Av-comparatives April results

[fax]

Up to now you have provided NO evidence whatsoever that WSA does not do what is supposed to do in your system aside from AV-test reference or referencing to better features that are not there by design (e.g. inbound firewall). Please provide evidence that WSA does NOT protect you or shut up once for all. Amen

[Mongol]

Quote:

Originally Posted by sturgess

Mongol "'m tired of beating a dead horse"
Oh no you're not, if you look at all the guys who are posting on this thread it's because you all love doing it. This thread should not have reached page 2, and the reason it has reached page 8 and counting is not because of No script, it's because of you !

You are likely right. "A" keeps posting and antagonizing so the "B's" keep responding. I said I washed my hands of this certain poster and now I have... This thread has really wandered way off topic.

[No_script]

Quote:

Originally Posted by fax

Up to now you have provided NO evidence whatsoever that WSA does not do what is supposed to do in your system aside from AV-test reference or referencing to better features that are not there by design (e.g. inbound firewall). Please provide evidence that WSA does NOT protect you or shut up once for all. Amen

How can Webroot protect you when somehow the security features can be disabled or turn itself off.

http://i49.tinypic.com/2nbyu02.png

I'm not sure how to explain that other than lol.

[fax]

I am not sure there is a problem in language, may be you can't well understand English. This could explain all these posts with no value. That screenshots show nothing apart a disabled tool. You could have done it yourself as you did with manually deleting system file.

If you don't have logs you have no evidence. If you have no evidence you can't support your statement apart just for a value judgement. "I don't like it".

So, again: you have provided NO evidence whatsoever that WSA does not do what is supposed to do in your system aside from AV-test reference or referencing to better features that are not there by design (e.g. inbound firewall). Please provide evidence that WSA does NOT protect you or shut up once for all. Amen

[No_script]

What the hell, are you mentally challenged.

What possible reason would I have to make this up. You should shut up, if you can't accept what I've said then you have serious issues.

[PrevxHelp]

Could you send me your license key via PM? Invalid or blocked licenses would disable features like that.

[fax]

Quote:

Originally Posted by No_script

What possible reason would I have to make this up.

No idea why you would do it. Most evidence provided was totally useless. Harmless files, default registry, safe applications, deleting OS executables. The evidence you provided showed a serious paranoia on malware and/or little knowledge on how windows system works. Therefore, screenshots really brings no further evidence on the table apart from confirming your lack of understanding.

At this point I give up and will keep following the saga from behind the scene. Sorry in advance to all the readers for contributing to derail this thread fully offtopic.

Lets see if you can at least follow up to prevxhelp request. lol

[Mongol]

Quote:

Originally Posted by fax

No idea why you would do it. Most evidence provided was totally useless. Harmless files, default registry, safe applications, deleting OS executables. The evidence you provided showed a serious paranoia on malware and/or little knowledge on how windows system works. Therefore, screenshots really brings no further evidence on the table apart from confirming your lack of understanding.

At this point I give up and will keep following the saga from behind the scene. Sorry in advance to all the readers for contributing to derail this thread fully offtopic.

Lets see if you can at least follow up to prevxhelp request. lol

He won't and the mind numbing rant will continue...

[No_script]

Quote:

Originally Posted by PrevxHelp

Could you send me your license key via PM? Invalid or blocked licenses would disable features like that.

And why would my license be invalid? Did you block it? Come on, how can seriously explain why Webroot would suddenly wipe all settings.

Quote:

The evidence you provided showed a serious paranoia on malware and/or little knowledge on how windows system works. Therefore, screenshots really brings no further evidence on the table apart from confirming your lack of understanding.

You fail to see the limitations of Webroot and AV's in general when it comes to detecting Malware. & oh yeah I wouldn't be so quick to judge my skills, you would be surprised.

[ProTruckDriver]

Quote:

Originally Posted by PrevxHelp

Could you send me your license key via PM? Invalid or blocked licenses would disable features like that.

Quote:

Originally Posted by No_script

And why would my license be invalid? Did you block it? Come on, how can seriously explain why Webroot would suddenly wipe all settings.

WOW! I think it's time to close or give him his own thread.

[PrevxHelp]

I don't have your license - that's why I asked you for it...

[No_script]

Quote:

Originally Posted by ProTruckDriver

WOW! I think it's time to close or give him his own thread.

I've sent it to him ffs

[No_script]

s.bat.vir
devil.dll.vir - W32/Ramnit.a

Different day, same result. Infected.

[PrevxHelp]

.vir sounds like a remnant that an AV already cleaned previously but please send me a scan log from WSA right now.

[webbit]

and dont format this time!!!!

[No_script]

Quote:

Originally Posted by PrevxHelp

.vir sounds like a remnant that an AV already cleaned previously but please send me a scan log from WSA right now.

Yeah npz, problem is this is a fresh imagine. So unless my image is infected then I don't know how to explain the malware being on my PC.

[STV0726]

Every day is exactly the same...

@No-Script: I strongly encourage you to continue this in a private conversation with Joe (PrevxHelp) if you need further assistance and are willing to perform his suggestions. Continuing to post here has proven not to be of much help it seems to anyone, sadly...just a friendly suggestion from another forum member that has been in (sort of) a similar situation before...

...I was having continual instances where on occasion Prevx 3.0 appeared to not load its GUI on login. Joe was more than willing to help of course, but he insisted they could not reproduce the issue so he explained that a remote session would be the next best option. Well, as much as I trust Joe and Prevx, at that time, I had severe obsessive compulsive tendencies about my computer security and the thought of someone remotely connecting didn't fly with me...

...So I kinda kept declining and he didn't understand why and I explained that I didn't want someone connecting and them some of the other members got frustrated because they thought it was silly that I was being offered free assistance and rejecting it...

But what I learned is you have to kinda find the "threshold" of when it's time to sit back and ask yourself..."Ok...what will I gain by continuing to post here publicly?" You know what I mean? It's of course WAY easier said than done, especially for a wordy person such as myself; but nevertheless it's VERY important for maintaining a good reputation on a message board.

Believe me, I understand that it is like turning down Hagen Dass ice cream or resisting The One Ring to stop yourself from posting sometimes...but it just isn't worth it sometimes. I know because as recent as last November/December I was just as guilty as you at MS Answers (and I'm sure some of that carried over here). Now they DO have some less-than-pleasant community stars there and people that talk condescending towards newer members (won't open that can of worms now) but I was largely to blame in my reputation being not great there. You see I couldn't stop myself from expressing longly and loudly my frustration with their decisions to make super simple MSE even simpler in version 4. My long protest-like posts hopefully did have something to do with Default Actions settings being eventually restored in the MSE 4 beta, BUT, a lot of people over there see me now as a whiner.

Just my two cents...I hope your issues get resolved.

[superssjdan]

The only thing i can think of as to repeated infections that don't seem to go away,you could be infected with a super rare bios virus.Typically 99.99999% of users would never get infected with it unless they went looking for it.In that case i am not sure any solution would protect you.

[PrevxHelp]

I still haven't heard back... a scan log would 100% definitively show exactly what came into your system...

[Mongol]

Quote:

Originally Posted by PrevxHelp

I still haven't heard back... a scan log would 100% definitively show exactly what came into your system...

Yep...all talk, no action or evidence from him...

[No_script]

Missed again SET40CF.tmp.vir, seriously wtf! I'll forward the logs,

[No_script]

Well..... Using a nifty little rootkit scanner I just found

C:\windows\system32\WRusr.dll --> Suspicion for Keylogger or Trojan DLL
C:\Windows\Panther\setup.etl >>> suspicion for Trojan Downloader.Win32.AutoIt.q


Not sure if these are false positives, if they are not then it's trouble. I will forward the logs.

[PrevxHelp]

Wrusr.dll is a WSA component, and setup.etl is likely a kernel trace log. Set40cf.tmp.vir sounds like a temporary file or false positive, but I couldn't guess by the filename.

And...... I still have not received any logs from you.

[No_script]

Well I sent them, should be there by now. Let me resend.

BTW I suggest you disable right click shutdown, even with a capatcha a simple VBScript will crash it.

[PrevxHelp]

Still nothing, and you can disable shutdown via Basic Configuration in WSA's settings.