Please explain what EMET can do for my standalone PC

Discussion in 'other anti-malware software' started by Rivalen, Jan 24, 2012.

Thread Status:
Not open for further replies.
  1. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    compared to third party software - App Guard and similar? See my sig for present setup. I am nonsavvy - can I handle EMET?

    Best Regards
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Something like AppGuard works by setting restrictions on what can and can't happen on your computer.

    EMET is not like that.

    EMET forces your applications to use the latest security mitigation techniques. Developers may not have made use of these out of lack of knowledge or due to slight instability or due to laziness. EMET forces the applications to.

    I suggest you use it on Java.
     
  3. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,299
    Location:
    USA
    I have had no problems with EMET (using it on my machine) and I am not too computer savvy. See:
    -http://www.microsoft.com/download/en/details.aspx?id=1677 and
    -http://rationallyparanoid.com/articles/microsoft-emet-2.html
     
  4. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    Will it improve protection against 0day attacks anyway near App Guard Locked down?
     
  5. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    It's hard to compare them - they do very different things.

    It will protect against 0 day attacks though. Many attacks rely on certain things and these mitigation techniques will break them.
     
  6. jpcummins

    jpcummins Registered Member

    Joined:
    Feb 20, 2006
    Posts:
    656
    Location:
    Terre Haute, IN
    My operating system is Windows XP, sp3 and my paid security programs realtime is: 1) Symantec AntiVirus Corporate Version, 2) SUPERAntiSpyware, 3) WinPatrol, 4) Zemana AntiLogger, 5) Sygate Firewall. I also have paid on demand 1) Malwarebytes Anti-Malware. I also have paid Sandboxie and Returnil that I only use occasionally.

    With this level of protection would EMET be something that I should add? I understand that sometimes a person could have too much protection to the point that they would interfere with one another.

    As always I would appreciate your replies and would thank you in advance.

    John
     
  7. taleblou

    taleblou Registered Member

    Joined:
    Jan 9, 2010
    Posts:
    1,348
    with emet installed I found out that some programs will not install or give crash errors. For example when I had EMEt on I could not install Rising rpoducts like AV and firewall and toolwiz products (32bit win 7) since they give crash errors during installing. When I uninstalled emet now all application install fine. So certain applications and programs do not work in EMET active environment.

    So this is the downside of it.
     
  8. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    Your not always using Sandboxie? Why not? Amongst the best 0day protection around? I will install Emet and activate it for Java, Adobe, IE8 etc.
    I am in search of a free setup and I am very greatful for SB offering this free version as is Antivir. I hardened some system protection settings in Antivir, but how good they are - dont know.
     
  9. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    You can configure EMET for each application

    Set EMET to work with the browser/s you are using.
    If the browers work afterwards then you have a good piece of additional protection
    -> which is silent , had no cost ,will require no updates , and was set up with minimal hassle.

    You can then also add Java , Flash , and other applications to EMET if you want.
    If they don't work afterwards then just remove them.

    There is no need ( IMO) to add your anti-virus to EMET.

    I'm all about small , low hassle changes to improve security.
    EMET , using a DNS server , and creating a Backup are the top 3 things I would recommend.
     
  10. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    I added wmplayer.exe and IE and an odd program I use all seems to work well with all boxes ticked. Although the files I found were only 300-700 kb it turned up in EMET as the .exe files so I suppose I did OK.

    I will try to add Java and Flash. Should I add Outlook and since I use Word in Outlook, should I add Word? What else to add?

    I will read all the links to try to learn more.

    With my setup below, must I learn about Applocker or will I be good as long as I use Sandboxie for 99% of my browsing.

    Thanks for all input on EMET - if you have more please post.

    Best Regards
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Flash runs in a browser process so to add flash you need to add your browser. If you do this I suggest you disable EAF as I've seen it break certain things - same goes for Java but you may want to risk it anyways. If you run Sandboxie I see no reason to use AppLocker.
     
  12. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    Following .exe are now added apps in EMET: Wmplayer, iexplore, OUTLOOK, WINWORD, AcroRd32 with all boxes ticked and without problems sofar. What else should I add?

    Best regards
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    java.exe, javaw.exe, javaws.exe
     
  14. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    Thanks, but I cant see I have Java installed. I looked through AddOn settings in IE and no Java. Thats the way to determine if I have Java?
     
  15. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,227
    Location:
    USA
    If it's installed there should be a "Java" folder under Program Files or Program Files (x86) if you're running 64 bit.
     
  16. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    c:\Program Files(86)\Java\JRE\

    c:\Program Files\Java\JRE

    Check for both in case you have both 32bit and 64bit Java installed.
     
  17. Doraemon

    Doraemon Registered Member

    Joined:
    Aug 5, 2009
    Posts:
    202
    I've been using EMET for 1 month or so now and I added most programs that connect to Internet and some typical exploited protocols like PDFs and such.

    The only problem I've got so far is with Outlook. I have several addins installed in Outlook and at least 2 of them don't fare well with EMET on. So I removed Outlook from the app list and now all is well. :D :D :D

    I think it's a great tool to use because it adds security but doesn't use any extra memory or CPU. So I personally would recommend anyone to use it. :thumb:
     
  18. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,227
    Location:
    USA
    I have Outlook 2003 in the EMET list and I only had to disable EAF for it to work properly, but I'm not using any "plug-ins". One thing to keep in mind with EMET is it protects by terminating the process. In other words it will crash the offending program and I don't know that any meaningful information is provided when that happens. I won't install it on customer's computers for that reason.
     
  19. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    If a program breaks it's almost always due to EAF.
     
  20. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    No Java here and my only add in - Send Personally - for Outlook works fine. So I am good with my EMET installation and the apps added. Thank you all.
     
  21. exus69

    exus69 Registered Member

    Joined:
    Mar 15, 2009
    Posts:
    165
    Thanks alot Hungry Man. Its because of experts like you and others that I keep coming here to gain practical and invaluable advice which are not generally provided in the documentations... :)
     
  22. Pete123

    Pete123 Registered Member

    Joined:
    Mar 29, 2012
    Posts:
    21
    Just a heads up: I've heard about people who had problems even after uninstalling EMET so be sure to image your systems or something before trying this.
     
  23. 1chaoticadult

    1chaoticadult Registered Member

    Joined:
    Oct 28, 2010
    Posts:
    2,342
    Location:
    USA
    Probably because they didn't revert the settings back to default.
     
  24. Pete123

    Pete123 Registered Member

    Joined:
    Mar 29, 2012
    Posts:
    21
    Yes, I think that was it.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.