Ransomware n poor protection by HIPS

Discussion in 'other anti-malware software' started by aigle, Jul 10, 2008.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,161
    Location:
    UK / Pakistan
    Out of curosity, I tried Sandbox in EQS v 4 beta and it seems to protect against GPcoder and Arhiveus trojan and EQS sandbox seems to protect against these

    :thumb:
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,723
    Location:
    U.S.A. (South)
    My apologies aigle and others for completely overlooking this file intergrity checker too, but as soon as i found my old version i hunted up the author's website to share this with you all. it's name is INTEGRITY CHECKER~

    Might very well be as handy if not more so than FINGERPRINT, at least this way we have two of these to conduct comparisons for better accuracy.

    Some of you might already know about this app, but for those who don't, it not only does a DIRECTORY tally (any), and pls save it as NOT a text file, although you can if you wish, but close that out on finish and use the top menu SAVE AS for the .ic file. You can also integrate it into your right click menu to on-the-fly check file tally & integrity.

    The best part i admire with this app is that the results ARE COLOR CODED! Green equals NO CHANGE! Red equals either CHANGED OR DELETED.

    Sarah Dean's WWW Site
    Listed as software #2, there are other apps there too, i'm going to see if any can be useful for my purposes in addition to IC!
    http://www.sdean12.org/
     

    Attached Files:

    • w.jpg
      w.jpg
      File size:
      66.4 KB
      Views:
      321
  3. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,723
    Location:
    U.S.A. (South)
    Last little *BUMP for any members who might have missed this other Integrity Watcher (color-coded) (Reasonably Fast) (Accurate + Option For Right-Clicking Integrity Check)

    Enjoy EASTER
     
  4. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,161
    Location:
    UK / Pakistan
    Easter, thanks. Looks cool. I will add it to my tools.

    Seems nice find, though i had not yet got time to try it.
     
  5. MaB69

    MaB69 Registered Member

    Joined:
    Dec 9, 2005
    Posts:
    540
    Location:
    Paris
    Hi,

    Sorry OT
    Easter, Tiny watcher do the same. Did you stop using it ?

    Regards,

    MaB
     
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Tiny Watcher and File Integrity checker are fine apps, but would be useless against the ransomware like GPcoder. With those you have no doubt as to what has happened as the file names are changed. Neither of these apps prevent changes.

    Pete
     
  7. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    9,723
    Location:
    U.S.A. (South)
    Well Pete, point taken, i Googled your GPCoder and see what your eluding too, so it looks like back to HIPS, SandboxIE, Returnil, Power Shadow, etc.

    In fact it all comes back to square number one as always as the only sure integrity of files that could be (ZAP!!!! LIGHTNING STRIKE!!! :eek: ) compromised by virus infections, and thats our restores from imaging apps.

    EASTER
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.