EMET - a dummy's guide

Discussion in 'other anti-malware software' started by Feandur, Sep 26, 2012.

Thread Status:
Not open for further replies.
  1. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,101
    Thanks.:thumb:
    Please excuse the stupid question here but does not windows do this within itself?
    There is an option to turn on or off DEP.o_O o_O
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Yes, you can do the system wide settings from within Windows. This provides a simpler GUI (you need a registry value for SEHOP and I don't know if it's possible to do it with ASLR without EMET).

    You can also force individual applications with EMET. To do that you hit the 'Configure Apps' button in the bottom right.
     
  3. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    3,344
    Location:
    Europe, UE citizen

    How set in EMET FW, HIPS, sandboxing or virtualising programs, to avoid that EMET limit or compromise them ?
     
  4. Bodhitree

    Bodhitree Registered Member

    Joined:
    Dec 5, 2012
    Posts:
    567
    Don't.. I tried it and it essentially ruined my system. If I didn't have RollbackRX installed I would be reformatting. This program seems unstable, and dangerous. I guess that is why it is in alpha state at this point? Still, I don't trust MS much, so I was lucky to be able to recover to a previous snapshot.

    Edit: Running a tweaked Win7 X64 Ultimate box, it made it virtually unusable after installation.
     
  5. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,101
    Ive had EMET installed for a few weeks now and there has not been any issues as of yet.
     
  6. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    They'll show up eventually. You'll use some program that hates it or EMET hates the program, and they'll come. I'm very convinced it conflicts with the sandbox protection of Flash. I dropped EMET and my (we're talking multiple times per day and, in the case of Firefox, complete browser freezes) Flash crash amounts went to near zero. MS themselves warn you some programs require the same behavior EMET blocks. Whether that says much for said programs is another question, but there you are.
     
  7. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,101
    Any ideas how i uninstall it.?
    Ive tried to uninstall it before and it was having none of it.Looks like its staying whether i like it or not.:argh:
     
  8. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Try running the installer again, or use Revo Uninstaller. I had the same issues with it, Revo did the trick.
     
  9. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,101
    Hi kees,
    Ive tried revo but it says emet is not even installed or cant find the program as being installed.
    Thanks.
     
  10. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    If the tray icon is still showing, right click it to kill the service (which is likely what is hanging around). Then I guess it'll be time to hunt and peck the folders and reg entries away.
     
  11. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    EMET is not unstable or buggy, but it allows you to force applications to use security features that they don't use by default. That means that you will need to be prepared for app crashes while you get it configured.

    The safest way to use it is to load the configuration profile that comes with it, read the user's guide and take the warnings seriously, and don't add system processes and the like. I also wouldn't change the global options at first; it's very likely that there are some apps on your system that won't like it. Reading the user's guide and understanding how it works is more important with EMET than most security apps; this is not an install-and-forget security app, and installing it and immediately maxing out all settings for every app on your system will only get you in trouble.

    This isn't made as an end-user security app; it's made for IT admins. If you're not ready to experiment and refine the rules, however, then you probably shouldn't use it (just don't summarily criticize the app on the whole). I don't say this to scare anyone away from it, but rather to emphasize that EMET will require some patience and tinkering. I can see how it might be 'dangerous' for those that don't understand what it's doing or how to use it, but if you use a modicum of caution then the problems will be minimal.

    Lastly, if you are concerned with stability, then use 3.0 instead with 3.5. Version 3.0 is the current release version, and 3.5 is the tech preview with experimental settings.
     
    Last edited: Jan 7, 2013
  12. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,491
    Why not, i have never had any software conflicts/problems when running EMET. :D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.