Tagged: emsisoft

Emsisoft Internet security 10 review & settings

malware detection rate is very good

malicious & phishing website blocking is very good

After doing some setting it will be light on system resources

Cloud based detection helps in detecting new malware

Proactive protection is very good in protecting from new zero day malwares.

Emsisoft takes most of the decision itself. Sometimes user will be asked to take decision, especially when installing/executing new software’s.

Heavy on system resources. Hard disk usage is high. It scans every action in the system which eventually leads to slowdown.



DOWNLOAD LINK :  http://dl.emsisoft.com/EmsisoftInternetSecuritySetup.exe

To get version 10 tick “Enable beta updates” in Settings -> update



Below the menu is the activity bar which displays the real-time activity of Emsisoft Anti-Malware or Emsisoft Internet Security and lists your protection status. The color of the activity bar and status message change according to the current protection status:

  • Green (Your computer is protected!) – All protection features are enabled and signatures are up-to-date.
  • Orange (Your computer is partially protected!) – Either one or more protection features are disabled or signatures are out-of-date.
  • Red (Your computer is at risk!) – All protection features are disabled.

The top row contains the following larger interactive tiles:

  • Protection – Clicking on this tile takes you directly to the Protection section of the program. The lower half of the tile lists the individual protection components of Emsisoft Anti-Malware or Emsisoft Internet Security. Clicking on a component’s name takes you directly to that component’s section. You can also quickly enable or disable individual components by clicking on the icon to the left of the component’s name.
  • Scan – Clicking this tile takes you directly to the Scan section where you can select your scan type and configure detailed settings related to scans. The labels on the lower section of the tile allow you to quickly initiate a scan of your chosen type.
  • Quarantine – Clicking on this tile takes you to the Quarantine section.
  • Logs – Clicking on this tile takes you to Logs section.


The Emsisoft Anti-Malware or Emsisoft Internet Security core, subdivided into Application Rules, Surf Protection, File Guard, Behavior Blocker and Firewall, allows for easy fine tuning or removal of behavior rules.

Application Rules

The Application Rules section lists all application rules that have been defined, with columns for Filename and Behavior Blocker and in the case of Emsisoft Internet Security, columns for Firewall In and Firewall Out. The Filename field shows the file path of the program for which the rule was created. The Behavior Blocker column shows whether the program is blocked from running [Program is blocked], allowed to run freely [All allowed] or has customized rule settings [Custom]. The Firewall In and Firewall Out columns show whether a program is permitted to make connections [All allowed], blocked from making connections [All blocked] or has customized rules settings [Custom]. Custom allows you to configure your own rules specifying exactly what behaviors and/or connections are allowed or blocked for a program.



The File Guard not only scans files before they are executed, but depending on your chosen settings, it can also scan before all other file actions such as moving or downloading from the Internet.

The following options are available for customization of the File Guard:

  • Scan level – The slider control allows you to balance the File Guard’s scan level between best performance and best protection as follows:
    • Fast – Scans programs when they are started. This option has the least effect on the performance of your system while still ensuring that Malware is prevented from executing. Inactive Malware may remain undetected until you run a manual scan.
    • Balanced – Scans all files when they are created or modified, e.g. when a file is downloaded or copied onto your computer from a USB stick. Balanced is the recommended setting.
    • Thorough – Scans all files when they are read by any program so that simply selecting a file is sufficient to cause it to be scanned. This option has the greatest impact on system performance and doesn’t offer a significant advantage in detection when compared to the other options.
  • Only scan files with specific extensions – When this check box is selected, the File Guard only scans files with extensions that are specified in the list. On the one hand this setting can improve the speed of your system because only some files on the hard drive are scanned but on the other hand this also reduces the level of system protection. You can edit the list of specified file extensions by using the Edit button.
  • Protect the computer even if no user is logged on – Ensures that the File Guard is started during system boot and that it remains running in the background even if real-time protection is shut down. You may wish to enable email notifications in conjunction with this option to ensure you are alerted to quarantined objects. If the option is disabled, File Guard starts when the first user logs on.

You can configure the default actions to take for each of the following types of File Guard detections:

  • Malware detections – Choose how you want the File Guard to behave when Malware is detected by selecting either [Alert], [Quarantine silently], or [Quarantine with notification] from the drop down menu.
  • PUPs detections – Choose how you want the File Guard to behave when Potentially Unwanted Programs are detected by selecting either [Alert], [Quarantine silently], [Quarantine with notification], or [No detection] from the drop down menu.

The Manage whitelist button allows you to specify files or folders to exclude from scanning and/or from real-time monitoring.

  • Ticking “only scan specific extensions” will minimize the system resource usage by emsisoft

Behavior Blocker

The Behavior Blocker reports the behavior of programs that are sometimes clearly dangerous but sometimes also only possibly dangerous. With some benign programs a clear decision between benign and malicious behavior is not technically possible. Emsisoft Anti-Malware or Emsisoft Internet Security always report this type of suspicious behavior unless you activate alert reduction to reduce the number of false alerts relating to benign programs.

The following options allow for control over the amount of alerts you receive:

  • Community-based alert reduction – Emsisoft Anti-Malware or Emsisoft Internet Security rely on the intelligence of the masses. When this option is activated, an online query is sent to the Emsisoft Anti-Malware Network to check what other users decided to do with the reported program.
    • Assume control of “allow” decisions – This option allows you to define whether programs should be automatically allowed using community-based alert reduction.
    • Assume control of “block” decisions – This option allows you to define whether programs should be automatically blocked using community-based alert reduction.
    • % threshold required to assume control of decisions – Allows you to select the percentage of total users that are required before a program can be automatically blocked or allowed using community-based alert reduction. For example, using the default threshold of 90%, this means that if 90% of users have allowed the program to start then an application rule would be created to automatically allow it on your system.
  • Activate paranoid mode – Alerts for additional possibly malicious activity by applications with a suspicious or Malware-like file layout. This option is deactivated by default because it can produce many false alerts and is only recommended for advanced users.

Monitored Behavior

You can define the individual types of behavior that should be monitored system-wide by Emsisoft Anti-Malware or Emsisoft Internet Security as follows:

  • Watch for possible backdoor related activity
  • Watch for possible spyware related activity
  • Watch for possible hijacker related activity
  • Watch for possible worm related activity
  • Watch for possible dialer related activity
  • Watch for possible keylogger related activity
  • Watch for possible trojan downloader related activity
  • Watch for applications trying to inject code into other applications
  • Watch for programs editing (patching) other executable files
  • Watch for programs installing something invisibly
  • Watch for rootkit programs using a hidden process
  • Watch for installation of services and drivers
  • Watch for programs modifying startup areas
  • Watch for programs changing the Hosts file
  • Watch for browser settings changes
  • Watch for debugger installations on the system
  • Watch for programs simulating mouse or keyboard activities
  • Watch for direct disk sector access on harddisk
  • Watch for system’s group policy changes

To exclude particular types of behavior from monitoring, remove the tick next to the relevant entry. Only deactivate behavior types if you are sure that this will not compromise your system’s security.



The Firewall section lists all global packet rules. These rules are processed prior to your custom Application Rules:

Each global packet rule is defined by a set of criteria that a packet (data unit) must match. Emsisoft Internet Security analyzes each incoming or outgoing packet and cross references it against each rule (in order of appearance from the top of the list to the bottom of the list). If a rule matches, then the specified action is taken. If a rule doesn’t match, the packet is cross referenced against the next rule.

Manage Networks

The Manage networks button opens a dialog that lists all your network adapters and connected networks and allows you to configure their settings. This is especially useful for protecting laptops from unauthorized access by others when you are connected to an unknown or untrusted wireless network or an office network.

Clicking on a network adapter in the list displays the following settings for that adapter:

  • Category for new connections – Lists the trust level that will be applied to new connections made using this adapter. You can adjust the default setting by selecting [Public network] or [Private network] from the drop down menu. If the option to Use Windows settings for new connections is enabled, the trust level will instead be determined by the operating system’s default settings.
  • Type – Lists whether this is a wired or wireless adapter.
  • Use Windows settings for new connections – All adapters are initially set to use the operating system’s own default settings but you can disable this option if you prefer to use Emsisoft Internet Security to configure your own settings.

Clicking on a connected network in the list displays the following connection properties for that network:

  • Category – Lists the current trust level for this network connection. You can adjust this setting individually for each connected network by selecting [Public network] or [Private network] from the drop down menu.
  • Type – Lists whether the network is wired or wireless and whether or not it is currently connected.
  • Addresses – Lists all IP addresses associated with the connection.

Automatic Rule Settings

The Automatic rule settings button allows you to configure how Emsisoft Internet Security should behave with regards to automatic creation of firewall application rules. Settings are selected separately for Trustworthy programs and Unknown programs from the following choices for incoming and outgoing connections:

Incoming connections

  • Ask – An alert is displayed with the options [Allow connection], [Block connection], [Allow all connections], [Block all connections] or [Create custom rule].
  • Allow – An allow rule is automatically created for this connection.
  • Block – A block rule is automatically created for this connection.

Outgoing connections

  • Ask – An alert is displayed with the options [Allow connection], [Block connection], [Allow all connections], [Block all connections] or [Create custom rule].
  • Allow – An allow rule is automatically created for this connection.
  • Block – A block rule is automatically created for this connection.

Programs are defined as trustworthy if they were made by a software vendor with a good reputation. Executable files must also be digitally signed to ensure that their integrity has not been tampered with.

Programs are defined as unknown if they are not digitally signed and are therefore unable to be definitively linked to a specific software vendor.

  • Advances firewall settings for better security will be the setting as shown below

  • If you want more control on which trustworthy application access the internet, then you can do setting shown below


The Performance settings button opens a dialog with the following advanced options for controlling scan performance:

  • Use the following processors for scans – Advanced users may wish to limit scans to use only a certain number of processors if they require individual processors to be reserved for other tasks. By default all processors are used.
  • Number of threads – Specifies the number of worker threads active during a scan. The default is the number of processors being used for scanning plus one for reading the data.
  • Scan thread priority – Advises Windows to give the scanning threads the specified priority over other running processes. Priority can be set to a minimum to avoid negatively affecting the performance of other active tasks, e.g. when running lengthy background scans.
  • Use advanced caching – Allows intelligent self-optimization of scans on a continual basis by avoiding the need to re-examine known safe files if their contents remained unchanged.


  • You can untock Processor1 in multicore system so that it remains available for use to other applications
  • Set the number of threads equal to the number of processor ticked. If three processors are ticked then set thread to three.

Custom Scan

The custom scan method warrants describing in more detail. You can use this scan type to individually configure the scan behavior to suit your needs.

Use the Add folder and Remove folder buttons to add or remove folders to be scanned.

Under Scan Objects you can enable or disable the following options:

  • Scan for active Rootkits – Rootkits are a type of Malware that manipulate the system in a way that causes it not to show specific information or files anymore.
  • Scan memory for active Malware – Scans all currently loaded programs and their components.
  • Scan for Malware Traces – Malware Traces are manipulated registry settings or non-executable malware data or configuration files that are indicative of an infection.

If you only want to scan files within a certain folder, you will want to disable the above options as they apply to scanning for malware system wide rather than only in selected folders.

Under Scan Settings you can configure detailed settings for the actual scan by enabling or disabling the following options:

  • Detect Potentially Unwanted Programs (PUPs) – PUPs are programs that are not dangerous by definition, but are usually unwanted by most users as they display ads or manipulate browsers.
  • Scan in compressed archives (zip, rar, cab) – Malware sometimes hides in compressed archives. Please note that scanning of archives may take extra time.
  • Scan in NTFS Alternate Data Streams – Data streams are hidden layers in regular files that may be used to hide malicious code.
  • Use file extension filter – Limits the scan to the specified list of file extensions.
  • Use direct disk access – Direct disk access is a more effective (but slower) alternative method of reading files from the hard disk for scanning. It should be used only for finding Rootkits, not for scanning the entire hard disk.

If you wish to repeat a custom scan in the future, you can save the configuration to a scan settings file via the Save settings. button and load it at any time via the Load settings button.

Click the Next button to start the custom scan.

  • Tick “use file extension filter” so that only files with certain extension will be scanned


The Settings screen allows you to configure general program options, and preferences for Scheduled Scans, Updates, Notifications, Permissions and License



  • Enable real-time protection at startup – To prevent new Malware infections, it is essential that real-time protection is always enabled.
  • Enable self protection – Protects Emsisoft Anti-Malware or Emsisoft Internet Security from any external modification attempts to the software’s installation folder and configuration. It is recommended that you leave this option enabled.
  • Enable captcha protection on program shutdown – Displays a challenge-response test to determine whether or not the user is human. This prevents automated termination of Emsisoft’s real-time protection by Malware.
  • Enable memory usage optimization – When enabled this option reduces the amount of RAM being used by swapping out non-active data (such as signatures) to the pagefile. On older computers this may result in system slowdowns. If you have sufficient RAM, you may wish to disable this feature to ensure maximum speed.

Explorer Integration

  • Enable Explorer integration – Allows scanning of individual files or folders via the Explorer context menu (right-click).


  • Enable logging, maximum records: – Define the maximum number of entries to be kept for activity logging. Use a value of 0 for unlimited logging. The default value is 3000.

Backup and Restore Settings

  • Import settings – Allows you to restore the General software settings, Application and global firewall rules, Host rules, Permissions, and Whitelist.
  • Export settings – Allows you to save the General software settings, Application and global firewall rules, Host rules, Permissions, and Whitelist to a specified folder.
  • Factory defaults – Opens a dialog where you can specify which settings (General software settings, Application rules, Host rules, Permissions, Whitelist, Global firewall rules) you would like to reset to their default settings. There is also the option to clear all logs and reset counters.


  • The dropdown menu allows you to define the language used for the user interface and alerts. Around 30 different languages are currently available.

Quarantine Re-scan

  • The dropdown menu allows you to customize the re-scanning of quarantined objects after each signature update to identify any false detections (false alerts) and restore them if necessary. You can select from [Automatic], [Manual] or [No re-scan].


  • Untick “activate memory usage optimization” to improve the overall performance if you have 4 GB or more RAM installed in the system

Update Settings

Select your preferred update settings by selecting or deselecting the following check boxes:

  • Maximum simultaneous update connections – This option allows you to adjust the maximum number of connections (1-10) that may be used simultaneously for downloading updates. Use of multiple connections speeds up the transfer of online updates. If you experience problems with simultaneous downloads due to a slow or unstable connection, please enter a value of 1 to use consecutive downloads instead.
  • Enable beta updates – Select this option only if you always want to use the latest, untested Beta versions of the program files. We recommend that only experienced users select this option, or when you are requested to do this for fault-finding purposes. Beta updates may still contain bugs and cause unpredictable problems.

If your Internet connection uses a Proxy Server then you can configure the corresponding settings such as server address and user information in the dialog displayed when you click the Proxy settings button.

Notification Popups

The Notifications section allow you to configure the behavior of Emsisoft Anti-Malware or Emsisoft Internet Security’s notification popups:

  • News notifications – When this box is checked (default setting) a notification is displayed during online updates when a new Emsisoft news article become available.
  • Update notifications – When this box is checked (default setting) a notification is displayed after a successful update.
  • Computer restart notifications – When this box is checked (default setting) a notification is displayed when a computer restart is required (e.g. after certain Emsisoft Anti-Malware or Emsisoft Internet Security program updates). When unchecked, restarts are performed automatically.
  • Application restart notifications – When this box is checked a notification is displayed when Emsisoft Anti-Malware or Emsisoft Internet Security needs to restart (e.g. after an Emsisoft Anti-Malware or Emsisoft Internet Security program update). When unchecked, application restarts are performed automatically.
  • Removable devices notifications – When this box is checked a notification is displayed when Emsisoft Anti-Malware or Emsisoft Internet Security detects the connection of a removable storage device such as a USB stick or external harddisk.

Notifications for News, Update, and Application restarts can also be separated configured to display for your desired number of seconds.


The default settings for Emsisoft Anti-Malware or Emsisoft Internet Security allow all users unrestricted access to all program functions. However, if your system has multiple Windows user accounts then you may prefer to prevent individual users from changing the configuration of Emsisoft Anti-Malware or Emsisoft Internet Security.

You must first be logged in as an administrator for the Permissions section to be visible. You can use the Set password button to set a password if you need to prevent other administrators from changing the settings in the Permissions section. In a business environment for instance, system administrators may want to prevent local administrators from changing these settings. Setting a password also provides the added convenience of being able to to temporarily overwrite any restrictions for the logged on user.

Select the user that you wish to restrict from the Restricted users list. If your computer belongs to a domain, then select the Use domain users checkbox to change the user list.

Now select the functions that you want this user to be allowed to access from the list of Allowed actions:


Logs are an important tool for tracing purposes. The Logs screen is divided into the following sections:

  • Surf Protection – A record of all logged Surf Protection actions with Date/Time, PID (Process ID), Application, Action and Detection columns. For example, the last column shows the detected URL.
  • File Guard – A record of all logged File Guard actions with Date/Time, PID (Process ID), Application, Action and Detection columns. For example, the last column shows the name of the detected object.
  • Behavior Blocker – A record of all logged Behavior Blocker actions with Date/Time, PID (Process ID), Application, Action and Detection columns. For example, the last column shows if a program has been allowed as the result of alert reduction.
  • Firewall (Emsisoft Internet Security only) – A record of all logged Firewall actions with Date/Time, Action, Application and Description columns. When a rule is added or edited, double clicking its log entry opens the relevant application rule.
  • Scan – A record of all logged scans with Date, Scan Method, Scanned, Detected, Duration and Type columns.
  • Quarantine – A record of all logged quarantine actions with Date, Source (Path), Action and Detection columns.
  • Update – A record of all logged updates with Update Started, Update Ended, Result and Type columns.

The Export button allows you to export a log as a text file. This can be useful for providing extra information in the case of queries or problems. The Delete button allows you delete individual log file entries in the list and the Clear button allows you to clear the entire list.

The View details button in the Scan section opens the corresponding report file with detailed information about the scan. The button of the same name in the Update section opens a dialog with information on each update action, such as the number and names of updated program components and the size of the updates.


Quarantine provides a safe place for storing dangerous or suspicious files. Files in quarantine no longer present any kind of threat to your computer. A file can also be restored from quarantine when (e.g.) it was moved by mistake or as the result of a false alert.

The quarantine list has Source (file path), Detection, Risk level, Date and Submitted columns. The buttons below the list provide the following administrative functions for quarantined files:

  • Save copy – Allows you to save an exact copy of the file to any desired location, e.g. to manually examine the file.
  • Submit file – Sends the file to the Emsisoft Anti-Malware Network, allowing our developers to perform further analysis. This helps to classify new currently unknown Malware and add it to the signature database.
  • Re-scan – Re-scans all quarantined objects using the latest signatures in order to detect previously unknown files or correct any false detections and allow them to be restored.
  • Add file – Allows you to manually move suspicious files into quarantine.
  • Restore – Moves a file from quarantine back to its original location.
  • Delete – Permanently removes selected objects from the hard drive so that they can no longer be restored.
  • Save quarantine list – Allows you to export the contents of the quarantine list as a text file.

Right-clicking in the quarantine list displays a context menu with Select all, Select none and Invert menu items to make selection and editing of multiple objects easier.



Below the list are the buttons Add new rule, Edit rule and Remove rule to assist with managing your rules. Rules can also be edited or removed via the context menu that is displayed when right-clicking on the selected rule’s Filename column.

When adding a new rule for a program, the first step is to click the  button next to the File field on the Application rule dialog and select the appropriate executable file so that the complete path is displayed.

Now select your rule type from the following settings:

  • Always block this application (impossible to run) – Completely blocks program X so that it can no longer run. Emsisoft Anti-Malware or Emsisoft Internet Security reliably prevent program X from running, without modifying the program file. An alternative solution is to place the program in quarantine. This moves the file to a secure environment from which it can no longer be started.
  • Monitor this application, but allow/block specific activities – Use this option to define exactly what activity is allowed or blocked for program X. The separate protection components below can be individually set to either [All allowed] or [Custom monitoring]/[Custom rules] for program X.
    • Behavior Blocker – If you choose Custom monitoring you can select the desired options in the behavior type list as follows to define permitted or blocked behaviors. If you don’t specify an [Allow] or [Block] setting for a particular behavior type, then you will receive an alert if that behavior is detected for program X.
      • Backdoor related activity
      • Spyware related activity
      • Hijacker related activity
      • Worm related activity
      • Dialer related activity
      • Keylogger related activity
      • Trojan downloader related activity
      • Inject code to other application
      • Edit (patch) another executable file
      • Install something invisibly
      • Use of hidden (Rootkit) processes
      • Install services and drivers
      • Modify autorun entries
      • Change the Hosts file
      • Change the browser settings
      • Register a debugger on the system
      • Simulate mouse or keyboard activities
      • Access disk sectors directly
      • System’s group policy changes
    • Firewall Incoming – If you choose Custom rules you can use the buttons Add new rule, Edit rule, or Remove rule to manage your own incoming firewall rules for program X. You can also adjust the order your rules are processed in by using the Move up and Move down buttons. If program X attempts to create an incoming connection that is not defined by one of your Custom rules, then your Firewall Automatic Rule settings for Trustworthy and Unknown programs will determine the action taken.
    • Firewall Outgoing – If you choose Custom rules you can use the buttons Add new rule, Edit rule, or Remove rule to manage your own outgoing firewall rules for program X. You can also adjust the order your rules are processed in by using the Move up and Move down buttons. If program X attempts to create an incoming connection that is not defined by one of your Custom rules, then your Firewall Automatic Rule settings for Trustworthy and Unknown programs will determine the action taken.The following configuration options are available when adding or editing incoming or outgoing rules:
      • Template – Select [Custom] to create a rule from scratch or select one of the pre-filled templates for different programs.
      • Name – Enter a descriptive name for your rule.
      • Action – Select whether you want this to be an [Allow], [Block] or [Ask] rule.
      • Protocol – Select whether the rule should apply to [TCP], [UDP], [TCP/UDP] or [ICMP].
      • Ports – Enter the port number/s or port range that the rule should apply to. When entering multiple ports or port ranges, they must be separated by commas, e.g. 137-138, 445
      • Addresses – Select whether this rule should apply to [All Addresses] or [Custom Addresses]. If you choose Custom Addresses, you can enter them into the field that appears below. When entering multiple addresses or address ranges, they must be separated by commas, e.g,

The option Don’t alert when this file changes should only be enabled if you are sure that the file cannot be manipulated or changed. Otherwise this setting should remain deactivated.

  • to block internet access to an application, select “All blocked” in firewall incoming

  • to block internet access to an application, select “All blocked” in firewall outgoing

To completely block an application from starting select “Always block this application” as shown below

  • Blocking just the firewall outgoing will block internet access to that application



Enable Scheduled Scans

The Scheduled Scans section allows for easy configuration of automated and scheduled scanning of your computer at set times and frequencies:

Run At

  • Every [x] hour [x] min between [x] and [x] – At specified hour/minute intervals during selected time frames (e.g every 5 hours between 12:00 AM and 11:59 PM).
  • Once a day at [x] – Run daily at a set time (e.g 1.00 PM).

Schedule Scan

  • Monthly – On a particular day of the month (e.g. the 1st of every month).
  • Weekly – On selected days of the week ( e.g. only on Fridays and Saturdays).
  • Daily – Every day.

Additional Settings

  • Use silent mode for scan process – Configures scheduled scans to run invisibly to prevent distracting windows while you are working on the computer. Only an animated Emsisoft Scanner icon is displayed in the Taskbar. The Scanner window will only appear if an object is detected, to provide you with information. If nothing is detected the Scanner automatically terminates when it is finished.
  • Run missed scans on next program startup – If the computer is not turned on at the time of the scheduled scan, Emsisoft Anti-Malware or Emsisoft Internet Security will run the missed scan when you next start the computer.
  • Scan settings file – If no scan settings file is specified, a smart scan will be performed by default. You can use your own custom configuration file by clicking the “…” button and selecting a scan settings file (.a2s) that you saved earlier. Scan settings files can be saved by using the Save settings button when using the custom scan option. Scan settings files are saved to ProgramData\Emsisoft\Scansets by default.



Surf Protection provides an extra layer of security to protect you from suspicious websites when you are surfing the Internet.

The Surf Protection module lists all rules created for blocked and allowed hosts with Hostname, Mode, Category and Date.

You can display or hide the built in rules by selecting or deselecting the option to Hide built in list. The search box allows searching for specific hosts by entering strings.

You can configure the default mode [Don’t block], [Alert], [Block and notify] or [Block silently] to take for each of the following categories of hosts:

  • Malware hosts – Hosts engaged in Malware distribution (e.g. Adware, Spyware, Trojans, and Viruses, etc).
  • Privacy risks – Hosts that are used for advertising or tracking purposes.
  • Phishing hosts – Hosts that are involved in phishing. Phishing is a method that uses fake websites to capture passwords and other private data.

Below the hosts list are the buttons Add new rule, Edit rule and Remove rule (only available for rules you have created yourself) to assist with management of single rules.

The Import hosts file button allows you to add multiple rules at once by importing a custom hosts file. You can then select the desired mode for your list from the following options: [Don’t block], [Alert], [Block and notify] or [Block silently].

  • you can manually add a website or ip address to allow/block it

  • You should select “Block and notify” for PUP hots and Privacy risks



  • When malware by File  Guard then this alert is shown




  • Alert asking the user what action to take when a PUP is detected by File Guard




  • Firewall alert asking user take decision whether to allow an unknown application to connect to internet or not




  •  While updating or upgrading software’s you will get this alert. If you know this application is safe select “Update rule”





Direct Download Link Emsisoft 2015 Antimalware/Internet Security version 9

Direct Download Link Emsisoft Antimalware/Internet Security version 9 ( 2015 ) for offline installation



EMSISOFT INTERNET SECURITY 9_001_19062014_140738









Emsisoft Anti-Malware and Emsisoft Internet Security 9 Online help file

Best Internet Security Software version 2017 for Windows 7/8.1/10

Internet security software is very necessary for every computer to avert threats from malwares and internet originated threats. Features expected from a good internet security softwares are –

  • Protection from known malwares like virus, trojan, worms, spyware, keyloggers, backdoors, rootkits, dialers, ransomeware and adwares.
  • Protection from exploits. Exploits take advantage from known vulnerability in softwares.
  • Firewall that monitors incoming and outgoing network activity and blocks certain packets that can compromise the security of computer. It helps screen out hackers, viruses, and worms that try to reach your computer over the Internet.
  • Zero day protection from unknown malwares and exploits. This is very important feature that is required from today’s internet security software and must be very effective. Every antivirus misses malware detection based on signature. So a effective zero day protection is required that actually works.
  • Web protection helps in blocking of access to harmful websites and blocks downloading of harmful files. It should also protect from web exploits and harmful scripts.
  • Cloud based protection is also very important features which helps in detection of new malwares.
  • Protection from email spam and malwares sent through email.
  • Online shopping & banking protection. Protection from  bad hackers some malwares try to steal the banking data from your computer.
  • Protection from Phishing websites. These are fake websites that pose a genuine websites.
  • Web filtering which blocks access to websites of certain categories.
  • Parental control feature lets parents put restrictions on there children. Restriction can be of many types. Like children may be restricted from accessing internet for certain time. They may be restricted from accessing certain websites, softwares.
  • Protection from hijacking Windows registry or Browser settings.
  • Protection from threats received from Instant messenger and Chat software’s.
  • Application control which allows or deny access to certain softwares.
  • Intrusion detection system which protects from dll injections, installation from malware driver.
  • Network Intrusion detection system which detects attacks originating from network. It could be originating from LAN, WLAN or Internet.



  1. Kaspersky
  2. Trend Micro
  3. ESET
  4. Norton
  5. Emsisoft
  6. Bitdefender
  7. Qihoo 360 Total Security
  8. Tencent PC Manager
  9. F Secure
  10. Bullguard
  11. Avast
  12. AVG


  • Good malware detection rate.
  • Malicious website detection rate is high
  • Very good proactive protection from new unknown malwares
  • Easy to use
  • Can fix infected files
  • Advanced users can do customization’s by application control and firewall
  • Parental control can block websites that are unsafe


  • Idle state – under 100 MB
  • During scan – under 200 MB

RAM  usage can go high if malwares are detected


Protect yourself against the latest malware attacks
Every day, over 315,000 new items of malware are unleashed by cybercriminals. If you’re going to protect your PC and your confidential information – you need a security solution that keeps up with the very latest threats.

Get security that won’t compromise performance
While you need to ensure your PC – plus the precious information you store on it – are fully protected, it’s no good having security software that ruins your PC’s performance… so you can’t enjoy your digital life to the fullest extent.

Prevent theft of your money & financial information
Online banking, shopping and payment systems have helped to simplify a host of everyday tasks – but they’ve also introduced serious security risks, including the potential theft of your passwords, your account details and your cash.

Don’t let the ‘Identity-Thieves’ take control
Imagine the chaos that can result if someone accesses your confidential information. If criminals capture your passwords and personal data, they can take on your ‘digital identity’, defraud you of money and cause a range of long-term problems.

Ensure your kids can enjoy the Internet… in safety
Internet threats can be scary for security-minded adults – let alone innocent children that trust what they see and who they communicate with. However, as the Internet is also a powerful educational tool, you need to enable secure access for your kids.

Stay safe & manage costs when you’re out & about
When you use public Wi-Fi, it’s easy for criminals to intercept your emails, passwords, credit card numbers and more. As well as taking care to protect your information, you also need to avoid excessive charges from Wi-Fi & 3G / 4G network operators.


  • Slow scan speed
  • Good malware detection rate.
  • Heavy on system resources
  • Very good proactive protection
  • Good malicious website protection
  • Easy to use
  • Does not provide customization for advance users
  • RAM USAGE 190 MB
  • Good parental Protection feature. Can block access to websites of various categories.


  • Protects you from viruses, spyware, worms, Trojans, phishing, botnets, rootkits, fake AV, and more internet security maximum security
  • Blocks unsafe websites, and warns about dangerous sites before you click on them internet security maximum security
  • Finds and blocks malicious links in emails or IMs and spam from your email internet security maximum security
  • Boosts the Windows Firewall and validates WiFi networks and hotspots internet security maximum security
  • Indicates dangerous links on Facebook, Twitter, Google+, LinkedIn, Pinterest, MySpace, Sina Weibo and Mixi internet security maximum security
  • Identifies settings that may leave your personal information vulnerable using the new Privacy Scanner For Facebook feature internet security maximum security
  • Improves PC performance by cleaning up temporary files, registries, browser history, cookies and the start-up manager using System Tuner internet security maximum security
  • Restricts web content and access to desktop applications. Sets an access schedule for your kids internet security maximum security
    Includes Trend Micro™ Online Guardian to monitor and protect kids on social network websites like Facebook, Twitter, and MySpace


  • Very good malware detection rate
  • Good proactive protection
  • Silent firewall
  • Easy to use
  • Very Light on system resources
  • Advace user can do a lot of customization


  • Idle state –      120 MB
  • During scan –       130 MB



  • Antivirus
  • Antispyware
  • Anti-Theft
  • Anti-Phishing
  • Personal Firewall
  • Antispam
  • Parental Control
  • Social Media Scanner
  • Exploit Blocker
  • Advanced Memory Scanner
  • Vulnerability Shield
  • Botnet Protection


  • Average malware detection rate. Malware detection heavily dependent on live internet connection. So you must be always connected to internet to get best protection.
  • Good proactive protection
  • Very light on system resources
  • Easy to use


  • Idle state –      25 MB to 60 MB
  • During scan –      120 MB


  • Insight identifies which files and applications are safe and which are dangerous, using the combined feedback of more than 175 million Norton™ users.
  • Norton Community Watch tracks virtually every file on the Internet for comprehensive global threat monitoring.
  • SONAR Behavioral Protection detects the signs that a file is dangerous to proactively protect you from never-before-seen threats.
  • Spam Blocking keeps your mailbox free of unwanted, dangerous and fraudulent emails.
  • Internet Protection System scours websites and social networking sites for suspicious links and content to identify the latest social networking scams.
  • Download Insight and IP Address Insight prevent you from downloading files from websites that have a low reputation score within the Norton user community.
  • Live 24×7 Threat Monitoring is backed by a network of Norton users who serve as your own personal Neighborhood Watch group.
  • Scam Insight reviews a website’s reputation and lets you know if it’s safe to enter your personal information.
  • Anti-phishing Technology blocks fraudulent “phishing” sites set up to steal your personal information.
  • Identity Safe remembers, secures and automatically enters your usernames and passwords for you, so they can’t be lost or stolen.
  • Parental Control helps you protect your kids from online dangers by giving you direct access to Norton Family.
  • Safe Web tells you if a website is unsafe before you visit it and it’s too late.
  • Safe Web for Facebook scans your Facebook Wall and News Feed for URLs containing security threats such as phishing sites, malicious downloads and links to unsafe external sites.
  • Intelligent 2-way Firewall prevents strangers from accessing your home network by blocking incoming traffic determined to be unsafe.
  • Network mapping and monitoring shows all the devices connected to your home network, so you can spot uninvited guests using your wireless connection and/or eavesdropping on you.
  •  Norton Power Eraser scrubs your computer of deeply embedded, difficult-to-remove infections.
  • Norton Bootable Recovery Tool creates an emergency rescue CD, DVD or USB that gets your PC running like new, even if it’s so infected it won’t start up.
  • Windows 8 App remediation scans Windows 8 apps for threats and removes them.


  • Very high malware detection rate
  • Good malicious website protection
  • Good proactive protection.



  • Surf Protection –  Blocking access to known fraudulent and dangerous websites to avoid phishing and accidental malware downloads.
  • Real-time File Guard –  Constantly scanning all downloaded and started files, using two scanners and more than 10 million detection patterns.
  • Behavior Blocker – Preventing new, sophisticated malware attacks that others often can’t protect you from – optimized against zero-day attacks.


  • Very good malware detection rate
  • Good malicious website detection rate
  • Light on system resources
  • Good proactive protection from new unknown malwares
  • Very easy to use


  • Idle state –   180 MB  to 250 MB
  • During scan – 260 MB     to 350 MB

RAM usage can go more


  • Antivirus and Anti-spyware
  • Online banking protection
  • Firewall
  • Antispam
  • Bitdefender Profiles  – Bitdefender Internet Security 2015 automatically detects when you Work, Play or Watch movies, and temporarily prevents apps from popping up or slowing you down.
  • Bitdefender Autopilot – Provides a hassle-free experience by making optimal security-related decisions with no input from you. This means no pop-ups, no alerts, nothing to configure.
  • Social Network Protection – Bitdefender Safego™ filters social-networking specific e-threats by scanning links you receive from your Facebook friends, monitors your privacy settings, and much more!
  • Fraud warnings. Secure browsing – Bitdefender Internet Security 2015 tells you if a link is safe even before you click it in Google and Bing search results. Furthermore, it blocks access to infected links that you have already clicked.
  • Pay Online in One Step – Bitdefender Wallet is a secure tool that speeds up online shopping by autocompleting credit card details within payment fields. Apart from purchase details, Wallet can also safely organize credentials for favorite websites, messaging applications, or frequently-used WI-FI networks.
  • Parental Control – Blocks inappropriate content, restricts Web access between certain hours, and helps you remotely monitor your children’s online activity – even on Facebook!
  • Startup Optimizer



  • Qihoo used Bitdefender and Avira antivirus engine which leads to very high level of malware detection. In addition it uses 360 cloud scan engine and cloud based QVMII AI engine. If you are not connected to internet while scanning files then you will get lower detection rate. In that case you will be using offline bitdefender or avira engine to detect malware in offline mode.
  • Fast malware detection & removal.
  • Very Good in Block phishing websites & malicious URLs.
  • Stop unauthorized keylogger and webcam access.
  • Protection from webcam is good. protection from keylogger is weak.
  • Impact on system resources is low. RAM usage between 60 MB to 230 MB depending on which virus database you choose to use.
  • Proactive Protection is good. But requires user to take proper decision sometimes.
  • Need some computer know-how to use it.


  • Virus Scan : Intergrating award winning antivirus engines from 360 Cloud Engine,360 QVMII, Avira and BitDefender to provide you with the ultimate in Virus detection and protection capabilities.
  • Speedup : Manage and optimize your system services, boot up items and plugins – Shorten your boot time and get going sooner!
  • Cleanup frees your disk space by removing junk files and plugin which can improve system performance – With cleanup you can decide which areas and files to clean.
  • Protection offers 4 different user selectable modes – Performance/Balanced/Security and Custom. Each mode offers a different level of protection from malware, phishing attacks and backdoors.
  • WiFi Security Check will analyze your Routers settings to ensure a safe and secure internet expeirence.
  • You can run risky programs in Sandbox, threats will be kept separate from your system and isolated in the Sandbox.
  • Patch up offers the latest patches and security updates available for your operating system including Windows Operating system updates, using patch up allow you to keep your system up to date and running smoothly.


Proactive defense will generate a lot of messages while installing applications. You need to “allow” when you are installing good applications. But you need to block when you are not sure if the application is safe or unknown application is causing Qihoo to generate message.

Know more about Qihoo 360 Total security

Download Qihoo 360 Total Security


Tencent PC Manager

Tencent PC manager is a free antivirus which uses Tencent cloud, Tencent Antivirus engine, Bitdefender antivirus engine and Tencent system repair engine

  • Malware detection rate is good
  • Malicious url detection is the best.
  • Proactive protection is good. It takes decision most of the time. Sometimes user will need to take decision.
  • It is light on system resources. RAM usage around 300 MB
  • There is high false positive by download shield. So you should disable download shield.
  • There is no firewall


Know more about Tencet PC manager



  • Bullguard malware detection rate is good
  • Web protection is good
  • firewall takes decision automatically most of the time. User will have to take proper decision when asked by firewall to allow or block an application from connecting to internet.
  • Behaviour based proactive protection works good
  • Light on system resources
  • RAM usage around 230 MB

Very old applications and games may not run properly with bullguard ON. So use only latest softwares. If you play old games and gets into trouble then there is no solution to it other than to turn bullguard off when playing those games.


Antivirus. Effectively catches all viruses.

Our Antivirus includes Behavioural Detection, which spots new viruses because of the actions they take on your computer and stops them before they can do damage. Together with Signature-based Detection, which identifies the ‘signatures’ of known malware, you gain a multi-layered defence system for your PC that’s virtually impenetrable. Top detection rates of viruses and malware have been proven by independent labs.

Unwanted applications. Stop them before they take control.

Some programmes contain adware, they install toolbars and modify your system settings. They’re not malicious like trojans or worms but they can change your browser settings, alter your home page and direct you to another search engine by default. BullGuard’s unwanted app tool flags up these programmes and stops them from changing your settings.

Powerful Parental Control. Protect without nagging.

BullGuard Parental Control is a powerful and easy-to-use tool that helps you protect your children online. You can block access to suspicious websites, put search filters in place, limit their time online and even monitor their activity. It keeps your children safe from cyber bullying and stops them being exposed to inappropriate content. It gives you peace of mind.

Advanced Backup. Easily back up, recover and share files.

We’ve included 5GB of FREE online storage so you can keep your important data, photos, music and more safe. You can choose what you want to back up and how often, or just set the feature to auto backup. You can even back up content directly from folders with one click. And here’s more: your back-up data is easily accessible whenever you want to view it or restore it to another computer or even your smart phone.

Firewall. Keep out intruders.

Protect your computer from unwanted hackers and identity thieves with this first line of defense. The firewall protects you against network attacks and prevents cyber crooks from entering your system.

Spamfilter. No spam. No scam.

BullGuard Spamfilter keeps out junk mail and email scams, like phishing attempts, virus spreading and foreign language spam. You can also customize filters to block emails you don’t want to receive.
Safe Browsing. All web sites checked.

Some websites have malicious code hidden in them. Or they are used to launch phishing attacks. The BullGuard protection software checks the websites that come up in your searches and lets you know which ones are safe and cautions you about those that can’t be trusted.

PC Tune Up. Keep your PC running smooth and fast.

You’ll never have to wait again to get your computer up and running. BullGuard’s PC Tune Up removes unnecessary files and frees up memory so your computer runs faster.
Game On. No interruptions.

Most security software reduce gaming performance and require a special “Game Mode” to be activated while you’re playing. BullGuard solves this performance problem intelligently, letting you enjoy gaming at full throttle but still ensuring unparalleled security on all levels.

Vulnerability Scanner. Keep your PC in good health.

Checks your computer for out-dated software that hackers and viruses can exploit to gain access to your system, damage it or steal personal information. Once this software is flagged up it can then be removed.


  •  Good malware detection rate
  • Good malicious URL detection rate
  • Good proactive protection
  • Light on system resources
  • Advance user can customize it according to their need

AVAST INTERNET SECURITY 2015 ver. 10_02-12-2014_20-11-54


  • Good malware detection rate
  • Good proactive protection
  • Easy to use
  • Heavy on hard disk usage

AVG INTERNET SECURITY 2015_17092014_232855

  • AntiMalware (AVG Resident Shield)
  • AVG Anti-Rootkit
  • AVG Email Scanner
  • AVG Protective Cloud Technology
  • AVG Community Protection Network
  • AVG LinkScanner® Surf-Shield
  • AVG Social Networking Protection
  • Antivirus – Blocks viruses, spyware, & other malware
  • Link Protection – Scans web, Twitter®, & Facebook® links
  • File Shredder – Securely deletes files to prevent snooping
  • Online Shield – Protects you from harmful downloads
  • Data Safe – Encrypts & password-protects private files
  • Anti-Spam – Stops spammers and scammers
  • Enhanced Firewall – Blocks hackers so you can shop safely

Emsisoft Internet Security 9 – Review

Emsisoft Internet Security 9 

Malware detection rate is very good.

Web protection is also very good. Sometimes accessing web links may be slow.

Cloud based detection helps in detecting new malware

Proactive protection is very good in protecting from new zero day malwares.

Sometimes user will be asked to take decision, especially when installing/executing new softwares.

Heavy on system resources.

Overall i like this product in terms of security.


  • Main interface of Emsisoft Internet Security




  • Set “block and notify” for “privacy risks”







  • Better setting for more security is shown below
  • Block the incoming connection
  • Set “Ask” for outgoing connections for unknown programs



  • If you want more control on internet access by trustworthy programs then set “Ask” for outgoing connection










  • Untick “Activate memory usage optimization” if you have 4 GB or more RAM installed in the system. This will lower the hard disk usage by emsisoft.







  • Sometimes emsisoft will ask user take decision whether to allow an application to do certain task.
  • If you know that this application is good and can be trusted then you should click “Allow Always





  • If you update or upgrade a software then emsisoft will ask user to update the rule for that application. User should click “Update rule