I can not find (or understand) what happens to a virus that is received while in the Safe Zone. Does you software recognize the virus and dele it? Or does Windowzone allow the systems antivirus program to recognize the virus in the safe zone and work to delete it. If neather is true then this is merely a delay for those viruses in programs to come get you when activated.
No, it does not rely on any detection mechanism (which is one of its benefits). Rather than trying to identify and kill malware, it protects the system by preventing the malware from using any administrative powers to replicate or damage the system.
Thus, its much like a "sandbox". Basically, a "safe place" where you can let things get in but they can't spread or do damage to the rest of the PC.
I understand the "sandbox" part, and the fact that it won't allow the virus to get to my system as the administer. What I am trying to find out is what if what I am viewing is a virus? If something doesn't ID it while it is in the sandbox, then it will come and get me later when I execute it. So essentially, this program only "delays" the damage. Is this true or not.
Maybe I am missing the point. Are you saying that I can execute the program containing the malware (while in the "safe Zone")and then keep it forever in the safe zone?
That's the basic idea. Not that you -want- to execute malware intentionally, but if it makes it through a hole in IE or Outlook (etc), it can't do much, if anything, to your system. Hence the "first", or "innermost" line of defense.
To put it more simply, should malware ever make it into the safezone, it runs as a guest rather than administer.
Ok basically, you didn't answer my one post. I know that we are protected in the "safe zone" and that IF one gets a virus or malware, it is treated as a guest and not administer. But if something"anything" doesn't tell the person downloading that there is malware in what they just downloaded, then when they go to accept the program and execute it(not knowing there is bad stuff in there) it will go to thier C drive and they are done because the program is no longer in your safezone. Right or wrong?
Wrong (at least as I understand your question). A program launched from IE when IE is in your safe zone would not be able to write to "c:\program files" or "C:\" so couldn't install itself.
This likely does require that you're using the NTFS filesystem, since FAT32 has no security.
I am sorry but you are skirting my questions. I don't know how else to ask what I am trying to find out. Based upon your last input, it should be presumed that as long as your WindowZone program is in a persons computer, they cannot get malware.
Sorry, I'm not trying to skirt your question. Maybe ask it a different way so I can answer more effectively?
In any event, no program or technology can -guarantee- that you cannot get malware. But WindowZones offers protection by preventing a program that gets in through IE (when in the safe zone) by also causing child processes created by IE, such as a program you download and execute through IE, by forcing it to run without administrative rights. Hence, resources that require admin rights to access them cannot be accessed. This in turn means that on a normally configured machine, with the Program Files folder ACL'd down to require the admin token, and the HKLS section of the registry in the same fashion, that malware cannot access them. To the extent that the malware expects/needs to write to those system resources to install itself, it cannot install itself.
