So malware operates untill you reboot?

Discussion in 'Returnil releases' started by owen35ny, Jan 15, 2009.

Thread Status:
Not open for further replies.
  1. owen35ny

    owen35ny Registered Member

    Nov 11, 2008
    So -- If i download a virus and my malware doesn't catch it it will operate normally as malware until I reboot? I thought I couldn't get anything but I think I can it just goes away after reboot. That's important if I want to download a tool etc that I am not sure of trusting.
  2. Warlockz

    Warlockz Registered Member

    Oct 30, 2008
    Returnil isn't an antimalware software, Its basically a virtual Image of your OS, so yes Malware will operate normally if you do become infected, this is why I recommend the use of an Antilogger along with your normal "HIPS" (host-based intrusion prevention system) so if you do get infected wile using your virtual OS and don't know about it, they wont be able to obtain your typed passwords ect!
  3. Huupi

    Huupi Registered Member

    Sep 2, 2006

    with all these light virt. softwares, basically your real system is write protected(some exceptions though) so anything on your real system can be read,logged and send out(keylogger etc.) So SBIE comes in handy to restrict outgoing connections.But a keylogger already on your system can find ways to send out circumventing SBIE. Beware of this !!
    Last edited: Jan 15, 2009
  4. Coldmoon

    Coldmoon Returnil Moderator

    Sep 18, 2006
    As has been pointed out already, this is true. But if your AV, AS, AM, HIPS, or other does not identify the malicious content, that content will still operate as well...

    The important issue here is not really detection. Though detection is essential as a feedback mechanism in any security strategy, it is not critical. What is critical is that the malware be removed as quickly as possible (IOW: Time to removal). With RVS (or similar) that time is reduced to the time between restarts of your system whereas you may be waiting a much longer time for your other solutions to update their signatures...

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.