What is your security setup these days?

Chrome creates Alternate Data Streams... if you use Spyshelter you could see an alert saying chrome is creating ADS.
If you use GesWall to isolate Chrome you can run "scan for untrusted files" you can see ADSs marked as untrusted and you can delete them. (I don't, I like keeping them )

 

trying out Kaspersky Anti-Virus 2012 it is very heavy

 

that's a heavy hammer to thrash malwares
how's your pc doing J, carrying all that weight

 

How's your CPU, it is burning yet

 

it is heavy but it looks promising

 

Alright if you say so my friend

 

Eh... I think I'll just pass on running at low IL. I actually trust Google more than I trust myself to secure their product. Maybe if I had the know-how I'd check out their source code to see.

 

do I smell burning bacons.. ..... ....J?..

 

+1
chrome + 1806 trick is enough for me

 

Yeah I have Sandboxie and downloads have direct access to my real-system's downloads folder. The downloads folder itself is at low integrity so... nothing to worry about.

 

lawl

 

@Hungry Man

Just for future, the ADS is not related to Sandboxie or Chrome, rather it is a feature of the file system. You are experiencing this most likely because of the Low IL having fewer rights than what you normally do, thus warnings are shown to help the assumed "restricted user".

The alternate data stream may be easily viewed with even notepad, if you know how. It doesn't matter though, as I know the value will almost always be 3, which indicates it came from the internet. Actually, the problem, erm, feature, is a part of explorer.

The unblock is usually found when you right click on an item, on one of the tabs. It is very easy to miss IMO. Programs like Streams which m00nbl00d mentioned will show you all of your alternate data streams, of which you have many. Chrome by default (and IE) will create an ADS on every file it downloads. ADS can be used maliciously, which is why some people would rather not have them, but they can also be employed to your benefit, once you understand them, and understand how, why and when the OS informs you about them, as you are experiencing.

Maybe not much you wish to change, just passing along infos gathered in the corners of my melon.

Sul.

 

Thanks. I read up a bit and they're basically like hidden files attached to the files on your system from what I gathered - they apply certain traits as well.

Either way I think I'd prefer Chrome to run at default. EMET is about all I'm willing to do to mess with the browser... and sometimes I worry about that as well.

I've already posted about how EMET increases the attack surface though =p I forget who I argued with... but that was a big waste of time.

 

ditched WOT webrep is back again with ff

 

I hope you can get it sorted out on the SBIE forum.
I'm gonna try to keep an eye on that thread because I'm curious to learn what the problem might be.
Good luck.

 

good idea

 

My security setup:
Using OS built-in security policies/tweaks to not allow anything to execute/elevate and running as Standard User Account.
Only sandboxie free/SuRun can elevate/install/execute apps.
Spyshelter FREE to monitor malicious behaviour and kernel mode antilogger is a plus.

Malwarebytes FREE for manual scanning
Windows Image Backup

 

I think I'll remove Chrome from the sandbox and make it a Java sandbox instead.

Haha now Java just crashes... super.

What am I doing wrong? Tips?

 

trying out panda cloud pro

 

Nice. Light?

Anyone know how to get Sandboxie to work with Java?

 

why do you change a lot ?

 

for testing purposes
i had a good experience with kaspersky but to be honest it is bloated in my systems

 

@Hungry Man (not just you btw)

I would ask that you please post questions and findings regarding Sandboxie (or any specific topic which would be of interest to others) in the subforum devoted to such things. If someone else is looking for the same answers or looking to help, it gets lost in this huge thread very easily. This thread can gain 2 pages a day easily, and since it is mostly a public blog, I for one would not spend the time to go back through it to find something like your java and sandboxie issue. Know what I mean

Sul.

 

Fair enough.

 

Another dancing panda. Sure alot of those around