- Jul 21, 2017
- 358
Serious Hoax's Security Configuration 2020
- Thread starter SeriousHoax
- Start date
Why did you then not just use edge application guard?
- Mar 16, 2019
- 3,862
Norton Power Eraser detected it with bad reputation. ESET also found another one when I installed it few days ago.Hi SH, how did you detect the script before installing Kaspersky?
Last edited:
- Mar 16, 2019
- 3,862
I don't know much about it. What are the requirements? Does it require TPM?
I actually used to use Sandboxie before to open those sites but it hasn't been updated in 7 months since it became open source and the last time I tried in 20H1 it crashed.
- Aug 17, 2014
- 11,108
You may like trying out the new open-source version Sandboxie developed by @DavidXanatos his version is able to run properly without crashes so far!
Just download only the file SandboxieInstall64-v5.43.6.exe the other version Sandboxie-Plus includes advanced features...
NOTE: there is an issue with Sandboxie driver signing certificate, read more below on GitHub:
Release Release v0.4.2 / 5.43.6 · sandboxie-plus/Sandboxie
Bug fix release resolving a critical chrome 86+ incompatibility and fixing many resource leaks. Important Note: The SbieDrv.sys driver must be signed, and since the appropriate certificates are pro...
github.com
- Mar 16, 2019
- 3,862
Actually I know about this fork but this certificate issue is the main reason I didn't want to install it. Do you use it?You may like trying out the new open-source version Sandboxie developed by @DavidXanatos his version is able to run properly without crashes so far!
Just download only the file SandboxieInstall64-v5.43.6.exe the other version Sandboxie-Plus includes advanced features...
NOTE: there is an issue with Sandboxie driver signing certificate, read more below on GitHub:
Release Release v0.4.2 / 5.43.6 · sandboxie-plus/Sandboxie
Bug fix release resolving a critical chrome 86+ incompatibility and fixing many resource leaks. Important Note: The SbieDrv.sys driver must be signed, and since the appropriate certificates are pro...
- Sep 10, 2015
- 901
@SeriousHoax were those scripts located inside the browser cache folder?
- Aug 17, 2014
- 11,108
I tried it for testing purposes, but I prefer to wait for valid signed driver, I'm may considering to donate a few bucks once...
No need for more surface attack with Sandboxie.
Requirements aren't much and TPM isn't needed. Read:
System requirements for Microsoft Defender Application Guard
Learn about the system requirements for installing and running Microsoft Defender Application Guard.
docs.microsoft.com
- Mar 16, 2019
- 3,862
Yes cache folder. So deleting cache is the easiest solution. I tend to keep cache for faster loading.
Hmm same. I'm also waiting for that.
I'll check this out. But the easiest solution for me if I want to stick to Defender would be to always and always browse those streaming sites in incognito/private mode (Which I do most of the time but often forget), delete browser cache now and then and keep an portable second opinion scanner like EEK just in case to make sure everything is alright. Also scripts saving in browser cache is not a common, regular occurrence.No need for more surface attack with Sandboxie.
Requirements aren't much and TPM isn't needed. Read:
System requirements for Microsoft Defender Application Guard
Learn about the system requirements for installing and running Microsoft Defender Application Guard.docs.microsoft.com
- Apr 24, 2016
- 7,256
Thanks for posting about this problem
For me it's a valid reason to go to Kaspersky Security Cloud Free like you did.
Those other options like application guard, sandboxie, incognito mode or clearing cache are great but not so practical, especially on a shared family computer.
incognito/ private mode always delete all data after closing. Same for Application Guard while Application Guard protect the PC better and even if the session gets compromised, it's gone after session closed.
- Mar 16, 2019
- 3,862
Thanks. But I would also like to mention that, this particular javascript file alone on the disk can't do any harm on your system. It only works on browser level. I also didn't see any ad on the browser and no adware was downloaded so the system was safe and if some apps were downloaded then Defender with PUA enabled probably would've detected it. It's possible that I may have slightly overreacted.Thanks for posting about this problem
For me it's a valid reason to go to Kaspersky Security Cloud Free like you did.
Those other options like application guard, sandboxie, incognito mode or clearing cache are great but not so practical, especially on a shared family computer.
If your family PC has been safe so far then no need the change from Defender to something else just because I had this incident. But of course something like Kaspersky Free is an amazing free alternative. Even then, Kaspersky with "inject script into web traffic/the browser extension" enabled causes input lag while typing on some sites including our MalwareTips. This is a sort of annoying bug an average user would never be able to troubleshoot. So the fact still remains that, "Microsoft Defender is the least problematic AV out there".
Last edited:
- Aug 19, 2019
- 1,170
The more paranoid me would return to using NoScript when I was a happy clicker (saved my bacon los of times) but my Edge AppGuard tweaks and uBO medium tweaked is probably sufficient.
- Apr 24, 2016
- 7,256
I completely agree with you, but I always had the same "problem" when testing malware. It was blocked but remained in the browser cache.
Harmless but annoying, adding a browser extension like Bitdefender TrafficLight or using another AV like I did before (F-Secure Safe or Kaspersky Security Cloud Free) solves that.
Kaspersky Security Cloud Free is an amazing AV and doesn't slow down my system or browsing and has better PUP protection.
I don't have input lag. That could also be caused by Kaspersky's password extension that I don't use.
Last edited:
- Mar 16, 2019
- 3,862
Yes, uBO in medium mode is good enough. I disabled mine while watching those stream, otherwise this wouldn't have happened.
- Mar 16, 2019
- 3,862
Right, Bitdefender TrafflicLight is a great addition for those scenarios.
I don't use Kaspersky password extension either but there's input lag if I have script injection or the Kaspersky Protection extension installed. I also found about it in Kaspersky forum and they said they are aware of it and will be fixed in November.
- Mar 29, 2018
- 7,613
Easy to do and, frankly, I think its effect on page loading is negligible with modern browsers.
Agree wholeheartedly. We tend to get "twitchy" on MT!
And yes again! especially for risky browsing of any kind.
- Mar 16, 2019
- 3,862
Reverted back to a system image before installing any third party AV. I kept losing space on my C drive, not sure why. More than 4 gb lately. There's no malware that's for sure and checking via WinDirStat didn't reveal anything worth noteworthy either. So reverted back to a problem free image, so back to Windows Defender again. I may later do a clean installation of 20H2.
Reading this two articles again made me think about HTTPS scanning again so not meddling with that for the time being.
1) Exploiting Bitdefender Antivirus: RCE from any website
2) Kaspersky in the Middle – what could possibly go wrong?
Added Adguard Home and using DNS over QUIC of Adguard DNS. Don't know if it's Adguard Home or DNS over QUIC but some pages are honestly loading slightly faster. I often measure page loading speed with a stopwatch to make sure there's no placebo effect involved. Whatever it is, I'm happy.
Also back to using Firefox as the main browser again and Edge as a backup. I may create a thread later discussing the reason behind it but it's nothing too serious.
Hopefully I won't make any more changes to the system and only update here with a comment if there's something worth mentioning.
Reading this two articles again made me think about HTTPS scanning again so not meddling with that for the time being.
1) Exploiting Bitdefender Antivirus: RCE from any website
2) Kaspersky in the Middle – what could possibly go wrong?
Added Adguard Home and using DNS over QUIC of Adguard DNS. Don't know if it's Adguard Home or DNS over QUIC but some pages are honestly loading slightly faster. I often measure page loading speed with a stopwatch to make sure there's no placebo effect involved. Whatever it is, I'm happy.
Also back to using Firefox as the main browser again and Edge as a backup. I may create a thread later discussing the reason behind it but it's nothing too serious.
Hopefully I won't make any more changes to the system and only update here with a comment if there's something worth mentioning.
Last edited:
I guess you use their program/ app ?
I'm waiting until that get's native supported by OS / router / browser
Similar threads
