hello does bufferzone defend against the "killdisk" virus? the reason why i ask is, this virus was tested against vmware, sandoxie, and defensewall and they all could not stop it from infecting the MBR and wrecking the system.
edit:
i removed the link to the malware because a poster reminded me it's against the board guidelines. i will PM the link to the red team members.
Trustware.com
Here BufferZone users community can share ideas and view Trustware's experts and other users' comments.
a virus that defies current sandbox/virtualization programs
Moderators: edifier, sbargay, tsahi1
12 posts • Page 1 of 1
a virus that defies current sandbox/virtualization programs
by zopzop on Tue May 23, 2006 7:03 pm
- zopzop
- Posts: 27
- Joined: Fri May 19, 2006 4:51 am
Killdisk virus
by Uriel on Sun May 28, 2006 9:37 am
Dear Zopzop and all,
I am happy to announce that after having tested this virus inside BufferZone, the only thing it does is post an unreadable error message, nothing more.
Sincerely,
Uriel Ginsburg
I am happy to announce that after having tested this virus inside BufferZone, the only thing it does is post an unreadable error message, nothing more.
Sincerely,
Uriel Ginsburg
Uriel Ginsburg
BufferZone:Labs
Security through Virtualization
BufferZone:Labs
Security through Virtualization
- Uriel
- Posts: 19
- Joined: Sat Sep 10, 2005 1:36 pm
- Location: Israel
Killdisk
by Uriel on Mon May 29, 2006 11:01 am
Hello, zopzop and all.
I have tested it with BufferZone HomePro v1.90-11. However, the protection scheme which prevents the Killdisk virus from working is common to the home and corporate versions.
Sincerely,
Uriel Ginsburg
I have tested it with BufferZone HomePro v1.90-11. However, the protection scheme which prevents the Killdisk virus from working is common to the home and corporate versions.
Sincerely,
Uriel Ginsburg
Uriel Ginsburg
BufferZone:Labs
Security through Virtualization
BufferZone:Labs
Security through Virtualization
- Uriel
- Posts: 19
- Joined: Sat Sep 10, 2005 1:36 pm
- Location: Israel
BufferZone free version
by Uriel on Mon May 29, 2006 2:49 pm
Dear Zopzop,
That is a very important question. The answer is simply this: if you run BufferZone for Internet Explorer and you have downloaded the virus with Internet Explorer - BufferZone will protect against it. But if you run BufferZone for Internet Explorer and have downloaded the virus with eMule - BufferZone will absolutely NOT protect against it.
For short, BufferZone will protect against this virus, if you download it with an application already protected by BufferZone (Internet Explorer, P2P applications, eMail readers, etc.).
My advice, of course, is to have the complete version of BufferZone...
Sincerely,
Uriel Ginsburg.
That is a very important question. The answer is simply this: if you run BufferZone for Internet Explorer and you have downloaded the virus with Internet Explorer - BufferZone will protect against it. But if you run BufferZone for Internet Explorer and have downloaded the virus with eMule - BufferZone will absolutely NOT protect against it.
For short, BufferZone will protect against this virus, if you download it with an application already protected by BufferZone (Internet Explorer, P2P applications, eMail readers, etc.).
My advice, of course, is to have the complete version of BufferZone...
Sincerely,
Uriel Ginsburg.
Uriel Ginsburg
BufferZone:Labs
Security through Virtualization
BufferZone:Labs
Security through Virtualization
- Uriel
- Posts: 19
- Joined: Sat Sep 10, 2005 1:36 pm
- Location: Israel
by zopzop on Mon May 29, 2006 7:54 pm
thank you for that reply uriel. yes i agree with you, obviously the full version (home) of bufferzone will protect better. i was worried that if i ran internet explorer and some webpage tried a drive by download of malware like that virus, that i'd be protected. this is good to know. thanks again.
- zopzop
- Posts: 27
- Joined: Fri May 19, 2006 4:51 am
by Guest on Mon Jun 19, 2006 12:46 pm
zopzop wrote:thank you for that reply uriel. yes i agree with you, obviously the full version (home) of bufferzone will protect better. i was worried that if i ran internet explorer and some webpage tried a drive by download of malware like that virus, that i'd be protected. this is good to know. thanks again.
- Guest
repeat
by INSANE_ORACLE on Sun Feb 11, 2007 8:33 am
stop repeating the post what he said... hes right what he said
- INSANE_ORACLE
- Posts: 1
- Joined: Sun Feb 11, 2007 8:24 am
by zopzop on Sat Feb 17, 2007 12:03 am
@xaozon
yes it does (or it did as of the date i posted). if you want, i can PM you a link to the virus. but i warn you, you'd better try it on a test system. it will destroy your MBR and make all partitions and the information on them unrecoverable.
yes it does (or it did as of the date i posted). if you want, i can PM you a link to the virus. but i warn you, you'd better try it on a test system. it will destroy your MBR and make all partitions and the information on them unrecoverable.
- zopzop
- Posts: 27
- Joined: Fri May 19, 2006 4:51 am
Re: a virus that defies current sandbox/virtualization programs
by hamelame on Tue Nov 22, 2011 12:58 am
kindly sent me that link by PM !
- hamelame
- Posts: 2
- Joined: Thu Nov 17, 2011 7:03 pm
12 posts • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 0 guests