At-Risk inzane's desktop setup 2020

Last updated
Apr 1, 2020
How it's used?
For home and private use
Operating system
Windows 11
Log-in security
Security updates
Allow security updates and latest features
User Access Control
Notify me only when programs try to make changes to my computer
Real-time security
Not sure, default Windows.
Firewall security
About custom security
Not sure what this is
Periodic malware scanners
Malwarebytes Antimalware
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
HTTPS Everywhere
uBlock Origin
New Tab Override
Search by Image
Tags for Youtube
Clear URLS
Maintenance tools
None
File and Photo backup
None
System recovery
None
Risk factors
    • Gaming
    • Logging into my bank account
    • Browsing to popular websites
    • Streaming audio/video content from shady sites
    • Browsing to unknown / untrusted / shady sites
    • Streaming audio/video content from trusted sites or paid subscriptions
Computer specs
CPU: 3950x
GPU: 1660 Super
RAM: 32GB Tridentz Neo
Storage: 970 Evo Plus + 2TB Crucial MX500
PSU: Corsair RM750x
Notable changes
-Disabled WebRTC
-Installed Bitdefender TrafficLight for Firefox

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,595
BTW for better CPU management look at processes lasso .
And you don't really need a dedicated sandbox for the browser
Since Firefox can be hardened pretty aggressively with flags and containers .
 
Last edited:

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,595
Any ideas to improve this ? Is there something like Tinywall but for sandbox? I want to isolate Firefox so im protected from javascript and other exploits but without being too overkill (like resorting to an VM)

Do I need anything else? What I do is gaming, video and audio production, and I do my taxes and business stuff here too so that is why I wanted some extra security from whatever standard Windows anti virus stuff it comes.

I like Tinywall because it blocks everything by default and you manually allow things, that is why I added it, it gives me a peace of mind knowing everything is blocked unless I allow it. noScript has the same philosophy for the browser its just too annoying to go page by page doing it that is why I wanted some sandbox. Ideally free.

I also downloaded malwarebytes, but the free version, so I just run full scans monthly or so just in case. That's about it. Im not sure if Windows has realtime protection similar to malwarebytes does.

The SO is LTSC Windows 10 Enterprise so it only has the basic security updates, not the cluttered "new epic features" that I dont like.

I've uncluttered everything I could find in Window's settings in the privacy tab, disabled everything, telemetry related, allowing webcam, mic, allow remote desktop etc.. all I could find is disabled.

I don't have a set plan of backing up, I back up randomly when I remember to backup.

I also need to learn how to use a non Admin account by default. I can't change it so I assume i need to create a separate account.

Btw: Should I enable this?

tomi56u1vbrn9sgfdani.png


It comes "off" by default, im not sure if I enabled or disabled it. Im just not sure with Windows 10. When I enable something, im not sure if this also means "send your files to Microsoft to develop a database of threats" or something.
If you want an AV good.
best for low false positives and good protection is Kaspersky cloud free .

Other good av is SEP unmanaged
Wich is very strong but has a lot of false positives.
Unlimited Giveaway - Symantec Endpoint Unmanaged without time limit

But best for security would be H_C with Configure Defender
But this option has most false positives ratio.
 
  • Like
Reactions: Protomartyr

inzane

New Member
Thread author
Apr 21, 2020
9
Those specs are insane is this PC used for editing ?
LTSC was a really smart choice 👍.
Oh and I would recommend trying out Comodo firewall (cruel settings) since it's a really nice whitelisting based auto sandbox with a nice firewall built in .
hopefully what you were looking for :) .

Yeah. video and music editing and some gaming.

Im looking for some Comodo HIPS alternative. Is there such a thing? I would like that when I click on an exe, it tells me what it is trying to modify. But last time I installed Comodo it was a mess, it froze, it didn't work, I even had to go to a previous state to uninstall it because it refuse to fully uninstall.
 

inzane

New Member
Thread author
Apr 21, 2020
9
Emsisoft Browser Security, Bitdefender Trafficlight or Malwarebytes Browser Guard

Emsisoft Browser Security hasn't been updated since 2018.. Malwarebytes one asked me for an email to enable it, so I ended up installing Bitdefender one, hope its good.

I also installed Sandboxie but im confused by it. When I download something, it only shows up in the Sandboxie window, so I assume this file is isolated, But I don't know how to completely delete this sandboxed file. Only options are:

"Run Sandboxed"
"Recover to Same Folder"
"Recover to Any Folder"
"Cut"
"Create Desktop Shortcut"

Also, the colors on Firefox are changed. The upper window is not black, its white so its too distracting. It also has the distracting yellow outline on the window, its too annoying to use.
 

oldschool

Level 85
Verified
Top Poster
Well-known
Mar 29, 2018
7,704
Emsisoft Browser Security hasn't been updated since 2018

Use whatever extension you like but at least understand how this extension works. BTW, 2018 was the first introduction of their extension. Emsisoft approaches web filtering a bit differently than most others as you can see here:

Emsisoft Browser Security is a browser extension that blocks websites that distribute malware and phishing attacks.

Most browser extensions that are designed to block access to harmful websites work by sending the visited website to a cloud server, where it’s verified by matching the URL against a database of known malicious sites. The issue is that the creators of these extensions can potentially see and track all of your online web browsing activity.

We designed Emsisoft Browser Security with privacy in mind. Instead of sending full URLs to the cloud, our extension only sends hash checksums of the components of the domain name. If all hashes are found in the database, the cloud returns detailed matching patterns for known malicious URLs on that domain. At no point does the Emsisoft cloud know where any of these patterns will match or not, as the matching is only done by the extension on the user’s side. Therefore, it’s impossible for us (even if we wanted to) to create profiles of our users."

Stay safe, not paranoid, my friend! :)

Finally, Emsisoft is one of the most trusted names in the security industry. Again, use what you prefer but make your decision based on good info. You may read the entire article here @ "Your" data is your data.
 
Last edited:

plat

Level 29
Top Poster
Sep 13, 2018
1,793
When I download something, it only shows up in the Sandboxie window, so I assume this file is isolated, But I don't know how to completely delete this sandboxed file. Only options are:

Usually, a download in Sandboxie will give you a message saying the d/l is eligible for immediate recovery--meaning, you can pick it up in your unsandboxed Downloads folder. If you want that sandboxed file in your Downloads, tick "Recover to same folder." If you want to delete it, go to your System tray, right click on the yellow SBIE icon, hover mouse over "Default box" and delete the sandbox contents by choosing that in the context menu. If you want to examine the contents of your sandbox, look in C:\Sandbox\Your User Name.
 

inzane

New Member
Thread author
Apr 21, 2020
9
Use whatever extension you like but at least understand how this extension works. BTW, 2018 was the first introduction of their extension. Emsisoft approaches web filtering a bit differently than most others as you can see here:

Emsisoft Browser Security is a browser extension that blocks websites that distribute malware and phishing attacks.

Most browser extensions that are designed to block access to harmful websites work by sending the visited website to a cloud server, where it’s verified by matching the URL against a database of known malicious sites. The issue is that the creators of these extensions can potentially see and track all of your online web browsing activity.

We designed Emsisoft Browser Security with privacy in mind. Instead of sending full URLs to the cloud, our extension only sends hash checksums of the components of the domain name. If all hashes are found in the database, the cloud returns detailed matching patterns for known malicious URLs on that domain. At no point does the Emsisoft cloud know where any of these patterns will match or not, as the matching is only done by the extension on the user’s side. Therefore, it’s impossible for us (even if we wanted to) to create profiles of our users."

Stay safe, not paranoid, my friend! :)

Finally, Emsisoft is one of the most trusted names in the security industry. Again, use what you prefer but make your decision. You may read the entire article here @ "Your" data is your data.


Thanks for input. Something weird I noticed is that Tinywall executable gets too big 1235MB... what's going on? Is there a memory leak? I've updated it a couple of times and it didn't get fixed with the new versions. I really like Tinywall but this is ridiculous, it's supposed to be lightweight. Should I give Simplewall a try? is this the most similar one? I just like the peace of mind that Tinywall gives me, knowing that everything is blocked by default.

Usually, a download in Sandboxie will give you a message saying the d/l is eligible for immediate recovery--meaning, you can pick it up in your unsandboxed Downloads folder. If you want that sandboxed file in your Downloads, tick "Recover to same folder." If you want to delete it, go to your System tray, right click on the yellow SBIE icon, hover mouse over "Default box" and delete the sandbox contents by choosing that in the context menu. If you want to examine the contents of your sandbox, look in C:\Sandbox\Your User Name.

How can I add a custom folder that automatically allows for downloads? For instance C:\Minecraft\mods, I download a lot of mods in that folder so I would like to put them there automatically and not download a mod in the Downloads folder then manually move it to the mods folder each time.
 
Last edited:

plat

Level 29
Top Poster
Sep 13, 2018
1,793
Not enough info, I'm afraid. You want to download a mod from your sandboxed browser to your unsandboxed mods folder, correct? How is your browser configured, do you have it set as the Default box? Open Sandboxie Control window (right-click yellow icon in your System tray and click Show Window). Click the Sandbox tab at the top. Find your browser Sandbox in the menu, make sure it's highlighted and click "Quick Recovery" in the menu. Then click "Add" to add your Minecraft mods folder. If this doesn't work or throws an error message, let one know. @bjm_ ?

Otherwise, you'll just have to continue adding to your mods folder outside the Box manually.
 

ultim

Level 2
Oct 13, 2011
86
Something weird I noticed is that Tinywall executable gets too big 1235MB... what's going on? Is there a memory leak?
As promised, TinyWall 3.0.5 is now released. If you're still interested, would you mind trying it again? It'd be nice to know if this really fixes your issue as I expect, or if maybe you were experiencing something else. [Official download]
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top