Best Behaviour Blocking

shmu26 said:
For some reason, EMET doesn't get talked about so much here on MT. I think the folks here prefer HitmanPro.Alert, despite the price, or they go for AppGuard, which basically makes everything else pretty much obsolete.
Click to expand...

Protecting your PC from ransomware gets harder with EMET-evading exploit

Edit: EIS is my longest running security suite consecutively. I've used it with HMPA, HMP, ZAM, MBAM, EEK, no conflicts whatsoever. I consider it the best BB, regardless of what people say the Hub shows about KIS. The Hub results should be taken with less than a grain of salt.
 
  • Like
Reactions: Der.Reisende, shmu26 and koko
shmu26. I haven't been able to find much IT advice or tips on how to use EMET. Maybe that's partly why it's not being used much? I am going to end up shelling for something eventually I guess. I would like to see what EMET can do if all installed programs are set to be monitored. Right now, I am just monitoring browser and some Windows processes like svchost that I thought might be exploitable. I wonder if I should use it with any net related Windows applications or maybe winlogon. Winlogon worries me that there might be a conflict with the normal login process.

End of the conversation, EMET is only a group of protections of one type, memory mitigation. HitmanPro.Alert or Appguard seem to be much more capable for sure. Many others I guess too would be considered much more useful for behavior monitoring. Anyway, I feel inspired to look around a little bit more for commentary on EMET, so thanks alot for the comment.
 
AtlBo said:
shmu26. I haven't been able to find much IT advice or tips on how to use EMET. Maybe that's partly why it's not being used much? I am going to end up shelling for something eventually I guess. I would like to see what EMET can do if all installed programs are set to be monitored. Right now, I am just monitoring browser and some Windows processes like svchost that I thought might be exploitable. I wonder if I should use it with any net related Windows applications or maybe winlogon. Winlogon worries me that there might be a conflict with the normal login process.

End of the conversation, EMET is only a group of protections of one type, memory mitigation. HitmanPro.Alert or Appguard seem to be much more capable for sure. Many others I guess too would be considered much more useful for behavior monitoring. Anyway, I feel inspired to look around a little bit more for commentary on EMET, so thanks alot for the comment.
Click to expand...
From Windows 8/8.1 and on-wards, some system processes are now protected, improving the default security for them (reducing exploits towards them). However, even for processes like SvcHost.exe (the genuine version/s) or winlogon.exe to be used, the malware will require code execution at administrator level.

Also, see this: Quickly Secure Your Computer With Microsoft’s Enhanced Mitigation Experience Toolkit (EMET)
 
  • Like
Reactions: Der.Reisende, XIII and AtlBo
Wave. Thanks for the information. Looks like I have everything covered that the program should cover. This link helped:

EMET - The Ultimate Installation and Deployment Guide

Found some interesting information on Firefox in the process. Been trying to keep up with development of the new upcoming changes to Firefox, but this caught me off guard. What are they thinking?

Plug-in support has been dropped other than Flash (Affecting)

I was looking up info on plugin-container, because I couldn't understand why it and Flash weren't running with a YouTube video running. I realized I had video set to HTML5 lol on YouTube Video Player plug in I use to watch YouTube videos in Flash. Someone had uploaded an HTML5 video only in that format that I wanted to watch a few days ago, and I forgot to reset the plugin. I was checking in EMET to see if I had protected Flash and plugin-container which I had already done. I will check to see if this is in the Firefox forum.
 
AtlBo said:
I was looking up info on plugin-container, because I couldn't understand why it and Flash weren't running with a YouTube video running. I realized I had video set to HTML5 lol on YouTube Video Player plug in I use to watch YouTube videos in Flash. Someone had uploaded an HTML5 video only in that format that I wanted to watch a few days ago, and I forgot to reset the plugin. I was checking in EMET to see if I had protected Flash and plugin-container which I had already done. I will check to see if this is in the Firefox forum.
Click to expand...
HTML5 will be a more secure option; I recommend against using Flash if possible.
 
  • Like
Reactions: AtlBo
True, but I have used Flash for years, and I am accostomed to the risk. Honestly, HTML5 gives me a headache lol. I feel like I am watching the screen tear before my eyes, while I don't experience that with Flash video. I have no idea why this happens. This was one of the main reasons I looked into EMET, so that I could better secure Firefox and Flash player. Also, I have to mention that I enjoy some of the Flash games on certain sites that I have a long experience with and trust.
 
  • Like
Reactions: Wave
AtlBo said:
True, but I have used Flash for years, and I am accostomed to the risk. Honestly, HTML5 gives me a headache lol. I feel like I am watching the screen tear before my eyes, while I don't experience that with Flash video. I have no idea why this happens. This was one of the main reasons I looked into EMET, so that I could better secure Firefox and Flash player. Also, I have to mention that I enjoy some of the Flash games on certain sites that I have a long experience with and trust.
Click to expand...
I don't understand what you mean about watching the screen tear when using HTML5, I don't see a difference on websites like YouTube (e.g. using the HTML5 video player as opposed to the Flash one). There's no problem with liking Flash games, you could enable click-to-play for Adobe Flash on your browser (if it supports it - most mainstream browsers such as IE, Chrome and Firefox will support it) and then click to play your Flash games, alongside using HTML5 for websites like YouTube (e.g. the video player), combined with EMET to safeguard you with additional exploit mitigation.

Just an idea you might like to try out. But if not no problem, just thought to suggest it! ;) :)
 
  • Like
Reactions: AtlBo
Thanks for the idea. I like Flash player, and I haven't ever had any problems with it to date. I don't experience headaches with it, so I am happy to stick with it. I don't feel at risk using Flash player.
 
  • Like
Reactions: Wave
one caveat about HMPA: it is very prone to conflicts with other software or elements of your OS. For instance, you might attach a USB device, and Windows won't recognize it, or certain programs will crash.
They are constantly putting out new beta versions to solve the conflicts. If you have an issue, sometimes making an exception in HMPA helps, but sometimes it doesn't. There is an active thread on Wilders where you can get help and insight with HMPA issues.
 
  • Like
Reactions: AtlBo and Der.Reisende
You must log in or register to reply here.

You may also like...