|
|
|
Windows AntiBreach Patrol
|
|
|
Aliee
Newbie
|
28. April 2014 @ 10:26 |
Link to this message
|
|
Hey, I somehow caught a virus and now my computer is infected with a fake antivirus program - Windows AntiBreach Patrol. Ive stopped using AV tools a long time ago and I didnt have any problems until now. So I googled it and I found a couple of removal guides. I followed this one xp-vista.com/spyware-removal/windows-antibreach-patrol-removal-guide (sorry I can't post links) but now I dont know if the product they suggest is a good choice. What program should I use? Can you recommend a free one? Thanks!
|
|
Advertisement
|
 |
|
|
|
Mez
AfterDawn Addict
|
28. April 2014 @ 11:26 |
Link to this message
|
|
My suggestion is...
dissconnect your computer from your network
Reinstall your OS if you don't have a disk you can buy a recover disk for your computer on line. You can buy one for your computer for about 50 USDs.
Install what ever security and software you an get without being connected to the internet.
Before you connect, image your clean setup to an external drive.
The next time this happens you can just reimage.
Formatting is about the only way to get rid of all your malware.
There are articles on doing just that in this forum and how to get imaging software for free.
Before you disconnect you might want to download Belarc Advisor and run that on your computer. It inventories your software licenses, keys etc. Save that infor to a safe place.
PS before you connect unplug your router. It is probably infected and unplugging it clears the RAM. Otherwise you will be attacked the second you connect bask to your network.
This message has been edited since posting. Last time this message was edited on 28. April 2014 @ 11:29
|
|
ddp
Moderator
|
28. April 2014 @ 12:46 |
Link to this message
|
|
|
AfterDawn Addict
|
28. April 2014 @ 14:12 |
Link to this message
|
@Mez, Your too paranoid, it is not necessary to reformat/reinstall at this time.
Hi Aliee, DDP is correct in trying a System Restore to a point before you were infected with this Rogue.. And if that fails then follow the instructions at the link: http://malwaretips.com/blogs/windows-antibreach-patrol-virus/ and use the option1 for Malwarebytes and free HiotmanPro to remove this. After doing that since you haven't been using any security software, you are probably infected with other threats that just haven't shown up so I can give you some scans to run and get you cleaned then suggest some Security software to prevent re-infection.
p.s. don't use that second link that DDP posted, it has a reputation for delivering malware.
2oG
|
|
Mez
AfterDawn Addict
|
30. April 2014 @ 12:06 |
Link to this message
|
|
Guilty as charged!
Still, McAfee has admitted to only dealing with the new malware that damages the computer and ignoring the malware that doesn't just because they can't resmond to the rest because they don't have the resorces. I think the new finds stated by McAfee are now above 100,000 per day. The worst is, I bet the statement had as much positive 'spin' as they dared add.
For me that means I don't trust that a malware scanner is going to find all the malware on MY computer let alone the military grade maleware that is too stealthy to find by the top AV scanners. 12-2012 80 out of 80 malware tested successfully infected computers protected by the top 3 or 5 AV scanners/security systems without any alarm given.
I am paranoid but my fears are not groundless.
|
|
Mez
AfterDawn Addict
|
30. April 2014 @ 13:59 |
Link to this message
|
|
A little food for thought - maybe
?At the present time Kaspersky Lab detects and blocks more than 200,000 new malicious programs every day, a significant increase from the first half of 2012, when 125,000 malicious programs were detected and blocked each day on average.?
To all you non-paranoids out there?
There is no way new 200,000 malware botnet are being written from scratch daily. I believe they are NOT adding 200K new viral signitures to the scanning database every day. If they did, scanning a computer would take days. They are acting on a very small segment of what was found that day the rest are ignored. I am sure more are being ignored than are added to the scanning database. If I am correct, your scanner will not even detect all the known malware let alone all the unknown ones.
This is my wacky paranoid theory?
You have 3 basic grades of malware.
1 Military grade ? fairly unstoppable and undetectable cost for a kit 2500 USDs
2 Professional grade fairly stealthy average cost for a kit 700 USDs
3 Freeware grade given away to anyone that wants to download a copy.
Kits allow the bot-master to build a customized botnet and require some skill.
My whacky theory is #3 is given away by the producers of 2. #2s can be located by AV scanners if their viral signature is in the scanner?s database so they are vulnerable to AV.
I bet #3 have routines that attack their computer host, probably with a long time delay like a year. This gives the botmaster time to make the 700 USDs to upgrade to the real deal. I am sure every down load has a different viral signature. These keep the AV business overloaded trying to just trying to keep computers from being attacked.
The beauty of a plan like this is it provides an entry platform. The freeware is supposed to be so easy a teenager with no IT training can become a botmaster. The entry platform has an expiration date. The botmaster can either upgrade or get another freebee that will unleash a new sacrificial botnet on the world when his botnet starts to shrink instead of grow. #3 gives amble cover for #2. Lastly, #3s add to world anarchy.
|
AfterDawn Addict
|
30. April 2014 @ 14:47 |
Link to this message
|
|
Oh Mez, your a hoot. lol
You appear to me to be so paranoid that you wear spenders AND a belt because you don't trust your pants. lol
The malware hitting the web each day has more than tripled since XP has lost M$ support, that is, unless you pay M$ for it to continue...
I test and recommend security software for about 50 of my customers and clients that I have built computers for over the past 15+ years. Since XP went south and I have some XP diehard's that will not give it up until someone takes it from their cold dead hand, I have set them up with Faronics DeepFreeze. DeepFreeze is about as Bullet Proof as you can get. It runs in a Virtual Machine and can pass Data to the Real machine through a special partition called Igloo. Anything that infects you can be killed by simply rebooting.
|
Senior Member
|
30. April 2014 @ 17:38 |
Link to this message
|
|
mez your logic is flawed cause if someone knows how to make botnets they know how to detect botnets.
I have a solution to stop malware but it might seem dramatic and draconian.If 1 person makes malware (a bot,virus,hack or any sort of malware) and gots caught he has to pay to have every computer in the world that's infected with the malware he created replaced with all latest hardware including any software the consumer wants.It would make them pay for there actions and it would be more fitting to the crime than jailing them for years.
custom built gaming pc from early 2010,ps2 with 15 games all original,ps3 500gbs with 5 games all original,yamaha amp and 5.1channel surround sound speakers,46inch sony lcd smart tv.
|
|
Mez
AfterDawn Addict
|
1. May 2014 @ 13:20 |
Link to this message
|
Originally posted by xboxdvl2:
mez your logic is flawed cause if someone knows how to make botnets they know how to detect botnets.
I have a solution to stop malware but it might seem dramatic and draconian.If 1 person makes malware (a bot,virus,hack or any sort of malware) and gots caught he has to pay to have every computer in the world that's infected with the malware he created replaced with all latest hardware including any software the consumer wants.It would make them pay for there actions and it would be more fitting to the crime than jailing them for years.
Well, on that note...
From what I can tell, no botnet has attacked a government web site since the Pentagon. I suspect they thought the attack couldn't be traced back to them. I am sure other botmasters thought about this and may have realized that the botnet owners were lucky and attacked the US. A smaller, less ethical country might have just sent a hit man to settle the score. That was a fairly long time ago. The hackers are not rabid dogs.
2old, I don't mind being thought a crazy and I am unsure myself. Still, if what Kaspersky Labs stated about 200,000 new signitures a day is true that is over 1 million new viral signitures a week and over 50 million/ year. How many signitures can be scanned for each file on your computer? How big does that viral database need to be? What about serverside polymorphic malware? It does exist or at least a few major security firms have solutions to protect you from web attacks. Only a firewall can stop an attack directed to your IP address. This is a common mode of attack. With botnets that have more than 10 million zombies could attack every IP address in the world within a week or so. Where is my judgement error? What is my big mistake? Why shouldn't I be worried?
I know another security professional that uses a sacrificial VM when he buys anything on the web. He is a mid level manager at SAIC in the security division. He is more 'paranoid' than I am as is your customers using Faronics DeepFreeze. I suspect they are the smart ones.
|
AfterDawn Addict
|
1. May 2014 @ 16:56 |
Link to this message
|
Originally posted by Merz:
2old, I don't mind being thought a crazy and I am unsure myself.
I have always said that sometimes paranoia is just good thinking! lol
Originally posted by Mez:
How many signitures can be scanned for each file on your computer? How big does that viral database need to be? What about serverside polymorphic malware?
Instead of attempting to maintain a signature or black list of the ever changing or polymorphic malware, the cloud technology now can keep a huge white list of the known good programs and if a file doesn't pass that it is stopped.. The only kink in that is if a file is really new or very old and has very few users, it will not pass.. Even with that, the list can be kept up a lot faster than a constantly changing black list.
|
|
Mez
AfterDawn Addict
|
1. May 2014 @ 22:19 |
Link to this message
|
|
I like the white list concept it is likely smaller than a weeks worth of new malware. I have seen my security balk and ask if I really wanted to install an unusual application. Had I not been installing any software that warning would have been VERY useful. That is the most useful bit of information I have gotten off AD this year. It is also somewhat comforting. I have had maybe a half dozen attacks to by browser this year. I am guessing browser addons are not white listed. If browser addons were not part of that protection process that would be a great vulnerability to exploit. It is also possible that they are since the attacks were all interrupted.
None of this explains how something installed itself on my computer at about the time of the last attempted browser attack. I didn't notice the 'bubble note' that something had been installed until I went to click on the Start button to shut down. I assure you I NEVER install anything during a browse session. As a paranoid, I have removed most if not all applications that that auto update on my computers. Until I figure that one out I will continue to be paranoid.
|
Senior Member
|
2. May 2014 @ 00:34 |
Link to this message
|
|
i hear you mez.i dont let anything autoupdate.
|
AfterDawn Addict
|
2. May 2014 @ 13:07 |
Link to this message
|
Originally posted by aldan:
i hear you mez.i dont let anything autoupdate.
I guess I am less paranoid that you guys. Or at least more confident in my security set up.
I use this machine to roam the web and search for info, download and test programs, test my security against tons of Zero-Day Threats and intentionally allow threats to infect me so that I can see what is the best way to remove all traces. Sometimes I use a VM but mostly just stay in my real machine. My drivers are updated automatically and I use Secunia PSI to keep all my programs updated auto. Which is about 85 programs on this machine. I don't allow my browser to be updated, I take care of that. I also have a couple of end of life programs that don't get updated, Office 2003 and Quicken 2010...
I have no problem with any infection because I keep a restore point and registry backup before playing with any malware. If that don't work, I have daily Image backups for the past month... All my Data is kept on another drive and is backed up in real time with Acronis Nonstop backup. My desktop is also kept with my data and if I ever do lose something, I can recover it in a heartbeat.
|
|
Mez
AfterDawn Addict
|
4. May 2014 @ 09:56 |
Link to this message
|
|
You may have a BIG point in your favor. If I was a bot master, I would keep a database of all my zombies. IP address, OS, security ect. Once you have been a zombie you are a known quantity and your defenses will be continually tested until you are back in the fold. If you have been clever enough to never been infected you aren't on anyone's hit list. I know I have been infected. I am sure all IP addresses are probed routinely but if your firewall is stealthed they may not know if the address is active. This computer is rarely connected to the internet. That combined with a stealthed firewall ought to confuse the AI if any exists. The AI would be a record as to what attacks worked and which failed. When the computer is off or disconnected it is invincible. Like all predators, they go after low hanging fruit.
|
AfterDawn Addict
|
7. May 2014 @ 15:53 |
Link to this message
|
@aldan and Mez
Mez,
As paranoid as you are and being around an IT Dept., I think? Do you not know about EMET? (Enhanced Mitigation Experience Toolkit)
I have been using it for years in the IT Dept I was over before retiring and also at home to stop hackers, exploits and plug holes in the OS and applications until they are patched.
MalwareBytes has released a very limited home version called MBAE (anti exploit) that I have been testing and it?s doing very well but very limited and designed for the inexperienced novice user.
While the security world is busy spreading meaningless fear and drama around the birth of Zero Day Exploits and similar things, Microsoft has released an update to the best security software ever created, their Enhanced Mitigation Experience Kit (EMET). You would expect the websites to be busy writing about it, but no. Maybe one or two sources.
Why, you ask? Well, because money is all about selling inferior blacklisting products rather than resolving user issues. When it comes to security, EMET takes a fraction of bandwidth to download and install, it requires no reboot, it's fully supported by Microsoft, it can be deployed and managed in a centralized manner using GUI or command line or even group policies, and it imposes no performance penalty on the user. It's a whitelist product, it requires no interaction, and it's virtually foolproof. The perfect security product or as near perfect as you can get. IMHO And the security industry hates it and tries to keep it under the radar.
I believe this is the first and only time I have ever mentioned it on AD. That?s because it?s NOT for a novice or anyone who doesn?t have some advanced knowledge of computers.
The latest update to EMET, version 4.1, now covers Win 8, Server 2012 and requires .Net Framework 4 to be installed..
I have used EMET v3 for a very long time and have just upgraded to v4.1 and when I make the statement that I NEVER get any Malware unless I install it myself, I MEAN IT!
Tutorial:
http://www.dedoimedo.com/computers/windows-emet-v4.html
User manual:
http://www.microsoft.com/en-us/download/details.aspx?id=41138
2oG
This message has been edited since posting. Last time this message was edited on 7. May 2014 @ 16:02
|
Senior Member
|
7. May 2014 @ 20:08 |
Link to this message
|
|
an addendum to that,i have one question for mez.what makes you think you are so interesting that the hackers even care about you?ive been on the net since 2006,yes a relative newbie,and havent had a major infection in all that time.mez,you need help,and it might be time to get it.conspiracy theories are just what they sound like.theories.
|
|
Mez
AfterDawn Addict
|
8. May 2014 @ 15:51 |
Link to this message
|
2old,
No I have never heard about EMET. I will look into it. For the last 15 years or so I may not have even been in the same building as the serurity team.
Quote:
what makes you think you are so interesting that the hackers even care about you
aldan, I don't. That would actually make me delusional and parniod if I thought that way.
I am a database programmer I assure you it is only a little harder than child's play to have a database record of every IP address you have attacked. I could probably build something like that in a weekend. If you brake in to the computer you inventory the computer and store that info back in a database record. That would't take much more than maybe .1 seconds. Everything you need are in memory variables. You might even copy the registry.
If you are never breached and completely stealthed then no one really knows if that IP address is active. No smart hacker beats on a dead horse when there are billions of easy targets out there.
I suspect both you and 2old have been breached but who knows, and 2old has pleanty of tricks so maybe he is clean. I don't think you are close to that clever.
I do not like your attitude. Who made you omnipotent? Maybe I have good reason to be paranoid.
5+ years ago I had a local hacker break into my wireless network using an amplified directional antenna. We had a tug of war with my wireless network for over a year. I would boot him out and upgrade my security. Some upgrades kept him out for months. The hacker had to be young and had something to prove. Had he been sneeky, I probably would have never noticed. When he ?came back? he changed the router login credentials and used up enough bandwidth that we couldn?t browse the internet. Since I cut and pasted the credentials from note pad then print them out and taped them to the router, I can be sure I didn?t forget the password. At the end, he broke the highest security and longest and most complex ID and password the router would allow in a few hrs. 32 char ID and 64 char password. Upper and lowercase alphas some numbers and special characters. I went wired and put an end to that. I wonder how long the hacker continued to try to find my signal? I had been experimenting with making my antenna directional just before I went wired.
Do you think this was a delusion?
About a year later I didn?t like the bandwidth on my internet but the ISP claimed the connectin was strong. I ran over a dozen malware scanners and it looked clean. Some thought I was jumping at shadows on this forum since nothing was found and I believe one of them was you. I Bought a new C: and the old became D: The problem was gone. 2+ years later malware was discovered on d:. I remember posting that find. The infection was in my old airupdater. I remember getting flack that it was probably a false positive. I probably stated it could be there was no info on the malware at that time other than it existed. Much later, I discovered a full write up on it on one of the virus scanner web sites. The attack was to update the airupdater into malware. After than it has cart blanch permissions and free access through the firewall.
Do you think this was a delusion or maybe Norton was spouting nonsense?
A few years back my new MOBO started to fail. My HD then USB ports and mouse started going bad. Since I still had 2 HD drives and more than 4 USP ports and no money, I got a USB mouse and forgot about it.
Less than 2 years back I formatted and reinstalled all the software I could without needing to be connected to the web. Before this I would have MS validate my credentials using the web right after the OS installation. After the install, my motherboard was as good as new. Googling I found plenty of malware that could have been responsible. All malware scans were clean for the year or 2 between when my MOBO started to go and the rebuild. I don?t look for malware any more other than my automated scans. I consider the effort worthless.
Do you think this was a delusion?
Since I started installing my firewall and having it up and running, something would always try to get through. This was always be instantaneous after connecting to the network. After reading about thing-bots I reimaged all my computers and swapped out my router. When I connected my computers, nothing tried to get into anything. I had a clean system.
Do you think maybe the attacks were coming from the router or am I just babbling?
I read an article where some techs randomly checked routers and other IoTs looking for botnets most were infected. What makes you think your IoTs and computers are clean?
In 2012 an article was published. It took a set of 80 terribly sophisticated malware taken from the wild and had them each attack computers protected by the top 3-5 personal security softwares. All 240 ? 400 computers (I can?t remember which) were infected without detection. It has been confirmed in 2013 that there is no technology available to find this grade of malware on your computer. There is technology that will prevent attacks while you browse the internet. One is available for free to personal users. There is no personal firewall that is certain to keep everything out.
Do you have any good reason why you think your compuiters and router are not infected?
Silly me figures unstoppable and undetectable maleware would spread like wild fire. What magic protected your computer from them or do you think the article was a hoax and the dozens of compaines are playing along?
I am truly curious to understand the working of your mind?
Why aren?t you paranoid and think I am silly?
I knew 2 white hat hackers and took a security course from another and had a long chat with him afterwards. I met a few back hat hackers on AD. The one I know fairly well considered me lackadaisical, not paranoid. All went to unimaginable extremes to stay safe.
It just came to me, do you even have a good idea what a botnet is? Bot stands for robot. These things run 24/365 without any need for human intervention. The only time a human is involved is when you add a new routine or alter the marching orders. This is done by only using a master computer. From there the new stuff is copied automatically throughout the botnet. Once these are up and running a 100,000,000 zombie network only requires a few hrs of human instruction. All the attacks and other 'good work' they do is completly automated running on zombies like your computer. They are the Borg of the computer world.
This message has been edited since posting. Last time this message was edited on 8. May 2014 @ 16:10
|
Senior Member
|
8. May 2014 @ 16:47 |
Link to this message
|
|
ok mez,point taken.maybe i was being harsh with you but i remember when you counted bitrates,not botnets and you were a lot more interesting then.im just a dumb canuck who only got his first computer in 2004.a pentium p54c with windows 95 (later upgraded to 98se).ive spent 10 entertaining years learning about computers,breaking a few along the way,including the p54c.lol.the most serious infection ive had was avtivirus 2009 and with 2olds help got rid of it.i too have a few tricks up my sleeve,or rather in my notebook,most learned from tuts on this site and reading every malware post with 2old contributing.i dont reinstall my os every 6mos,and i dont worry about threats that may or may not come my way.i was a kid when the countdown clock was only seconds away from armageddon and remember the duck and cover drills well.if i let the threat of nuclear anihilation bother me i would probably be dead by now,so dont expect me to go all gaga about botnets.in the final analysis its just a computer.ive lost way more valuable things in my life than that.im now going to surf some porn and im not the least bit worried.lol.ps i miss your input in the audio forumns.
This message has been edited since posting. Last time this message was edited on 8. May 2014 @ 16:48
|
AfterDawn Addict
|
8. May 2014 @ 20:25 |
Link to this message
|
Originally posted by Mez:
5+ years ago I had a local hacker break into my wireless network using an amplified directional antenna.
At the end, he broke the highest security and longest and most complex ID and password the router would allow in a few hrs. 32 char ID and 64 char password. Upper and lowercase alphas some numbers and special characters.
Were you using WPA2 encryption? You said Password and ID but what kind of Shared Key were you using?
You have to forgive my disbelief but that kid could win every lottery out there with that kind of guessing..
To be able to find a password or Shared Key of 32 or 64 random chars using the Brute Force method would take several Trillion Years?. If I recall there are 94 printable keys on a keyboard meaning a total of 94 to the 32nd or 64th power would be required.
I use a "pseudo-random" 63 chracter Shared Key in my router.
Example (not mine):
YS7w7M|bDp(n`amU]^n8ww\>zsGcC:c((5k<^Bm8Q9DHq_k~Wj[-@K#kg=9sm0G
|
Senior Member
|
8. May 2014 @ 22:18 |
Link to this message
|
|
christ,i cant read it let alone crack it.lol
This message has been edited since posting. Last time this message was edited on 8. May 2014 @ 22:18
|
|
Mez
AfterDawn Addict
|
9. May 2014 @ 14:41 |
Link to this message
|
|
Yes I was using WPA2 encryption.
My password and ID were similar to yours other than I didn't generate mine and I had more alphas.
Knowing the security wasn?t brute force hacked I searched the web to discover what he did to get in. I discovered a discussion about a new wireless security ?hole 87? or something close to 87 was brought up at a conference a few years before. The number reffered to the line of code for the vulnerabliity of a routine. I googled the security hole and got only a very few hits. One was a very tech article. As I understood and remembered the article, if a device can fake a dropped connection, the router will reestablish the connection without requiring any security validation. To gather all the required information to fake a dropped connection you may have had to be connected to the network before since you to spoof a MAC address of a device on the network. The hole was not considered urgent and was considered very difficult to prevent.
I tried to find the information a second time to send a link to someone a few years later. I couldn?t find it. Even when I found the articles there were only 3 Google hits. That information was removed from the web. If you don?t want to fix a problem just keep the public in the dark. This year Cisco updated router firmware with several security patches. One was to make the routers harder to infect with the Moon malware the other sounded like a fix for that security hole.
Enhanced Mitigation Experience Toolkit is a great concept. My read is you need to be browsing with IE. Even though I have read IE is now one of the most secure browsers I will stick with FF. The main reason is that is NOT secure. Am a crazy or what? It is like leaving a $100 bill on the kitchen table. If someone goes through kitchen the bill will be picked up. When they do, I know.
What I didn?t mention in my mini tirade is along with a few successful attacks that I know of I have hundreds of unsuccessful attacks over the last 5+ years. They go in waves. I start getting attacked more frequently. I start looking for better security. After the upgrade I will see no attacks for at least a year then the cycle repeats. The big problem is I don?t see any major software security improvement I can use if this gets compromised.
I do intend to stop accessing the internet from my office computer since I have enough spares. I can buy a used desktop for only a few dollars more than the cheapest Win 7 OS disk I could locate.
I run FF in a sandboxie sand box. So far the bots are not smart enough to detect the sandbox. I figure the app is not wildly used and the bot probably does not know what happened. The process may not fail (a return value of fail) until the user responds to the warning message. That never happens. I disconnect the connection then the sandbox is flushed ASAP.
Aldan, sometimes I can get volatile. I suspected you might not know much about security threats. If you don't set traps for intruders how would you know they were there if they clean up any trace of a break in?
McAfee has publicly admitted they don't even try to add all the new found virus info into their databases they only add ones that damage software/hardware. Why would you feel so secure that your computer has no malware on it?
I have been a senior programmer for about 25 years. I could build my own botnet from scratch except I do not know enough about attack routines. I am sure when a botnet attacks the process takes less than a second using probably many thousands of lines of code. I can say the attack process is mostly probing until an opening is found. I have read even secure systems can be overloaded if the security barrier is oveloaded with a barrage of attacks. This is do-able with a bot net.
I also don't think you have any concept of how smart a hacker can be. In this day and age there are no dumb programmers. An IQ of 130 is not all that high for a lead programmer and I have known and worked for several geniuses. The hackers come from all over the world most can?t get a decent job doing honest work so they hack. You can have no clue what you are up against. A genius can probably make the smartest person you know look stupid. I have seen just that, a pissing match between a very smart person and a genius. The mismatch didn't last long. The IQ difference between a normal person and a genius is the same as a normal person and an idiot the lowest grade of retardation. So if you are notmal, you look to a genius as the lowest form of retard looks to you. Idots may never learn to dress themselves.
This message has been edited since posting. Last time this message was edited on 9. May 2014 @ 14:47
|
AfterDawn Addict
|
9. May 2014 @ 18:55 |
Link to this message
|
After 50 years as a senior programmer and head of an IT dept, for 25 of it, I have learned, as I have said before, Paranoia is just good thinking but, only when used as a tool, as well as IF, THEN, ELSE thinking to go along with it. My main theory is, ?Know Your Enemy? and I have disassembled and traced more hacks than you have probably ever been subjected to, so that I might protect the system I was working with.
Every computer that goes on the internet is scanned 24/365 every 2 minutes or so. Knowing that you can?t be paranoid to the point of seeing bots come out of the woodwork.
Here is a scan of me while I am on the internet (I hid my IP address, but it?s me).
As you can see, I am completely stealth and not seen by any scanner..
Am I infected? NO
Can I get infected? YES
Am I afraid of being infected? NO
Can I deal with an infection if it makes it though my security? YES
Even though I am connected to the internet, you can see that my connection port 80 is stealth....
This message has been edited since posting. Last time this message was edited on 9. May 2014 @ 19:02
|
AfterDawn Addict
|
9. May 2014 @ 23:17 |
Link to this message
|
Originally posted by Mez:
Enhanced Mitigation Experience Toolkit is a great concept. My read is you need to be browsing with IE.
Evidently you didn't do enough reading. You can set the mitigation in EMET for any program you are running, I use FF. This is where some advanced knowledge of a computer comes in very handy..
I wasn't recommending that you use it, I was simply pointing out that there are ways to block the "bad guys" that the general public is not aware of. Reviewers will only hype anything they can make the most money on from downloads at their site.
|
|
Mez
AfterDawn Addict
|
10. May 2014 @ 09:43 |
Link to this message
|
2old I had no intention of ruffling your feathers...
I would be dumbfounded to have learned you hadn't stealthed your port many years ago. My ports have been stealth for at least 5. That has not eliminated attacks on my computer but I am sure it reduced them. I think recognize the port display.
Quote:
Evidently you didn't do enough reading. You can set the mitigation in EMET for any program you are running, I use FF. This is where some advanced knowledge of a computer comes in very handy..
I read when I have time. I am a programmer not a security guy. I do try to read up on security. Oh by the way, I have had 22 programmers under me. Neither of us are dopes and I never took you for one. I think both of us have a good idea what is out there but I suspect others do not. I point I was making was to aldan. There is a huge population of very smart persons trying to infect their computer. If you aren't taking extra ordinary precautions you are PROBABLY infected. Even the article that had 80 hi-test malwares over run the leading security systems didn't assume this spelled doom. Instead a user can't rely on ONLY an AV scanner to protect them.
I think you have over estimated my paranoia. My own experience has taught me that AV will not pick up everything. If you think differently, I will leave that alone.
|
|
Advertisement
|
|
|
Senior Member
|
10. May 2014 @ 15:51 |
Link to this message
|
|
dont worry guys,all my ports are in stealth and have been for a few years now.funny how you mentioned iq and genius in the same breath mez.mine was tested at 133 and i am no genius.i catch on to things quickly especially by reading.when i was 12 years old i read at a 4th year university reading level.i can still read a book and a year later tell the story.i think it helps to have a near idetic memory for what ive read.smart?meh,maybe,done some awful dumb things in my time,but genius dont hardly thank so.lol.curious about the op though.hope she got her problem solved and wasnt to scared to come back after we hijacked this thread.lol
This message has been edited since posting. Last time this message was edited on 10. May 2014 @ 15:54
|
|
