Av-comparatives April results

I have the same keys on my pc, and the are all genuine and essential windows keys. Nothing fishy about that, unless they were absent

 

Found it I think, stupid piece of Russian crap. I'm going to look at my logs and then obliterate that server...

 

I have seen some of the tweak guides he's probably following and honestly bias aside, they frankly cut too much out and often don't tell you how really important it is (important by their own definition/opinion of course) in comparison to the rest of the stuff on the guide.

Some of the guides advice turning off services and then they advice killing UAC, which at that point the tweak guide in its entirety becomes a laughing matter to me.

I will say that while I am guilty of being a bit of a fan boy of Prevx/Webroot, I am very fair (as Joe and the others can attest certainly) and I criticize them when they make mistakes, and I have given plenty of my suggestions.

The reason I am not particularly happy with you, No_Script, is because of the angry way you post (which I am not by any means guilt-free either as I've made my share of angry posts especially on MS Answers) but even more so the way that your intentions are not really clear because you say things that come across as troll-like at best.

 

Just offer to tweak it for them...

 

I've seen the same tweak guides.Tweak guides in the hands of the uninformed and uneducated is a disaster waiting to happen.Just because some guide says it can be done,it doesn't mean it should be done.99.99% of your registry,system setttings,etc should never be changed anyways.The potential system instablity isn't worth the very miniscule perceived benefits.I wish No_script the best of luck getting his system clean and stable in spite of his constant stone throwing at Webroot and us "Fanboys"

 

I know what I'm doing with windows, I'm not some amateur. & I know Webroot has missed lots of detection's.

 

Keep telling yourself that...

Then explain those fishy items in post #126

 

OK do you need further support? If not just ignore this thread unless you have proof! Because you just joined May 12th and I have looked at all your posts and I found nothing of benefit from your comments!

Cheers,

TH

 

You said it TH! OK, I know I said earlier that I was staying out of it, but no more. No_script, we have called your bluff; either give us some solid proof that your system has been compromised, or ride off in to the sunset...

 

I almost feel bad for him now...what if he does have something so nasty that it destroyed any proof.

Maybe if you cool off and come back later you can explain it better?

 

Definetively you have no clue of what you are doing or saying. Scary

 

I'd like to share my experience with WSA.

I came face-to-face with malware twice using it.

First time was when the most famous iPhone brazillian site got hacked (blogdoiphone.com). They made an index exactly like the page's previous design saying you had to download a plugin. WSA and Norton caught it. Reading the comments when the page was back online, you could see many AV's missed it, if I remember it right, it included Avast, MacFee and a few others.

Second time we were at university, the professor asked for a pendrive to save some files and later share with the class 'cause he wouldn't have time to upload it in the uni's FTP. God, when the pendrive got to me, there were at least 5 malwares haha which were taken care by WSA.

Ofc Av-comparatives is reliable, but what I'm trying to say is sometimes you gotta test stuff urself. Everytime I needed WSA, it didn't let me down

 

To bring this thread back to its original topic, I'll post something I mentioned over on the Webroot forums. Eugene Kaspersky had some wise words re AV tests:

Source.

 

That's because your selling a product. When I joined has nothing to do with it. If you don't like hearing constructive criticism then go away.

Sorry your wrong.

Proof? Installs proxychecker.exe a known malware tool, changes file permisions, loads .exe's which are obviously malware, cloacks itself in runddl explorer.exe and winlogin. This much I know. Comodo & Kaspersky have both picked up rootkits.

I'm not saying Webroot is a bad product, just that their detection rates are not up to scratch.

 

You mean this very very dangerous tool?
http://www.threatexpert.com/files/proxychecker.exe.html

So far you provided zero proof of wide infections on system where WSA is installed. No relevant logs + wrong evidence of harmless components + quite a lot of arrogance in your statements.

Please please please, make us a favour, go to 0day malware databases and try all links there! At least once for all you will get infected and you will finally not look like a fool in here

If you can't even get infected like this then please silenty disappear from here, you are still in time!

Peace and love.

 

Yes that tool, how do you think it got in my system? Magic maybe..... And don't worry I'm not a fool, you may be but I'm not. I've seen both Kaspersky and Comodo nail things that Webroot did not so that is all the proof I need and the AV test results back me up. Webroot is a nice product but still needs to improve.

 

I think it's about time, totally agree!

 

Post 81

 

This thread is full of off topic posts and will close until Joe deems it necessary to reopen?

@ No_script - I find no use for your comments as the Webroot VP of Development Joe has offered to help you if you have an issue with WSA and all you do is beat around the bush with innuendo and bashing of WSA to me and others it means Trolling I have no issue with you so please don't start new threads to continue to argue with us as this is a Support Forum! If you need help feel free to start a new topic or contact the WSA support inbox: https://www.webrootanywhere.com/servicewelcome.asp?

Regards,

TH

 

I've reopened it - we probably don't need to close it for everyone, but I do think it would be more appropriate for No_script to contact me directly if he continues to have "problems". I still have not seen that WSA missed a single infection on his system.

 

My question is: have Comodo and Kaspersky identified specific malware by name/signature or are you interpreting a firewall/heuristics message as suggesting infection? If the former can you tell us what Comodo and Kaspersky named the malware as?

 

Yes it was specific, I don't remember it by name. I reformatted so all logs are gone. But I've looked up online, ran files through virus total, threat fire and it looks like it is modified malware of a old Russian botnet.

http://www.symantec.com/security_response/writeup.jsp?docid=2009-052907-2436-99 that's the old malware, I think this is a new version of that.

 

Bredolab? Mostly distributed via email. That means that if you had an old email message with it attached, and you never ever ran it, it would sit there and do nothing to your computer. SecureAnywhere would ignore it unless you actually tried to run it, because it wouldn't do anything until you did. Or if you tried to copy it to somewhere, WSA would catch it.

By comparison, the other guys will scan EVERYTHING all the time 100%, so they will find it, and despite the fact that it will never do anything to your computer unless you try to run it, they will panic over it and demand to clean it up. Also, if you have both another program and WSA on at the same time (which is perfectly fine), if both of them find it, WSA will always let the other take care of it so as to avoid fighting over it and crashing things.

So it sounds like, at best, the other one(s) found dormant/seed malware that was not awake or active and could not grow. The cost of finding this harmless stuff equates to extra cost in power from the extra scanning of harmless files. Pretty much doubles the cost of the program in extra power cost.

 

Techfox1976 "The cost of finding this harmless stuff equates to extra cost in power from the extra scanning of harmless files. Pretty much doubles the cost of the program in extra power cost"...........or then again you could be wrong ? Me, I'm going with the new Chromebox, no more malware for me.

 

Chromebox leaves you in pretty much the same position of having unknown malware on your system sitting dormant.