when was the last time anyone found a real live virus ?

Absolutely...
My point here is that many who come here are looking for answers, and diminishing them by saying you got infected because you are an idiot or a dirty pervert or both, is not correct. Users get infected because sites as malwareAlarm.com and thousands of others are lurking to screw them up royally. The SOB's invest enormous time and resources into doing it and they even organize themselves to finance larger more sophisticated operations...

It's not because they are ignorant or stupid or because they go to bad places it's because some have laid traps and lay in wait ready to pounce like the dirty predators that they are...

Unfortunately my job exposes me to all this, and I feel there is a need to wake some people up a bit... gently of course!

 

I can see your point.
a few years ago to get infected by spyware you genrally had to visit dodgy sites or try to download crack serial keys aka me a few years ago
i learnt my lesson thou.
these days you can go to a legitimate site which has been hacked and get infected. common sence can avoid trojans sent via email and messenger type programs and avoiding dodgy sites. but with the increasing amount of legitement sites being hacked it becomes harder and harder for safe surfing to help avoid infection.

 

Has this happened very often to you ? which legitimate sites gave you an infection ? and how did the infection evidence itself ? Hasn't happened to me but would be interested in some indication of what I might expect.

 

Right! Also the e-mail virus and the browser hijacker sites are real, some are even built from the ground up to hack each and every visitor that show up. Another unpleasant indicator is simply looking at the lists of of Phony Security Software that one can download from the internet is staggering!

 

Visiting this website would download some spyware to your PC.

http:{forward slash}{forward slash}unlimited.com/kmovie-the-sweet-sex-
and-love

It would create these files in your PC
1) system32\compress.exe
2) system32\dlg.exe
3) system32\explorer.exe (this is hidden)
4) system32\servcie\data\dll1.txt
5) system32\servcie\data\dllp.txt
This contains your passwords from IE auto completion and Outlook
6) system32\servcie\data\tf.txt
This contains details of most banks website

I would like to make the following points.

1) unlimited.com belongs to TUCOWS.INC. I thought this is a reputable shareware website. There is no way we could detect a spyware coming from a reputable website.
2) Using IE auto completion passwords is a bad practice! Using this feature would expose yourself to spyware stealing your details.
3) The attack is like an intrusion attack. You would need a utility to detect changes in your key system areas REGARDLESS if you have an anti-virus program or not.

Hope this helps

 

Or..... the need of an utility that did'nt let go anything to your system in the first place. [virtu. sandbox,vm]

 

Hello,

sekuritas, you missed a few important points in your post:

- that thingie works with IE only, use non-IE, problem solved.
- passwords in IE, Outlook, not everyone uses these, problem solved.

Mrk

 

I encountered a real virus like 5 years ago.
It was a worm and my computer rebooted every few minutes.
I knew little about computers, but I found some tool to fix it.

I think I had little adware programs and trojans, but none of them actually did me any harm.
When I found them I was like, oh really?

 

QFT: Quoted for Truth.

Hermes, do kindly refrain from throwing tantrums and wasting our bandwidth with all those pointless images, please and thank you.

 

He likes to promote his "services" with many horror stories. Kind of like free advertising for this company.

 

I will love to have some links of this kind.

 

Hello,
nope but i went to the asus website soon after the hack on there site had been fixed a few months ago.
its becoming more common.
all companies need to make sure they are fully patched so the chance of there website being hacked is minimal.

 

Perhaps, you didn't read what I wrote... Also I am simply responding to what some have asked... Read the title of this thread for example.
Unless these are not real viruses, and no one found them... I guess I did what was asked... (I'm not the one who started the thread to advertise this either). Also If I post something, a few immediately attack it's validity... somehow pictures are hard to deny or down play...

 

Hello,

Hermes, a friendly advice - it does you no PR good to strike the line of fear and hang on to it. A more "liberal" approach would still earn you all your customers - because the world of the computers is not going to change quickly - but you will not earn the scorn of the security minimalists or spartans.

I understand what you're saying regarding the viruses and such, I just think your approach is somewhat offmark.

Mrk

 

Tried but was not able to access it.

 

Hello Mrkvnic,
Perhaps, However if you go to my website, you will notice this: I am building it as a resource for everything system support. I intend the site to be a place where everyone can go and fix their own issues by themselves... With the added options of getting a pro doing it.

The emphasis on security really is one of necessity. People don't come to me overjoyed having to pay for cleaning things up because of infections, they really do this reluctantly... They all ask me what can be done? They are frustrated, and really pissed off about the whole thing.

Also I really am doing the "postings" here not to get business but to increase public awareness of the issues. Most Specially among the complacent tech crowd. Dont think for a single second I could ever make a single sale in Wilders, most are my small scale competitors, consultants and even developers. Certainly not the type of people who would pay for my services. But I have read and contributed posts here for years... I know there is a real and present need!

However when the RCMP in some of our conventions in Canada have openly asked for tech company like mine for support fighting against the problems associated with the Internet. I'm simply doing my two bits! Raising awareness is a good thing but obviously not to the likings of many...

And please do forgive me for upsetting the minimalists & spartans...
It really never was my intentions to upset anyone!

 

Hi Hermes,

it's nice you want to help, but your approach has kinda been, well, "in your face" so to speak. You also poke sarcasm at those who do run "minimalist" or "spartan" setups, but let's face it, it works for them! I used to think: "what in he11 are they doing?" but eventually I realize that with my own setup of mainly firewall, av and HIPS, I have not been hit with any bug in 5 years, and it's not because my security apps caught or prevented anything, it's because there was nothing to catch. If I had run nothing and only sat behind my router for all those years, my machine would still have been malware free. The two times before when I was hit, it was my own fault, looking for "free" software on "discount" sites There is also a heck of alot to be said for the merits of limited accounts. They help a great deal, at least if they are setup right.

There is no disputing the threats are out there in force, but there are alternative approaches that obviously work as several members in these forums have stated, besides the ones where layered security apps are used. Personally, I'll always keep my software firewall and av, but I may just drop my HIPS. I was enamoured with Sandboxie recently, but even that has worn thin on me.

 

Finally, a very rational analysis. The threats are about 1% real and 99% fabricated by those that gain monetarily by promoting malware paranoia. A minimalist AV approach works and works well. "Layered protection" is just layered paranoia.

 

Hello wat0114,

Perhaps you fail to note the attacks I suffered simply for stating a rather valid perspective... A lot of the more aggressive points being made are simply a countermeasure to these attacks.

I think often some fail to notice that for the sake of personal economic interests and of product sales many would forgo the greater good. I think many in these forums are "hidden promoters" and some are actively working as activists posing as joe average downplaying the competitions products, just read and you will get the picture relatively quickly...

I stand for neither. I stated my views, as objectively as I can, and received the retaliatory attacks both in these posts, and to my web site. I guess one cant please every one so I don't try and just do as I think is best!

 

You speak like an uneducated moron, just by saying that I or anyone for that matter would monetarily gain by fabricating, and promoting fear of malware... I help real people with real problems probably caused by the likes of many like you who write in these forums...

You are insulting the intelligence of each, and every person who has, and who is infected with malware and you are truly demonstrating your ignorance!
Besides I work my ass off providing free resources for all those intelligent enough to help themselves but with need of a bit of guidance... It must be nice to be able to hide behind a handle and write and scoff at everyone else!

 

Security is a matter of strategy, not of what programs you use. I think I saw this saying once before at Wilders, and I couldn't agree with it more even though I can't remember who said it. The threats are real, and ignoring the smaller pieces of malware that scanners miss daily by the hundreds, new variants of Zlob/Renos/Virtumonde etc are released almost every other day that garner 2/32, 1/32 or 0/32 detection at VirusTotal.

Saying that malware threats are a hoax is, to put it plainly, just as stupid as Hermes' constant "you will get infected!!" spiel. Neither are true, since it depends almost entirely on the individual in question, and you're subscribing to nothing but pure hypocrisy when you declare that the arguments on the other extreme end of the spectrum sound "rational" to you.

 

Name calling is not an argument. I said 1% of the threats are real, and you may well help those unfortunate enough to have malware on their boxes. Until I see evidence (of mass infection) to the contrary, my premise stands as is.

 

Yesterday I worked for 7 1/2 hours on a clients 2 home computers. These are normal people, who do banking, kids play video games, send & recieve email's.

There was so many different viruses on these two computers I probably have another 3 - 4 hours of work to save them and bring them back to speed.

My point is these are the people I stand for and for whom I fight with the likes of many in these forums. Many here are techies and my effort is to raise the voice of reason among the high pitch of specific product interests.

Those who have accused me of profiting, should go to my purchase page where is its stated WE DON'T SELL SOFTWARE!
which is probably the part that upset my critics most. Also I "Give" yes Give for free to anyone who purchase a block of time a copy of Prevx... again not profiting from malware... but helping those who get screwed by malware.

I am not saying everyone will get infected, I'm saying those who downplay it are simply wrong about the issue...

 

Why don't you read what I wrote- not what you think I wrote. I said 1% of the threats are real. A hoax is your word.

 

There are people that have never been infected and probably never will and have only basic antivirus or no security software at all. Then again, some people will get infected even though they have many security applications with latest technologies and follow all the trends in the industry.

If an av passes a virus to your computer, how did it happen in the first place? Who downloaded what? Who visited some malicious website? Who clicked on what? Who disabled what? and so on.

All the software and strategies don't make people smarter. People also die in car accidents even though they have airbags, safety belts, ESPs and so on.