EMET, what's your thoughts?

Discussion in 'other anti-malware software' started by moontan, Nov 24, 2010.

Thread Status:
Not open for further replies.
  1. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    i'm trying out EMET.
    so far it seems like a good security app, with very minimal system impact.

    i feel a little naked using only Shadow Defender.
    sure, all the nasties i might've picked up disappear on reboot but i'd like a little protection between reboots. ;)

    what do you folks think about EMET?
     
  2. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    MBAM free + Hitman Pro :thumb:

    IMO your good enough with these 2. Your slowly gonna pile on the software thats really not needed ;)
     
  3. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    @ Boost:

    yeah, i would hate for that to happen. ;)

    but i see you are using real time protection (Geswall) with Rollback RX!
    shouldn't Rollback RX be enough? :)
     
  4. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    It's a Wilders paranoia that runs rapid around here,it's quite laughable :argh:
     
  5. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    I've always believed in sandboxing the browser,it's never let me down and Rollback RX is here for any unforseen troubles.Haven't used it yet though!:D

    I've got 2 scanners: HitmanPro + Malwarebytes thats it!
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    It's a great security tool for hardening programs. Uses no resources.
     
  7. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    tnx folks.

    i'll keep using it until Geswall 3.0 arrives. :)
     
  8. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    so far i'm liking EMET.

    i'm no expert but i think this is based on policy restrictions, a little bit like Geswall.

    there some arcane knowledge in EMET, like DEP or SEHOP which some folks here have played with but that's getting a little too technical for me.
    EMET is easy to figure out and configure but there's more granularity available for those who wish.
    -

    the few reviews of EMET i've read are positives.

    anyway, it's free and it's from Microsoft.
    how bad could it be? :p
     
    Last edited: Nov 25, 2010
  9. Jav

    Jav Guest

  10. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
  11. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    For US wilders, ENOUGH IS NEVER ENOUGH, we don't know that word! :D :D :thumb:
     
  12. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,718
    It's easy to use. That's all I can say. Perhaps more Windows users should pick it up...but my guess is that the word "mitigation" scares some from trying it. Mention "mitigation" or anything related to do with "hardening" and they'd say "No, thanks":p
     
  13. Jav

    Jav Guest

    my bad :(
     
  14. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I thought EMET was a bit "smarter". I have applied SEHOP quite some time ago, by modifying the registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\kernel\DisableExceptionChainValidation (value 0)

    I don't know why, but I decided to just check this entry, and there are two. One is obviously the one I created and the other created by EMET. My opinion is that it should be able to detect whether or not this SEHOP entry was or not there already.

    I wonder if they override each other? In one system, when I was checking some hardware info with PC Wizard, I could see that SEHOP was being indicated as being disabled. My strong guess is that the two entries override each other.
     
  15. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    and later:

    those dont exactly sound like ringing endorsements. ;)
     
    Last edited: Nov 26, 2010
  16. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I do not have Windows 7 or VISTA. I see that some, but not all of the EMET features are available for Windows XP.

    In your opinion, is it worth trying out EMET on one of my Windows XP Pro PC's or should I wait until I eventually get Windows 7?

    Thanks in Advance.
     
  17. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I am not the "voice", just a voice, but in my own opinion, some of the protection EMET provides sure is better than having none, I'd say. :)
     
  18. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    hmmm,

    i think i'll slap Geswall back on.

    having a security product (EMET in this case) being described as "better than nothing" doesn't inspire confidence. ;)
     
  19. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Are you sleeping properly? :D

    I wrote

    EMET won't provide as much protection for XP as it does for Vista and 7. So, some is better than none, right? ;)
     
  20. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    no, i work night shifts. ;)

    i was just hoping EMET would be a good substitute for Geswall since EMET uses no resources.

    Geswall run real time and hooks the kernel.
    not that big of a deal for such a speedy app that's easy to use and give great protection.
     
  21. Gobbler

    Gobbler Registered Member

    Joined:
    Jul 30, 2010
    Posts:
    270
    Does EMET go well with rollback software say RollBack Rx?
     
  22. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    You do know EMET is a totally different app, right?
     
  23. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    Yes, I work very well with Rollback Rx.
     
  24. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    I think you confuse EMET. It is more like a hardening tool that can be used on a per program basis. It is nothing like Geswall. One would use EMET to enhance security.

    Sul.
     
Loading...
Thread Status:
Not open for further replies.