Emsisoft Anti Malware + HitmanPro.Alert - Is this a good combo?

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

RoboMan

Level 19
Content Creator
AV-Tester
Jun 24, 2016
918
9,318
Operating System
Windows 10
Installed Antivirus
ESET
#3
From my point of view, Emsisoft Anti-Malware is a solid piece of software. I'd pair it up with VoodooShield and that would be it. I'm not a big fan of Hitman's products, but as far as i've seen there's not much .Alert can offer that Emsisoft does not. Maybe keystroke encryption...
 

FleischmannTV

Level 7
Verified
Jun 12, 2014
316
1,141
Operating System
Windows 10
#8
HitmanPro.Alert is a very conflict prone program, as it is not called "Alert" for no reason. Its main benefit is exploit protection, the necessity of which is highly questionable in my opinion. Just use Windows 10 with a modern browser like Edge or Chrome and keep everything updated, because nobody is going to waist a 0-day on you.
 
Aug 10, 2012
452
412
Operating System
Windows 7
Installed Antivirus
ESET
#9
I'm using Emsisoft AM. Is it worth installing HitmanPro.Alert as well?
If I want to pair EAM will be like this:
EAM+AV+VD+ my brain(75% of this combo)
My actual combo is EIS+VD+VPN normal internet navigation ---> +ZAM+Sandboxie+VD ( only when I do some "dangerous" research)
And for protection like webcam, microphone... the best is protection is to be covered by a piece of tape :))
 

Umbra

Level 61
Content Creator
Verified
May 16, 2011
17,471
30,673
Operating System
Windows 10
Installed Antivirus
Default-Deny
#12
Did Emsisoft add Exploit mitigation for fileless malware in memory? I haven't read anything about it.
I know EAM scan the memory but i'm not sure about specifically mitigate fileless malware, i will ask to the dev lab.
However, the BB will prevent code injection.
Note that Fileless malware are quite rare and must be delivered/dropped (email, exe, etc...) in some ways first before being fileless , they don't popup on the system by magic, and those vectors are normally monitored by EAM.
 

Lockdown

From AppGuard
Developer
Oct 24, 2016
2,918
12,630
#14
Note that Fileless malware are quite rare and must be delivered/dropped (email, exe, etc...) in some ways first before being fileless , they don't popup on the system by magic, and those vectors are normally monitored by EAM.
Exploits of unpatched softs too. I doubt the method of entry onto the system would be the difference between thwarting or not thwarting file-less\in-memory-only attacks, but it would be prudent to ask for confirmation.
 
Feb 14, 2013
111
207
Operating System
Windows 10
Installed Antivirus
ESET
#15
I know EAM scan the memory but i'm not sure about specifically mitigate fileless malware, i will ask to the dev lab.
However, the BB will prevent code injection.
Note that Fileless malware are quite rare and must be delivered/dropped (email, exe, etc...) in some ways first before being fileless , they don't popup on the system by magic, and those vectors are normally monitored by EAM.
Ok, Thanks. Let me know what you find out.
Fileless malware is rapidly growing in popularity. It want be long before it is not that uncommon.
 
Likes: shukla44
Feb 14, 2013
111
207
Operating System
Windows 10
Installed Antivirus
ESET
#16
Fabian stated it was being refined all the way back in 2014.
I thought I read something about Emsisoft changing their mind about adding exploit mitigation to EAM. I was thinking they considered it for a brief period, and didn't see the value in adding it. Don't quote me though, this was about 2 years ago.
 
Feb 14, 2013
111
207
Operating System
Windows 10
Installed Antivirus
ESET
#18
@cutting_edgetech i was made aware by the dev team that EAM has mitigations mechanism against fileless malware but i don't have enough details yet. Stay tuned :)
Thank you! I'm sure they want give out too much detail, but knowing what method they use is what I was wanting to know. For Example: certain modules in their BB may mitigate exploits at a later stage. It may not mitigate exploits as early in delivery as MBAE, or HMPA, but it still could minimize any damage caused. I'm just throwing that out there as a hypothetical. If they do use mitigation methods in memory then that would be nice to know.
 

Lockdown

From AppGuard
Developer
Oct 24, 2016
2,918
12,630
#19
I thought I read something about Emsisoft changing their mind about adding exploit mitigation to EAM. I was thinking they considered it for a brief period, and didn't see the value in adding it. Don't quote me though, this was about 2 years ago.
A user needs to find out what the terminology means and in what context it is being used.

Just ask @Umbra and he will obtain the infos.
 
Likes: plat1098