New virtualization software provides excellent protection

The more I learn about modern malware the more convinced I have become that the best strategy to avoid infection is to always surf in a virtual environment. Virtualization defeats just about any malware infection that manages to install itself while surfing: viruses, worms, spyware, trojans, and rootkits. Everything is eliminated as soon as you shut down the virtual environment. No, it’s not a replacement for your other security software but it is a very potent addition.

In past issues I’ve looked at various virtualization software products and recommended Sandboxie [1], a donationware product for Windows 2000 and later. It’s still my top recommendation but as some readers have had problems with Sandboxie I’ve been looking for an alternative. Thanks to a tip from regular contributor Leib Moscovitz, I think I’ve found one. It’s a commercial product called GreenBorder Pro that’s currently being offered for free for 12 months.

It works rather similarly to Sandboxie in that it allows you to launch your browser in a virtual environment. This virtual browser session appears in a green bordered window, hence the product name. The prominent green border is actually quite a useful feature as it clearly flags you are browsing in a protected environment, a feature missing from SandBoxie. Like Sandboxie, GreenBorder Pro can also run programs in a protected environment. You do this by right clicking on the program and selecting "Add GreenBorder protection" from the context menu.

�I tested GreenBorder by browsing to three drive-by download sites and additionally installing two malware products (IstBar and the InService Trojan) in the protected environment: I then "cleared and reset" GreenBorder from the right context menu and then did a "before and after" system snapshot comparison. No hostile running processes were found nor were there any new programs in the various Windows startup areas. I did find some hostile files left in the system prefetch folder but I judged these to be harmless. The most curious change was in the system registry where there were nearly 1000 new entries associated with GreenBorder. That’s no worry in itself though I hope these don’t further accumulate. If so you would end up with a very inflated registry.

Overall GreenBorder performed as advertised. In many ways it reminded me of a slicker version of SandBoxie and that should be taken as high praise. Will it cause problems on some PCs? Quite possibly, so backup before installing. GreenBorder is currently being offered with a free 12 months license but this offer may soon end so download it now while you can. Shareware, free promotional 12 months trial, Windows 2000 Pro SP4+ or Windows XP SP1+, 10.3MB.
http://www.greenborder.com/earlyaccess/



This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.



= Paid content

All Windows Secrets articles posted on 2006-07-20: