Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
[Windows 7-10] What would be in your opinion the most lightweight yet effective security?
Message
<blockquote data-quote="AtlBo" data-source="post: 713717" data-attributes="member: 32547"><p>Thx for these great details Evjl's Rain. Does this mean that CCAV will not block hardware/system/driver based malware via the sandbox? If it cannot block the system malware will it sandbox the changes anyway?</p><p></p><p>EDIT: You are saying it blocks, but is the reason the CCAV sandbox is weaker because it records system changes (in the sandbox)? Don't know the specific difference between user hook and hardware virtualization, but it sounds like CF actually blocks changes to the system by isolated programs. This matches what I have seen as nothing works in CFs sandbox. Would be interesting to see if something might work in CCAV as long as the changes are being recorded so the sandbox can then be emptied etc.</p><p></p><p>I messed around with the 360 sandbox last night. Executables won't run in the sandbox, except when executed by something in the sandbox. I dropped Autoruns it there and ran it via the manual choice to sandbox an application. It worked perfectly. Seems like a pretty good idea for portable applications. Installing Dexpot to the folder didn't work out so well, but the test got kind of off kilter. I meant to install to the sandbox Programs folder but installed on the sandbox root. It did run, however, but removing it was a problem, because, a tmp file for unistalling wouldn't run. Just turned off the sandbox protection of the app, emptied sandbox, reinstalled app and then removed no problem. Think I could get this to work for some applications.</p><p></p><p>Really interesting concept that borders on what ReHIPS is doing. The 360 sandbox is a root sandbox that will record changes system-wide. It just won't allow .exes in the sandbox to be executed from the outside or via mouse click etc. Wondering if you are saying that CCAV's sandbox is more this same way.</p></blockquote><p></p>
[QUOTE="AtlBo, post: 713717, member: 32547"] Thx for these great details Evjl's Rain. Does this mean that CCAV will not block hardware/system/driver based malware via the sandbox? If it cannot block the system malware will it sandbox the changes anyway? EDIT: You are saying it blocks, but is the reason the CCAV sandbox is weaker because it records system changes (in the sandbox)? Don't know the specific difference between user hook and hardware virtualization, but it sounds like CF actually blocks changes to the system by isolated programs. This matches what I have seen as nothing works in CFs sandbox. Would be interesting to see if something might work in CCAV as long as the changes are being recorded so the sandbox can then be emptied etc. I messed around with the 360 sandbox last night. Executables won't run in the sandbox, except when executed by something in the sandbox. I dropped Autoruns it there and ran it via the manual choice to sandbox an application. It worked perfectly. Seems like a pretty good idea for portable applications. Installing Dexpot to the folder didn't work out so well, but the test got kind of off kilter. I meant to install to the sandbox Programs folder but installed on the sandbox root. It did run, however, but removing it was a problem, because, a tmp file for unistalling wouldn't run. Just turned off the sandbox protection of the app, emptied sandbox, reinstalled app and then removed no problem. Think I could get this to work for some applications. Really interesting concept that borders on what ReHIPS is doing. The 360 sandbox is a root sandbox that will record changes system-wide. It just won't allow .exes in the sandbox to be executed from the outside or via mouse click etc. Wondering if you are saying that CCAV's sandbox is more this same way. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
