What is your security setup these days?

LOL J. I'm using your old favorite, Hitman Pro now

 

i have it toolook at my avatar

 

Ahh ok J

 

current version of returnil fixes most of the problems I have reported.
never had a problem with its anti-executable, it simply works.


Sandboxie (application-level virtualization) and Returnil (disk-level virtualization) works alongside each other perfectly. When I said work alongside each other I really mean it, if you look at my setup Sandboxie makes it more convenient and safer to install software even when under Returnil virtual mode + anti-executable at highest setting (trust from real disk only).

Returnil anti-executable won't nag you when you run/install in Sandboxie.

 

More than 2 years since my last post...

I still love Sandboxie, but since I got my degree and started working, I don't have the time to play as much as I did. Also I don't test malware anymore, computer is now just used to watch movies and casual surfing....

anyways, my current setup:

Win 7 Home Premium:
-Firewall enabled
-Some services disabled
-Defender disabled

Avira Free AV

MalwareBytes AntiMalware for On-Demand scanning

Maybe I try Zemana AntiKeylogger since it's free today...

 

Wow Hurst, it has been a very long time. Too bad you don't have all that spare time any more, you were always full of advanced ideas regarding sandboxie.

I understand your position implicitly. Life. It has its own demands we cannot ignore

Take care.

Sul.

 

Guess what . . . Finally got my 3 EAM licenses and running on all house computers, now i just need to get OA Premium for my PC and lock it down

 

And you should update your sig too my friend

 

Hahaha trueee xD
Just t0o lazy to do it now that i have a full time job + full time college

 

I hear ya. You are a busy man now

 

Really, is that all? Then you'll likely be in trouble, unless Windows is securely tweaked.

 

Why? Granted I might pick something a bit better than ClamWin, but otherwise, what's the issue? I'm running a lot less than Mozart is, and I haven't been nor am I in "big trouble". Chrome, MBAM and Avast are the only things I use. I don't even have Windows services tweaked like I used to.

 

Why bother with MBAM?

I think Chrome and Avast is plenty.

 

Well, to me Avast has always been a great AV and has only a handful of times not detected something. But, there's no denying just how good MBAM is, and, it runs very well alongside Avast. That's about as layered as I'm going to get though.

 

Gotcha.

Any reason you don't want to run more? Not that I think you should necessarily run anything more than you've got. Just curious.

 

Well, as I had posted a page or so back, I'm just over this whole doom and gloom "malware will get us all" outlook that gets shoved down throats by "alarming" articles from the media, security companies and other outlets. I've been on the net almost for its entire existence (well, the web as most know it), I've been infected a handful of times, yes, but they were never "wipe the drive and start over" affairs. Over the past probably 10 years, I've been infected maybe twice. I've had several malwares show up on the system through P2P and such, but they never "infected" me, just got picked up and shown the door by my AV or AS.

Many people buy into the hype, I just don't. More power to those that do, I just don't see the evidence that anything has changed except a "change of venue", meaning attackers have moved on to the social sites and mobile environments.

 

Yup. That's pretty much how I feel. I felt secure when I was running no antivirus. I went a month with no infections and I scanned with a hell of a lot of scanners every week.

I threw away the whole AV idea when I realized it was useless to me and it was also a performance hit. I don't use any security methods that I feel would cause any performance issues because... it's just not worth it, I don't feel threatened without the security security so I sure as hell am not going to sacrifice anything for it.

I was just curious as to what your reasoning was.

 

Even I'm not brave enough to go without an AV yet, hehe. I'll get there I'm sure. I've always disagreed with the notion that AV software is "useless". That mindset is one I don't see outside of here too often. My guess is everyone's obsession with 0 days. For 99% of malware prevalent on the web, AVs, imho, are still a good measure.

 

I thought he only posted on-demand scanners. If so, the problems can only be fixed after it has done damage. I wonder how well Zemana covers a system anyhow. You have a secure browser and real-time AV (which is almost like a suite). By tweaked, I mean LUA, SRP, and the like.

 

AV's basically go by two things (classically and disregarding extra modules such as HIPS)

blacklists and heuristics

Let's be honest, blacklists aren't exactly hard to fool. I know everyone named Tom is an ass but Tom changes his name to Tommy with current blacklisting I won't know anything about Tommy.

Heuristics is basically emulation of a program to see if it does some classic malware stuff... except tons of things use those tactics so you get loads of FPs and eventually you can't tell what's malware and what's not.

Both of these methods are also really resource heavy and they're not nearly as effective as other methods though that second part is just my opinion.

Though I will say that on my mother's computer I've only secured it with EMET and MSE and UAC. Why? Because I don't expect her to make decisions and I'd rather her have false positives than an infection.

 

I guess I am one of those who think an AV is "useless", if it had to be black or white. If we include grey, then I would say it is useless overall because I really don't think it will ever catch up, but always be behind. But in the spirit of grey matter, I still think it serves a purpose for those who haven't come to the point of changing what they do and how they do it so that they no longer need it.

To me, it seems you will NEVER be truly confident that a file will be virus free. In the same manner, I am no longer truly confident that an AV will ALWAYS detect a virus. Instead, I focus on where I get files from, and what I allow to execute or what steps I have in place when I do execute. If a virus etc ever gets onto my system, well, then it does and I deal with it. It will be my fault if it does, but so far in the last, I don't even know any more, 2 years, maybe more, I have been free of that tool and honestly haven't thought much about using one again, only an occassional "I wonder" type moment. Same goes for firewalls and hips tools. I do a lot of tinkering with inbuilt OS stuff, but lately I have been even more lax than normal, and still no problems. Must be what I don't do online that makes the difference

Sul.

 

I'm confident that if I check a file I download with the tools I have, and it says clean, then it's clean. The reason I don't go "naked", is because I don't have the ability to inspect a file and determine it to be safe or unsafe just by inspecting it or what it does, with my own knowledge. There's enough legit programs out there that act like malware for hips and such to be very useful in my mind. It just leads to a lot of "what is that stupid pop-up telling me?" and FPs. I've neither the time, interest or fear of malware, to babysit a security program or deal with it popping up with arcane messages.

Anyway, I'm going off track here. Going by how I use the net, my experience of being on the net for years, and the, though few, tools I've chosen, I feel safe enough. Safe enough may not work for everyone, and that's fine.

 

Trying out KeePass.
My password manager has always been between my ears and on a piece of paper.
This is quite a step up.

 

Great setup, simmilar to mine:
win xp
-firewall
-many services disabled
-lua, srp
sometimes full scan with demand only freeware