Hungry Man's Setup

[Hungry Man]

I tried the latest version of Zeus just a few hours old. It was sandboxed by Comodo as Limited (automatically) but 3 files got through. Not sure if there was a proper infection or if those were just leftovers as often happens with Comodo. Still, it's a shame that neither Mamutu nor Comodo picked up suspicious activities. I would think that Zeus must do something on Mamutu's behavioral blocker.

 

[Hungry Man]

Haha! Submitted the file to Comodo and a few hours later when I tried it the cloud scanner picked it up as malicious. Interesting.

It seems that Zeus was in fact completely broken by the Limited sandbox. 3 useless files made it out but the system wasn't compromised at all.

 

[Hungry Man]

Added "--safe-plugins --prerender-from-omnibox" to Chrome.

 

[Hungry Man]

Moved Defense+ to Paranoid.

 

[Hungry Man]

Yikes. Paranoid mode is too loud, even for me.

 

[Deleted member 178]

lol ^^

 

[Hungry Man]

Added Zemana AntiLogger (Free 1 year license from the give-away) and it's very simply and light.

 

[Deleted member 178]

Added Zemana AntiLogger (Free 1 year license from the give-away) and it's very simply and light.

and it has almost no protection of x64 system... ^^ (even failed its own leak test )

 

[Hungry Man]

Seriously?

Can I get some links for that? I'd be interested to read more.

 

[Deleted member 178]

not a link, just 2 small test i did, also others members of the forum report it. not really a full test, with undisputable result.

http://malwaretips.com/Thread-Zemana-Anti-Logger-1-9-2-Review?pid=18839#pid18839

on the 2 tests, for comparison, Online Armor detected them.

 

[Hungry Man]

Thanks.
I ran their test as well and it failed... not good.


Removed.

 

[Ink]

What do you use your computer for? It looks to me like test machine.

Say you got a new computer (Win7 SP1), how long would it take you (approx.) to configure it to these settings?

 

[Hungry Man]

Ehhh, I guess 15 minutes. I don't feel insecure. I'd feel secure with nothing probably but these methods are so easy to implement and so light on resources... I can't really see why I wouldn't do it =p

 

[Hungry Man]

Turned Paranoid Mode off. Reduced community based decisions.

Looking to make it quieter =p

 

[Hungry Man]

Disabled automatic sandboxing. Still keeping manual. Still keeping the right click + select to run in sandbox.

 

[Hungry Man]

Running without the sandbox definitely does not inspire confidence in my setup. I figure that anything that autoexecutes from my downloads folder will be at low integrity and subject to the scans/ mamutu.

It's come to the point where I'm just trimming the fat. I find that I download more "good" programs than bad. It would save me time to just right click and hit "Run in Comodo's sandbox" for the ones I'm unsure of than to constantly hit "Don't sandbox this again."

Security takes a hit for the price of usability.

 

[Deleted member 178]

yes, people like me prefer to have an HIPS, others feel it annoying.

 

[Hungry Man]

The HIPS is still on. I get alerts for buffer overflow etc it just isn't autosandboxed.

 

[Hungry Man]

I feel like if I had sandboxie my system would just be perfect haha it would be so helpful for system hardening.

 

[HeffeD]

I feel like if I had sandboxie my system would just be perfect haha it would be so helpful for system hardening.

You can always use the free version. Granted, you'll need to deal with the limitations of only a single sandbox and not being able to force programs to automatically run in the sandbox, but if you just want to use it to try questionable installs, it will do fine.

You can sort of force programs to automatically run in the sandbox. You can run explorer in the sandbox, then anything you open from there, will start in the sandbox. Not ideal as far as usability goes, but it's definitely not difficult to do.