Some test ;)

Discussion in 'other anti-malware software' started by MagisDing, Apr 21, 2009.

Thread Status:
Not open for further replies.
  1. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    Well then your statement really is; "In the way that I want things to be and the way that I want to test malware, Sandboxie fails on all counts." You really need to issue that disclaimer prior to your proclamation that Sandboxie performed the worst in your testing. In the manner that I wish things to be; I look at a malware and decide if a program in its' entirety offers the means for me to prevent this malware from damaging my computer. With these malware samples, Sandboxie is the only product (prior to fixes) among those that you listed, that provided that means in all cases.
     
  2. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    Is this another item that you wish to be? I read the opening post in this thread which links to a Comodo opening post;
    And here; http://en.wikipedia.org/wiki/Intrusion-prevention_system the first line is;
    "unwanted behavior" .... So I am on point.
     
  3. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Guys,

    You started discussing, what is nice, next you start to change the premises, to proove you are right.

    Example: One can configure PrevX so that it sort of acts as an Anti Executable. This would provide a pass on nearly everything. But was PrevX intended that way: No

    Same applies for Sandboxie, from the authors website there are four benefits listed

    Now for point 4, I would be disappointed with those tests, so Arran has got a point. HungJuri has configured Sandboxie as a better sandbox than most Sandboxie users. So agree to disagree.

    Cheers
     
  4. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Quote from Sandboxie's Restrictions settings site: ;)
     
  5. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Hungjuri,

    The point is that discussions evolving to

    a) The moon is yellow and its round, so it must have been made of 'Gouda' cheese (item based reasoning like some authors do when writing books e.g. "Was God an Alien")

    b) nothing is 100% secure (it is a 'open' door which can't be argued, because it is impossible to run a testset covering the unknown)

    c) Not guilty unless prooven (also an open door the reverse way, unless prooven by a PoC something is not vulnarable)

    Pick your choice and the sensible reader will agree with you, so come on man, as in view it my my way, yes partially

    Sorry fo rthe Dunglish (Dutch English), but I hope you understand and feel less attacked
     
  6. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    It is true that Arran has a point and I agree with that. That is the discussion on the test on the malware itself. It is the conclusions based off of those tests - the notion that suddenly sandboxed programs can terminate your firewall? That a sandboxed program can terminate Sandboxie itself? Where in these tests is the evidence of that?
     
  7. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    That is funny, my reply to Hungjuri's post is shown before his :D
     
  8. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    I don't feel attacked at all. So since nothing is 100% (your opinion), and the moon is made of Dutch cheese, we should all just sit idly by when blatant misinformation is being posted? Or better said "less than full" information?
     
  9. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    No,

    Isolate one of the three items of the discussion when you are faced with it.

    You could have chosen to agree (third option, not guilty unless proven), yet you choose the two which made you deduct that I am telling you what to do. Which I am not, so I agree with the third (not guilty unless proven).
     
  10. HungJuri

    HungJuri Registered Member

    Joined:
    Nov 23, 2007
    Posts:
    104
    Location:
    USA
    This is going off in some tangent that I don't even understand. (English is not my first language, so sorry). Remember that many new users regard Wilders in high esteem as far as computer security goes. Based off this thread, if I didn't know any better, I wouldn't go near Sandboxie with a ten foot pole. That is not fair to new users and it is not fair to the developer. But I'm done. Cheers! :)
     
  11. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Problably lost in translation: but we agree on Sandboxie being a solid security application :D
     
  12. Joeythedude

    Joeythedude Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    519
    Thats always my concern with threads here as well.
    As well as the fanboy stuff I've seen posters here with large post counts writing other security "facts" which are completely inaccurate.

    Its funny I've seen found new user guides around the net which are much better than our sticky here :ouch:
     
  13. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,156

    It has already been proven with the registry test that malware inside sandboxie
    can terminate every thing and shut down your pc.
    http://www.ghostsecurity.com/registrytest/
    you should try this registry test and you will see for your self.


    I do have 2 more Important points to make in this thread as well.

    1. Some body who is new to sandboxie, and they are still trying and learning
    how to use sandboxie and they have not yet configured the start run settings. What if they download malware to their sandbox? and it executes and runs? As Proven in this thread Running malware can bypass Sandboxie.

    2. For those of you here who have been using sandboxie for a while, would know that the Start Run Options was only added into sandboxies features a few months ago. Therefore it would be fair to say that only up until a few months ago seen how malware was able to run inside sandboxie, Sandboxie
    would have been a very "Weak" security product.

    I read some where on sandboxie website that the reason why start run access was added was because it was to prevent running malware from wasting CPU Usage. But the Real Truth is because to prevent running malware from escaping out of the sandbox.


    politics and mis-information and the ask.com issue have not deterred me from using comodo, What has deterred me from using comodo like I explained before in this thread is its Slow speed at intercepting executables from executing in the first place. The 2 Stop tests here prove that. If that had been real malware and user had Comodo their operating system would be History. So Comodo isn't
    as Strong as a lot of people think.
     
  14. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,156
    It was stop.exe and stop2.exe, and no it wasn't specifically targeted to bypass CIS. and I already know how to use sandboxie LOL.

    I am now instead using Defense wall and Malware defender. They are the STRONGEST programs that can control the behavior of Running programs that I have tested.
     
  15. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Did u try MD against them?
     
  16. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Wish he could post some screen shots.

    Thanks
     
  17. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    its stop them on sight , also SSM,OA block them , Jetico Personal Firewall beta fails stop2, stop tests

    cheers
     
  18. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,156

    If you mean Malware Defender yes I already posted the results in this thread.

    By the way MD and defense wall are the only 2 products that I know of that
    can Survive the registry test http://www.ghostsecurity.com/registrytest/
     
  19. 3xist

    3xist Guest

    Can anyone please post Screen Shots on how the latest CIS RC2 stops these tests? I would be interested to know how it intercepts it and if it does.

    There seems to be many other bug fixes in this latest RC then the ones mentioned fixed.

    Cheers,
    Josh
     
  20. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,156
    hmm my MD failed to stop htaac.exe and stop2.exe I might give it another go.



    SSM. are you saying SSM blocked all of them including stop2.exe ? if so SSM would be the only product so far that can block stop2.exe and Its a shame how SSM isn't updated any more.



    OA. didn't a poster here say before that with stop2.exe with OA their pc hung and became frozen?

    Jetico. I was wondering about jetico thx for results.
     
  21. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    Can someone PM me the test? I would like to test DriveSentry.

    Thanks in advance,
    Toby
     
  22. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Add GesWall too in the list. :)
     
  23. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Pls if possible post some screenshots.
     
  24. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Latest CIS now intercepting all of them. :thumb: :thumb:

    But pop up for stop 1 is not as clear as those of OA. :'(

    1.jpg
    2.jpg
    3.jpg
    4.jpg
    5.jpg
     
  25. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Stop 2
     

    Attached Files:

    • 6.jpg
      6.jpg
      File size:
      65.2 KB
      Views:
      223
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.