What is your security setup these days?

Good to hear

 

Wow, Cyrano2! I've been looking for something like this for a long time, I'm going to try and set this up now. Hope it works. Thanks.

 

NoVirusThanks EXE Radar Pro nice product and i can run my browser restricted like spyshelter or OA

 

Comodo 5.8's sandbox has not shown as much improvement as I had hoped. Black-Day still bypasses it.

Oh well, that's why I've got layers =p

 

Yep layers is the way to go.

 

Plus in the test it was still blocked. The heuristics caught it and then it alerted me that it was known malware and should be blocked. So although the sandbox failed me in the real world I would not be infected.

Still, a 0day version would have gotten past the malware notice and I would be relying on heuristics... I think I'll be looking into some more ways to further secure this computer.

EDIT: Actually I just went ahead and ran Black-Day (thank goodness I wasn't infected lol) on my real computer to see how I'd fare. Comodo and Mamutu both jumped into action and that was it.

 

man what happen to PEGuard2?

 

One addition to my setup. I added Zemana alongside Panda Cloud...

 

Wouldn't it be nice to have 1 program incorporate both features? Or imagine having Sandboxie collaborate with something like Hitman Pro and use that extensive cloud database to scan downloads after they've finished? This would keep the resource hit (CPU/RAM usage) off your machine. Add a router, 2 on demand only scanners for 2'nd/3'rd opinions (like MB & SAS), and use measures built into your OS (LUA, SRP). Throw in a VPN service for anonymity if desired. Viola... a very light, effective setup.

Right now I'm using quite a layered approach, but if a product like that existed I'd seriously consider putting all my eggs in that basket. And I'm considering doing something like Cyrano2 suggested.

 

lol Mongol..Keep us posted on ur findings

 

Nice to see a comrade D00d!

 

my pc's running real smooth. I like my 'lean and mean' setup.

 

That could change lol...

 

I changed my on demand scanners. My new setup:

Resident:
Router with SPI Firewall
Windows 7 firewall
Sandboxie (for browsers)
Malware Defender
EMET (for internet facing apps and apps that open files)

On demand:
Hitman PRO
MBAM
Acronis True Image
Sysinspector
Autoruns

 

switched to Comodo Firewall Pro (Defense+ & SandBox). i like it so far

 

privateFirewall
Panda Cloud antivirus

OnDemand:
1-Superantispyware 5
2-MBAM
3-Hitmanpro Free + Manual Removal

Offline Machine
Bitdefender 2012 Internetsecurity

 

luciddream, that's exactly the sort of program I wish we had. Or just Sandboxie with an on-demand program that was triggered by a download, or even some other condition you picked. Wonder why Hitman Pro doesn't make that an available option? I'd buy it in a second.

I tried setting things up with Avast the way Cyrano2 described, but checking the logs it looks like Avast wasn't automatically scanning the download folder after a download. Instead of fiddling with it, I just uninstalled Avast, since it wasn't really running as on-demand but real-time with limited focus, and if that's the case, I'd rather just have Prevx running. Since a lot of the AV's can be set up as on-demand, why haven't they thought to add a particular action as a trigger for a scan?

One other thought: can a script be written in Windows to program an AV to run when there's a download, and scan a particular folder, and then close?

 

trying out ProcessGuard

 

That's why I like Comodo haha though it's not nearly as powerful as Sandboxie it gives the same type of solution, sandbox and scan unknown/ downloaded files.

Jmonge, what does process guard do?

 

LOL J. I thought ProcessGuard development was stalled?

not nearly as powerful yet


Added Mamutu to my setup.

 

In terms of customization the two really aren't even comparable -- Sandboxie wins hands down.

Thankfully Comodo's CIS 6.0 will give automatic sandboxes full virtualization (only available for manual right now) and that'll help a ton.

Still, between the sandboxing and cloud signatures/heuristics it's very powerful for dealing with malware (and it's automatic.)

The manual sandbox is also very very powerful, I've tested it on dozens of exploits/ malware.

How are you liking Mamutu? I love it. I might actually pay for it once my one year free is up.

 

Yes I know all that but you never know what the future could hold . I've used Mamutu before, standalone and EAM's BB, I've always liked it. Mamutu is pretty cheap too so it shouldn't hurt your pockets, if you decide to buy.

 

Definitely. I hope to see improvements in both Sandboxie and Comodo. They're two wonderful products. I just find that Comodo's other features + being free puts it ahead of Sandboxie for me. Though I'd love to use both of them.


I just dislike paying for 3rd party security software. I believe security should be built into the kernel right from the start.

 

That's understandable. I definitely want both to improve as well.

 

Yes but the goal here is to have the setup incredibly light by eliminating real-time protection and "only" having it scan files after download. Having a product that did this+sandboxing all in 1 would be a really light, effective solution that could eliminate the need for real-time monitoring for many.

I actually have cloud scanning in Comodo disabled. I just don't like the idea of things on my PC making random connections. I run a very static setup and know what's on my computer already, and trust it. On that note, every time the auto-sandbox comes up it's just an inconvenience. I always click "don't sandbox this again", or whatever. So I could easily do without auto-sandboxing and the cloud. Plus it may cause conflicts with Proactive in Avira. For people regularly introducing new apps to their computers though, some that may not be completely trustworthy, it's certainly useful.

But a sandbox that connected to a cloud just to scan new files after they've downloaded... I'd be all about that.

And on your point: "Security should be built right into the kernel"... absolutely. It'd be wonderful if such a solution (Sandbox+cloud scan after downloads) were built right into the OS.

On that note... I think "justenough" asked an excellent question: "can a script be written in Windows to program an AV to run when there's a download, and scan a particular folder, and then close?

I'd love to know this as well.