|
Ynglaur posted:I'm unsure where else in SA to ask, but this thread seems like it has people who know what they're doing? Probably Avast! if you don't like MSE.
|
#
?
May 20, 2014 21:42
|
|
|
|
| # ? Apr 29, 2024 00:45 |
|
|
Microsoft EMET and some judicious link clicking.
|
|
#
?
May 20, 2014 22:06
|
|
|
Ynglaur posted:I'm unsure where else in SA to ask, but this thread seems like it has people who know what they're doing? I don't quite understand the process at work here (it's "near" idle, and then its suddenly not? or you think it should be quiet given the workload, but it isn't?) but this sounds like dust in the laptop. Take some compressed air and clean every in/outlet you can find. Pay particular attention to the main vents that kick out hot air. Also depending on what you have running, this may be fairly normal behaviour for anything that tries to run when the machine is idle; various windows processes (indexing, pre-fetching, etc) as well as some third party programs will run tasks when the computer is otherwise idle.
|
|
#
?
May 20, 2014 22:18
|
|
|
Ynglaur posted:I'm unsure where else in SA to ask, but this thread seems like it has people who know what they're doing? Have you tried running a full scan in MSE anytime recently? It may be trying to scan things it hasn't already checked while the computer's idle.
|
|
#
?
May 20, 2014 22:32
|
|
|
Khablam posted:Take it as a PSA that download.com/CNET has bundled some really lovely stuff in the last few years, and if there's an alternative download for what you're looking for, always go for that one. Yea, I've seen multiple cases of trashed computers and the only explanation from the client is "all I did was try out a few programs from download.com."
|
|
#
?
May 20, 2014 23:47
|
|
|
Zogo posted:Just don't run it on XP (or older machines) as it may delete critical system files and you'll have to repair the OS. All you gotta do is boot off a hiren disc into mini windows XP and copy the root files back from a good XP install.
|
|
#
?
May 21, 2014 03:24
|
|
|
Install Windows posted:Have you tried running a full scan in MSE anytime recently? It may be trying to scan things it hasn't already checked while the computer's idle. That's a very good idea. I'll try that before going down the rathole of finding an AV program to replace MSE. Thank you.
|
|
#
?
May 21, 2014 05:32
|
|
|
Had a weird one crop up on my mother's tablet of all things. It masquaraded as a email from a uncle overseas ( Nevermind he never even calls, let alone emails, that would've been  in my mind, but eh.. ) and it got opened up via the built in email app. It crashed the tablet ( Samsung 10.1 3 if anyone is keeping score ) during what I assume was the process of mass-mailing itself to everyone in the address book. It even fired itself to the lovely windows mobile handheld my dad uses for work, revealing it was just a piece of text with 'ENABLE' and a link to a IP address which he didn't use thank god.  I always thought viruses for tablets were pretty much nonexistent. Not even sure if I've got rid of the drat thing because the closest virus scanner I can recognise is from AVG.
|
|
#
?
May 21, 2014 21:06
|
|
|
Android is actually pretty rife with viruses, it's highly recommended to have a scanner on android phones and tablets.
|
|
#
?
May 21, 2014 21:58
|
|
|
Eset has one I believe, maybe AVG, not sure who else. I'm not running one on mine but I really likely should :/
|
|
#
?
May 21, 2014 22:07
|
|
|
Khablam posted:Android is actually pretty rife with viruses, it's highly recommended to have a scanner on android phones and tablets. Siochain posted:Eset has one I believe, maybe AVG, not sure who else. I'm not running one on mine but I really likely should :/ 
|
|
#
?
May 21, 2014 22:13
|
|
|
Don Lapre posted:All you gotta do is boot off a hiren disc into mini windows XP and copy the root files back from a good XP install.  that could be an inconvenience to many people. I think I read recently that 1/3rd of business computers are still running XP in 2014.
|
|
#
?
May 21, 2014 22:34
|
|
|
Siochain posted:Eset has one I believe, maybe AVG, not sure who else. I'm not running one on mine but I really likely should :/ Avast does as well; just installed it the other day after idly wondering if there were such a thing as smartphone viruses. (I've only had one for a few months and it hadn't occurred to me yet.)
|
|
#
?
May 21, 2014 22:46
|
|
|
Hipster_Doofus posted:Avast does as well; just installed it the other day after idly wondering if there were such a thing as smartphone viruses. (I've only had one for a few months and it hadn't occurred to me yet.)  So of course the first virus that lands a hit, is on the tablet we got my mom for christmas, and mails itself to everyone in the family. It was just lovely luck seeing as my uncle is in a pretty risky job, so it might've been him being dead or something. So it got opened without much thought. 
|
|
#
?
May 21, 2014 22:58
|
|
|
Khablam posted:Android is actually pretty rife with viruses, it's highly recommended to have a scanner on android phones and tablets. My understand is that Android's currently in that sweet spot where basic common sense can actually keep you virus-free without needing a specialized app for it. If you make a habit of installing non-Play Store APKs from  sites, though, there's certainly worse things you can have running.EDIT: This is, of course, assuming enough familiarity/skill to look at the skeevier apps and go "okay, that may not be a good idea". There may well be people who would benefit from an Android AV, although I doubt that the average SH/SC poster would be likely to be on that list very often. Technogeek fucked around with this message at 02:36 on May 22, 2014 |
|
#
?
May 21, 2014 22:59
|
|
|
Technogeek posted:My understand is that Android's currently in that sweet spot where basic common sense can actually keep you virus-free without needing a specialized app for it. If you make a habit of installing non-Play Store APKs from Sadly not, malicious ads are the main vector, and loads of apps that have served malware accidentally have made it onto various legit stores. Google et al don't vet apps in the same way Apple do, and even if they tried to be so thorough there's a much larger potential for error because the application simply has more access to the base OS than an iDevice does.
|
|
#
?
May 21, 2014 23:28
|
|
|
Khablam posted:Sadly not, malicious ads are the main vector, and loads of apps that have served malware accidentally have made it onto various legit stores. Google et al don't vet apps in the same way Apple do, and even if they tried to be so thorough there's a much larger potential for error because the application simply has more access to the base OS than an iDevice does. Everything I understand about how apps work on Android is telling me that this post makes no sense whatsoever. Wouldn't you still have to approve the actual install before the app in question can start making GBS threads up the phone?
|
|
#
?
May 22, 2014 02:29
|
|
|
Yes, but it's not exactly difficult to create some stupid flashlight app and request permissions for everything. Most users would probably just hit "Accept" and pow, malware installed.
|
|
#
?
May 22, 2014 02:32
|
|
|
Zamujasa posted:Yes, but it's not exactly difficult to create some stupid flashlight app and request permissions for everything. Most users would probably just hit "Accept" and pow, malware installed. That would be what I meant by the "basic common sense". My original post was basically starting with the assumption that we were talking about a more technically minded user, but I can see how that might not have been clear. I'll go back and edit.
|
|
#
?
May 22, 2014 02:34
|
|
|
Technogeek posted:Everything I understand about how apps work on Android is telling me that this post makes no sense whatsoever. Wouldn't you still have to approve the actual install before the app in question can start making GBS threads up the phone? This is correct. Android "scanners" are almost entirely useless.
|
|
#
?
May 22, 2014 03:09
|
|
|
Install Windows posted:This is correct. Android "scanners" are almost entirely useless.
|
|
#
?
May 22, 2014 03:12
|
|
|
Khablam posted:Android is actually pretty rife with viruses, it's highly recommended to have a scanner on android phones and tablets. highly recommended by who?
|
|
#
?
May 22, 2014 09:53
|
|
|
mindphlux posted:highly recommended by who? By the developers of android scanning apps.
|
|
#
?
May 22, 2014 12:23
|
|
|
The examples of malware in this thread should be a prime example that the "I'm not the kind of person to get viruses/malware" fallacy is the biggest spreader of malware. It's the same logic that makes 90%+ of people agree they're "an above average driver". At any one time on the Google Play store there are 150-200 apps that contain malware, and there have been multiple examples of fake apps making it high in the charts. e.g. the fake blackberry messenger app that went high into the charts (which got removed when users reported their malware scanners had an issue with it) which was particularly effective because the logical permissions it asked for to be able to function like any other messenger app, were the same ones it could use to do harm. If you're not lucky enough to live somewhere where your main App store is Google Play, then others (legitimate stores) have malware in the 5-10% range. This ignores that there have been a decent number of exploits on the platform (and various manufacturers are still hideously bad at pushing updates out) which don't require user interaction to get you infected; the drive-by exploit is usually fed by banner ads. There's also a recently-discovered (and almost entirely unpatched) flaw that allows a seemingly innocuous app to install with almost no permissions at all, and then self-escalate it's own permissions. Your risk is much smaller than, say, someone using Internet Explorer with unpatched Java, but to colour anyone recommending Android anti-malware as a shill is going too far the other way. None of this is to say that an anti-malware scanner is going to keep you perfectly safe, but there's not really a compelling reason not so use one. Mobile malware is definitely on the up, and unfortunately "mobile malware" = "android malware" for all intents and purposes.
|
|
#
?
May 22, 2014 15:20
|
|
|
Khablam posted:The examples of malware in this thread should be a prime example that the "I'm not the kind of person to get viruses/malware" fallacy is the biggest spreader of malware. It's the same logic that makes 90%+ of people agree they're "an above average driver". Do you have one example of a in the wild, drive by, ad malware that can infect android without any user interaction? I'm being half snarky and half curious.
|
|
#
?
May 22, 2014 15:37
|
|
|
I'm more interested in the unpatched privilege escalation vulnerability he's claiming exists, because every such vulnerability I can track down has in fact been patched. The most likely one I can see him claiming is the "Pileup" vulnerability, which had in fact had a patch made available to OEMs more than two months before the tech media pubilished stuff about it.
|
|
#
?
May 22, 2014 16:51
|
|
|
As far as I know there is still no way to get an Android virus, in the wild, without having installed an .APK first (regardless of where you go said .APK) or pushed it via ADB.
|
|
#
?
May 22, 2014 17:03
|
|
|
Technogeek posted:I'm more interested in the unpatched privilege escalation vulnerability he's claiming exists, because every such vulnerability I can track down has in fact been patched. The most likely one I can see him claiming is the "Pileup" vulnerability, which had in fact had a patch made available to OEMs more than two months before the tech media pubilished stuff about it. Stanley Pain posted:As far as I know there is still no way to get an Android virus, in the wild, without having installed an .APK first (regardless of where you go said .APK) or pushed it via ADB. - They download a java trojan - It downloads the APK which masquerades as a system update - This will pop up at a random time after visiting the page so that it appears to be disconnected from the browsing Anyway, my point was simply that trusting the app stores to be clean of malware (even the Play store) is where a lot of people fall down, and that's what the comment I was replying to was stating.
|
|
#
?
May 22, 2014 18:57
|
|
|
It's a "good idea" in the same way that not getting in an accident is a good idea. It doesn't accomplish anything in practice.
|
|
#
?
May 23, 2014 00:20
|
|
|
Khablam posted:Yes, that's the one, adoption of updates including the vulnerability fix hasn't been great, which is mainly why I think AV on android is a good idea.
|
|
#
?
May 23, 2014 00:56
|
|
|
Khablam posted:Yes, that's the one, adoption of updates including the vulnerability fix hasn't been great, which is mainly why I think AV on android is a good idea. I won't defend how long it takes certain OEMs and/or carriers to push updates, but the fact that there's been a functioning patch for about four months now would make your earlier claims of an "almost entirely unpatched flaw" seem rather hollow. I'd also expect that methods of detecting and countering it have been rolled into Google Play Services by now, which would make it a moot point. I don't have any APKs to test that with, though. Actually, that brings up a question that I don't think has been answered yet: how exactly would an antimalware app do something that isn't already built in to Google Play Services? You've got "this is probably an app that you shouldn't install" warnings whether or not you're installing from Google Play, as well as the ability to forcibly uninstall apps which are known bad. quote:I believe this is the case presently, as well. The drive-by downloads can't force a package to install, but the ones identified work roughly: What exactly is the difference between "java trojan" and "malicious APK" in this scenario?
|
|
#
?
May 23, 2014 03:00
|
|
|
Technogeek posted:What exactly is the difference between "java trojan" and "malicious APK" in this scenario? A "java trojan" is a thing that doesn't exist on Android. No stock browsers or major third party browsers for Android have Java support for web pages (There's some addons you can get for Firefox that let you do it though). Incidentally, here's what typical Android malware will look like, and how to remove it: https://www.youtube.com/watch?v=iGTV0bVbHh4
|
|
#
?
May 23, 2014 03:27
|
|
|
tonberrytoby posted:By the developers of android scanning apps. Like this standard example of an android antivirus? http://www.androidpolice.com/2014/0...s-a-total-scam/
|
|
#
?
May 23, 2014 08:33
|
|
|
Wiggly Wayne DDS posted:What'd be worse is trusting someone to give out security advice when they're talking out of their arse. Install Windows posted:A "java trojan" is a thing that doesn't exist on Android. No stock browsers or major third party browsers for Android have Java support for web pages (There's some addons you can get for Firefox that let you do it though). Android patch adoption is poo poo. 4 months isn't a long time in Android terms. Google's own metrics show less than 1% of people abopt the latest update in the first 3 months, and a lot of handset vendors don't ship updates for 6 months. e.g. Jelly Bean took 6 months to break 10% adoption. thelightguy posted:Like this standard example of an android antivirus? Install Windows posted:It's a "good idea" in the same way that not getting in an accident is a good idea. It doesn't accomplish anything in practice.
|
|
#
?
May 23, 2014 13:41
|
|
|
Khablam posted:Given my original post was answering the question as to whether it was sufficient to trust the Google Play store, I'm not sure what point you're trying to make by showing that the #1 app for a week was a forgery, other than my original point that app vetting isn't very tight on Well of course it wasn't caught until someone decompiled it. Their vetting process sandboxes apps and tests for malicious behavior, just like Apple's. An app that does literally nothing isn't going to be caught by either app store. And an "app that does nothing" is a prime example of every android antivirus in existence currently.
|
|
#
?
May 23, 2014 14:48
|
|
|
Khablam posted:Android patch adoption is poo poo. 4 months isn't a long time in Android terms. Google's own metrics show less than 1% of people abopt the latest update in the first 3 months, and a lot of handset vendors don't ship updates for 6 months. e.g. Jelly Bean took 6 months to break 10% adoption. Security fixes take less time to go out than actual point releases if they can be implemented without needing to do the latter, if only because there's generally much less need to rebuild all the various customizations that the OEMs add on top of stock Android. The examples I've been able to track down point to roughly a month to clear all the hurdles. Should still be a lot shorter, of course, but I suspect a good chunk of that is carriers dragging their feet. (For example, it took less than two weeks for a fix to a vulnerability in HTC devices to go live for GSM devices in Europe, but almost a full month to hit carrier-branded devices stateside.) Technogeek fucked around with this message at 16:21 on May 23, 2014 |
|
#
?
May 23, 2014 16:19
|
|
|
Khablam posted:Take it as a PSA that download.com/CNET has bundled some really lovely stuff in the last few years, and if there's an alternative download for what you're looking for, always go for that one. I think Sourceforge is doing the same!
|
|
#
?
Jun 1, 2014 13:30
|
|
|
I have a really annoying piece of malware that I'm struggling to get rid of. Occasionally I'll be browsing within Chrome and I'll suddenly get a new tab opening, which goes to tracking.syncedvision.com which then redirects me to an advertising page, usually for a mainstream gambling website like SkyBet or something like that. It seems like it's a browser extension or something that hijacks mouseclicks - I can tell when I'm about to get one of the offending tabs because all the usual mouse hover events stop working. I don't think it's related to the sites I'm browsing because it happens on internal sites too. The weird thing is that this seems to be something that's embedded itself within my Google account, because I created a new VM and installed Chrome, and pretty soon I was getting the same thing. I've installed every piece of software I can think of to try and get rid of this - MalwareBytes, SuperAntiSpyware, ADWCleaner, RogueKiller, none of which seem to have made any difference although it seems to be happening less commonly now. Can anyone shed any light? Or maybe suggest any Chrome-specific cleaning tips?
|
|
#
?
Jun 2, 2014 13:53
|
|
|
Do you have Chrome set to automatically enable syncing extensions? If so, it may be a malicious extension that is causing the issue.
|
|
#
?
Jun 2, 2014 14:17
|
|
|
|
| # ? Apr 29, 2024 00:45 |
|
|
Ynglaur posted:Do you have Chrome set to automatically enable syncing extensions? If so, it may be a malicious extension that is causing the issue. I figured it out. I narrowed it down to a couple of extensions, either SALR for Chrome or the uTorrent browser extension. It was the uTorrent one and it's apparently a 'feature' that was added in a recent update judging by some of the latest reviews - hence never picked up by my AV or any of the malware detectors that I mentioned. It injects an iFrame into the browser that essentially turns the entire webpage into a link to their ad referral partner. The best part is that people have reported that the iFrame injection can actually break certain websites. Uninstalled that poo poo immediately and I haven't had the problem since.
|
|
#
?
Jun 2, 2014 17:00
|
|