Welcome Guest ( Log In | Register )

Outline · [ Standard ] · Linear+

Virus/Malware Virus /Rootkits Thread, Work In Progress

views
     
dharya P
post Dec 4 2019, 12:53 PM

New Member
*
Probation
2 posts

Joined: Nov 2019
Thanks for the information.
fu'house
post Mar 11 2020, 10:23 PM

On my way
****
Junior Member
540 posts

Joined: Oct 2010


Just for my own curiosity, are there any known viruses trojan malware or anything that is not removable even after reformatting? Deeply embedded within Windows system files or simply untouchable even trying to remove files from the hdd.
netmatrix
post Mar 12 2020, 12:55 AM

The machine... it sees everything.
*******
Senior Member
6,491 posts

Joined: Jan 2003
From: Zion


QUOTE(fu'house @ Mar 11 2020, 10:23 PM)
Just for my own curiosity, are there any known viruses trojan malware or anything that is not removable even after reformatting? Deeply embedded within Windows system files or simply untouchable even trying to remove files from the hdd.
*
Yes its called Boot sector virus. This one is resistant to normal hard disk formatting and it comes back again. But you could remove it by running MSDOS FDISK command or low level format a drive. But this virus seems to be totally eliminated since the adoption of NTFS & the introduction of UEFI & GPT partitions. But that does not mean new versions of these would not show up in the future.

The other was CIH virus. This was designed to format your drive and wipe the motherboard BIOS data. Seen quite a few of these during my time working in a Computer shop.

New scary versions these days are Ransomware, compared to data erasing ones.
fu'house
post Mar 12 2020, 02:39 PM

On my way
****
Junior Member
540 posts

Joined: Oct 2010


QUOTE(netmatrix @ Mar 12 2020, 12:55 AM)
Yes its called Boot sector virus. This one is resistant to normal hard disk formatting and it comes back again. But you could remove it by running MSDOS FDISK command or low level format a drive. But this virus seems to be totally eliminated since the adoption of NTFS & the introduction of UEFI & GPT partitions. But that does not mean new versions of these would not show up in the future.

The other was CIH virus. This was designed to format your drive and wipe the motherboard BIOS data. Seen quite a few of these during my time working in a Computer shop.

New scary versions these days are Ransomware, compared to data erasing ones.
*
The boot sector types, does it have a name like Brontok or any long term names? Speaking of future, generally people know windows more and more intricately it seem possible to "write" or create one for embedding. I would read up more on this.

Thanks for the knowledge.
netmatrix
post Mar 12 2020, 06:28 PM

The machine... it sees everything.
*******
Senior Member
6,491 posts

Joined: Jan 2003
From: Zion


QUOTE(fu'house @ Mar 12 2020, 02:39 PM)
The boot sector types, does it have a name like Brontok or any long term names? Speaking of future, generally people know windows more and more intricately it seem possible to "write" or create one for embedding. I would read up more on this.

Thanks for the knowledge.
*
Nahh... Brontok is a worm. It mainly starts from Registry entries and files. It does not reside in MBR. Maybe there are such variants, but i have not seen it before. Very common during Windows Vista/ Windows 7 time.
satineeraj P
post Jul 7 2020, 04:40 PM

New Member
*
Probation
12 posts

Joined: Apr 2020
i think AVG and Kaspersky is best antivirus
Peter_APIIT
post Dec 17 2020, 10:09 AM

Casual
***
Junior Member
364 posts

Joined: Mar 2008


Using Linux OS will avoid many viruses.
daisiesdontdoit92
post Dec 22 2020, 11:59 PM

On my way
****
Junior Member
574 posts

Joined: Jan 2020


QUOTE(Peter_APIIT @ Dec 17 2020, 10:09 AM)
Using Linux OS will avoid many viruses.
*
For those who wondering why Linux is very safe against viruses:

Why Linux Is Resistant to Viruses

Linux is based on an older operating system called Unix. Unix was developed in the 1970s at Bell Labs. It quickly gained popularity and spread to the business world and academic institutions worldwide. Linux was an attempt to recreate Minix, a variation of Unix. As a result, it inherited many traits from Unix, including its user permissions.

On Unix systems, there's a clear distinction between user accounts and administrators. Users can't install programs system-wide, and they don't have access to important system folders. Suppose you downloaded and ran a virus or any malware on Linux. In that case, it would mess up your user account and the folders that your user account can access. It couldn't spread and infect the entire system unless you gave it administrative privileges. It's harder for a virus to damage a Linux computer.


Why Linux Doesn't (Usually) Need Anti-Virus
ayush123 P
post Jan 28 2021, 04:47 AM

New Member
*
Probation
2 posts

Joined: Jan 2021
From: Sheikh Zayed Rd - Al QuozQuoz 3 - Dubai


i want to say that working anti virus still wait after that you can go your control panel and click window defender and scan after few time showing message
Peter_APIIT
post Oct 14 2021, 03:01 PM

Casual
***
Junior Member
364 posts

Joined: Mar 2008


Using process guard on MS Windows as well.
renmejustin
post Apr 10 2022, 03:48 AM

Getting Started
**
Junior Member
99 posts

Joined: Mar 2022


Nowadays whats the best antivirus to use? Preferably have balance between detecting many threats but also not too strict la, sometimes if too strict then some apps which are actually safe but the antimalware flag it
skyxis
post May 5 2022, 10:20 AM

[QVICE]
****
Senior Member
620 posts

Joined: May 2005


QUOTE(renmejustin @ Apr 10 2022, 03:48 AM)
Nowadays whats the best antivirus to use? Preferably have balance between detecting many threats but also not too strict la, sometimes if too strict then some apps which are actually safe but the antimalware flag it
*
I will recommend get the ESET antivirus, it will not use too much of CPU or consume too much of memory when manual scanning or real-time scanning.
JonathanHanYT
post May 5 2022, 12:56 PM

Getting Started
**
Junior Member
114 posts

Joined: Nov 2021
From: Penang, Malaysia


QUOTE(renmejustin @ Apr 10 2022, 03:48 AM)
Nowadays whats the best antivirus to use? Preferably have balance between detecting many threats but also not too strict la, sometimes if too strict then some apps which are actually safe but the antimalware flag it
*
If you ask me, personally I recommend you to use Kaspersky Cloud Free + Malwarebytes. Low memory usage and more reliable. So far I using them for many years and it work perfectly fine and safe. I have experience with Norton/Symantec, Eset, Mcafee, Kaspersky, Bitdefender, Total AV, Avast, AVG and Vbuster (Malaysia brand) since 1993. I test antivirus to scan for all my collection of unknown and known viruses/malware. Kaspersky and Symantec won't my all time favourite. Norton or Symantec drain more memory than Kaspersky. Eset drain lower than Symantec but the software a bit buggy. Mcafeee and Avast I don't recommend coz the software not so reliable comparing to others. Vbuster use to be the best but I believe it was no longer in the market. Malwarebytes is more for anti-malware rather than as antivirus software.

You can follow my video to install Kaspersky Cloud Free without any charges. Totally free at:

Ethan_Rob
post Oct 20 2022, 09:44 PM

Getting Started
**
Junior Member
53 posts

Joined: Sep 2022


In fact, my computer does not install any virus scanning software, just use the scanning software that comes with Windows.
RochoaEvans
post Dec 6 2022, 01:04 PM

Getting Started
**
Junior Member
153 posts

Joined: Aug 2017


user posted image

Any idea on how to removie this virus?
sadlyfalways
post Feb 8 2024, 01:58 PM

Enthusiast
*****
Junior Member
843 posts

Joined: Nov 2020
Hello, I have a question regarding maxis latest data breach

A few days ago I got the phishing message from maxis about the points thing, that the rootkit people sent

Just to be safe, I used a vpn and opened the link on incognito on my mac.

I got a dangerous website warning from chrome and so I wanted to go back but accidentally clicked on go ahead or something. The scam site didn’t load, don’t remember the warning but it said some chrome error

I immediately click on back, to get to safety

This was when chrome crashed on my for the first time since I got the mac

I had bitdefender installed and nothing popped up, when I reopened chrome it was it was not shut down properly, but seemed to be working fine

Is it possible that a rootkit script or sql injection could have taken place in that few seconds the website was open? Causing chrome to crash?

I know I sound paranoid, but they seem to be many people who have lost money somehow to theses fake websites

I do not know what else to do, and I recently sold my IDS/IPS system because I had no hits for the 6 months I owned it

Regretting my decision now
PRSXFENG
post Feb 11 2024, 10:43 AM

Regular
******
Senior Member
1,760 posts

Joined: Nov 2020


QUOTE(sadlyfalways @ Feb 8 2024, 01:58 PM)
Hello, I have a question regarding maxis latest data breach

A few days ago I got the phishing message from maxis about the points thing, that the rootkit people sent

Just to be safe, I used a vpn and opened the link on incognito on my mac.

I got a dangerous website warning from chrome and so I wanted to go back but accidentally clicked on go ahead or something. The scam site didn’t load, don’t remember the warning but it said some chrome error

I immedia back, to get to safety

This was when chrome crashed on my for the first time since I got the mac

I had bitdefender installed and nothing popped up, when I reopened chrome it was it was not shut down properly, but seemed to be working fine

Is it possible that a rootkit script or sql injection could have taken place in that few seconds the website was open? Causing chrome to crash?

I know I sound paranoid, but they seem to be many people who have lost money somehow to theses fake websites

I do not know what else to do, and I recently sold my IDS/IPS system because I had no hits for the 6 months I owned it

Regretting my decision now
*
just loading a website shouldnt exactly breach you since there are many safety features like sandboxing built into chrome
yes 0 day vurnabilities do exist but it doesnt seem like they are the kind to have those

the crash may have just been a coincidence
but cant rule out the possibility of an attempt at breaching
but as long as you keep chrome up to data it should be ok

rootkit... those have gone out of fashion a long time ago, plus you are on a mac

sql injection... you are not running/hosting a database on your machine, this is not something that affects you
sql injection is where an attacker injects commands when inputting data, like say they enter a username but also a command alongside it, and your system processes the command as well, but again, sql is for a database

based on what ive seen around
how they get your money is they want you to login to your bank, one twitter post says they ended up landing at a page to authorize a 2k transaction
no idea if they are using a real or fake bank page, either way they are interested in your bank details
as long as you didnt type your details in you're fine

nowdays most malware are interested in your data and money

17 Pages « < 15 16 17Top
 

Change to:
| Lo-Fi Version
0.0160sec    0.43    6 queries    GZIP Disabled
Time is now: 28th March 2024 - 09:24 PM