- Mar 24, 2017
- 481
You know, this is going to be a new topicsmartscreen on Windows 7 is only for IE; if you never use IE , no need to enable it.
You know, this is going to be a new topicsmartscreen on Windows 7 is only for IE; if you never use IE , no need to enable it.
Well, then that shouldn't be called malware testing. You're just checking the safety of unknown files.btw people i like to point that in a very rarely once in a blue moon that i test malware,i test if my mom is not sure about a file.
Nice config here!
You can replace Adblock plus with uBlock Origin, that does much more than ad-blocking (malware and badware URL blocking, privacy filters etc).
Zemana Anti-malware can be a great addition to your on-demand scanners list, against or along your Malwarebytes Anti-Malware.
UBO does decent blocking of badware and some malware domains. But even after enabling all blocking lists, it won't provide superb blocking like the famous AV URL blocking addons. It's that something will be better than nothing and UBO is rich with many other blocking options. Definitely his GData IS should do good blocking first.I agree, i also switched to uBlock from Adblock, and i must say it was really a nice addition. Did my homework, did some basic tests and i am very pleased with the results.
Now we have a new topic to battle this out: Poll - Should you disable smartscreen on windows 7 if you don't use IE?smartscreen on Windows 7 is only for IE; if you never use IE , no need to enable it.
Yes I saw thatIf I recall correctly, he runs malware samples sanboxed in Sandboxie.
I'm not making the argument that Sandboxie is sufficient, but instead just pointing out a detail in his security configuration.
All malware is nasty and SBIE is not the same as a Virtual Machine.i only test the nasty malware in a VM but for malware not doesn't cause harm to system 32 and running in a Sandboxie it be my host pc.
Yes I saw that
All malware is nasty and SBIE is not the same as a Virtual Machine.
I guess it is just my opinion and those who test samples in the HUB.
Nevertheless we want to stress this point for the members here that this should always be done in a virtual environment.
Yes this would be the optimal testing enviromentOr, if possible (costly and space hungry), an even better environment, an isolated network with real PCs
And I confirmed this issue on other forums as well. The PatchGuard protection can be excluded via a kernel tweak in x64 Windows 7 but the issue remains apparently (info).Sandboxie is fundamentally less secure by itself on a Windows Vista / 7 (x64 bit) platform due to PatchGuard, which renders Sandboxie incapable of guaranteeing the prevention of services outside the sandboxed environment from connecting to services inside. The x32 bit version isn't hindered by PatchGuard because it doesn't exist on the previous, popular Windows XP, thus it can guarantee isolation.
@nsm0220 you need to have a look at this post:
And I confirmed this issue on other forums as well. The PatchGuard protection can be excluded via a kernel tweak in x64 Windows 7 but the issue remains apparently (info).
So you should test malware in a better secure environment that provides high level of virtualization (software based / hardware assisted virtualization, latter is better) and total containment. Though the quoted post doesn't exactly warn about potential escapes from sandboxie (in Windows 7 64bit), it isn't fully isolated and can be vulnerable.
Sandboxie virtualizes the file system and registry in order to build the sandbox, but this does not make it a virtualization product as such. The aim is isolation and containment, not system virtualization as it would be with full virtualization or light virtualization products.
And even otherwise, the dreadful samples that can escape sandboxie in anyway can prove to be even deadlier to your host system. Why risk when you have free and safer alternatives?
Im glad i dint use Comodo for my config.Speaking of malware, sandboxes, safe environments (copy&paste):
Evjl's Rain found a malware which bypassed comodo. Submitted 28 minutes ago
Parsh Could you share the setup details in short? Did it not get sb'ed or is it about something else
Evjl's Rain I was testing CCAV in all default settings. The malware has the signature: Microsoft Corporation. All rights reserved => whitelisted by comodo. It was neither detected nor sandboxed. Running in full permission. It was a spyware
https://www.hybrid-analysis.com/sam...da5b0d065d668db3f6dd331d357?environmentId=100
Not really i use Hitman Alert.Do you use SBIE all the time for the Web browsers?