Donate Bitcoin

Donate Paypal


PeakOil is You

PeakOil is You

trouble with virust infection

Having trouble? Is the forum having trouble?

Moderator: admin

Re: trouble with virust infection

Unread postby Outcast_Searcher » Thu 27 Aug 2015, 13:24:15

SeaGypsy wrote:Big problem. Its ransomware. As far as I know it is impossible to get off without either- pay the ransom- reformatt back to factory settings (& lose your data).

This is about as compelling a reason to regularly physically back up your personal/application data onto media and keep it AWAY from the computer as I can think of. At least that way you can go back to factory settings, reinstall any newer software, and restore your personal/application data back to (say) your documents library.

I have multiple computers AND do this. That way, any total hardware or software failure is annoying and takes some time, but doesn't take me out of action. Also ensure you use multiple physical media. ANY single media can fail at any time.

I also annually take copies of my memory sticks with all my personal/application files to a safe deposit box so if my house is burglarized or burns, at least I don't lose all my data too.

FWIW, with all the security problems and dishonesty problems on the internet, I do NOT want to use some online "cloud" etc. solution for my data backup, any more than I want to file my taxes with software from some cloud. Having ALL my key data in one place online for a hacker attack doesn't seem like a good plan to me.
Given the track record of the perma-doomer blogs, I wouldn't bet a fast crash doomer's money on their predictions.
User avatar
Outcast_Searcher
COB
COB
 
Posts: 10142
Joined: Sat 27 Jun 2009, 21:26:42
Location: Central KY

Re: trouble with virust infection

Unread postby onlooker » Thu 27 Aug 2015, 13:39:46

What Outcast says makes much sense. The internet has become unreliable for sensitive data storage. It makes me think for some reason of the Wild West here in the US when Banks were actually unreliable sources to keep your money as they were being robbed almost every week. Well to you experts if their is one tip for keeping your computer virus free what would that be? I am sure the common response would be a good security anti-virus program. Well I just purchased Defender Pro wonder if anyone has feedback on this program. I saw that it was ranked number 4 on a ratings list of security programs with Norton and Mcaffee as one and two.
"We are mortal beings doomed to die
User avatar
onlooker
Fission
Fission
 
Posts: 10957
Joined: Sun 10 Nov 2013, 13:49:04
Location: NY, USA

Re: trouble with virust infection

Unread postby kanon » Fri 28 Aug 2015, 08:02:00

onlooker wrote:Well to you experts if their is one tip for keeping your computer virus free what would that be?

Not an "expert" but after decades of virus free computing, I would suggest you try Linux. The flavor called "Ubuntu" is reported to be easy to set up and use. The unix user/group id and file structure make virus type programs very difficult, since the system gives the user only read access to selected system files. One could have executable programs in their home directory, which a virus hacker could get to, but there is no reason to do this on your own computer. Security is still an issue, but nowhere near the trouble. IMHO, as long as you use Windows, you will have virus/malware issues because the security model is an afterthought.

Select an extra computer for test installation or get a "Live CD" to boot up and figure out how to use it.
kanon
Lignite
Lignite
 
Posts: 251
Joined: Fri 24 Oct 2014, 09:04:07

Re: trouble with virust infection

Unread postby SeaGypsy » Fri 28 Aug 2015, 08:16:27

The best filter is the one between your ears. Do people just click on random pop ups & email links still? Being careful about what I open I haven't had a virus, mmm since I was sharing a computer with my shopaholic wife.
SeaGypsy
Master Prognosticator
Master Prognosticator
 
Posts: 9284
Joined: Wed 04 Feb 2009, 04:00:00

Re: trouble with virust infection

Unread postby Keith_McClary » Fri 28 Aug 2015, 20:26:06

SeaGypsy wrote:The best filter is the one between your ears. Do people just click on random pop ups & email links still?
Linux users don't worry about it. A virus can't survive a reboot unless it can get administrator permissions. Windows also has administrator permissions - I don't know why these don't stop viruses.
Facebook knows you're a dog.
User avatar
Keith_McClary
Light Sweet Crude
Light Sweet Crude
 
Posts: 7344
Joined: Wed 21 Jul 2004, 03:00:00
Location: Suburban tar sands

Re: trouble with virust infection

Unread postby davep » Sat 29 Aug 2015, 02:12:17

Keith_McClary wrote:
SeaGypsy wrote:The best filter is the one between your ears. Do people just click on random pop ups & email links still?
Linux users don't worry about it. A virus can't survive a reboot unless it can get administrator permissions. Windows also has administrator permissions - I don't know why these don't stop viruses.


There are plenty of Linux vulnerabilities and exploits. I have no idea where you get the notion that a virus can't survive a reboot. That may generally be the case if you're using a Live CD, but there are also means of remaining infected via BIOS/UEFI and disk/USB firmware.

Root permissions are the same thing as administrator permissions. The point about vulnerability exploits is that they can do things such as escalate privileges. This is not unique to Windows.
What we think, we become.
User avatar
davep
Senior Moderator
Senior Moderator
 
Posts: 4578
Joined: Wed 21 Jun 2006, 03:00:00
Location: Europe

Re: trouble with virust infection

Unread postby davep » Sat 29 Aug 2015, 02:18:10

SeaGypsy wrote:The best filter is the one between your ears. Do people just click on random pop ups & email links still? Being careful about what I open I haven't had a virus, mmm since I was sharing a computer with my shopaholic wife.


There is plenty of malware that is delivered via supposedly reputable ad-delivery networks. And you wouldn't necessarily see it coming. Yes, there's the low hanging fruit where people click on almost anything, but you can be owned just by using http rather than https (using techniques such as Quantum Insert - Hacking Team had such an attack in their portfolio).

So, get an ad blocker and HTTPS Everywhere as a minimum. I use Disconnect, HTTPS Everywhere, NoScript, Privacy Badger, BetterPrivacy and uBlock. I have also hardened Firefox a bit by disabling cookies by default and making Java/Flash "Ask to activate" as well as implementing most of the stuff in this http://b.agilob.net/better-security-privacy-and-anonymity-in-firefox/
What we think, we become.
User avatar
davep
Senior Moderator
Senior Moderator
 
Posts: 4578
Joined: Wed 21 Jun 2006, 03:00:00
Location: Europe

Re: trouble with virust infection

Unread postby onlooker » Sat 29 Aug 2015, 05:30:42

Dave all that make sense. That tip on Http is good to know. Frankly, I had been a bit careless and was asking for problems. Not good considering what a minefield the Web has become.
"We are mortal beings doomed to die
User avatar
onlooker
Fission
Fission
 
Posts: 10957
Joined: Sun 10 Nov 2013, 13:49:04
Location: NY, USA

Re: trouble with virust infection

Unread postby Keith_McClary » Sat 29 Aug 2015, 21:43:43

davep wrote:I have no idea where you get the notion that a virus can't survive a reboot.
It has to be somewhere with root permission that gets executed during boot. If it's in a user directory, it's just data. (Assuming the system is configured properly).
Facebook knows you're a dog.
User avatar
Keith_McClary
Light Sweet Crude
Light Sweet Crude
 
Posts: 7344
Joined: Wed 21 Jul 2004, 03:00:00
Location: Suburban tar sands

Re: trouble with virust infection

Unread postby SeaGypsy » Sat 29 Aug 2015, 23:37:06

I would reckon complacency about app permissions has to be the easiest & most commonly effective entry point to most end point users. A phone full of apps created by & belonging to god knows who is normal already.
SeaGypsy
Master Prognosticator
Master Prognosticator
 
Posts: 9284
Joined: Wed 04 Feb 2009, 04:00:00

Re: trouble with virust infection

Unread postby davep » Sun 30 Aug 2015, 02:52:42

Keith_McClary wrote:
davep wrote:I have no idea where you get the notion that a virus can't survive a reboot.
It has to be somewhere with root permission that gets executed during boot. If it's in a user directory, it's just data. (Assuming the system is configured properly).


The concept of vulnerabilities with privilege escalation I mentioned above means that once you gain that root privilege via exploitation of a vulnerability you can basically do whatever you like to survive reboot (depending on the payload you want to use). Believe me, it's part of my job. And there is no magic wand that means Linux is less prone to such vulnerabilities than Windows.
What we think, we become.
User avatar
davep
Senior Moderator
Senior Moderator
 
Posts: 4578
Joined: Wed 21 Jun 2006, 03:00:00
Location: Europe

Re: trouble with virust infection

Unread postby ralfy » Sun 30 Aug 2015, 03:24:03

From what I remember, operating systems in general are vulnerable, more problems arise as more features are added, and malware authors tend to focus on more popular systems.

For my system (Win 8.1), I use the following:

Cyberfox 64-bit browser with add-ons like NoScript, uBlock, UAControl, Cookie Controller, etc. (I chose this browser because it allows for more features than Chromium, which I used before, but removes any features that were added to Firefox that I don't need)

Panda antivirus (free version; I selected the free version of antivirus programs with high ratings for protection, performance, and so forth, as mention in sites like AV-Test)

Malwarebytes Anti-Exploit

Malwarebytes Anti-Malware and others for non-real time scanning

Windows Firewall Control (the firewall in the router is also activated)

Finally, I installed VirtualBox to run Zorin OS, as well as backup and timeline programs to recover files or the system when needed.
User avatar
ralfy
Light Sweet Crude
Light Sweet Crude
 
Posts: 5569
Joined: Sat 28 Mar 2009, 11:36:38
Location: The Wasteland

Re: trouble with virust infection

Unread postby davep » Sun 30 Aug 2015, 05:21:45

If you really want to be paranoid, run your browser in a virtual machine, with Wireshark installed. Some advanced malware checks to see if it's in a VM and/or if a network sniffer is installed before installing itself. They do this to avoid what could be a honeypot.

This isn't foolproof, as there are also potentially means of breaking out of the VM and infecting the host UEFI etc.
What we think, we become.
User avatar
davep
Senior Moderator
Senior Moderator
 
Posts: 4578
Joined: Wed 21 Jun 2006, 03:00:00
Location: Europe

Previous

Return to Technical Support

Who is online

Users browsing this forum: No registered users and 56 guests