latest test on VR/sandboxing apps for MBR infections.

Discussion in 'sandboxing & virtualization' started by taleblou, Mar 28, 2013.

Thread Status:
Not open for further replies.
  1. taleblou

    taleblou Registered Member

    Joined:
    Jan 9, 2010
    Posts:
    1,166
    Hi:

    This guy tested all of the VR type application like shadow defender, rolback rx, time freeze,etc.. and sandboxes like sandboxie with malwares and also with 5 MBR infections like TDL4 and others and you will be surprised on how they did.

    I was shocked at shadow defender failure to protect and also of time freeze too.

    link for all his tests for those interested: ~So, by policy, we prefer to not publish YouTester videos here.

    https://www.wilderssecurity.com/showthread.php?t=180128~
     
    Last edited by a moderator: Mar 31, 2013
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    No Instant Recovery Software software can give complete protection against advanced rootkits, bootkits and MBR/ VBR infectors. An offline image restore is the best security.
     
  3. trismegistos

    trismegistos Registered Member

    Joined:
    Jan 29, 2009
    Posts:
    365
    Just combine VR/sandboxing with kernel hooking HIPS to guard low-level disk writes to MBR from MBR malwares, bootkits and any driver loading rootkits barring duqu-like kernel exploits.
     
  4. taleblou

    taleblou Registered Member

    Joined:
    Jan 9, 2010
    Posts:
    1,166
    Hi:
    What are free kernel level HIPS you talk about? Is comodo firewall with HIPS one of them?

    So a VR like shadow defender or time freeze plus sandboxie and comodo firewall you think is solid against infection?

    What setup you prefer guys?
     
  5. CyberMan969

    CyberMan969 Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    589
    I use:

    Avast with Comodo Firewall and Defence+ at max, plus MBAM and KeyScrambler as my first layer.

    Sandboxie as the second layer.

    Shadow Defender as the third one.

    A full image backup (including the boot sector) stored away from my main system as the final layer.

    This setup has never been breached on any of my systems so far, and I do go places online...
     
  6. Baedric

    Baedric Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    163
    I wonder if anyone has tested BitDisk 7 against these infections? I imagine you would get the same results, but I was just curious.
     
  7. Arcanez

    Arcanez Registered Member

    Joined:
    Oct 5, 2011
    Posts:
    396
    Location:
    Event Horizon
    Sandboxie got tested as well like 2 hours ago. Like expected it scored 5/5...
     
  8. Space Ghost

    Space Ghost Registered Member

    Joined:
    Apr 21, 2011
    Posts:
    52
    Location:
    Poland
    Backdoor Sinowal: Failed
    Backdoor TDL4: Failed
    Trojan Cidox: Passed
    Trojan Popureb: Passed
    Trojan Xpaj: Passed
     
  9. karad

    karad Registered Member

    Joined:
    Sep 10, 2008
    Posts:
    237
    Arcanez,was it 3.76 or 4 to be tested?

    CyberMan969, I'm glad for you and for me,too,since I use a very similar layer:
    1-Router
    2-AppGuard
    3-Sandboxie 3.76
    4-Comodo Firewall & antivirus
    5-Shadow Defender
    6-Paragon Imaging

    I also use a password program ,Key Scrambler Pro,MBAM on demand.
    I run three different browsers (IE,FF,Chrome),but use only one exclusively for financial matters.

    After perhaps 6 months with this setup I feel really ok and protected,in spite of my still not perfect knowledge of appGuard whereabouts, but I think the combo AppGuard+Sandboxie is so effective it forgives even some initial mistakes....
     
  10. Baedric

    Baedric Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    163
    Thank you for that Space Ghost! Is there a video of that test?
     
  11. Arcanez

    Arcanez Registered Member

    Joined:
    Oct 5, 2011
    Posts:
    396
    Location:
    Event Horizon
    v 3.76
     
  12. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    Last edited by a moderator: Mar 31, 2013
  13. Arcanez

    Arcanez Registered Member

    Joined:
    Oct 5, 2011
    Posts:
    396
    Location:
    Event Horizon
    I think he meant the test of Bitdisk not Sandboxie.
     
  14. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    Quite right, sorry
    Too many easter eggnogs :D
     
    Last edited: Mar 31, 2013
Loading...
Thread Status:
Not open for further replies.