Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Planning my next security setup. Is this a good plan?


  • Please log in to reply
21 replies to this topic

#1 computerdude718

computerdude718

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 11 June 2017 - 10:59 PM

Hi,

Here's some background on me:

Certified Tech(A+) that have built several Windows computers and done tons of installs and upgrades.

I am not Security Certified, but I have done a fair amount of research in this area.

I am a die-hard Windows user (I hate Mac), but I had some security issues a few months ago.... And.... I bought a Mac :(

I just couldn't deal.... I wiped the drive multiple times, and there was an issue with Windows and Steam, and my computer was almost completely unusable, and I had alot going on, so I needed something quick.

I don't pirate any software. I live behind my computer, so I have no problem paying the few pennies necessary for security software.

I previously used Bitdefender Total Security(I still have like 2 years left on the license), and right before I bought my Mac, I bought Malwarebytes Pro(3).

Bitdefender and Malwarebytes had(have?) An issue.... The computer would crash because of the conflict. BSOD Everytime I started it up. I excluded the respective files from the other vendor, from scanning, but that didn't fix it. I think it was the antirandsomeware module that was conflicting with Bitdefender's firewall- but I could be wrong....
I also installed the free comodo software so I can have a sandbox for extra protection... It seemed to run well...

......

Now I am planning to build a new powerful WINDOWS PC in a few months and I want to share my security plan and see if the community had any advice.

Antivirus: Bitdefender

Firewall: Bitdefender

Anti-malware: Zemana? Or will MBAM work now?

Anti-randsomeware: Bitdefender + MBAM? + Voodoo Shield

Sandboxing: Comodo Free with all modules turned on except firewall (antivirus/defense+/sandboxing)

Registry Monitoring: Winpatrol


Bitdefender paid suite
Malwarebytes paid suite
Voodoo Shield application whitelisting
Comodo Sandboxing
Winpatrol registry Monitoring paid

I was also thinking about using virtual box or VMware and setting up isolated virtual machines, so I can use them for general browsing and when on more risky websites.......

But I have virtual box setup on my iMac, with Ubuntu, Linux mint, and even windows 10 virtual machines- and they all are incredibly slow. Even after maxing out all of the resources I can assign to it......

Maybe this is just something I setup wrong, and hopefully when I am back on Windows, the virtual machines will run smoothly...

P.s. current iMac has a fast. 4ghz i7, 32gb ram, and the top graphics card that Apple offers in their iMacs....... When I build my next websites PC, it will BLOW this computer away.



.......

So let me know what you think about my plan.
And so you know if Bitdefender and Malwarebytes are working flawlessly now?

Also, I was considering SecureAPlus to run in place of my Bitdefender, but something is worrying about these insanely cheap sure. I just feel like they'll be stealing all of my files and spying on me.... I feel less troubled if it's a more established company like Bitdefender

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:39 PM

Posted 12 June 2017 - 05:56 AM

For such issues with Malwarebytes 3.0 and other anti-virus programs, the development team recommend you start a new topic at the Malwarebytes 3.0 Support Forum so the development team can investigate.Have you done that?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 computerdude718

computerdude718
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 12 June 2017 - 06:23 PM

Hi Quietman-

I did not post a thread there as there were several previous threads with the same issue..... The only conclusion was that Bitdefender and Malwarebytes were pointing fingers at each other.

Aside from this, can you chime in on my plan and/or offer any recommendations?

Thanks,


quote name="quietman7" post="4259367" timestamp="1497264963"]For such issues with Malwarebytes 3.0 and other anti-virus programs, the development team recommend you start a new topic at the Malwarebytes 3.0 Support Forum so the development team can investigate.Have you done that?[/quote]

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:39 PM

Posted 12 June 2017 - 06:51 PM

Zemana AntiMalware is a cloud-based second opinion malware scanner that provides real-time and ransomware protection similar to Malwarebytes.

Strengthen Your Firewall and Anti-Virus Software with Zemana Anti-Malware

...Zemana Anti-Malware...provides an additional layer of protection to a Windows computer that may have a firewall and anti-virus software already installed. Zemana has partnered with SurfRight, and incorporated SurfRight's proven Hitman Pro 3 technology into Zemana Anti-Malware. Zemana Anti-Malware was designed to be used in conjunction with other malware-fighting programs.

During installation, you will have the option to Enable Real Time Protection and begin a free trial period with real-time protection. If you only want to use Zemana as an on-demand scanner then you should uncheck that option during installation. Zemana allows you to perform a Smart (Quick) scan. However, if you can use the drag and drop function to select the entire hard drive and initiate a Deep (Custom) scan.

Zemana AntiMalware free is just a stand-alone scanner which only offers malware detection and removal...it does not provide any real-time protection, it does not include Anti ransomware protection modules or zero-day malware protection, and therefore, it cannot be used to block or prevent malware infection.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 computerdude718

computerdude718
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 13 June 2017 - 08:09 PM

Zemana AntiMalware is a cloud-based second opinion malware scanner that provides real-time and ransomware protection similar to Malwarebytes.

Strengthen Your Firewall and Anti-Virus Software with Zemana Anti-Malware

...Zemana Anti-Malware...provides an additional layer of protection to a Windows computer that may have a firewall and anti-virus software already installed. Zemana has partnered with SurfRight, and incorporated SurfRight's proven Hitman Pro 3 technology into Zemana Anti-Malware. Zemana Anti-Malware was designed to be used in conjunction with other malware-fighting programs.

During installation, you will have the option to Enable Real Time Protection and begin a free trial period with real-time protection. If you only want to use Zemana as an on-demand scanner then you should uncheck that option during installation. Zemana allows you to perform a Smart (Quick) scan. However, if you can use the drag and drop function to select the entire hard drive and initiate a Deep (Custom) scan.

Zemana AntiMalware free is just a stand-alone scanner which only offers malware detection and removal...it does not provide any real-time protection, it does not include Anti ransomware protection modules or zero-day malware protection, and therefore, it cannot be used to block or prevent malware infection.

 

 

Thanks. I will look into this and check the latest tests.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:39 PM

Posted 13 June 2017 - 08:16 PM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 computerdude718

computerdude718
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 14 June 2017 - 11:13 PM

What are you currently using? Have any experience with voodooshield and/or virtual machines for web browsing?

#8 titan1

titan1

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Bengal,India
  • Local time:03:09 AM

Posted 20 June 2017 - 06:39 AM

What are you currently using? Have any experience with voodooshield and/or virtual machines for web browsing?


I have been using voodoshield with eset nod 32, and I have to say they play perfectly well together. For virtualization, I use sandboxie and always access the internet in sandboxed firefox or sandboxed chrome. I have also tweaked sandboxie settings a bit to restrict internet access and run access for programs except the previously whitelisted ones in sandboxie. With regular update and regular image backups, it's lightweight on my system and works perfectly well for me.

Edited by titan1, 20 June 2017 - 06:44 AM.


#9 computerdude718

computerdude718
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 20 June 2017 - 07:00 AM

Hey Titan, your reply didn't post

EDIT: it posted. Phone was acting up

Edited by computerdude718, 20 June 2017 - 07:27 AM.


#10 computerdude718

computerdude718
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 20 June 2017 - 08:04 AM

What are you currently using? Have any experience with voodooshield and/or virtual machines for web browsing?

I have been using voodoshield with eset nod 32, and I have to say they play perfectly well together. For virtualization, I use sandboxie and always access the internet in sandboxed firefox or sandboxed chrome. I have also tweaked sandboxie settings a bit to restrict internet access and run access for programs except the previously whitelisted ones in sandboxie. With regular update and regular image backups, it's lightweight on my system and works perfectly well for me.

Thanks. I was considering sandboxing, but Comodo has so much more features and it's an actual full blown antivirus, anti-malware, hips, firewall, etc... And I've seen videos of it successfully defeating ransomware.

And since it's free99, I figure that's a better option than sandboxie.


Any reason you chose Sandboxie over the Comodo?

Also, I saw a video of a Trojan getting through Sandboxie.

Ofcourse I don't think a few videos site the full story- good or bad.


Second question. Is Sandboxie currently capable of isolating and defeating Trojans?


Thanks

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:39 PM

Posted 20 June 2017 - 08:40 AM

Sandboxing is a technique which creates an isolated operating/virtual environment in which applications can be run, tested or installed without permanently modifying the local drive. Sandboxes can be used for security and software development as well as for testing and debugging code.

A sandbox is a secluded environment on a computer, where you can run untested code or malware to study the results without having any ill effects on the rest of your software. A virtual machine is the most commonly used example of a sandbox, since it emulates a complete computer, called a guest operating system, on the main machine (called the host).

Sandbox Sensitivity

Sandboxing can also be used as a form of malware prevention as described below by Virus Bulletin.

A sandbox is a small, sealed-off version of an environment offering a minimal set of services, and is used as a test area. Actions carried out within the sandbox are safely contained within the area and cannot leak out to affect more important parts of a system. Sandboxing is used within security software to unpack compressed or encrypted files, or to analyse the behaviour of unknown items. Larger-scale sandboxing tools are available for improving the security of computing environments - for example, browser sandboxes seal web browsers off from the host system, preventing malware from damaging it.


For more specific information about how sandboxes work, please read A Taste of Computer Security: Sandboxing.

Shadow Defender and Sandboxie are examples of sandboxing tools tat allow running programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.

Since Comodo also offers sandboxing I see no need to use another sandboxing tool.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 titan1

titan1

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Bengal,India
  • Local time:03:09 AM

Posted 20 June 2017 - 09:30 AM

[quote name="computerdude718" post="4265282" timestamp="1497963840"]

[quote name="titan1" post="4265218" timestamp="1497958793" date="Today, 07:39 AM"][quote name="computerdude718" post="4261426" timestamp="1497500022" date="15 June 2017 - 12:13 AM"]
What are you currently using? Have any experience with voodooshield and/or virtual machines for web browsing?[/quote]Thanks. I was considering sandboxing, but Comodo has so much more features and it's an actual full blown antivirus, anti-malware, hips, firewall, etc... And I've seen videos of it successfully defeating ransomware.

And since it's free99, I figure that's a better option than sandboxie.


Any reason you chose Sandboxie over the Comodo?

Also, I saw a video of a Trojan getting through Sandboxie.

Ofcourse I don't think a few videos site the full story- good or bad.


Second question. Is Sandboxie currently capable of isolating and defeating Trojans?


Thanks[/quote]

When I was making the decision regarding the sanboxing software, comodo sandbox used to come bundled with comodo av or firewall, and it used to be very buggy back then (don't know about it's current state though 😅), so I chose sandboxie and am still now satisfied with it.

Now let me answer your second question. As far as pc security is concerned, you can't rely on a single piece of software to save you from every malware is out there. That is where the concept of layered security originates from. There will always be a malware or exploit kit which will bypass the finest security software ever made. For example, if the government wants to infect your pc because they think you are suspicious, then nothing is going to protect you. Security softwares only play the catchup games. The security measures we take solely serves the purpose of safeguarding us from prevalent, widespread threats in the internet. Yes, there are Trojans that might breakthrough sandboxie, but there may also be scripts that might shutdown your antivirus and whatnot, that is where the layered security comes in play. A Trojan which escapes sandboxie might be stopped by the heuristics or malware definitions of your antivirus or HIPS of comodo or voodooshield or it may not be able to infect at all due to your patched up system. Reality is, as long as you follow common security practices, chances of facing such sophisticated malware which bypasses all security measures will become negligible. And if something goes wrong, the image backup is waiting to be restored, right?
Thing is, be careful about how you use your computer, use the security tools you think you need and understand well how to use them, keep regular backups and carry on your job, don't ever get so tensed with these things that the primary function of your computer becomes running security softwares, I know, I have been there before 😉.
Happy computing
P.S.- Sorry if any grammatical or other mistakes you notice, english isn't my first language.

Edited by titan1, 20 June 2017 - 09:43 AM.


#13 computerdude718

computerdude718
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 20 June 2017 - 08:45 PM

[quote name="titan1" post="4265322" timestamp="1497969000"]

[quote name="computerdude718" post="4265282" timestamp="1497963840"]

[quote name="titan1" post="4265218" timestamp="1497958793" date="Today, 07:39 AM"][quote name="computerdude718" post="4261426" timestamp="1497500022" date="15 June 2017 - 12:13 AM"]
What are you currently using? Have any experience with voodooshield and/or virtual machines for web browsing?[/quote]Thanks. I was considering sandboxing, but Comodo has so much more features and it's an actual full blown antivirus, anti-malware, hips, firewall, etc... And I've seen videos of it successfully defeating ransomware.

And since it's free99, I figure that's a better option than sandboxie.


Any reason you chose Sandboxie over the Comodo?

Also, I saw a video of a Trojan getting through Sandboxie.

Ofcourse I don't think a few videos site the full story- good or bad.


Second question. Is Sandboxie currently capable of isolating and defeating Trojans?


Thanks[/quote]

When I was making the decision regarding the sanboxing software, comodo sandbox used to come bundled with comodo av or firewall, and it used to be very buggy back then (don't know about it's current state though 😅), so I chose sandboxie and am still now satisfied with it.

Now let me answer your second question. As far as pc security is concerned, you can't rely on a single piece of software to save you from every malware is out there. That is where the concept of layered security originates from. There will always be a malware or exploit kit which will bypass the finest security software ever made. For example, if the government wants to infect your pc because they think you are suspicious, then nothing is going to protect you. Security softwares only play the catchup games. The security measures we take solely serves the purpose of safeguarding us from prevalent, widespread threats in the internet. Yes, there are Trojans that might breakthrough sandboxie, but there may also be scripts that might shutdown your antivirus and whatnot, that is where the layered security comes in play. A Trojan which escapes sandboxie might be stopped by the heuristics or malware definitions of your antivirus or HIPS of comodo or voodooshield or it may not be able to infect at all due to your patched up system. Reality is, as long as you follow common security practices, chances of facing such sophisticated malware which bypasses all security measures will become negligible. And if something goes wrong, the image backup is waiting to be restored, right?
Thing is, be careful about how you use your computer, use the security tools you think you need and understand well how to use them, keep regular backups and carry on your job, don't ever get so tensed with these things that the primary function of your computer becomes running security softwares, I know, I have been there before 😉.
Happy computing
P.S.- Sorry if any grammatical or other mistakes you notice, english isn't my first language.[/quote]



Good reply. Thanks.

Yea, plan is paid versions of:

Bitdefender Total Security
Malwarebytes premium
Voodooshield
Winpatrol (registry Monitoring)

+

Comodo FREE (just for sandboxing + hips/registry) to sandbox all browser instances and unknown software

+

Virtual box running a Linux distribution, for when I'm on those "risky" sites ;)


.....

If Malwarebytes and Bitdefender aren't playing nice together, then I'll go and pay for Zemana...... And if nothing is playing nice with Bitdefender, I may switch to Emisoft as my main suite. Kaspersky is also up there, but I don't trust security software from a non-ally :D.... And if Emisoft is a nogo, I'll go with Nod32.

Thanks!

#14 titan1

titan1

  • Members
  • 121 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Bengal,India
  • Local time:03:09 AM

Posted 20 June 2017 - 11:04 PM

Bitdefender total security has firewall included, if you are so inclined on comodo sandbox, then I would suggest to go with comodo firewall free, it has sandbox & hips and and the firewall is best, and purchase bitdefender antivirus plus only, this way you get to save a few dollars. Just a personal opinion, the way you are setting up your pc with hips, antiexec,and sandbox, get ready to deal with a lot of prompts.

Edited by titan1, 20 June 2017 - 11:06 PM.


#15 computerdude718

computerdude718
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:05:39 PM

Posted 20 June 2017 - 11:35 PM

Bitdefender total security has firewall included, if you are so inclined on comodo sandbox, then I would suggest to go with comodo firewall free, it has sandbox & hips and and the firewall is best, and purchase bitdefender antivirus plus only, this way you get to save a few dollars. Just a personal opinion, the way you are setting up your pc with hips, antiexec,and sandbox, get ready to deal with a lot of prompts.


Thanks for the suggestion. Besides Bitdefender being one of the best AV software on the market- I actually have about a year and a half of the Total Security license left, so that's why I couldn't go with just the AV.

I personally like the Firewall Como has, as it's extremely EXTREMELY customizable. Bitdefender is seriously lacking in that area.

I haven't looked into Firewalls enough to say Comodo's Actually does what it says- but to my understanding we don't really have to worry about firewalls, as even the built-in Windows firewall is sufficient....


But yea, if I do stick with Comodo and still have the Bitdefender Total Security license left, I will just disable Comodo's firewall.....

I wonder if running two firewall simultaneously is as bad as two antivirus software.... I did have Bitdefender's and Comodo's enabled for a short time together in the past. For a few days. No issues apparent.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users