Replies

I installed EMET 5.0 on Windows 8.1 Update (is that 8.1.1?) and IE 11.0.12 works fine. However, because I use Google Chrome almost exclusively, I don’t push IE in any significant way.

Be careful out there!

Thank you very much for this article. It’s the best intro to EMET that I have seen.

I have just started using EMET. Beyond taking the recommended settings, I’m curious about what additional step(s) to take. Here are some possibilities:

1. Add the alternative browser(s) that you use to EMET. When did this with Google Chrome, I saw that EAF+ and ASR were NOT checked off. Is EMET using some intelligence to determine which options to turn on?

2. I saw mentioned to add “internet-facing” apps to EMET. I prefer to think of this as “internet-using” apps. And I wonder about any app whose only apparent internet use is a “check for updates” or “autoupdate” function, such as Auslogics Disk Defrag and CCleaner. Could these apps be left out of EMET entirely? Or add them last.

3. As programs are updated (for example, fast-moving browsers like Chrome and Firefox), do their recommended EMET settings change? The nervous computer owner could spend a lot of time tinkering with these things.

I looked around for other forums where existing EMET discussions can be found. Here’s one:

http://social.technet.microsoft.com/Forums/lync/en-US/home?forum=emet

…where a bewildering number of q&a’s turn up.

Thanks again for the article on EMET. A clear and independent voice is much needed.

I have since found that for computers that have Intel devices, the Intel site has a useful and careful driver scan utility:

http://www.intel.com/p/en_US/support/detect

I describe it as “careful” because it has several times indicated that a driver has been altered by the computer manufacturer (i.e. Dell, HP, Asus) and recommends going to the manufacturer web site for a properly tailored driver.

Thank you for a helpful article. I appreciate the credible test methods used.

I second the request to test third-party uninstallers such as Revo Uninstaller, and I’d like to add a wish: to compare them with the manufacturer-supplied uninstallers (such as the McAfee Consumer Products Removal tool MCPR.exe)

Verbatim makes a line of archival CDs and DVDs under the brand name Ultralife. I found “interesting” reviews at amazon.com. Some buyers reported that not all the disks would burn successfully.

Here’s a link to Verbatim’s description of a 50-pack spindle of DVD’s:

http://www.verbatim.com/products/detail.cfm?product_id=6A0D4031-1143-3415-5F916B32947AE822&cat_id=7CA8481A-AA65-482E-991CD8C4156EA2D3

Also, Verbatim Medidisc is marketed as suitable for archiving medical records:

http://www.amazon.com/gp/product/B0003QIFIK/ref=wms_ohs_product

HTH,
Bob

Thanks for the helpful link. I’ve used ma-config in the past and I tried it on a Gateway laptop I’m working on currently. The first driver update I tried (modem) was not correct, system restore and uninstall drivers did not correct the problem. That said, I’d love to develop experience with ma-config and learn what to avoid.

Now I’m looking for a utility that can query the actual device rather than the registry (as, I believe, Belarc Advisor does). With a laptop I’m not keen on opening up the case and digging around inside just to find strange sequences of cryptic characters printed smudgily on tiny chips and PCBs under several layers of delicate components.

Aha, look. It’s sunny outside. Where do you want to go today?

Bob (who spends too much time in front of computer displays)

This is one of the best writeups on Windows XP ongoing maintenance that I have seen. Additional points come to mind:

1. If you have not already done so, switch from Windows Update (OS only) to Microsoft Update (includes other Microsoft products like Office). Go to Windows update and follow the link. After switching, be ready for many more updates to appear.

2. I’m just a little hazy on this one: If your machine is not yet at Windows XP SP3, I think it’s best to manually install SP1 and SP2 (as needed) to get to SP3, then go to Windows Update. I’ve seen different descriptions of Microsoft support on this, but basically if you’re downlevel on Service Packs, I find it’s more efficient to download the redistributable for your system and run it. If you download to an external device like a flash drive or external hard drive or CD/DVD, you won’t need to be connected to the Internet while hours and hours of update-reboot cycles take place. See http://windows.micro…t-service-packs and http://support.microsoft.com/kb/322389

3. From time to time, check Windows Update (Microsoft Update) manually. Do this repeatedly until there are no more required updates. New updates turn up, sometimes the following day. Optional updates require some creative reading to understand which ones to apply. Once this has settled down, I check once a month or whenever I forget when it was the last time I checked.

4. Do something to prevent Autoplay from running when you connect a flash drive or external hard drive. For Windows XP, I use TweakUI (http://download.microsoft.com/download/f/c/a/fca6767b-9ed9-45a6-b352-839afb2a2679/TweakUiPowertoySetup.exe).

5. I love CCleaner. However, be careful. The cleaner (“brush”) tool will, by default, wipe out cookies (including saved website passwords — not a good practice but deleting them can be disruptive if you rely on them), MRU’s (Most Recently Used lists of files, such as in Word and Excel), recently-typed URLs, among other things. Make sure to check the “applications” tab, which lists other browsers.

–Bob Stromberg, Saratoga Springs, NY

In my area, TimeWarner Cable is offering free wireless routers with WEP encryption. This is wholly inadequate. WPA or WPA2 encryption is much better. I also think that NAT (network address translation) is crucial to securing networks. Yet I’m unsure about which routers provide NAT. Finally, I think that 802.11g is fast enough for many households. Why are only more-expensive 802.11n routers mentioned?

It would be very helpful to comment on the security aspects of older WPA2-capable, NAT-capable, 802.11g routers, many of which are available for much less than $100.