Defensewall and untrusted installs

If you install an application as "untrusted" it will run sanboxed...Does that mean that the sandboxed installation persists after reboot? And, if not happy what´s the best way to get rid of it?

 

Hi,

No when you run untrusted it will have limited rights (all sensitive windows area's are protected). DefenseWall is not a virtualisation sandbox, but a policy sandbox.

When not happy use the roll back option in the file and registry tracks.

Regards Kees

 

DefenseWall do not erase files or registry keys automaticelly.

Uninstall?

 

What is "partial"? What is "full duty"?

Just tell me- what is the main aim of anti-malware defense?

 

Perman,

DefenseWall's effectiveness is as good as Sandboxie and Returnil, as a matter of fact I would trust DefenseWall and or GeSWall to perform on par or better (as many tests have shown).

When taking protection (high) and hassle (no pop-ups) into account, I can not think of a better performing application for 32 bits XP and Vista.

But your are right, defensewall is not a 'flush' session application, like virtualisation applications.

Regards Kees

 

Hi, folks: I am not an expert in your field, therefore I can only use words as plain as any human being could possibly do. The main and foremost aim of any anti-malware application is to maximize its ability/capability protecting its user to a full extent. Anything deviated from this goal, I would consider its duty is NOT a full one. Since DefenseWall can not remove contents in untrusted box upon user's desire to do so, in other words, needing third means to implement such request, I would assume its power has not been fully extended to protect users. If users are not to remove those leftovers, does that mean there will be tons and tons of leftover remained in that box? I just wish the app could offer a dogie bag for users to take them to elsewhere.

Thanks, Kees1958 for your explanations. Take care, all.

 

So, in that case I understand that DW:s untrusted install makes a shield with restrictions for unwanted system changes...Nothing to empty just an insurance against unwanted actions...The function of an untrusted installation could consequently be not fully working as it´s restricted...

Of course, but will the rollback wipe out the installation?

 

Yes, something like that.

If you like if you install ActiveX as untristed, but need to re-install it on your next reboot, for example? I wouldn't! Also, erase files and registry without user's permission, automatically, is definitely a bad idea.

Well, non of sandbox HIPS solutions can get a complete compatibility with new software installed as untrusted/sandboxed/wherever. Only VM can do this! That is why the reasonable balance is really important this case (in fact, in all cases).

Rollback, mostly, is a tool for advanced users to wipe out malware modules manually, nothing more.

Just let me clarify something. DW is not any kind of standalone anti-malware tool. What is the main problem of anti-virus solutions for an average Joe? Time between release of new malware module and when its signature will be added into anti-virus database. During this time your are naked, heuristics are not really good. So, we need a tool that keep unknown malware within untrusted zone, do not allow it to auto-start, install rootkit, read keystrokes, get screenshots and modify critical system areas untill anti-virus companies won't adds new signature to wipe their modules and registry keys out of average Joe's system. Average defense rate of the system should be 95-98% in automatic mode against unknown malware.

And there is no need even to clean up malware modules with rollback- inactive malware is harmless, I've got some at my hard drive, but I'm not really sure I'm infected. Yes, those sandboxes that strongly relies on virtualization requires constant file and registry virtualization container clean up procedure. DefenseWall doesn't need it.

Such the defense system must be very carefully balanced between protection strength and simplicity in every single day use. I can make, for example, 100% bulletproof defense system, but, I assume, only few people in the world will use it- too irritating, too many things for manual work. I wouldn't use it by myself

 

Thx for the clarification Ilya Rabinovich...

 

You welcome!