall front-end instead.

Do you have more questions? Post them in the comments and we’ll answer them.

Have an excellent (malware-free) day!

  • novos7

    Does that mean Emsisoft will soon be displaying messages when trying to connect some app to the internet and will you be able to decide?

    • Fabian Wosar

      No. The Behavior Blocker will continue to make that decision autonomously.

  • TheSeeker11

    A sensible choice to be sure. In fact, a less chatty firewall can be more secure as less advanced users will not allow connections that probably should be blocked.

    “We do know that a small minority of Emsisoft Internet Security users believe that the Windows Firewall must have backdoors implemented by Microsoft to allow them to spy on their users.”

    I’m surprised users this paranoid don’t switch away from Windows entirely!

  • Jon

    Good work Emsisoft!

    I agree your main Anti-Malware product is fantastic and by far out sells Internet Security for us over the years.

    The Internet Security product has some nice features over the Windows firewall for a very small number of users and mainly because those users don’t understand the MS firewall.
    Setting up rules was easier in Emsisoft I must agree but another point that you raise is also very true, the majority of users that did buy Internet Security that I’ve helped support did not seem to change/configure the firewall from the default rules! So again our findings do agree with your comments that the default Windows firewall settings provide the same level of protection.

    One area I would like to see improved by MS or Emsisoft however is a better way to deal with Public, Private or Work networks in that ensuring the correct protection level is set some how… I’m not sure how to better control this but it’s one area that could benefit from improvement especially by mobile users….
    Having said that I have been told by some of our Windows 10 users that MS is allot better now days, in that when you connect to a public/unsecured wifi network it seems it correctly sets you to being on a ‘public network’ which locks down your shares and computer access)… I need to test this out for myself more but if true I think there is not much to worry about :-)

    Thanks again for a great blog post and keeping us all informed!

    • Hi Jon, thanks for your insightful comments and additional perspective on this subject. We’re always listening to thoughtful suggestions and discuss them within the team to make sure we give our customers optimal protection without any unnecessary bloat.

      Cheers!

  • Hello, our blog was fine, after seeing your screenshot, it happens when you have a connection issue (happened to me sometime).

  • Caravaggio

    Thank you for this article, it helps to understand how a firewall works and to set up windows firewall correctly. Ive been using Emsisoft since 4 years now, and the only time my system was infected i was using Online Armor, with other AV and a Windows OS outdated. I have Windows 10 now, a legitimate and updated copy, in one of my Pcs, it works pretty well, its a very stable OS.

    In my humble opinion, i prefer to put the efforts in other practices that have been mentioned here many times as router set up, OS updated, passwords and a long etc., than having to monitor that aspect by myself, you feel more insecure like that, and do the wrong.

    I´ll take your recomendations for the firewall set up, and ill ask after october if i have any doubts.

  • namitutonka

    Windows Defender requests to turn on app & browser control, further reporting “Check apps and files is off. Your device may be vulnerable.” As far as a firewall goes you no longer give any support, either for lack of there being one in the October 2017 Emisisoft rollout, or that Windows firewall is very configurable by the user.

    Three questions:
    1. Does the aforementioned app, browser control, and files checking become redundant as it will be incorporated in Emisoft’s October 2017 rollout of Emisisoft Anti-Malware?
    2. 1. Does the aforementioned app, browser control, and files checking become necessary as it won’t be incorporated and/or configurable (see question 3) in Emisoft’s October 2017 rollout of Emisisoft Anti-Malware?
    3. Will the new October 2017 Emisisoft Anti-Malware defer it’s autonomous decisions to permit apps or programs to connect to the internet and let Window’s Defender (Win10) configuration override Emisisoft Anti-Malware?
    4. The new configurable options under Protection/Application Rules of the Emsisoft Anti-Malware Behavior Blocker look as if (being that these options are configurable choices) they are excluded from what I definitely would think Emisisoft Anti-Malware should be monitoring and possibly making an autonomous decision to block such activity. Can you explain this?

    • First, “app, browser control, and files checking” in Windows Defender Security Center is more commonly called Smartscreen.
      Smartscreen is the built-in systemwide cloud reputation mechanism of Windows.
      When Emsisoft AM will be used those shouldn’t be disabled. However Windows Defender (the scanner) itself will be replaced by EAM but you can manually set it to “periodic scannning”, which will make it as a secondary scanner.
      Smartscreen isn’t part of Emsisoft AM, it is part of Windows10.

      “3. Will the new October 2017 Emisisoft Anti-Malware defer it’s autonomous decisions to permit apps or programs to connect to the internet and let Window’s Defender (Win10) configuration override Emisisoft Anti-Malware?”
      Windows Defender is only a real-time scanner and will be disabled by Emsisoft AM, what will allow apps/programs to connect to internet is the Windows Firewall, and Emsisoft AM won’t touch it.
      Emsisoft AM will only protect Windows Firewall to be manipulated (creating outbound rules) by suspicious programs.

      “4. The new configurable options under Protection/Application Rules of the Emsisoft Anti-Malware Behavior Blocker look as if (being that these options are configurable choices) they are excluded from what I definitely would think Emisisoft Anti-Malware should be monitoring and possibly making an autonomous decision to block such activity. Can you explain this?”
      The Application Rules section lists all application rules that have been defined.
      The Behavior Blocker section lists all running process with columns for Process.

      so basically Applocation rules will list non-running processes, while the behavior blocker only those running; so if an application is defined (in Application Rules) but not executed it won’t appear in the Behavior Blocker list. However if executed, it wil lappears.

      • Nevi

        @@umbraemsisoft:disqus
        Do you really mean WD would help anything with periodic scans, when Emsis Behavior Blocker is monitoring everything?

        • I believe it, Microsoft has one of the biggest database and focuses mostly on prevalent threats, so i see no inconvenients of using WD periodic scans. After all,it will not disrupts anything. I have it enabled personally.
          Sure, Emsisoft will be the main player, but having a second one is always beneficial.

          “Better wearing a helmet even if you are driving a tank” ;)

  • This is still talking around the issue, which is system and application monitoring and control by those users who do know just what they want and are willing to make the effort for it. Not for “most users”, not (just) for security, but monitoring and control for advanced users.

    • Fabian Wosar

      If you are after monitoring and control your best option is using a HIPS. We got out of the HIPS business years ago when we discontinued Online Armor as that market is pretty much dead for home users. But there are still some left.

      • *nods* Hence me using Comodo Firewall, with EAM alongside. When I asked around back then the options offered were Comodo or Emsisoft due to the Online Armor. Which was gone by the time I made my choice for this pairing. Good thing at least I didn’t make the other choice earlier, or somehow chose EIS instead of this pairing, or I’d have been left out in the cold for good when you changed things around, like I was by BitDefender to cause me to switch after using it for over 10 years (and sticking to the 2011 version for a year after end of support, because those after it left these aspects out in the cold).
        The issue is just that, that the market is dead, I’m out of options. Emsisoft was different from what I was running away from when it got on my radar. Now it’s not anymore.

  • Majik thise

    See here is the issue you seem to want to avoid –

    “We believe”, “We think”, “Most Users”

    This was brought up when you canned OA we all got told “use some other monitoring software or a firewall with HIPS, oh and btw HIPS isn’t for Home Users” since it didn’t seem to matter to you if a user was a Home User and wanted HIPS nor if the user had specifically bought your product for those features.

    You are literally showing contempt to those Users who do want more control or more features and you never answered those queries then and you haven’t answered them now.

    I chose to continue to use EMSI with EIS because it was the continuation of OA as a advanced users despite the lack of HIPS and the integration with EAM, and now I’m being told I can’t have the feature I upgraded to and now must use Windows Firewall, newsflash if I wanted to use Windows
    Firewall I wouldn’t have bought EIS.

    I don’t use WF because of it’s feature set such as automatically giving apps outbound permission
    and how it can be easily abused if something gets access to the Group Policies, my concern is not with some backdoor Microsoft added but due to its absolute integration with the OS, something you claim as a positive however I would argue that it is totally negative since it’s not a stand alone product.

    It seems that recently you have an aversion to power users and EMSI is doing all it can to push these users away, and it can been seen in this blog with statements like users not needing software which makes “making rule creation and management easier” because “we think that the majority of users probably won’t find these tools to be necessary.” As “we decided against creating our own
    Windows Firewall front-end and focus our development efforts on improving the complementary and enhanced technology in our Behavior Blocker instead.”

    So which is it EMSI do you want users to have more control over WF or not? Since you seem to want people to use WF because of it’s integration and ease, yet you don’t want to give people the tools to use those advanced features easily. Instead users will be left with less security, configuration and management unless they buy yet another security product something I suspect you won’t pay for.

    I’m currently deferred as of right now so my question is this, when will 2017.8/9 be pushed to that branch so that I have time to find a replacement that will not pull the features I actually bought the product for?

    • Christian

      Majik I can totally understand your frustration and I’m sorry that we’re unable to meet all your expectations. But to be fair, I think you’re asking the impossible here. Emsisoft’s goal always was and will be to protect people from malware attacks, and we do that to the best of our knowledge and in a way that we believe works best.

      As a matter of fact, neither a HIPS nor a desktop firewall greatly contribute to malware protection today. At least not for the average user that we sell our products to. HIPS are a technological dead end because they train people to click ‘allow’ on everything, and desktop firewalls became kind of redundant with the rise of NAT routers in combination with the Windows firewall. Simply said: There is not much space for us to contribute meaningful software that effectively improves the level of protection.

      Yes, we could keep making geek software to serve individual corner-case requirements, but then Emsisoft would soon cease to exist, because the few geeks couldn’t pay for the development unless we would charge >$1000 for a license. Whether we like it or not, we can’t neglect the fact that a few hundred geek customers can’t finance the development of such software. If there would be a reasonably big market for the kind of software you’re asking for, believe me, we would be first to happily serve it. It’s not that we dislike experienced geeks, quite the opposite, but there are simply not enough of them left to even pay a single developer and I’m unfortunately not in position to burn money.

      In our wider goal to make the Internet a safer place, we will continue to make sure we can protect as many computers as possible from any types of malware.

      • It is also a self-fulfilling propecy. Power of infrastructure and all, make what’s available be the “non-geeky” variant for everything, that’s what most people will take. Make it the other way around, that’s also what most people will take.
        And I for one have not been “trained” by software. Nor do I allow everything. Quite the contrary, if not really certain block first (without creating rules), see what happens, look it up, if it seems fine allow it after the 2nd prompt.

        • @cavalary:disqus We are sorry if our new direction won’t satisfy your expectations or needs, but the choice wasn’t taken over an hour, it was carefully thought out and based on feedbacks we had.

          About edit1 : “the needs of the many outweigh the needs of the few.” and many still uses a PC…

          About edit2: Indeed, i’m active there (and in some other security forums) since very long time; and what you read there is a snapshot of the security scene. When a model doesn’t become popular enough for any reason, it disappears by itself and replaced by another. From what i see now, HIPS are replaced by behavior blockers or Sandboxes, less complex to handle and understand, with giving an equivalent amount of security.

          • I’ll keep asking where do those who aren’t part of “the many” have to go.
            And… You know, seems to me that it’d be harder to make the software analyze what a program does and make good decisions on its own than it is to make it analyze what the program does, inform the user of it and ask said user what to do. So if a program includes the AI part, why remove the prompt part as a non-default option, for those who want it?
            As for complexity, I’ll get back to what a now-former friend was saying years back, when fed up of coworkers asking her about computer stuff: Look, if I don’t know much about cars, I don’t drive.

            Other than that, just rotten capitalism ruining everything, which is the general rule. If something has to pay to last, it won’t be something good.
            And by the way, somewhat on that note, if the goal would be to provide the best security, end of, you’d have all security groups working together for an unified behavioral module, local definitions database and cloud lookup database that’d be better than what any of the current groups can make on its own. The fact that there are still a couple dozen security products, all told, means that the main goal is not security for any of them, but either simply to make money or to provide customers with a different array of products, tailored to a wide range of types of needs and desires, since many have multiple versions/tiers of their product as well. And I’m not seeing behavior indicating option two anywhere…

          • David Biggar

            Just an update:

            https://www.virusbulletin.com/testing/results/latest/vb100-antimalware

            The one you posted wasn’t the latest – we did achieve VB100 in the last one, just for anyone else reading this. That last test is from August, a few months ago.

            Yes, we did slip for a few tests, I believe due to asking the user when it wasn’t clear. We’ve adjusted as was mentioned, and are passing quite well again.

      • Majik thise

        I’d hate to disagree with you unless your policy has changed from protecting users from attacks to only Malware attacks as seems to be implied from your response. This isn’t about malware it’s about security on and around the internet and connections to it, by applying a blanket “we only care about malware” you are saying other potential security issues not caused by malware are unimportant to the security of the OS.

        This was brought up in the other blog as well, it’s naive to think that all users are on NAT and IPv4 and using the Windows Firewall while that might a reasonable usage case it is not the only usage case, however your stance seems to be if you don’t fit that usage GTFO. It’s the same as saying “meh we only will support Windows 10 regardless of if 7, 8 and 8.1 still hold the majority share, oh and you better use Intel since that’s what most people use sorry AMD but you aren’t the usage case”

        While that might be a slippery slope argument it’s no less one then what you just put forward, you are literally telling users that aren’t in your ideal usage case they no longer have a place or a product. Much like the stance of saying “use WF but we won’t provide you additional configuration tools” you want to push people to a product they don’t want and against the original purchase. Like myself I purchased a firewall product, you are now telling me I will not get the product I paid for and I should use a product I consider inferior due to it’s total OS integration along side a cut down version of the original product.

        “Whether we like it or not, we can’t neglect the fact that a few hundred
        geek customers can’t finance the development of such software.” Statements like this are the biggest issue I have right now when it comes to this, you are telling power users they aren’t wanted. BTW how is Enterprise? Surely those geeks aren’t worth the money either considering they want the same if not more features? You aren’t even giving power users tools regardless because of the stance on the default usage case.

        “In our wider goal to make the Internet a safer place, we will continue
        to make sure we can protect as many computers as possible from any types
        of malware.”

        Again malware is not the single threat to a system no matter how you want to paint it, lessening peoples security does not make them better off and more protected and is why I will no longer recommend EMSI products beyond these recent announcements.

        I’ll just sit back and wait for the “new EMSI EAM now includes hardening for Windows Defender since that’s all people really need so we cut AM development if you want additional AM go pay another fee to someone like BitDefender.”

        FYI you never did answer the directed questions regarding deferred updates and GPO manipulations.

  • Laser_Beam

    I’ve tested fairly extensively the new combination (EAM + Windows Firewall) and it works very well, as intended. May I add a suggestion/question here that might allow further control and customization, without upsetting the “average user”?

    If I understand correctly, the default option “Automatically allow programs with good reputation”, will *disable* the new Firewall Fortification feature for these programs – and there are lots of them. There’s no danger since they are indeed good programs, but many of them have a tendency to add unnecessary rules to the WF and just allow any type of connection.

    The suggestion is to *optionally* extend the “firewall rules change monitoring” for *all* programs, not just malware. This way we’ll be able to know exactly when and what tries to make changes to the WF. I know this could be (partially) achieved via rules, but is seems a very tedious and unnecessary process.

  • Paul

    Call me thick, but I’m using windows 10 and Windows Firewall is part of Windows Defender. Will Emsisoft turn on Windows Firewall automatically or will I have to run Windows Defender?

    • Hello,

      Windows Firewall is part of Windows Defender Security Center, not Windows Defender; so when you are using Emsisoft Anti-Malware, only Windows Defender will be disabled, not Windows Firewall.

      • Paul

        Thanks for replying.
        So I won’t have to change any windows settings? As I understand, Windows firewall has been turned off for as long as I’ve been using Emsisoft Internet Security – in fact for as long as I have had windows 10.

        • No you won’t. In the past, when you installed Emsisoft Internet Security (which include its own firewall), it disabled Windows Firewall. So now, when Emsisoft IS migrate to Emsisoft AM, the Windows Firewall should normally be re-enabled by itself (if not, you will be notified by Windows to reactivate it manually).

          • Paul

            Thanks for that.

  • I decided to switch to EAM from EIS at the beginning of September to get a feel for the new configuration before the official switch on October 1st. I am able to say that I am nothing but pleased with your decision and I’ve experienced no “drop off” in protection or performance. I started with you close to 10 years ago with EAM and OA and I look forward to staying with you for the next 10 years. Thank you and please keep up the great protection.

  • Michael Stadsburger

    I am extremely disappointed and hate using windows firewall. I will definitely not renew my licenses. In fact I feel cheated. Not having to use windows firewall is one of the main reasons I bought your product.

  • Javier del Rios

    I´m still pissed off at you guys about taking down Online Armor, I loved that firewall and had no idea that it had been discontinued until one day I had to reinstalling after formatting my computer.

  • Pat

    BTW: good to see that in August you finally passed VB100 test, after two consequtive fails in June and April. Why did you fail before, while bitdefender passed?

    • Fabian Wosar

      Bitdefender uses some highly aggressive signatures that trigger a cloud check of files to validate whether they are or are not shown to the user. We do not use the Bitdefender cloud at the moment.

      • Pat

        How you will make sure your solution really works and is up to date?
        I wanted to reccomend your product to my friend, as I am using it myself, but when I tried to give him argument that Emsisoft is equally good, we came to these failed test on VB100, so finally he chose another one. Then I saw another one failed and I started to question my choice as well. If you had failed the third time in row, I would probably also go somwhere else…

        • Tests labs are like the weather shows, it is just an indication of a product capabilities in a given point in time, with given malware samples, in a given situation, with a given methodology.

          A leading vendor in the security scene even decided to not participate anymore in a very popular test because the methodology used didn’t reflected how its products is supposed to be used by classic users. Doesn’t mean the said vendor has a bad product, it is quite good in fact.

          My advice is to take those lab tests with a grain of salt, read carefully their methodologies (most ignored aspect by the readers), consider the results as complementary informations and not taking the results as ultimate truth.

          • Laser_Beam

            Absolutely correct points.

  • Barbara Columbus

    Hello Emsisoft. I’ve made an attempt to wade through all these comments by advanced computer users. I don’t understand most of it. This is exactly why I’m very happy with Emsisoft. I don’t have to understand anything except to trust your system, and I do. I feel confident that Emsisoft is looking after my computer and has been for years. Thank you for all that you do for us.

  • John

    problem I have emisoft malware is used on a machine in conjunction with other products
    incorporating all these together makes it unusable if I want only the anti malware portion can anatimalware be hived off separate still??? & will it play nice with my other antivirus & security suite products????

    • Emsisoft Anti-Malware is a full-fledge antivirus and shouldn’t be used alongside other antiviruses or suites.
      Using 2 antiviruses at same time isn’t recommended because it may lead to serious issues like crashing your system or making it unbootable.

      • John

        Bullying is not nice get over it some antivirus products work together nicely relying on one is an invite for malware — shut down 1 product & the machine is yours MANY years of experience speaking here (45+ years in the industry )
        lets talk turkey not rehetoric –your product can miss items while multi product approach catches more malware & the products I use DO Work & do NOT trip up each other up … spend the time to make it so & you will find a wider market for your products
        NOW did NOT answer my ORIGINAL question — can you hive off/enable ONLY malware (back to the original unanswered question)!

  • Evandro

    I WOULD NEVER USE AN INTERNET SECURITY SOFTWARE THAT HAS NOT DEVELOPED YOUR OWN FIREWALL, AND IF THAT HAPPENED, I WOULD ASK FOR MY MONEY BACK! THANK GOD I GOT A LICENSE VALID UNTIL 2022 OF THE DR.WEB SECURITY SPACE PROGRAM 11.00

  • JOSEPH STAIANO

    After an extensive research I decided to purchase Emisisoft Internet Security because it included a “kick ass” firewall as you put it. What I wanted was a good antivirus and a firewall with none of the extras features that drain your system. This was the advertising that sold me. Now to take out your
    firewall and have us rely on the windows fire wall changes your whole point of security as far as I’m concerned. Also, to suggest we use either a third party firewall or a windows firewall monitor is not only concerning but irritating. I could have purchased any stand alone antivirus without a firewall but I choose you because yours included a firewall. That’s bad business practice. I don’t want an extension I want my money back for the remainder of the 3 year license. A good business practice would have given the customer the choice to either extend fee or get a refund for remaining balance.
    Horrible, I feel ripped off!!!

    • Fabian Wosar

      You are correct. Offering a choice between an extension or a partial refund is good business practice, which is exactly why we are offering it as you can see in the original announcement:

      https://blog.emsisoft.com/2017/08/10/merging-emsisoft-internet-security-with-emsisoft-anti-malware/

      Simply send your invoice number or license key to [email protected] and we will take care of it ASAP. Please keep in mind that we can only refund purchases made directly via our store.

      • JOSEPH STAIANO

        I WAS TOLD THAT AFTER I RECEIVED MY REFUND AND LATER CHANGED MY MIND AFTER GETTING A GREAT DEAL ON GLASSWIRE TO CONTROL MY WINDOWS FIREWALL, AND WOULD OF COURSE PAY BACK THE REFUND, THAT I WAS NOT ABLE TO RECEIVE MY SUBSCRIPTION BACK.

        I’M MUCH MORE COMFORTABLE WITH EMSISOFT AS LONG AS GLASSWIRE IS MONITORING MY WINDOWS FIREWALL.

        I’M ASKING THAT MY REQUEST BE FORWARD TO: Christian Mairoll – Managing Director/Founder

        I DOT SEE ANY REASON WHY I CAN NOT RETURN THE REFUND AND GET MY SUBSCRIPTION BACK.

        THERE MUST BE SOMETHING YOU CAN DO TO MAKE THIS RIGHT

        JOSEPH STAIANO

        • David Biggar

          Hello Joseph,

          I see that you have an open ticket with Thomas, where he gave a key and download instructions. Have you addressed or received that email? It was sent to you yesterday, possibly after you created this post. I believe this has already been addressed.

          Let us know please via [email protected] if you did not receive the reply, or require further assistance on this.

          • JOSEPH STAIANO

            UPDATE: THOMAS OTT FROM EMSISOFT CUSTOMER SERVICE WENT ABOVE AND BEYOND TO RESOLVE MY ISSUE. AND TO BE HONEST IT WAS MY MISTAKE THAT HE SPENT THE TIME AND EFFORT TO CORRECT, THANK YOU TOM AND EMSISOFT FOR A GREAT JOB. I’M HAPPY,

          • David Biggar

            Thank you very much for letting us know, Joseph, and for your comments!