Comments on: Is Rogue Anti-Virus Malicious or Should We Just Ignore Them

By: Mike

Mike — Mon, 14 Jun 2010 03:21:22 +0000

Hmm? You guys can be at 99% if you want, but I’ve never seen anything get past Sandboxie, let alone thru my Kaspersky, Defense+, Threatfire, S&D All of my on-demand scanners, MBAM Pro, PeerBlock, etc. If any malware gets past all of this shit they can just have my identity, because I will have died from shock.

By: Johnny

Johnny — Tue, 26 Jan 2010 17:15:21 +0000

Whilst users like us try to take our security more seriously, so many people just don’t and I hate to say this, but these kinds of people tend to be in the majority. I’ve fixed a number Virus infected laptops for my friends. All they want to do is go on facebook or what ever else they do, but they just don’t understand the risks and when I try to explain things to them they go cross eyed at me. I had one almost fool for one of these rogue applications.

By: ssj100

ssj100 — Mon, 25 Jan 2010 21:55:50 +0000

bo.elam, just curious as to what malware has escaped the sandbox genuinely? Keep in mind that most of the reported “bypasses” of Sandboxie have been proved WRONG (usually either due to the user not realising what has actually happened, or due to the user not using Sandboxie correctly). And as far as I know, there have been no genuine “bypasses” when Sandboxie’s start/run/internet access restrictions are in place.

By: Raygen

Raygen — Mon, 25 Jan 2010 16:26:48 +0000

Rogues are an interesting breed, and to be honest I don’t think they can be detected or stopped consistently in their current form until the inherent problems in the Windows architecture is addressed.

i mean look at how many versions of Vundo is around…that darn thing is still infecting folks and new versions come out every day..it never ends..

I think the only way to prevent these rogues is for Windows to sand box the browser inside of a virtual machine using Intel and AMD virtualization extensions built into modern day processors..even though that may not be the answer either.

I think MalwareBytes does so well because its an app that is dedicated to detecting only rogues and spyware, it doesn’t fare too well against polymorphic worms and viruses, again that’s not what MalwareBytes was designed for though.

Anti-Virus vendor have a tough time with Viruses alone, and i think spyware protection is better served with a 3rd party app,(super AntiSpyware) same with general malware.(MalwareBytes) to supplement your AV application be it Avast, Norton, etc…

By: Dieselman

Dieselman — Fri, 22 Jan 2010 23:48:11 +0000

Too much doesn’t mean your better protected. There is such a thing called overlapping security. All I need is KIS 2010 and common sense.

By: Anonymous

Anonymous — Fri, 22 Jan 2010 19:55:02 +0000

Considering how malware is advancing nowadays, being a “security freak” and having a ton of protection on the computer is better than having little protection.

By: ssj100

ssj100 — Fri, 22 Jan 2010 19:40:11 +0000

Hey Dieselman, yes I agree with you to an extent regarding Wilders, but it’s quite entertaining reading the forum from time to time!

Not sure what happened to my previous posts, but I was stating again why LUA etc is so beneficial. Here’s what Microsoft themselves say:

http://technet.microsoft.com/en-us/library/bb456992.aspx#EGAA

And here’s an excellent post about it also:
http://www.wilderssecurity.com/showpost.php?p=1533486&postcount=5

Anyway, seems like you’re not allowing this to go through. Clearly I have done something wrong. I would appreciate it if you could tell me what I did wrong. Thanks for your time.

By: Dieselman

Dieselman — Fri, 22 Jan 2010 16:58:33 +0000

No I did not forget it. Either way Wilders is a bunch of security freak. Why dont they just not bother turning there pc’s on.

By: Johan

Johan — Fri, 22 Jan 2010 14:45:51 +0000

HAHA WOW Dieselman!!!!

So what you are saying is,
that people should stay away from Wilders ONLY because SOME of the posters/readers changes their setup everyday?
That’s just a stupid acclaim, for one I don’t change my setup everyday

What about the content/information that is available at Wilders did you forget about that as well?

By: Dieselman

Dieselman — Fri, 22 Jan 2010 11:30:59 +0000

OMG. I should have known where I know you from. Wilders is a bunch of security freaks. People over at Wilders change there set up ever day. Stay away from Wilders unless you want to put a padlock on your pc.