In EMET 5.0 a tooltip was shown in the taskbar notification area when you visted a site (in the internet zone) in the browser which uses Java and a event was written to the Windows Event Log which sometimes specified the web address. Below are two examples:
EMET detected ASR mitigation in iexplore.exe
ASR check failed:
Application : C:\Program Files\Internet Explorer\iexplore.exe
User Name : COMP\USERNAME
Session ID : 2
PID : 0x109C (4252)
TID : 0x16BC (5820)
Module : jp2iexp.dll
EMET detected ASR mitigation in iexplore.exe
ASR check failed:
Application : C:\Program Files\Internet Explorer\iexplore.exe
User Name : COMP\USERNAME
Session ID : 2
PID : 0x1710 (5904)
TID : 0xA20 (2592)
Module : jp2iexp.dll
Web address : http://java.server1.company.com/java/module/
Url zone : Trusted
With EMET 5.1 this doesn't seem to happen anymore and Internet Explorer just reports that the website uses Java which can be downloaded and installed.
When I open a Word document with Shockwave Flash Object I get this tooltip
and this event is written in the application event log.
Log Name: Application
Source: EMET
Date: 26-11-2014 9:35:54
Event ID: 1
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: xxxx
Description:
EMET detected ASR mitigation in WINWORD.EXE
ASR check failed:
Application : C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
User Name : Domain\User
Session ID : 3
PID : 0xEF4 (3828)
TID : 0x130C (4876)
Module : Flash32_15_0_0_239.ocx
The name of the document is not mentioned in this.
My suggestion is to fill in a feedback form (https://connect.microsoft.com/emet/feedback/LoadSubmitFeedbackForm) on the Microsoft Connect portal for the EMET 5.0 feedback program.