[Buster_BSA]

Hi.

One of the features I have had in the Buster Sandbox Analyzer´s TO-DO list was a malware disinfector.

The idea is to use the list of changes made to system file and registry reported by BSA and generate a file that could be used to revert the changes.

Would be anyone interested in developing a tool that using a special file generated by BSA works as disinfector?

[nex]

I'd love to do a similar thing for my sandbox too, but it would need some kind of machine-learning-like component to discriminate from a trained set of legitimate "events" performed on the system before being able to automatically identify which ones are malicious or not.
Of course your sandbox is already able to do that, I'm not really familiar with it.

[Dmitry Varshavsky]

Hi.

One of the features I have had in the Buster Sandbox Analyzer´s TO-DO list was a malware disinfector.

The idea is to use the list of changes made to system file and registry reported by BSA and generate a file that could be used to revert the changes.

Would be anyone interested in developing a tool that using a special file generated by BSA works as disinfector?

Current private version of Vba32 Arkit is able to cure the system with a special crafted script. We can add support for BSA generated files in some near beta. Write me PM, if you're interested.