Omidreza.S security config (2018)(Fixing)
- Thread starter advantage base
- Start date
This is the first security configuration with Dr.Web I saw here on the forum. You're probably pretty happy with that, aren't you? 
dr web is gr8 software and have a good protection i use it on my tablet and pc and i loveitThis is the first security configuration with Dr.Web I saw here on the forum. You're probably pretty happy with that, aren't you?
- Jan 31, 2014
- 888
Dr. Web Security Space is a good antimalware solution but am I right that it is CPU, RAM, and HDD read/write demanding?
no in new version all solve,but wen u installing it its bit heavey but wen u config it and do a full database update and run full scan after that it work perfectly
- Jan 16, 2017
- 1,469
Not recommended to test malware on host PC. Test only on VM or spare PC.
- Oct 14, 2014
- 496
yes u right,but i think when real malware attack use we are not on VM and its in realtime attack
- Jan 31, 2014
- 888
Thank you.
Most AV after doing a full scan tend to be lighter and easier on the drive, due to caching of safe files.
Hello!
Nice configuration you got there! I'd like to help make your system more secure and provide you with some insight coming.
I'd like to recommend some on demand scanners to beef up your security configuration:
1) EEK
2) Norton Power Eraser
3) ZAM - you can get a free 751 day license if you look around MT a bit! (It is an Anti-Malware software, but can be used as a on demand scanner too)
Please test malware/viruses/ etc. in a virtual machine not on your actual computer. Testing on your physical computer is quite dangerous!! I'd eliminate or stop doing this as soon as possible. I can go quite deep into reasons why you ought to not test on a physical computer, but I will refrain from doing so unless you need an explanation. Options to improve security while testing:
Free option:
1) Oracle VM VirtualBox Link to this free virtual machine software: Oracle VM VirtualBox Version 5.2 is the latest
Paid Option:
1) If you have the money and can afford it VMware Workstation Pro version 12 or 14 (latest builds) are good.
System Image:
For system images you could look at using Macrium Reflect as this is a tried and true piece of software that is widely used by both individuals and businesses alike!
Link to the free version: Macrium Software | Macrium Reflect Free
I say stick with the free version unless you need the "Home" features being offered in the "Home" version.
Host Operating System:
Have you looked at upgrading your host OS to Windows 10? I would look into upgrading to Windows 10! There has been many improvements from the original release.
Thanks for posting your configuration on MT!
~Brian
Nice configuration you got there! I'd like to help make your system more secure and provide you with some insight coming.
I'd like to recommend some on demand scanners to beef up your security configuration:
1) EEK
2) Norton Power Eraser
3) ZAM - you can get a free 751 day license if you look around MT a bit! (It is an Anti-Malware software, but can be used as a on demand scanner too)
Please test malware/viruses/ etc. in a virtual machine not on your actual computer. Testing on your physical computer is quite dangerous!! I'd eliminate or stop doing this as soon as possible. I can go quite deep into reasons why you ought to not test on a physical computer, but I will refrain from doing so unless you need an explanation. Options to improve security while testing:
Free option:
1) Oracle VM VirtualBox Link to this free virtual machine software: Oracle VM VirtualBox Version 5.2 is the latest
Paid Option:
1) If you have the money and can afford it VMware Workstation Pro version 12 or 14 (latest builds) are good.
System Image:
For system images you could look at using Macrium Reflect as this is a tried and true piece of software that is widely used by both individuals and businesses alike!
Link to the free version: Macrium Software | Macrium Reflect Free
I say stick with the free version unless you need the "Home" features being offered in the "Home" version.
Host Operating System:
Have you looked at upgrading your host OS to Windows 10? I would look into upgrading to Windows 10! There has been many improvements from the original release.
Thanks for posting your configuration on MT!
~Brian
So if I get it right, you are intentionally trying to get infected executing malware on your host PC and seeing if Dr.Web will protect you? ASAP reinstall Windows as you are most likely already infected, even if you don't notice strange PC behaviour/start-up entries/suspicious reg keys etc, and start from scratch with safe computing habits. If you want to see realtime attack as you say it, Shadow Defender is for that, to revert all changes made to system upon restart, but I still suggest to test malware only in VMware/Virtualbox/Seperate testing PC.yes u right,but i think when real malware attack use we are not on VM and its in realtime attack
- Jan 16, 2017
- 1,469
As others mentioned, not a good reason to do this unless you're a very experienced security software developer/researcher. No security software can protect from 100% of malware.yes u right,but i think when real malware attack use we are not on VM and its in realtime attack
Why are you testing antivirus software? That's what we are here foryes u right,but i think when real malware attack use we are not on VM and its in realtime attack
This is the topic where I post Dr.Web tests: Video Review - Dr.Web tests (daily updated)
The latest test:
Check it out :v That could happen to your computer
@davisd Couldn't agree more! No AV or AM can pick up 100% of every little piece of malware, virus etc. out there. Yes, I may be a bit paranoid; however, for good reason! Conduct a deep scan on every file through VirusTotal to confirm it is clean before backing up files anywhere @Omidreza.S . Link to VirusTotal: VirusTotal
Personally, coming from a well rounded security background and as a technician I feel the need to express to @Omidreza.S that I would start over with a clean install of Windows and all applications. In other words no refresh of Windows, but a complete HDD/SDD reformat of your hard drive to bare bones then install Windows and everything else over. Uninstall or deregister all programs before reformatting - along with backing up information after conducting deep scans on everything. One may not know what could be lurking on your system. Unless you have super crazy great skills that go above and beyond some of our AV Testers at MT and elsewhere I'd really refrain from testing on your physical computer. At my company we sometimes use physical computers to test, but even then every computer is cleaned through various methods. We have entire secure lab environments for this stuff. Again, I'm only stating this because this is what I would advise any client, friend, or co-worker of mine. In the end, once your done reinstalling everything create a disk image, encrypt it with some strong encryption and save that disk image as this could be used to save time in the future. I know it may take hours to do a reformat, but in the long run you can know for a fact you don't have anything on your system anymore.
I conduct testing for my company and I can tell you for a fact I rarely test on physical machines unless its in our secure lab environment. We mainly do testing inside of VMs. I'm paranoid so here is the steps (some steps not listed as this could get long and drawn out) I always do before even testing and after testing:
1) Backup all information and have disk images created using Acronis True Image, and AOMEI Backupper
2) Store these backups on an external hard drive that is encrypted and not plugged into the computer at all. These backups are then sent out with high levels of encryption to a highly secure cloud backup environment. Once this is done I sometimes test the backups to ensure all is well before moving on.
3) Lock my entire computer (in most cases this is in a server environment spinning up a Pro version of Windows) down with Shadow Defender and that my VPN is turned on through my host and on my router set up specifically for testing (pointing to two different areas or countries).
4) Open up my VMware Workstation Pro 14.1 (sometimes a double hop from working inside of a VM to enter another VM for certain testing - which requires some serious system specs. like our great servers as a work horse)
5) Ensure that a snapshot of the virtual machines (VMs) is created before testing
6) Spin up the VMs - which is configured for maximum security settings on the config. side.
7) Then and only then do I conduct testing
8) At the end everything gets cleaned up. I roll back to the last snap shot that I took. If I'm worried about the computer hosting the VM I just roll back to the disk image I took prior to testing. After I am satisfied with everything only then do I cut out all VPN connections including double hops or multi-hop VPN connections. I have left out some other steps as this could get quite long, but I configured out a special testing environment at my work environment. We even brought in security experts to ensure that the configs are air tight by getting their seal of approval too, because even though our security team is experienced we didn't want to blindly trust ourselves either!!
2) Store these backups on an external hard drive that is encrypted and not plugged into the computer at all. These backups are then sent out with high levels of encryption to a highly secure cloud backup environment. Once this is done I sometimes test the backups to ensure all is well before moving on.
3) Lock my entire computer (in most cases this is in a server environment spinning up a Pro version of Windows) down with Shadow Defender and that my VPN is turned on through my host and on my router set up specifically for testing (pointing to two different areas or countries).
4) Open up my VMware Workstation Pro 14.1 (sometimes a double hop from working inside of a VM to enter another VM for certain testing - which requires some serious system specs. like our great servers as a work horse)
5) Ensure that a snapshot of the virtual machines (VMs) is created before testing
6) Spin up the VMs - which is configured for maximum security settings on the config. side.
7) Then and only then do I conduct testing
8) At the end everything gets cleaned up. I roll back to the last snap shot that I took. If I'm worried about the computer hosting the VM I just roll back to the disk image I took prior to testing. After I am satisfied with everything only then do I cut out all VPN connections including double hops or multi-hop VPN connections. I have left out some other steps as this could get quite long, but I configured out a special testing environment at my work environment. We even brought in security experts to ensure that the configs are air tight by getting their seal of approval too, because even though our security team is experienced we didn't want to blindly trust ourselves either!!
In other words, I'm trying to highlight the need for stricter security. Please note how risky it is to test malware/viruses etc. on your physical computer! Some insight can be found from reading this link: Environment for Malware Analysis
Infosec. Institute is widely known in the security industry - a good read!
~Brian
Last edited:
hi
1) EEK -its good but i trust sophos more than any other
2) Norton Power Eraser i live in iran and norton block us this is problem for me
3) ZAM its good and i find giveaway 750 days key code but i only love to use two option and for emergency case i use risk disk of vipre or avast if needed.
*****************************************************
if a bad malware want hit the user some of them can leak from virtual machine but i test in realtime and its scary but i loveit
******************************************************************************************************************************
Macrium Reflect its good software but i use some other free version and its pretty good for me
******************************************************************************************************************
for upgrading my os i dont like windows 10 cuse of some problem like windefender and other things i love my windows 8.1 and its for for me
thanks but Shadow Defender not so safe but i pay attention to it
yes yes but i know what i do with malware i can analyze them
Why are you testing antivirus software? That's what we are here for
This is the topic where I post Dr.Web tests: Video Review - Dr.Web tests (daily updated)
The latest test:
Check it out :v That could happen to your computer
Last edited by a moderator:
What information for example (except hardware and ip address that you can change with VPN)?
- Feb 13, 2017
- 737
I would suggest another on demand scanner, but man, I was stunned after seeing that you're testing Malware on your host PC! Why? There are so many testes in this forum.
You know that there can be traces of Malware even if the antivirus solution appears to have blocked it, right?
You know that there can be traces of Malware even if the antivirus solution appears to have blocked it, right?
- Feb 13, 2017
- 737
That's fine! Make sure to isolate properly the virtual machine from the host PC.
- Apr 28, 2015
- 8,664
@Omidreza.S: please reflect any change editing Your config and announce it here.
Consider to add additional on demands scanners already mentioned in previous posts and test malware inside a virtual machine system.
Thanks
Consider to add additional on demands scanners already mentioned in previous posts and test malware inside a virtual machine system.
Thanks
