Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Should I let either Emsisoft AM or HMP.Alert provide anti-exploit protection?


  • Please log in to reply
5 replies to this topic

#1 midimusicman79

midimusicman79

  • Members
  • 764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:05:17 AM

Posted 13 November 2017 - 10:19 AM

Hi all!

 

Keep in mind that some security researchers have advised not to to use multiple anti-exploit applications because using more than one of them at the same time can hamper Return-oriented programming (ROP), and other exploit checks. This in turn can result in the system becoming even more vulnerable than if only one anti-exploit application is running. In some cases multiple tools can cause interference with each other and program crashes.

 

While you should use an antivirus (even just the Windows Defender tool built into Windows 10, 8.1, and 8) as well as an anti-exploit program, you shouldn’t use multiple anti-exploit programs...These types of tools could potentially interfere with each other in ways that cause applications to crash or just be unprotected, too.

 

How-To Geek on Anti-exploit programs

 

I have Emsisoft Anti-Malware and HitmanPro.Alert with CryptoGuard.

 

At the time (June 2015) I purchased a three-year license for both of these, EAM did not feature anti-exploit protection, which is why I also purchased a license for the latter.

 

Now, however, EAM features anti-exploit protection too, so hence, my question is as follows;

 

Should I let either Emsisoft AM or HMP.Alert provide anti-exploit protection?

 

Thank you very much in advance!

 

Regards,

midimusicman79


MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,754 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:17 PM

Posted 13 November 2017 - 04:05 PM

Comments from Fabian Wosar, a Security Colleague and developer who works for Emsisoft.

EMET, HMP.Alert and MBAE can all be useful under certain circumstances. The most effective step to fending of exploits is to reduce your attack surface. Keep the software you use up-to-date and try to get rid of Java and Adobe plugins. If you can't get rid of them completely, at least turn them on only for the sites that you know won't work without them. All browsers that I have used in the past year have features which makes it very easy to limit plugins to just a few sites. If for some reason you can't do either of that, then adding exploit protection can be somewhat useful.

HMP.Alert & MBAE, Post #7

Comments from Elise, a BC Malware Study Hall Admin and an Emsisoft Employee.

Technically speaking, your computer is sufficiently protected by Emsisoft Anti-Malware/Internet Security. However, if you prefer an extra layer of security you could use this without any negative effects on your system. The difference between the products is that they intercept potential malware attacks at different points. The result with or without HMP Alert is however the same, our behavior blocker will intercept threats resulting from exploits once they become active on the computer and eliminate them.

HitmanPro.Alert worth as a companion?, Post #3
 
Emsisoft’s Behavior Blocker continually monitors the behavior of all active programs looking for any anomalies that may be indicative of malicious activity and raises an alert as soon as something suspicious occurs. This advanced behavior blocking technology is effective against unknown zero-day attacks, file-less malware that resides only in memory, zombies (the hijacking of host processes to load malicious code which execute via script parser programs), and file-encrypting malware (ransomware) attacks.With the release of v2017.5, Emsisoft now has a separate Anti-Ransomware module.

We at Emsisoft see it as our responsibility to keep you safe from all kinds of ransomware, and we are confident that we can stay technological leaders in the fight against malware that encrypts your personal files. To emphasize our products’ strength in this regard, we decided to shift our existing and proven anti-ransomware capabilities into a separate protection layer component that we are calling "Anti-Ransomware". Contrary to most self proclaimed anti-ransomware specialist tools out there, Emsisoft Anti-Malware and Emsisoft Internet Security are able to block ransomware before it even encrypts the first data file.

New in 2017.5: Anti-Ransomware

I removed HitmanPro.Alert but still use the stand-alone version of Malwarebytes Anti-Exploit with Emsisoft.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Umbra

Umbra

    Authorized Emsisoft Rep


  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 AM

Posted 13 November 2017 - 09:21 PM

Should I let either Emsisoft AM or HMP.Alert provide anti-exploit protection?
 Thank you very much in advance!


Both protect against exploit at different point of the attack chain, so yes, using both won't hurt you, not that HMPA also offers other interesting protective modules.


Emsisoft Community Manager


#4 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 764 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:05:17 AM

Posted 14 November 2017 - 10:10 AM

Hi, quietman7 & Umbra!

 

Thank you both for the prompt and insightful replies! :)

 

It is great to hear that I can continue to use Emsisoft Anti-Malware and HitmanPro.Alert with CryptoGuard in my multi-layered AV/AM security setup, which also includes CryptoPrevent Free, SpywareBlaster Free, Malwarebytes Free, WinPatrol PLUS and Unchecky.

 

I have emphasized all the three above-mentioned tools which provide anti-ransomware protection.

 

And in fact, on November, 12, I completed my 2nd year without any single malware infection on my computer, as I practise safe computing. :thumbsup:

 

Thank you very much for the help! :) The issue has been successfully resolved! :thumbup2:

 

Regards,

midimusicman79


MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,754 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:17 PM

Posted 14 November 2017 - 04:46 PM

You're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Umbra

Umbra

    Authorized Emsisoft Rep


  • Members
  • 139 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:17 AM

Posted 15 November 2017 - 06:48 AM

Hi, quietman7 & Umbra!

 

Thank you both for the prompt and insightful replies! :)

You are welcome. :)



Emsisoft Community Manager





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users