MarzametaL's System Software Configuration (OEM)

[marzametal]

Marin, that's a really good system config. Why don't you stick with it for a while.

Then just add/remove various AV.

IF you want malware test setup, what you have above is perfect - but lose the VPN.

I use Emsi and Shadow Defender. Loads of fun watching the malwares with utilities.

I hear you loud and clear on Emsi... I actually re-introduced the portable version to my USB. I feel naked without any *cough* security software *cough*, but hell... I have never been so, ummm... excited about a setup without any hard-installed anti-x software. Seriously, unless it is prevention on a hardware level, then it isn't really protection! Just ask your neighbour about the popped condom story... LOL jk

Shadow Defender is the bees knees... end of story! @hjlbx thanks for the advice too bloke... keeps me honest hehe

 

[hjlbx]

I hear you loud and clear on Emsi... I actually re-introduced the portable version to my USB. I feel naked without any *cough* security software *cough*, but hell... I have never been so, ummm... excited about a setup without any hard-installed anti-x software. Seriously, unless it is prevention on a hardware level, then it isn't really protection! Just ask your neighbour about the popped condom story... LOL jk

Shadow Defender is the bees knees... end of story! @hjlbx thanks for the advice too bloke... keeps me honest hehe

My malware play tools = EIS + SD or EAM + WFC + SD... that's it.

Plus, they are my primary security + Quarri MyPOQ.

I got tired of the whole impenetrable digital fortress thing a good while back.

No fun, it was...

 

[marzametal]

Question about browsers:
Microsoft... IE
Mozilla... [x]Fox
Google... Chromium + the rest that fall under this category...

Is there any way to avoid those 3 companies, but still use a browser?

 

[Alexstrasza]

Use Opera

 

[frogboy]

Question about browsers:
Microsoft... IE
Mozilla... [x]Fox
Google... Chromium + the rest that fall under this category...

Is there any way to avoid those 3 companies, but still use a browser?

You could have a look here. http://www.majorgeeks.com/mg/sortname/other_browsers.html

 

[marzametal]

Use Opera

Wth... Thought Opera was one of the 3! Any idea how Opera handles WebRTC, Superfish, STUN/TURNS?

 

[Ink]

Is there any way to avoid those 3 companies, but still use a browser?

Do you want to avoid the brands, or their browser engine? Because Opera also uses the Blink engine, as does Chrome and many others.

Sleipnir 6.x uses Blink engine as well.
http://www.fenrir-inc.com/uk/sleipnir/
http://malwaretips.com/threads/sleipnir-6-1-blink-engine-slim-tab-browser-with-54px-toolbar.34543/

UC Browser for PC
http://pc.ucweb.com/
Details unknown.

 

[marzametal]

Do you want to avoid the brands, or their browser engine? Because Opera also uses the Blink engine, as does Chrome and many others.

Sleipnir 6.x uses Blink engine as well.
http://www.fenrir-inc.com/uk/sleipnir/
http://malwaretips.com/threads/sleipnir-6-1-blink-engine-slim-tab-browser-with-54px-toolbar.34543/

UC Browser for PC
http://pc.ucweb.com/
Details unknown.

@Huracan
I would like to avoid BOTH brand and browser engine. Thanks for pointing this out... it totally slipped my mind! I suppose Maxthon also uses Blink?

• Firefox and other Mozilla browsers (IceWeasel, etc) use Gecko.

• Internet Explorer uses Trident.

• Safari, Google Chrome and Konqueror use Webkit, although on 04/03/2013 Google announced that Chrome will use its own fork from Webkit named Blink

• Opera 9+ uses Presto, although it has announced (04/2013) that is will move over to using Blink.

Ugh... might tempt myself into running an OSX virtual box, just so I can give WebKit a shot...

 

[marzametal]

Looking for a 2nd-opinion scanner... here are some criteria: (Host OS is W7HP, x64)

1) Cannot be MalwareBytes AntiMalware, Zemana AntiMalware or Hitman Pro (regardless of free or paid)
2) Not fussed if the program has a cloud feature... having said that, would be good to have an option for 2nd and 3rd opinion - split 2nd opinion to non-cloud and 3rd opinion to cloud...
3) Require .NET Framework 4.5.2 compatibility (will not be installing another .NET framework just to get things to work...)
4) Would prefer if updates / check for updates do not originate from Akamai or Amazon Web Services (I know I know... hard to control CDN's... I like punching on at crud level, keeps me amused) <--- can be tested by myself when working out which program to run with...

I think that's it, lemme' go for a ciggie to figure out if anything else needs adding...
Oh!
5) I am not looking for an All-In-One package... I wish to stick with W7FwAS & EAM...

Thanks in advance for feedback.

 

[frogboy]

Not sure if it meets your criteria but what about Crystal Security.

 

[King Alpha]

Yeap, Crystal Security. Or you might be interested to try XVirus Personal Guard.

 

[marzametal]

Cheers for the responses...

Crystal Security can't handle 4.5.2... XVirus lists .NET Framework 4 as a minimum requirement, so gonna' see if it can handle 4.5.2

EDIT: Xvirus can handle 4.5.2, but uses Amazon for updates, 9 different IPs prior to initial update before initial scan. I'll pass.

 

[jamescv7]

@Marin Eres : From your no.1 suggestion then try 9 lab Remover which is often test by some users from Malware Hub and seems improve to on demand scanner alternatives.

 

[Antar36]

Very good config. Thanks for sharing

 

[marzametal]

@Marin Eres : From your no.1 suggestion then try 9 lab Remover which is often test by some users from Malware Hub and seems improve to on demand scanner alternatives.

So far so good, it isn't any of the 3 mentioned, and has a dedicated x64 install. I will check it out later, still trying to decide what to have for breakfast thanks for the info...

 

[marzametal]

So far so good, it isn't any of the 3 mentioned, and has a dedicated x64 install. I will check it out later, still trying to decide what to have for breakfast thanks for the info...

Well, here goes... another update on 9-Lab Removal Tool...

Criteria:
1) tick - 9-Lab is not one of the 3 mentioned
2) tick - cloud feature was an option; doesn't have it, so 2) is also met...
3) tick - does not require any .NET Framework, even better...
4) tick - updates are made sought from RackSpace Cloud Server, woo hoo...
5) tick - 9-Lab is not an all in one package
---- unmentioned...
6) tick - has dedicated x86 and x64 install file

So.... all criteria met, time to check out the scans... two options (not counting Custom)
Quick - Recommended - a quick scan utilizes our unique fast scanning technology to scan your system for malicious software
Full - Most Reliable - a full scan will scan all files on your computer
------------------ will post back after scan...

EDIT 2: Scan results... (3 types of scans)
Quick - 12165 items - 1min35sec
Full - 25404 items - 6min32sec
Custom (selected C drive) - 93664 items - 10min41sec

4 false positives, confirmed via VirusTotal... the 2 culprits were related to Shadow Defender and Nirsoft IPNetInfo
nirsoft/ipnetinfo.exe
https://www.virustotal.com/en/file/...d3161a8e2d4f6897f9e0752358045bb7542/analysis/
libreoffice 4/share/config/soffice/soffice.cfg/modules/swriter/ui/optcompatpage.ui
https://www.virustotal.com/en/file/...302dd0f1e3f51824270510de0a8c72ede99/analysis/
libreoffice 4/python-core-3.3.3/lib/cgitb.py
https://www.virustotal.com/en/file/...36691246c2e32fd70329903d730ff6831f6/analysis/
shadow defender/res.ini
https://www.virustotal.com/en/file/...542c966783e67ff5de8faa14c624c31937c/analysis/

Thanks to @frogboy , @King Mellow and @jamescv7 !!!

 

[marzametal]

• Re-installed MBAM and ZAM so I can conduct research on the New Wave of CDN's (Amazon Web Services, Microsoft Azure and Google's one (cannot remember name))
• Hardened firewall rules to allow outbound access for app updates to specific IPs, rather than allowing any IP (partly to do with the above research)
• New version of WFC 4.5.0.5 allows for Remote IP modifications in High Filtering mode (block ALL in and out) - Set it up to allow blocking of everything in and out while maintaining VPN connection... works as another killswitch to back up VPNetMon's 500ms reaction time delay
  
• Silenced the fight in MBAM in relation to AWS - managed to get an update via Highwinds CDN, inputted HW IP into outbound MBAM rule and created an ongoing outbound block rule for AWS IPs as they pop up in Connections Log
• Re-installed AdMuncher because AdGuard's Assistant widget does not work with IE9

I think that is all... lol

 

[JM Safe]

• Re-installed MBAM and ZAM so I can conduct research on the New Wave of CDN's (Amazon Web Services, Microsoft Azure and Google's one (cannot remember name))
• Hardened firewall rules to allow outbound access for app updates to specific IPs, rather than allowing any IP (partly to do with the above research)
• New version of WFC 4.5.0.5 allows for Remote IP modifications in High Filtering mode (block ALL in and out) - Set it up to allow blocking of everything in and out while maintaining VPN connection... works as another killswitch to back up VPNetMon's 500ms reaction time delay
  
• Silenced the fight in MBAM in relation to AWS - managed to get an update via Highwinds CDN, inputted HW IP into outbound MBAM rule and created an ongoing outbound block rule for AWS IPs as they pop up in Connections Log
• Re-installed AdMuncher because AdGuard's Assistant widget does not work with IE9

I think that is all... lol

Good update
Thanks for sharing it

 

[marzametal]

I was looking for an Open Source AV today to compliment 9Labs, and wadda'ya'know... Clam AV for *nix has been ported to Windows! The beauty of this package is there is no real-time protection... it is 100% on-demand, and free!
http://www.clamwin.com/

Also re-installed Sandboxie...

 

[JM Safe]

I was looking for an Open Source AV today to compliment 9Labs, and wadda'ya'know... Clam AV for *nix has been ported to Windows! The beauty of this package is there is no real-time protection... it is 100% on-demand, and free!
http://www.clamwin.com/

Also re-installed Sandboxie...

Thanks for the link