Battle Which combination of security products to use?

Status
Not open for further replies.

King Alpha

Level 25
Thread author
Verified
Top Poster
Content Creator
Well-known
Jun 21, 2013
1,492
Guys what should I choose?
ESET Nod32 AV - WFC - AppGuard - MBAE - Sandboxie - Unchecky or ESS - AppGuard - MBAE - Sandboxie - Unchecky?


Mod Edit: Changed thread title to reflect contents of topic.
 
Last edited by a moderator:

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
D

Deleted member 21043

Either configurations shown in the poll can be used and are good, however I voted for the second simply due to the features in ESET Smart Security.

Since ESET Smart Security has a Firewall, I personally recommend this over Windows Firewall.

ESET Smart Secuirty also has:

  • Botnet Protection
  • Parental Controls
  • Vulnerability Shield
  • Personal Firewall
  • Anti-Theft
  • Antispam
You can compare between ESET NOD32 and ESET Smart Security at the following URL: http://www.eset.com/us/home/windows-antivirus/

If you decide to use the first configuration shown in the poll, WFC is always good to have which will extend the power of Windows Firewall. You can find the Program Features, Minimum System Requirements and the Known Limitations at the following URL: http://www.binisoft.org/wfc.php

Unchecky is a great application to have which will try to keep potentially unwanted applications out of your system. You can read more information about it over at the following link: http://unchecky.com/

I like AppGuard because it does add additional protection to the system. You can read more about it at the official link: http://www.appguardus.com/

Sandboxie is great when in need of testing out unknown programs before executing them on your main machine. However, there is something called "Anti-Sandboxing". The aim of Anti-Sandboxing is to try to prevent the execution of malicious actions if it's running in the sandbox. For example, if the malicious software see's the processes to Sandboxie running, then they will know it's being sandboxed and will not execute the malicious commands. This is to try to trick the user into thinking the executable is safe, when in actual fact it's malicious software. You can read more about Sandboxie at the following link: http://www.sandboxie.com/

Personally, I would go with the first configuration.

Cheers. ;)
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
The only noticeable difference is between using ESET Nod32 Antivirus and ESET Smart Security. As already mentioned, if you're looking for features from their Internet Security, go for ESET Smart Security otherwise, Nod32 Antivirus with Windows Firewall (or WFC) is sufficient.

Comparison of ESET products: http://www.eset.co.uk/Why-ESET/Product-Range

No comment in regards to AppGuard.

Malwarebytes Anti-Exploit is not required. ESET includes Exploit Mitigation techniques and also YOU should be maintaining all software you have installed, updated.

Sandboxie is optional, but good for some occasions. It's an alternate to Malwarebytes Anti-Exploit since the exploit will be limited to the bounds of the Sandbox. Be aware Data Theft is still possible.

Unchecky - Superb FREE software to prevent accidental installation of unwanted software including Adware and Toolbars.
 

Piteko21

Level 18
Verified
Top Poster
Well-known
Sep 13, 2014
874
I already used the first config, without the AppGuard and I say it's very light and strong, I speak from experience.
now moved to eset smart security, but I vote for the first too, like @kram7750 said.
 
D

Deleted member 21043

Hi,

ESET already contains Exploit Blocking meaning MBAE is unnecessary if you choose ESET. (like @Huracan mentioned).
Keep Sandboxie in my opinion. It can be very useful for testing new programs before executing them on your main system.

Cheers. ;)
 

yongsua

Level 2
Verified
Mar 21, 2015
52
Hi,

ESET already contains Exploit Blocking meaning MBAE is unnecessary if you choose ESET. (like @Huracan mentioned).
Keep Sandboxie in my opinion. It can be very useful for testing new programs before executing them on your main system.

Cheers. ;)
One off topic question, can Sandboxie protects me from web browser exploit? Thank You.
 
D

Deleted member 21043

One off topic question, can Sandboxie protects me from web browser exploit? Thank You.
If you are using the web browser inside the Sandbox, then technically yes it will protect you from it since the exploit would be active in the sandbox with the browser and not active on your "real" system.

Just beware that things like data theft can also occur in the sandbox

You can read more information about sandboxie over at the FAQ:
http://www.sandboxie.com/index.php?FAQ_Virus

Just if the exploit was made to escape the Sandbox then you may be out of some luck. Nothing is fullproof, so always still be alert.

You may prefer to use a Virtual Machine instead, and/or a sandbox inside that Virtual Machine.

If you'd like to be safer, consider using Automated Sandboxing online which will execute the application and give back a report (e.g. any suspicious things found during execution, files created,...):

1). https://www.hybrid-analysis.com
2). https://malwr.com/
3). https://anubis.iseclab.org/

Cheers. ;)
@yongsua see the edit: mentioned Virtual Machine comment and Automated Sandboxing services.
 
Last edited by a moderator:
  • Like
Reactions: yongsua
D

Deleted member 21043

One more question @kram7750. How can I force my browsers (chrome and firefox) to run in sandbox? Do I need the paid version of Sandboxie?
No problem, I'm happy to assist you. ;)

On your desktop you should have a new shortcut made after installation/setup of Sandboxie called "Sandboxed Web Browser". You can use this if you'd like.

When you open the shortcut made on the Desktop, it should start your default web browser in the Sandbox. For example, Google Chrome is my default Web Browser, therefore this is what Sandboxie starts up in the Sandbox after opening from the shortcut.

OC6DG.jpg


If you wish to execute another program in the Sandbox (e.g. a non-default web browser, you may have multiple web browsers installed on your system) you can:

Right click on Firefox and choose "Run as Sandboxed" (Screenshot in below spoiler):

7dccX.jpg

Or, right click on the Sandboxie tray icon, then hover over DefaultBox and choose "Run Any Program". Then find Firefox and have it sandboxed.

yv9EB.jpg

An alternative to all of these above ways, you can double click on the tray icon to Sandboxie, then at the top go to Sandbox > DefaultBox > Run Sandboxed > Run Any Program (like with the tray icon right click):

O01tW.jpg

If this didn't answer your question/s, feel free to let me know.

Cheers. ;)

--
@yongsua (read this post for more information). To answer your question, yes, you can do this.
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top