Interesting Link

[krit86lr]

Fun to browse through.

 

http://techsupportalert.com/best_46_free_utilities.htm

[Humpty]

Gizmo Richards certainly knows what he's talking about.

4 Best Free Browser Protection Utility

There's a scumware plague at the moment. All it takes is a visit to a pushy web site or a "loaded" shareware install and next minute your Internet Explorer homepage has been changed, your default search setting altered, unwanted ads pop up on your screen and worse.

 

If you use Windows 2000 or later my top recommendation for safe browsing is a free program called Sandboxie [1] that creates a special contained "sandbox" environment on your PC. While browsing within the virtual sandbox provided by Sandboxie you are totally corralled off from other parts of your PC. So any files you download are isolated to the sandbox. Similarly, any programs that are executed only do so within the sandbox and have no access to your normal files, the Windows operating system or any other part of your PC.

[Tunerz]

I kinda agree in the sandbox section. Sandboxie is one magnificent software, some software (including the ones that writes in the registry) can install in the sandbox without any problems, and can be used for testing purposes. I finally learned to accept Sandboxie as my arsenal, to test out softwares hehehe.

 

I'm still quite doubtful of AVG, some users reported that it doesn't scan the files inside an archive.

[Talldog9]

I love Sandboxie. My process for testing questionable files is to first scan them with Clamwin, then if they come up clean I then run it in sandboxie.

[rridgely]

I've used that site for a while now. If you give him your email for his newsletter he will give you access to more info.

Oh and just because he says something doesn't mean its true.

 

I've been reading 1 topic at wilders lately and its this one:

http://www.wilderssecurity.com/showthread.php?t=164982

 

Just to see if there is anyone there with enough commen sense to look at all of this stuff from the perspective of the average user and I found exactly what I was thinking in this quote:

 

Franklin,

 

Any user, casual or advanced, may still be faced with the question of whether downloaded content is potentially malicious or not. Given that malicious and non-malicious programs can exhibit similar behaviors, the control of behavior is not necessarily a panacea. Ultimately a user needs to be able to assess whether file X is malicious or not and there's really only three paths to that answer:

 

* Run it and observe over an extended timeframe. This is ambiguous if the malware is a sleeper.

* Learn enough coding to reverse engineer the executable. Not practical.

* Take advantage of the expertise of professionals who can reverse engineer the executable to make an independent assessment. In other words, use a classical blacklist AV as a screening tool.

 

The last option is really the only one feasible in a large and heterogeneous user base and as long as content can be downloaded and used, my personal opinion is that this will always be true. Now, that classical blacklist may need to be augmented to reflect current challenges floating around, and that short list of viable additions you mention are certainly potential avenues for anyone to explore.

 

Proclamations such as that leading off this thread or the Robin Bloor piece, that the classical AV is effectively dead, are ludicrous and something that even extensive user education will not change.

 

Finally, there are no silver bullets now, and there never will be as long as the motivation to perform malicious deeds is present.

 

Blue

 

Basically he is saying how will you know what is bad and what isn't?

Its not practical to run in a "sandbox" all of the time so you still need to know whats valid and what isn't. If virtualization fits in with your needs then by all means go for it but it isn't a one size fits all glove.

[Humpty]

And I'll come back with a quote from the author of Defensewall from the same thread.

Franklin brings up some good points over there, eh!

Originally Posted by BlueZannetti

Ultimately a user needs to be able to assess whether file X is malicious or not and there's really only three paths to that answer

Ilya Rabinovich, Defensewall author:

You've missed one more point here: send it to anti-virus laboratory for human expertise. I don't believe in AV scanners too much (false positives, false negatives), but human expertise gives more reliable mark as you may send sample to many labs.