Page 2 of 2

Re: trouble with virust infection

Unread postPosted: Thu 27 Aug 2015, 12:24:15
by Outcast_Searcher
SeaGypsy wrote:Big problem. Its ransomware. As far as I know it is impossible to get off without either- pay the ransom- reformatt back to factory settings (& lose your data).

This is about as compelling a reason to regularly physically back up your personal/application data onto media and keep it AWAY from the computer as I can think of. At least that way you can go back to factory settings, reinstall any newer software, and restore your personal/application data back to (say) your documents library.

I have multiple computers AND do this. That way, any total hardware or software failure is annoying and takes some time, but doesn't take me out of action. Also ensure you use multiple physical media. ANY single media can fail at any time.

I also annually take copies of my memory sticks with all my personal/application files to a safe deposit box so if my house is burglarized or burns, at least I don't lose all my data too.

FWIW, with all the security problems and dishonesty problems on the internet, I do NOT want to use some online "cloud" etc. solution for my data backup, any more than I want to file my taxes with software from some cloud. Having ALL my key data in one place online for a hacker attack doesn't seem like a good plan to me.

Re: trouble with virust infection

Unread postPosted: Thu 27 Aug 2015, 12:39:46
by onlooker
What Outcast says makes much sense. The internet has become unreliable for sensitive data storage. It makes me think for some reason of the Wild West here in the US when Banks were actually unreliable sources to keep your money as they were being robbed almost every week. Well to you experts if their is one tip for keeping your computer virus free what would that be? I am sure the common response would be a good security anti-virus program. Well I just purchased Defender Pro wonder if anyone has feedback on this program. I saw that it was ranked number 4 on a ratings list of security programs with Norton and Mcaffee as one and two.

Re: trouble with virust infection

Unread postPosted: Fri 28 Aug 2015, 07:02:00
by kanon
onlooker wrote:Well to you experts if their is one tip for keeping your computer virus free what would that be?

Not an "expert" but after decades of virus free computing, I would suggest you try Linux. The flavor called "Ubuntu" is reported to be easy to set up and use. The unix user/group id and file structure make virus type programs very difficult, since the system gives the user only read access to selected system files. One could have executable programs in their home directory, which a virus hacker could get to, but there is no reason to do this on your own computer. Security is still an issue, but nowhere near the trouble. IMHO, as long as you use Windows, you will have virus/malware issues because the security model is an afterthought.

Select an extra computer for test installation or get a "Live CD" to boot up and figure out how to use it.

Re: trouble with virust infection

Unread postPosted: Fri 28 Aug 2015, 07:16:27
by SeaGypsy
The best filter is the one between your ears. Do people just click on random pop ups & email links still? Being careful about what I open I haven't had a virus, mmm since I was sharing a computer with my shopaholic wife.

Re: trouble with virust infection

Unread postPosted: Fri 28 Aug 2015, 19:26:06
by Keith_McClary
SeaGypsy wrote:The best filter is the one between your ears. Do people just click on random pop ups & email links still?
Linux users don't worry about it. A virus can't survive a reboot unless it can get administrator permissions. Windows also has administrator permissions - I don't know why these don't stop viruses.

Re: trouble with virust infection

Unread postPosted: Sat 29 Aug 2015, 01:12:17
by davep
Keith_McClary wrote:
SeaGypsy wrote:The best filter is the one between your ears. Do people just click on random pop ups & email links still?
Linux users don't worry about it. A virus can't survive a reboot unless it can get administrator permissions. Windows also has administrator permissions - I don't know why these don't stop viruses.


There are plenty of Linux vulnerabilities and exploits. I have no idea where you get the notion that a virus can't survive a reboot. That may generally be the case if you're using a Live CD, but there are also means of remaining infected via BIOS/UEFI and disk/USB firmware.

Root permissions are the same thing as administrator permissions. The point about vulnerability exploits is that they can do things such as escalate privileges. This is not unique to Windows.

Re: trouble with virust infection

Unread postPosted: Sat 29 Aug 2015, 01:18:10
by davep
SeaGypsy wrote:The best filter is the one between your ears. Do people just click on random pop ups & email links still? Being careful about what I open I haven't had a virus, mmm since I was sharing a computer with my shopaholic wife.


There is plenty of malware that is delivered via supposedly reputable ad-delivery networks. And you wouldn't necessarily see it coming. Yes, there's the low hanging fruit where people click on almost anything, but you can be owned just by using http rather than https (using techniques such as Quantum Insert - Hacking Team had such an attack in their portfolio).

So, get an ad blocker and HTTPS Everywhere as a minimum. I use Disconnect, HTTPS Everywhere, NoScript, Privacy Badger, BetterPrivacy and uBlock. I have also hardened Firefox a bit by disabling cookies by default and making Java/Flash "Ask to activate" as well as implementing most of the stuff in this http://b.agilob.net/better-security-privacy-and-anonymity-in-firefox/

Re: trouble with virust infection

Unread postPosted: Sat 29 Aug 2015, 04:30:42
by onlooker
Dave all that make sense. That tip on Http is good to know. Frankly, I had been a bit careless and was asking for problems. Not good considering what a minefield the Web has become.

Re: trouble with virust infection

Unread postPosted: Sat 29 Aug 2015, 20:43:43
by Keith_McClary
davep wrote:I have no idea where you get the notion that a virus can't survive a reboot.
It has to be somewhere with root permission that gets executed during boot. If it's in a user directory, it's just data. (Assuming the system is configured properly).

Re: trouble with virust infection

Unread postPosted: Sat 29 Aug 2015, 22:37:06
by SeaGypsy
I would reckon complacency about app permissions has to be the easiest & most commonly effective entry point to most end point users. A phone full of apps created by & belonging to god knows who is normal already.

Re: trouble with virust infection

Unread postPosted: Sun 30 Aug 2015, 01:52:42
by davep
Keith_McClary wrote:
davep wrote:I have no idea where you get the notion that a virus can't survive a reboot.
It has to be somewhere with root permission that gets executed during boot. If it's in a user directory, it's just data. (Assuming the system is configured properly).


The concept of vulnerabilities with privilege escalation I mentioned above means that once you gain that root privilege via exploitation of a vulnerability you can basically do whatever you like to survive reboot (depending on the payload you want to use). Believe me, it's part of my job. And there is no magic wand that means Linux is less prone to such vulnerabilities than Windows.

Re: trouble with virust infection

Unread postPosted: Sun 30 Aug 2015, 02:24:03
by ralfy
From what I remember, operating systems in general are vulnerable, more problems arise as more features are added, and malware authors tend to focus on more popular systems.

For my system (Win 8.1), I use the following:

Cyberfox 64-bit browser with add-ons like NoScript, uBlock, UAControl, Cookie Controller, etc. (I chose this browser because it allows for more features than Chromium, which I used before, but removes any features that were added to Firefox that I don't need)

Panda antivirus (free version; I selected the free version of antivirus programs with high ratings for protection, performance, and so forth, as mention in sites like AV-Test)

Malwarebytes Anti-Exploit

Malwarebytes Anti-Malware and others for non-real time scanning

Windows Firewall Control (the firewall in the router is also activated)

Finally, I installed VirtualBox to run Zorin OS, as well as backup and timeline programs to recover files or the system when needed.

Re: trouble with virust infection

Unread postPosted: Sun 30 Aug 2015, 04:21:45
by davep
If you really want to be paranoid, run your browser in a virtual machine, with Wireshark installed. Some advanced malware checks to see if it's in a VM and/or if a network sniffer is installed before installing itself. They do this to avoid what could be a honeypot.

This isn't foolproof, as there are also potentially means of breaking out of the VM and infecting the host UEFI etc.