Emsisoft Anti Malware + HitmanPro.Alert - Is this a good combo?

RoboMan

Level 21
Content Creator
AV-Tester
Joined
Jun 24, 2016
Messages
1,090
OS
Windows 10
Antivirus
Kaspersky
#3
From my point of view, Emsisoft Anti-Malware is a solid piece of software. I'd pair it up with VoodooShield and that would be it. I'm not a big fan of Hitman's products, but as far as i've seen there's not much .Alert can offer that Emsisoft does not. Maybe keystroke encryption...
 

FleischmannTV

Level 7
Trusted
Joined
Jun 12, 2014
Messages
317
OS
Windows 10
#8
HitmanPro.Alert is a very conflict prone program, as it is not called "Alert" for no reason. Its main benefit is exploit protection, the necessity of which is highly questionable in my opinion. Just use Windows 10 with a modern browser like Edge or Chrome and keep everything updated, because nobody is going to waist a 0-day on you.
 
Joined
Aug 10, 2012
Messages
458
OS
Windows 7
Antivirus
ESET
#9
I'm using Emsisoft AM. Is it worth installing HitmanPro.Alert as well?
If I want to pair EAM will be like this:
EAM+AV+VD+ my brain(75% of this combo)
My actual combo is EIS+VD+VPN normal internet navigation ---> +ZAM+Sandboxie+VD ( only when I do some "dangerous" research)
And for protection like webcam, microphone... the best is protection is to be covered by a piece of tape :))
 

Umbra

Level 85
Content Creator
Trusted
Joined
May 16, 2011
Messages
17,958
OS
Windows 10
Antivirus
Default-Deny
#12
Did Emsisoft add Exploit mitigation for fileless malware in memory? I haven't read anything about it.
I know EAM scan the memory but i'm not sure about specifically mitigate fileless malware, i will ask to the dev lab.
However, the BB will prevent code injection.
Note that Fileless malware are quite rare and must be delivered/dropped (email, exe, etc...) in some ways first before being fileless , they don't popup on the system by magic, and those vectors are normally monitored by EAM.
 

Lockdown

From AppGuard
Developer
Joined
Oct 24, 2016
Messages
3,087
#14
Note that Fileless malware are quite rare and must be delivered/dropped (email, exe, etc...) in some ways first before being fileless , they don't popup on the system by magic, and those vectors are normally monitored by EAM.
Exploits of unpatched softs too. I doubt the method of entry onto the system would be the difference between thwarting or not thwarting file-less\in-memory-only attacks, but it would be prudent to ask for confirmation.
 
Joined
Feb 14, 2013
Messages
111
OS
Windows 10
Antivirus
ESET
#15
I know EAM scan the memory but i'm not sure about specifically mitigate fileless malware, i will ask to the dev lab.
However, the BB will prevent code injection.
Note that Fileless malware are quite rare and must be delivered/dropped (email, exe, etc...) in some ways first before being fileless , they don't popup on the system by magic, and those vectors are normally monitored by EAM.
Ok, Thanks. Let me know what you find out.
Fileless malware is rapidly growing in popularity. It want be long before it is not that uncommon.
 
Likes: shukla44
Joined
Feb 14, 2013
Messages
111
OS
Windows 10
Antivirus
ESET
#16
Fabian stated it was being refined all the way back in 2014.
I thought I read something about Emsisoft changing their mind about adding exploit mitigation to EAM. I was thinking they considered it for a brief period, and didn't see the value in adding it. Don't quote me though, this was about 2 years ago.
 
Joined
Feb 14, 2013
Messages
111
OS
Windows 10
Antivirus
ESET
#18
@cutting_edgetech i was made aware by the dev team that EAM has mitigations mechanism against fileless malware but i don't have enough details yet. Stay tuned :)
Thank you! I'm sure they want give out too much detail, but knowing what method they use is what I was wanting to know. For Example: certain modules in their BB may mitigate exploits at a later stage. It may not mitigate exploits as early in delivery as MBAE, or HMPA, but it still could minimize any damage caused. I'm just throwing that out there as a hypothetical. If they do use mitigation methods in memory then that would be nice to know.
 

Lockdown

From AppGuard
Developer
Joined
Oct 24, 2016
Messages
3,087
#19
I thought I read something about Emsisoft changing their mind about adding exploit mitigation to EAM. I was thinking they considered it for a brief period, and didn't see the value in adding it. Don't quote me though, this was about 2 years ago.
A user needs to find out what the terminology means and in what context it is being used.

Just ask @Umbra and he will obtain the infos.
 
Likes: plat1098