To Supplement EAM or Not?

Discussion in 'Emsisoft' started by SearchLight, Nov 26, 2017.

?

Would you use EAM to protect your PC by itself or supplement it?

Poll closed Dec 3, 2017.
  1. Yes, I would use EAM by itself to protect my PC.

    38.8%
  2. No, I would add another security program as a supplement.

    61.2%
  1. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,295
    5,748
    Far East
    Don't forget to add an anti-keylogger especially one which can block browser add-on/extension, web-based, and Javascripts keyloggers. One with anti-keystroke profiling would be good.

    If cannot achieve those mentioned then add some software that can block them
     
    bribon77 likes this.
  2. Evjl's Rain

    Evjl's Rain Level 28
    Trusted AV Tester

    Apr 18, 2016
    1,791
    13,130
    Vietnam
    Windows 8.1
    Avast
    #22 Evjl's Rain, Nov 26, 2017
    Last edited: Nov 26, 2017
    EAM alone can be enough but it might be not enough in some cases
    Just need to strengthen what EAM is not good/weak at:
    - add a good web filter extension for your browser: avira browser safety or norton safe web.
    I don't think adguard is good enough because it's basically google safe browsing + some extra filters, not extensive enough according to my test, kind of an outdated list
    - block wscript, cscript, powershell, java: I saw many times, EAM struggled to block these malwares and let them run in memory
    This is my recommendation

    if you are more paranoid, add sandboxie or voodooshield or what other users recommended in the above posts
     
  3. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,162
    29,619
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    EAM + safe habits is good enough for most people

    Adding another solution (anti-exe, anti-exploits, etc...) alongside is good for security geeks and other paranoid users like us :p
     
  4. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,295
    5,748
    Far East
    @Umbra

    On the question of EAM. Is there any script-based attacks protection feature like in ESET
    ESET Smart Security - Online Help

    I believe this protection feature will help in blocking web-based, javascript-based and browser add-on/extension keyloggers
     
    Sunshine-boy likes this.
  5. Nightwalker

    Nightwalker Level 7

    May 26, 2014
    325
    1,287
    Lawyer
    Windows 10
    Emsisoft
    While not similar to AMSI, Emsisoft since version 11 has improved protection against fileless malware and script parsers abuse (like powershell malware).

    A leap in technology: Emsisoft Anti-Malware 11 available now!
     
  6. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,295
    5,748
    Far East
    So, related to Powershell......nothing related to web-based javascripts, browser add-on/extension in keyloggers?
     
  7. Nightwalker

    Nightwalker Level 7

    May 26, 2014
    325
    1,287
    Lawyer
    Windows 10
    Emsisoft
    I am afraid that Emsisoft doesnt specifically touch web-based javascript (thats why a adblocker like uBlock is a nice combo), but it can detect malicious browsers extensions and unwanted system changes using the in-house specialized engine.

    Emsisoft behavior blocker can protect against hidden browser add-on installation and can "isolate" keyloggers, but not exactly the way you want; I think AMSI support would be great and I hope it get implemented.


    Emsisoft, Banking Protection? (about behavior blocker and browser interaction)

    Emsisoft Anti-Malware & Emsisoft Internet Security 10 available (about AMSI)
     
    spaceoctopus, HarborFront and Umbra like this.
  8. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,295
    5,748
    Far East
    Yes, you can use uBlock, NoScript etc to block Javascripts but that would mean micro-managing each site which is tedious and time consuming
     
    spaceoctopus likes this.
  9. SearchLight

    SearchLight Level 3

    Jul 3, 2017
    134
    221
    New Jersey
    Windows 10
    Malwarebytes
    Thanks everyone for the tremendous feedback so far.

    What are your opinions on pairing EAM with ZAL or ZAM? Overkill, or as mentioned above, enough to reinforce what EAM might be weak at protecting?

    And if too much, what about adding WinPatrol as a lightweight HIPS to catch anything that EAM might miss?

    And btw, in regard to Sandboxie, I discovered that if one uses a download manager like IDM, the download manager operates outside of, and resulting file downloads outside of the sandbox. So much for being sandboxed.
     
    spaceoctopus likes this.
  10. Dhruv2193

    Dhruv2193 Level 3

    Nov 7, 2016
    52
    173
    India
    Windows 10
    Emsisoft
    Emsisoft is more than enough but if you want, you may want to consider heimdal or vodooshield to go with it.
     
    spaceoctopus, frogboy and jerzy601 like this.
  11. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,295
    5,748
    Far East
    I would suggest

    EAM + ZAL + VS (free)

    ZAL for its anti-logger protection and

    VS (free) for application whitelisting

    If you need to add WinPatrol get the WinPatrol Plus for its real-time protection
     
    spaceoctopus and frogboy like this.
  12. Lockdown

    Lockdown From AppGuard
    Developer

    Oct 24, 2016
    2,700
    11,823
    AppGuard LLC Virginia, U.S.
    How can you say such a thing ? We need 75.9 layers of security...

     
    Opcode likes this.
  13. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,246
    13,484
    Utopia
    A couple years ago, browser exploits were actually happening to people, it was a real threat, especially flash and java exploits. But nowadays you just never hear of someone who got infected due to a browser exploit. If you did hear of this, please share the info, I would love to hear about it!
    So for most purposes, I think that sandboxing an already secure and updated browser is just not very important. Things could change, I am only commenting on the present situation.
     
    plat1098 and Nightwalker like this.
  14. jerzy601

    jerzy601 Level 13

    Jun 20, 2011
    627
    1,411
    Windows 8.1
    ESET
    Emsisoft is a sufficient protection system.
    Just in case, you can bet VS and that's it.
    for checking every now and then give EEK.
    That is my opinion, but someone may have another task.
     
    harlan4096 likes this.
  15. HarborFront

    HarborFront Level 33
    Content Creator

    Oct 9, 2016
    2,295
    5,748
    Far East
    EAM and EEK are basically using the same engines. I would rather use NPE for on-demand scan
     
  16. Sunshine-boy

    Sunshine-boy Level 22

    Apr 1, 2017
    1,167
    5,166
    IRAN
    Windows 10
    ESET
    I would add a firewall like simple wall which is simple, light and effective(but that's me and can't live without a firewall.)+ an adblocker like Adguard and maybe Hard Configurator(for having the maximum protection:notworthy:).
     
    Andy Ful and rockstarrocks like this.
  17. Purshu_Pro

    Purshu_Pro Level 29
    Trusted

    Aug 3, 2013
    1,818
    3,069
    EMSISOFT Re-Seller
    India
    Windows 10
    Emsisoft
    Yes EAM alone is sufficient for non paranoid users as Umbra already said it. But if u feel u are missing out some layer of security I would recommend to add a software like HitmanPro.Alert for better exploit protection and AdGuard Ad Blocker for enhanced ad blocking and surf protection.
     
  18. KevinYu0504

    KevinYu0504 Level 3

    Mar 10, 2017
    128
    290
    Taiwan
    Windows 10
    Emsisoft
    #38 KevinYu0504, Nov 27, 2017
    Last edited: Nov 27, 2017
    Why there is no one talking about Malwarebytes :cry:
    MB still good to be a second security tool with your main AV , isn't ?

    I vote for Malwarebytes ,
    I had Emsisoft + Malwarebytes + Zemana AntiLogger ,
    They work together with out any issue :cool:

    I love lifetime license :LOL:
     
    spaceoctopus, Opcode and frogboy like this.
  19. Captain Awesome

    Captain Awesome Level 19

    May 7, 2016
    900
    7,040
    Student
    India
    Windows 10
    Emsisoft
    EAM It is enough to be protected.:)
     
  20. Opcode

    Opcode Level 18
    Content Creator

    Aug 17, 2017
    890
    6,285
    Caille
    Windows 10
    #40 Opcode, Nov 27, 2017
    Last edited: Nov 27, 2017
    @SearchLight Unless you want more hassle with your configuration, I suggest you ignore the recommendations for software like anti-executable and anti-exploit. You can use Emsisoft Anti-Malware for your real-time protection sufficiently and you can add more simple and less-hassle additions like an on-demand scanner (e.g. HitmanPro is quite fast and reputable) and/or an ad-blocker (helps you block malvertising - there are reputable and free extensions for most browsers to do this like uBlock).

    1. You can use Emsisoft Anti-Malware and VoodooShield in combination but ask yourself, why do this in the first place? You'll be just as protected using either on their own. Make good decisions and use your primary real-time defense as a backup friend and you'll be fine. Sure you can get an alert for every new unknown process spawn but you'll have the Emsisoft BB and even if you get an alert from an anti-executable, why not just not run it in the first place if you didn't want to run it? Run wisely.
    2. You can use Emsisoft Anti-Malware and HitmanPro.Alert in combination as long as there are no compatibility issues (I am not sure if they are compatible) but ask yourself, why do this in the first place? You'll only have two security solutions in real-time potentially overlapping each other considering Emsisoft already provide exploit mitigations and ransomware protection. You don't really need both. In my opinion that is over-the-top past using EAM with VS.
    3. You can use Emsisoft Anti-Malware with 4 on-demand scanners but it doesn't necessarily mean you'll be better protected. On-demand scanning will require you to spend time making the manual scans and if you rely on scheduled ones then you may be unexpectedly interrupted and have your system resources used up more while trying to work (depending on the scenario). It neither means that an infection which was surpassed by your real-time security will actually be identified, one or two is enough in my opinion.
    4. Emsisoft Anti-Malware and Zemana Anti-Logger in real-time? Emsisoft already intercepts keylogger installation attempts very effectively, there's no need for it in my opinion.

    Emsisoft Anti-Malware is a full Anti-Virus replacement despite being titled Anti-Malware and it is supposed to be used as a full suite for protecting the user. It offers more than enough protection components which have been developed over numerous years by skilled engineers and researchers to get to the level of quality and reliability is at now, and it is indefinitely sufficient to protect someone when being used alone as primary real-time protection. The statistics from malware testing by both general people who may make mistakes and tests conducted by professional security software testers who publish regular reports speak for themselves, not to mention that they use an engine alongside their own from another award-winning and extremely popular vendor, Bitdefender.

    Stacking software upon software will never necessarily help you. It adds more attack vectors which can be potentially exploited and time and time again I see that most people don't really take notice. The attacks that paranoid users stacking software upon software are thinking about are likely to never ever be fired in your direction - traditional malware attacks will be handled by Emsisoft Anti-Malware perfectly fine, and many other Anti-Virus products perform a spectacular job. Unless of course you own a large company which automatically makes you a target.

    The truth is that nothing is ever "enough" to close all holes which can be shot at by a bullet - but that doesn't mean you should have everything. Every-time your security product flags a new program as malicious based on behavior or blocks a download, you've just dodged a bullet. Aim to reach the point where that rarely has to happen due to good decisions, and hopefully if you ever make a mistake which all of us make at some point, your reputable real-time security software will intervene and save the day, just like a good friend would if you were in need of assistance. Everything else is totally unnecessary with the exception of an on-demand scanner or an addition like an ad-blocker for improved user experience when browsing and to help direct targeted malvertising attacks.

    Take it with a grain of salt because it is opinionated. Use good real-time as primary, add a few simple additions for ad-blocking and make a backup... You're good to go.
     
    Andy Ful, frogboy, Purshu_Pro and 6 others like this.