To Supplement EAM or Not?

Would you use EAM to protect your PC by itself or supplement it?


  • Total voters
    49
  • Poll closed .
Status
Not open for further replies.

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,158
Don't forget to add an anti-keylogger especially one which can block browser add-on/extension, web-based, and Javascripts keyloggers. One with anti-keystroke profiling would be good.

If cannot achieve those mentioned then add some software that can block them
 
  • Like
Reactions: bribon77

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
EAM alone can be enough but it might be not enough in some cases
Just need to strengthen what EAM is not good/weak at:
- add a good web filter extension for your browser: avira browser safety or norton safe web.
I don't think adguard is good enough because it's basically google safe browsing + some extra filters, not extensive enough according to my test, kind of an outdated list
- block wscript, cscript, powershell, java: I saw many times, EAM struggled to block these malwares and let them run in memory
This is my recommendation

if you are more paranoid, add sandboxie or voodooshield or what other users recommended in the above posts
 
Last edited:

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,158
@Umbra

On the question of EAM. Is there any script-based attacks protection feature like in ESET
Script-Based Attacks Protection consists of protection against javascript in web browsers and Antimalware Scan Interface (AMSI) protection against scripts in Powershell.

ESET Smart Security - Online Help

I believe this protection feature will help in blocking web-based, javascript-based and browser add-on/extension keyloggers
 
  • Like
Reactions: Sunshine-boy

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
@Umbra

On the question of EAM. Is there any script-based attacks protection feature like in ESET


ESET Smart Security - Online Help

I believe this protection feature will help in blocking web-based, javascript-based and browser add-on/extension keyloggers

While not similar to AMSI, Emsisoft since version 11 has improved protection against fileless malware and script parsers abuse (like powershell malware).

A leap in technology: Emsisoft Anti-Malware 11 available now!
 

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
So, related to Powershell......nothing related to web-based javascripts, browser add-on/extension in keyloggers?

I am afraid that Emsisoft doesnt specifically touch web-based javascript (thats why a adblocker like uBlock is a nice combo), but it can detect malicious browsers extensions and unwanted system changes using the in-house specialized engine.

Emsisoft behavior blocker can protect against hidden browser add-on installation and can "isolate" keyloggers, but not exactly the way you want; I think AMSI support would be great and I hope it get implemented.


Emsisoft, Banking Protection? (about behavior blocker and browser interaction)

Emsisoft Anti-Malware & Emsisoft Internet Security 10 available (about AMSI)
 

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,158
I am afraid that Emsisoft doesnt specifically touch web-based javascript (thats why a adblocker like uBlock is a nice combo), but it can detect malicious browsers extensions and unwanted system changes using the in-house specialized engine.

Emsisoft behavior blocker can protect against hidden browser add-on installation and can "isolate" keyloggers, but not exactly the way you want; I think AMSI support would be great and I hope it get implemented.


Emsisoft, Banking Protection? (about behavior blocker and browser interaction)

Emsisoft Anti-Malware & Emsisoft Internet Security 10 available (about AMSI)
Yes, you can use uBlock, NoScript etc to block Javascripts but that would mean micro-managing each site which is tedious and time consuming
 
  • Like
Reactions: spaceoctopus

SearchLight

Level 13
Thread author
Verified
Top Poster
Well-known
Jul 3, 2017
626
Thanks everyone for the tremendous feedback so far.

What are your opinions on pairing EAM with ZAL or ZAM? Overkill, or as mentioned above, enough to reinforce what EAM might be weak at protecting?

And if too much, what about adding WinPatrol as a lightweight HIPS to catch anything that EAM might miss?

And btw, in regard to Sandboxie, I discovered that if one uses a download manager like IDM, the download manager operates outside of, and resulting file downloads outside of the sandbox. So much for being sandboxed.
 
  • Like
Reactions: spaceoctopus

HarborFront

Level 72
Verified
Top Poster
Content Creator
Oct 9, 2016
6,158
Thanks everyone for the tremendous feedback so far.

What are your opinions on pairing EAM with ZAL or ZAM? Overkill, or as mentioned above, enough to reinforce what EAM might be weak at protecting?

And if too much, what about adding WinPatrol as a lightweight HIPS to catch anything that EAM might miss?

And btw, in regard to Sandboxie, I discovered that if one uses a download manager like IDM, the download manager operates outside of, and resulting file downloads outside of the sandbox. So much for being sandboxed.
I would suggest

EAM + ZAL + VS (free)

ZAL for its anti-logger protection and

VS (free) for application whitelisting

If you need to add WinPatrol get the WinPatrol Plus for its real-time protection
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
A couple years ago, browser exploits were actually happening to people, it was a real threat, especially flash and java exploits. But nowadays you just never hear of someone who got infected due to a browser exploit. If you did hear of this, please share the info, I would love to hear about it!
So for most purposes, I think that sandboxing an already secure and updated browser is just not very important. Things could change, I am only commenting on the present situation.
 

jerzy601

Level 21
Verified
Top Poster
Well-known
Jun 20, 2011
1,006
Emsisoft is a sufficient protection system.
Just in case, you can bet VS and that's it.
for checking every now and then give EEK.
That is my opinion, but someone may have another task.
 
  • Like
Reactions: harlan4096

Sunshine-boy

Level 28
Verified
Top Poster
Well-known
Apr 1, 2017
1,782
I would add a firewall like simple wall which is simple, light and effective(but that's me and can't live without a firewall.)+ an adblocker like Adguard and maybe Hard Configurator(for having the maximum protection:notworthy:).
 

KevinYu0504

Level 5
Verified
Well-known
Mar 10, 2017
228
Why there is no one talking about Malwarebytes :cry:
MB still good to be a second security tool with your main AV , isn't ?

I vote for Malwarebytes ,
I had Emsisoft + Malwarebytes + Zemana AntiLogger ,
They work together with out any issue :cool:

I love lifetime license :LOL:
 
Last edited:
D

Deleted member 65228

@SearchLight Unless you want more hassle with your configuration, I suggest you ignore the recommendations for software like anti-executable and anti-exploit. You can use Emsisoft Anti-Malware for your real-time protection sufficiently and you can add more simple and less-hassle additions like an on-demand scanner (e.g. HitmanPro is quite fast and reputable) and/or an ad-blocker (helps you block malvertising - there are reputable and free extensions for most browsers to do this like uBlock).

1. You can use Emsisoft Anti-Malware and VoodooShield in combination but ask yourself, why do this in the first place? You'll be just as protected using either on their own. Make good decisions and use your primary real-time defense as a backup friend and you'll be fine. Sure you can get an alert for every new unknown process spawn but you'll have the Emsisoft BB and even if you get an alert from an anti-executable, why not just not run it in the first place if you didn't want to run it? Run wisely.
2. You can use Emsisoft Anti-Malware and HitmanPro.Alert in combination as long as there are no compatibility issues (I am not sure if they are compatible) but ask yourself, why do this in the first place? You'll only have two security solutions in real-time potentially overlapping each other considering Emsisoft already provide exploit mitigations and ransomware protection. You don't really need both. In my opinion that is over-the-top past using EAM with VS.
3. You can use Emsisoft Anti-Malware with 4 on-demand scanners but it doesn't necessarily mean you'll be better protected. On-demand scanning will require you to spend time making the manual scans and if you rely on scheduled ones then you may be unexpectedly interrupted and have your system resources used up more while trying to work (depending on the scenario). It neither means that an infection which was surpassed by your real-time security will actually be identified, one or two is enough in my opinion.
4. Emsisoft Anti-Malware and Zemana Anti-Logger in real-time? Emsisoft already intercepts keylogger installation attempts very effectively, there's no need for it in my opinion.

Emsisoft Anti-Malware is a full Anti-Virus replacement despite being titled Anti-Malware and it is supposed to be used as a full suite for protecting the user. It offers more than enough protection components which have been developed over numerous years by skilled engineers and researchers to get to the level of quality and reliability is at now, and it is indefinitely sufficient to protect someone when being used alone as primary real-time protection. The statistics from malware testing by both general people who may make mistakes and tests conducted by professional security software testers who publish regular reports speak for themselves, not to mention that they use an engine alongside their own from another award-winning and extremely popular vendor, Bitdefender.

Stacking software upon software will never necessarily help you. It adds more attack vectors which can be potentially exploited and time and time again I see that most people don't really take notice. The attacks that paranoid users stacking software upon software are thinking about are likely to never ever be fired in your direction - traditional malware attacks will be handled by Emsisoft Anti-Malware perfectly fine, and many other Anti-Virus products perform a spectacular job. Unless of course you own a large company which automatically makes you a target.

The truth is that nothing is ever "enough" to close all holes which can be shot at by a bullet - but that doesn't mean you should have everything. Every-time your security product flags a new program as malicious based on behavior or blocks a download, you've just dodged a bullet. Aim to reach the point where that rarely has to happen due to good decisions, and hopefully if you ever make a mistake which all of us make at some point, your reputable real-time security software will intervene and save the day, just like a good friend would if you were in need of assistance. Everything else is totally unnecessary with the exception of an on-demand scanner or an addition like an ad-blocker for improved user experience when browsing and to help direct targeted malvertising attacks.

Take it with a grain of salt because it is opinionated. Use good real-time as primary, add a few simple additions for ad-blocking and make a backup... You're good to go.
 
Last edited by a moderator:
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top