BufferZone versus malware

Discussion in 'sandboxing & virtualization' started by aigle, Sep 1, 2007.

Thread Status:
Not open for further replies.
  1. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Aigle,
    Good job !!! Is BlackDay Trojan an executable ? If yes, Faronics Anti-Executable will kill it.
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    I certainly can attest to a virus very capable of jumping the fence into the next yard, in this case the other partition on a dual setup, because i just had it happen for me during one of my research tests.

    Even though it's been catalogued as a medium threat courtesy several popular AV vendors & claimed easily cleaned, that is not entirely true or else other spinoff variants of this same one no doubt exists in the wild.

    Exclusively using NOD32, it "cleaned" approximately 80% of the .exe's infected but the rest were left waning and required nothing less than a complete overwrite with a fresh clean copy in order to restore 100% functionality again.

    BufferZone might stave off many such common types, but what about those so-called proof-of-concept releases, and especially one's specially designed to disable these popular programs?

    ...................and the beat goes on.
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    The BBC Honey Pot was a good example for me. It was so infected that even security softwares couldn't clean it or keep it clean. The only way to clean it was restoring an image.

    ISR-softwares are good for daily cleaning and Image Backup softwares will do the job, if ISR-softwares fail to do it.
    Recovery softwares are the future, not security softwares, they fail too much.
    Just like I wear a clean shirt every day, I have a new system partition every day or after each reboot.
    If Microsoft doesn't do it, I have to do it myself.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.