EMET (Enhanced Mitigation Experience Toolkit)

You can check DEP and ASLR status on processes using ProcessExplorer(be sure to run as admin.)
I think it's best to contact Trusteer for compatibility with EMET v4.

 

I think itman means with just the IE plugin.

 

Thanks! Forgot about that.

 

For a plug-in, it sure generates a heck of a lot of system changes. Lets say, it's a plug-in plus .........

I use Revo Uninstaller Pro to log all software installs. Below is what Revo recorded WOT did:

 

Can not install Emet 4.0; installer asking for Net Framework 4.0, even though I have the Client Profile for Net Framework 4.0 installed. I assume it is asking for the Web Installer; is that correct? I read the PDF guide but there is no mention of this. This question has already been asked a few times already in this thread, but no-one has answered it.
P. S. Have 3.0 installed.

 

EMET 4.0 needs the full ver. of Net 4.0 installed; not just the Client Profile install which is a "stripped down" version of Net 4.0.

I had the full version of Net 4.0 installed when I installed EMET 4.0 so I didn't have any issues. I thought EMET 4.0 installer would auto install the full ver. of Net 4.0 but I guess not? You can download the full version of Net 4.0 via WIN Updates; one of those optional updates.

 

No you can't, with the latest versions... since the DEP status is completely broken on Windows 7 and 8! (They're fine on XP/Vista.)

The last version that works is 15.12, which you can get from FileHippo, etc.

 

My version of Process Explorer is 15.5. I like the "oldies but goodies."

 

Does anyone know of any conflicts between Emet and Comodo firewall with D+? Since I've installed Comodo firewall I can't launch Vlc media player I get an emet warning saying: Detected Simexecflow.

 

I installed EMET 4.0 today. I haven't seen it phoning home but I now see that it is possible. From the User's Guide:

On Windows 7 the checkbox to enabled/disable "Early Warning" is in the reporting section of the ribbon. On Windows XP that checkbox isn't displayed at all. In the config file the switch is called "telemetry".

 

Is it just an IE program in that large format?

I have it for Chrome, but I have no WOT directory nor WSS.EXE file anywhere as your system shows and I am using WIndows 7 Home x64 too. I ran a search and found neither. The only WOT related files I found are under Chrome extension folder under user folders. One seems to be a text-data file and only 15.68KB and the other is a png file of 17.2KB that is the WOT logo.

 

Internet Explorer doesn't have true extension support. It only supports plug-ins, which are separate programs that interfaces through it.

 

Is WOT intrusive on the O/S in Chrome?

 

No, as you've already seen.

 

They are formally titled "add-ons" in IE.

 

"Add-ons" seems to be a collective term.
If we use firefox as an example.

It has an add-on option which in turn has different menu titles like "extensions" and "plugins"...So firefox seems to treat them as different functions altogether.
So IE i assume will treat them in the same way.

 

Here's such observation concerning CIS and EMET:
- Win-7 Ultimate x64:
-- with EMET 4.0 (System settings - Max): CIS tray icon disappears, some apps crash, if enable "Deep Hooks" or "Antidetours" or "Banned Functions" then OS freezes.
-- with EMET 3.0 at Max - all OK

- Win-7 Prof x32: all OK with EMET 4.0 (System settings - Max) and "Deep Hooks", "Antidetours", "Banned Functions" - all are ON.

 

It seems that EMET 4.0 causes OS freezes from time to time; on Win 7 64bit and Win 8 64bit. No problems without EMET hm ...

 

Notices this as well in my Windows 7 x64. After I installed EMET, there is a black screen freeze at start-up before the log-on screen is shown.(just a few seconds though)

 

@ fec2 and kupo

I wonder if it's an issue with EMET itself, or some incompatibility with some other security solution?

 

EMET makes use of technology built-in to the OS (eg., DEP, ASLR, ...) so it is unlikely that the cause of the freeze is due to the program itself...

To the limit, it is more likely that the issue you record is that the program emetized crash because incompatible with some mitigations...

Sorry for my poor english

 

Just installed EMET 4.0 here today with very little other software, so I'll see if I get any odd things happening. If I'd known all the updates that came after .NET 4 full install, I'm not sure I would have bothered with all this.. lol...

 

I didn't have these freezes with EMET 3.5 but it has been already bypassed ( http://news.softpedia.com/news/Expe...P-Mitigations-Microsoft-Responds-286424.shtml ) and therefore I won't use any EMET at the moment.

 

Wow... where to start.

Firstly if a mitigation is bypassed, that most certainly is not a reason to "not use any EMET at all". WTF lol... You are in no danger at all if one of EMET's mitigations is bypassed and are still protected by the rest of them. All it means is that specific mitigation is of no use.

Secondly, that article references EMET 3.5, where as v4 explicitly states that it fixes the bypasses that were possible in v3.5. Infact it was mentioned and discussed in this very thread.

 

Thank you for clarifying, however I think I don't really need EMET to keep malware away from my laptop. Yeah, version 4.0 might be bulletproof but I don't like OS freezes at all ...