To Supplement EAM or Not?

Would you use EAM to protect your PC by itself or supplement it?


  • Total voters
    49
  • Poll closed .

HarborFront

Level 38
Content Creator
Joined
Oct 9, 2016
Messages
2,701
#21
Don't forget to add an anti-keylogger especially one which can block browser add-on/extension, web-based, and Javascripts keyloggers. One with anti-keystroke profiling would be good.

If cannot achieve those mentioned then add some software that can block them
 
Likes: bribon77

Evjl's Rain

Level 33
Content Creator
Trusted
AV-Tester
Joined
Apr 18, 2016
Messages
2,282
OS
Windows 8.1
Antivirus
Avast
#22
EAM alone can be enough but it might be not enough in some cases
Just need to strengthen what EAM is not good/weak at:
- add a good web filter extension for your browser: avira browser safety or norton safe web.
I don't think adguard is good enough because it's basically google safe browsing + some extra filters, not extensive enough according to my test, kind of an outdated list
- block wscript, cscript, powershell, java: I saw many times, EAM struggled to block these malwares and let them run in memory
This is my recommendation

if you are more paranoid, add sandboxie or voodooshield or what other users recommended in the above posts
 
Last edited:

HarborFront

Level 38
Content Creator
Joined
Oct 9, 2016
Messages
2,701
#24
@Umbra

On the question of EAM. Is there any script-based attacks protection feature like in ESET
Script-Based Attacks Protection consists of protection against javascript in web browsers and Antimalware Scan Interface (AMSI) protection against scripts in Powershell.
ESET Smart Security - Online Help

I believe this protection feature will help in blocking web-based, javascript-based and browser add-on/extension keyloggers
 
Likes: Sunshine-boy
Joined
May 26, 2014
Messages
445
OS
Windows 10
Antivirus
Isolation
#25
@Umbra

On the question of EAM. Is there any script-based attacks protection feature like in ESET


ESET Smart Security - Online Help

I believe this protection feature will help in blocking web-based, javascript-based and browser add-on/extension keyloggers
While not similar to AMSI, Emsisoft since version 11 has improved protection against fileless malware and script parsers abuse (like powershell malware).

A leap in technology: Emsisoft Anti-Malware 11 available now!
 
Joined
May 26, 2014
Messages
445
OS
Windows 10
Antivirus
Isolation
#27
So, related to Powershell......nothing related to web-based javascripts, browser add-on/extension in keyloggers?
I am afraid that Emsisoft doesnt specifically touch web-based javascript (thats why a adblocker like uBlock is a nice combo), but it can detect malicious browsers extensions and unwanted system changes using the in-house specialized engine.

Emsisoft behavior blocker can protect against hidden browser add-on installation and can "isolate" keyloggers, but not exactly the way you want; I think AMSI support would be great and I hope it get implemented.


Emsisoft, Banking Protection? (about behavior blocker and browser interaction)

Emsisoft Anti-Malware & Emsisoft Internet Security 10 available (about AMSI)
 

HarborFront

Level 38
Content Creator
Joined
Oct 9, 2016
Messages
2,701
#28
I am afraid that Emsisoft doesnt specifically touch web-based javascript (thats why a adblocker like uBlock is a nice combo), but it can detect malicious browsers extensions and unwanted system changes using the in-house specialized engine.

Emsisoft behavior blocker can protect against hidden browser add-on installation and can "isolate" keyloggers, but not exactly the way you want; I think AMSI support would be great and I hope it get implemented.


Emsisoft, Banking Protection? (about behavior blocker and browser interaction)

Emsisoft Anti-Malware & Emsisoft Internet Security 10 available (about AMSI)
Yes, you can use uBlock, NoScript etc to block Javascripts but that would mean micro-managing each site which is tedious and time consuming
 
Likes: spaceoctopus
Joined
Jul 3, 2017
Messages
169
OS
Windows 10
Antivirus
Malwarebytes
#29
Thanks everyone for the tremendous feedback so far.

What are your opinions on pairing EAM with ZAL or ZAM? Overkill, or as mentioned above, enough to reinforce what EAM might be weak at protecting?

And if too much, what about adding WinPatrol as a lightweight HIPS to catch anything that EAM might miss?

And btw, in regard to Sandboxie, I discovered that if one uses a download manager like IDM, the download manager operates outside of, and resulting file downloads outside of the sandbox. So much for being sandboxed.
 
Likes: spaceoctopus

HarborFront

Level 38
Content Creator
Joined
Oct 9, 2016
Messages
2,701
#31
Thanks everyone for the tremendous feedback so far.

What are your opinions on pairing EAM with ZAL or ZAM? Overkill, or as mentioned above, enough to reinforce what EAM might be weak at protecting?

And if too much, what about adding WinPatrol as a lightweight HIPS to catch anything that EAM might miss?

And btw, in regard to Sandboxie, I discovered that if one uses a download manager like IDM, the download manager operates outside of, and resulting file downloads outside of the sandbox. So much for being sandboxed.
I would suggest

EAM + ZAL + VS (free)

ZAL for its anti-logger protection and

VS (free) for application whitelisting

If you need to add WinPatrol get the WinPatrol Plus for its real-time protection
 

shmu26

Level 60
Joined
Jul 3, 2015
Messages
4,965
OS
Windows 10
#33
A couple years ago, browser exploits were actually happening to people, it was a real threat, especially flash and java exploits. But nowadays you just never hear of someone who got infected due to a browser exploit. If you did hear of this, please share the info, I would love to hear about it!
So for most purposes, I think that sandboxing an already secure and updated browser is just not very important. Things could change, I am only commenting on the present situation.
 
Joined
Jun 20, 2011
Messages
659
OS
Windows 8.1
Antivirus
ESET
#34
Emsisoft is a sufficient protection system.
Just in case, you can bet VS and that's it.
for checking every now and then give EEK.
That is my opinion, but someone may have another task.
 
Likes: harlan4096
Joined
Apr 1, 2017
Messages
1,425
OS
Windows 10
Antivirus
ESET
#36
I would add a firewall like simple wall which is simple, light and effective(but that's me and can't live without a firewall.)+ an adblocker like Adguard and maybe Hard Configurator(for having the maximum protection:notworthy:).
 

Purshu_Pro

Level 29
Trusted
Joined
Aug 3, 2013
Messages
1,840
OS
Windows 10
Antivirus
Emsisoft
#37
Yes EAM alone is sufficient for non paranoid users as Umbra already said it. But if u feel u are missing out some layer of security I would recommend to add a software like HitmanPro.Alert for better exploit protection and AdGuard Ad Blocker for enhanced ad blocking and surf protection.
 
Joined
Mar 10, 2017
Messages
163
OS
Windows 10
Antivirus
Emsisoft
#38
Why there is no one talking about Malwarebytes :cry:
MB still good to be a second security tool with your main AV , isn't ?

I vote for Malwarebytes ,
I had Emsisoft + Malwarebytes + Zemana AntiLogger ,
They work together with out any issue :cool:

I love lifetime license :LOL:
 
Last edited:

Opcode

Level 28
Content Creator
Joined
Aug 17, 2017
Messages
1,733
#40
@SearchLight Unless you want more hassle with your configuration, I suggest you ignore the recommendations for software like anti-executable and anti-exploit. You can use Emsisoft Anti-Malware for your real-time protection sufficiently and you can add more simple and less-hassle additions like an on-demand scanner (e.g. HitmanPro is quite fast and reputable) and/or an ad-blocker (helps you block malvertising - there are reputable and free extensions for most browsers to do this like uBlock).

1. You can use Emsisoft Anti-Malware and VoodooShield in combination but ask yourself, why do this in the first place? You'll be just as protected using either on their own. Make good decisions and use your primary real-time defense as a backup friend and you'll be fine. Sure you can get an alert for every new unknown process spawn but you'll have the Emsisoft BB and even if you get an alert from an anti-executable, why not just not run it in the first place if you didn't want to run it? Run wisely.
2. You can use Emsisoft Anti-Malware and HitmanPro.Alert in combination as long as there are no compatibility issues (I am not sure if they are compatible) but ask yourself, why do this in the first place? You'll only have two security solutions in real-time potentially overlapping each other considering Emsisoft already provide exploit mitigations and ransomware protection. You don't really need both. In my opinion that is over-the-top past using EAM with VS.
3. You can use Emsisoft Anti-Malware with 4 on-demand scanners but it doesn't necessarily mean you'll be better protected. On-demand scanning will require you to spend time making the manual scans and if you rely on scheduled ones then you may be unexpectedly interrupted and have your system resources used up more while trying to work (depending on the scenario). It neither means that an infection which was surpassed by your real-time security will actually be identified, one or two is enough in my opinion.
4. Emsisoft Anti-Malware and Zemana Anti-Logger in real-time? Emsisoft already intercepts keylogger installation attempts very effectively, there's no need for it in my opinion.

Emsisoft Anti-Malware is a full Anti-Virus replacement despite being titled Anti-Malware and it is supposed to be used as a full suite for protecting the user. It offers more than enough protection components which have been developed over numerous years by skilled engineers and researchers to get to the level of quality and reliability is at now, and it is indefinitely sufficient to protect someone when being used alone as primary real-time protection. The statistics from malware testing by both general people who may make mistakes and tests conducted by professional security software testers who publish regular reports speak for themselves, not to mention that they use an engine alongside their own from another award-winning and extremely popular vendor, Bitdefender.

Stacking software upon software will never necessarily help you. It adds more attack vectors which can be potentially exploited and time and time again I see that most people don't really take notice. The attacks that paranoid users stacking software upon software are thinking about are likely to never ever be fired in your direction - traditional malware attacks will be handled by Emsisoft Anti-Malware perfectly fine, and many other Anti-Virus products perform a spectacular job. Unless of course you own a large company which automatically makes you a target.

The truth is that nothing is ever "enough" to close all holes which can be shot at by a bullet - but that doesn't mean you should have everything. Every-time your security product flags a new program as malicious based on behavior or blocks a download, you've just dodged a bullet. Aim to reach the point where that rarely has to happen due to good decisions, and hopefully if you ever make a mistake which all of us make at some point, your reputable real-time security software will intervene and save the day, just like a good friend would if you were in need of assistance. Everything else is totally unnecessary with the exception of an on-demand scanner or an addition like an ad-blocker for improved user experience when browsing and to help direct targeted malvertising attacks.

Take it with a grain of salt because it is opinionated. Use good real-time as primary, add a few simple additions for ad-blocking and make a backup... You're good to go.
 
Last edited: