Tag Archives | malicious applications

Is Rogue Anti-Virus Malicious or Should We Just Ignore Them

Looks like some people in the Avast forum are pissed that I pointed out that Avast missed a Rogue.   Yes, I know Rogues are not technically malicious and are quite hard for an AV to detect, however I personally think that Rogue’s are the MOST malicious applications out there.

Rogue’s are designed to steal someones identity (and a few bucks) and they do it very well.  That is malicious…very malicious and very very bad.  It is the purpose of (almost all) malware being made today.   I get the feeling that the anti-malware company’s are taking the stance of…”ehh….Rogues are not technically harmful to your computer so it’s not are fault…good luck!” 

Again, I know they are hard to detect, but don’t just discount them as no biggy.  They are the “biggest of the biggy’s” when you consider what they accomplish.

I wonder why Malwarebytes can detect every rogue out there….hmmmm…

Continue Reading · 84

DriveSentry 3.1 Review – Install, Configuration and Prevention

Last night I reviewed one of my favorite applications…DriveSentry 3.1

DriveSentry is a FREE (yes, free) HIPS based application and uses what they call “TRI-Security Malware Protection” which is basically:

  • Whitelisting – A list of 40,000 + known safe applications.  Since these applications are already proven safe the user is spared the question…”is this application safe to run”.
  • Blacklisting – A signature database of over 2 million malicious applications.
  • Behavior Analysis – Allows drive sentry to question and stop processes that appear to modify the operating system in a malicious manner.

So far DriveSentry has blocked every single threat (about 20 now) with complete ease (and I mean ease…just click the deny button).  DriveSentry uses about 19 MB of RAM and no noticeable processor time (on my pc).

So are there any downsides?  Yes, there are.  DriveSentry asks a fair amount of “is this safe to run” type questions.  Of course this is no big deal to me, but to a novice this can negate the power of this awesome application with one wrong answer.

Why?

Because novices run everything! DriveSentry needs to put a MAJOR focus on identifying legit applications for their whitelisting database if they want to break into the consumer market at a faster and more successful rate.

On a personal note – DriveSentry is currently my second favorite application (right behind DefenseWall).  I’ll be using DriveSentry for a few of my clients tomorrow.  I’m planning on having the users run their PC like they do on a normal day.  I’m sure DriveSentry will ask us if it’s OK to run a few apps here and there.  Once we have our modified whitelist set the client should be good to go.  If they get further DriveSentry questions they can just call me.

Part 1

httpv://www.youtube.com/watch?v=A5Bu7PskAnI

Part 2

httpv://www.youtube.com/watch?v=E7Ew307X9zY

Part 3

httpv://www.youtube.com/watch?v=ejW4kAPlBAY

Personal Test

httpv://www.youtube.com/watch?v=sl0RwDiYbts

Continue Reading · 44