Sandboxie v2.86

Discussion in 'sandboxing & virtualization' started by ErikAlbert, Apr 23, 2007.

Thread Status:
Not open for further replies.
  1. grnxnm

    grnxnm Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    391
    Location:
    USA
    Another option for repairing your MBR after malware has trashed it is to use the Microsoft's FixMBR app (available in the Recovery Console).
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    One last thing and then back to malware.

    I went back and retried with EazFix, and Aigle is right, it does indeed survive the killdisk attack. I suspect the reason is Eazfix doesn't really use the windows file system. Very interesting.
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Indeed NOT a clean one, not really a solution for housewives. These women need a RECOVERY button and nothing more than that.
    I only hope that StorageCraft does at least some brainstorming to fix this problem. They must have good programmers to make such a reliable image backup software, so why not a little step further than the usual stuff. :)
    Nevertheless nice testing Peter !!!
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Yes indeed interesting, but it doesn't change anything for me. A malware like killdisk doesn't infect my hardware components. As long that doesn't happen I can recovery from any disaster. So killdisk is peanuts. Case closed.

    I'm trying Sandboxie (finally back OT :D) now and Sandboxie killed killdisk.
    Sandboxie seems to do a good job. It doesn't need to be perfect, my frozen snapshot will kill the rest. :)
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Peter,
    Does killdisk attack other harddisks than [C:] o_O
     
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Doesn't appear to. I have a second hard drive on my virtual machine, and it didn't bother it at all.
     
  7. EASTER.2010

    EASTER.2010 Guest

    Beneficial study and test Peter2150, thanks for that. More and more from experiences like this and from others who experience completely satisfied results with SP encourages a serious turn to Shadow Protect (V.3) as the top of my shopping list when the time comes.
     
  8. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Did u tried XP install CD?
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Hi Aigle

    No, as I ran out of time. Also I figure anyone with the CD and who has the knowledge to use it, could easily run either Diskpart, or fixmbr to solve the problem. Diskpart from the XP CD was my first solution and it did work.

    Pete
     
  10. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,244
    Location:
    Sydney, Australia
    This thread took an interesting turn !!:eek:

    Maybe there could be a new thread:
    "How to recover with imaging after HD is Zeroed"
    or some such and contributions could be made form users of all the tools.

    If I might suggest to Peter and grnxnhm: a sticky re methods may not be a bad idea at Storagecraft forums.

    I'll be doing a little checking on my own about some other tools ;)
    ( of course until I thought about it; it would never happen to me :blink: )

    To get back to Sandboxie: Stops KillDisk as we all know.
    Just play in the pizza. :)

    Any other sandboxes stop killdisk to anyones knowledge?

    EDIT: thanks to Aigle: https://www.wilderssecurity.com/showthread.php?t=148690
     
  11. zopzop

    zopzop Registered Member

    Joined:
    Apr 6, 2006
    Posts:
    642
    very eye opening thread! i can't believe that shadow surfer/user failed against killdisk (this is not encouraging). but awesome to see that ezfix wasn't phased (aside from the current snapshot, confirming aigle's earlier test). did anyone try powershadow vs killdisk? that would be an interesting test.
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Let me repeat, just use caution. This isn't a simulation, but a very nasty trojan. My hunch is Powershadow would go down.
     
  13. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Ya, as both seem to be very similar.
     
  14. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    994
    You got that right, Erik....I am in the same boat. I am waiting for a ShadowProtect 3 with HIR, then I will switch. The only reason I have not already done so, is that I use the Universal Restore function 4 or 5 times a year.
     
  15. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    After I saw EAZFix mentioned I am thinking of trying it out and have been reading up on it.Do you think it is a good program or would FDISR be better.
    http://kb.eazsolutions.com/article.php?id=023
     
  16. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    It's only a personal opinion, but I am more comfortable with FDISR. A lot of folks are having success with EAZFix, but I am nervous about them using a kernel level driver, and a completely different file system. Stuff can break kernel level drivers far easier, so that just makes me edgy. Also they don't support Raid 0 and I use that. FDISR is fine with Raid.

    Pete
     
  17. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    994
    Same program as RollbackRx http://www.horizondatasys.com. I use it in conjunction with FDISR. If I could only have one, it would be First Defense, but the two of them working together are an amazing combination.
     
  18. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328

    Wow, that's a great combo. I'd agree that FDISR is a bit better because of the flexibility of the product. However using rollback rx inside a snapshot sounds fun. Amazing it works. I'll have to see about adding that. I'm having a good time with powershadow and Fdisr combo that is proving to be just what I need. Adding rollback into that mix seems like an overwhelming amount of possibilities. heheheheh
     
  19. Horus37

    Horus37 Registered Member

    Joined:
    Jan 4, 2007
    Posts:
    328

    Peter just tested powershadow against killdisk and powershadow won. That's good news for a free product eh?
     
  20. silver0066

    silver0066 Registered Member

    Joined:
    Dec 31, 2004
    Posts:
    994
    I really doubt that you can use Rollback with PowerShadow. They both use the MBR, I think.
     
  21. EASTER.2010

    EASTER.2010 Guest

    That's especially good news on this end since i been consistently using Power Shadow to cover my current snapshots when OnLine. That result only shores up confidence another several notches again. LoL

    Good Job.:thumb:
     
  22. zopzop

    zopzop Registered Member

    Joined:
    Apr 6, 2006
    Posts:
    642
    dear lord, so easter2010 was right after all concerning the awesomeness of poweshadow :D man now i gotta download powershadow.

    ps did peter mention what version of powershadow he tested?
     
  23. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Mm, nice one Pete:thumb: Is there a post?
     
  24. EASTER.2010

    EASTER.2010 Guest

    I can believe it because i was often dependent on ShadowSurfer for some time untill i tired of it seizing up in shadow-mode with no remedy. Not long after i dismissed it and gave up Chuck57 appeared on the scene with the introduction of Power Shadow. I jumped all over it in hopes it would rescue my confidence in this type of virtualization app and boy did it ever!

    Now we have confirmation that it even shields against KillDisk which effectively raises the bar of confidence even higher if not the highest!
     
  25. EASTER.2010

    EASTER.2010 Guest

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.