Interesting malware/ DDOS worm testing?

wooo but threatfire has outbound like protection for protecting network and maybe file theft isn't?

 

Can Online Armor (without AV part) stop it without Run Safer?

 

Thanks for what you do here Pete, as well as the other posters here who test these nasties.
It's terrific that we have people like you that will do this.

To all testers-- Thank You!

 

For those who are interested,

I can personally confirm that DefenseWall v2.56 successfully contains the malware sample in question under Vista 32 SP2.


Peace & Gratitude,

CogitoErgoSum

 

I agree and extend my appreciation as well!

 

Thanks. Was expecting so.

 

Kudos Prevx

 

Hi sorry for the same question. Does this worm works under vista?

 

Yes.


Peace & Gratitude,

CogitoErgoSum

 

Hesitant to test Outpost because I don't think it offers file protection. Maybe someone can tell me otherwise? I know it will protect MBR via direct disk access.

 

BTW I must say thanks to Rmus for poiting out this malware for testing and also to Stefan( from Avira) for providing me with the sample. So many thanks to both of them.

For the users who requested for testing I will apologize. I have no VM and have loaded a fresh complete system image just now. I will not be able to test on wish as it needs a lot of time that i don,t have at the moment.

 

thanks cogito very nice some one tested my beloved defensewall

 

I would advise everyone to be very careful playing about with this and any other malware.

Worms are a nightmare. Running tests under Returnil and similar light virtualisation is not advised as they wont prevent it working and many worms are VM aware and / or wont yeild realistic results in full virtual environments.

You have been warned.

Puss

 

very good point puss, very good point.

 

What would happen if a user downloaded this kind of virus through their web-browser while running software like SBIE, DW or GeSWall in their respective default settings? Penetrated or not?

 

I use Sandboxie usually and have found it to be very rubust and secure with IE for normal browsing - cant think of any times when its been compromised.

This is not to say it is safe to purposefully experement with sandboxed malware. I guess most members here have their home PC with all their security apps on, along with all their personal files, photos, work etc - it is not wise to play with malware under any circumstances on your home PC - not worth the risk, its all too easy to get infected / lose your data / spread malware.

As for DW / GESWall - I have not used them so cant comment.

Puss

 

Hi, aigle! Was wondering if you're running GeSWall with any modifications to its defaults, e.g. new/modified/deleted rules and such - when it successfully blocked this malware's actions? Thanks!

 

There are some additional rules but default settings will stop the worm without any issues.

 

Ofcourse not.

 

No need to be warned. I'm on a test machine...could care less what happens to it...just don't want to go through the trouble of recovering from this and having to install a fresh copy of Win.

I remember when Gromozon first came out and I purposely ran it. What a nightmare.

Wait a minute...that wasn't a nightmare...that was damn fun.

 

Aha! Now you made me curious. - What rules? Don't worry, I simply just wanna learn more - that's what I always do in this hobby.

 

Haha, that comment made me laugh.

 

Thanks Pete - I respect your warning and obviously the original one from Puss as well. On another note I never do this kind of dangerous testing. I only try to stay secure.