Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: So, you think you are secure and don't need precautions

05 Jan 2010   #1

Windows 7 Ultimate x64
 
 
So, you think you are secure and don't need precautions

I've seen numerous posts of people who don't feel that they need a virus scanner or malware scanner with Windows and that they don't need the security features like UAC because 1) they know what they are doing 2) they use common sense 3) they have never had a problem in the past 4) they only go to reputable sites.

So, yesterday at work, I format my Vista Enterprise machine and load Windows 7 Enterprise. I'm on an active directory domain and my user account is a member of the local admins group. I have UAC enabled at the defaults. I've got the Windows firewall enabled. I have Trend Micro installed as this is what we use at the corporate level for AV protection. We use a checkpoint firewall device for outbound access to the internet. I use Firefox. And I'm a systems admin for a living, have been for over 10 years and manage both Windows and Linux servers and am certified on both platforms.

On my way to work today, I notice that the typical DJ's on one of the local station don't seem to be on. Going into a commercial, I head an ad which seems to indicate that there might be new personality doing the morning slot now. So, after getting settled into work for the day and a few things done..I hit google.com and search for "Deminski and Doyle" which turns up a handful of links about the DJ's leaving WCSX. So, I click on a couple of the stories to read about what happened and BLAMMMOOOO, Trend goes off, at the same time that some "security threat" website pops up claiming my machine is infected with all sorts of junk and I need to buy their product. Further looking shows numerous broken icons on my desktop that were fine when I booted up this morning.

So, there you go. Somebody who has taken precautions, knows a bit about what he is doing, is using the latest and greatest OS's with features enabled and is simply using the Internet to google something non-nefarious...and even with all that...I'm hit.

For those wondering what it was, it wasn't a big deal...it turns out to be JS_RENOS.WCF. JS_RENOS.WCF - Description and solution. According to Trend, it's non destructive and not much of a problem....but I'm still interested in my broken icons.

My System SpecsSystem Spec
.

05 Jan 2010   #2

Microsoft Community Contributor Award Recipient

Windows 7 Home Premium SP1, clean install, upgrade disc
 
 

Thank you for sharing that important information. I think that it deserves rep and I have given some.
My System SpecsSystem Spec
05 Jan 2010   #3

Windows 7 Professional x64
 
 

Thanks for passing this along. I am in the middle of taking "Anti Virus PC 2009" off a machine right now.

It made it through McAfee and IE at my workplace. People need to be careful. They are out there just waiting to strike.
My System SpecsSystem Spec
.


05 Jan 2010   #4

Windows 7 RTM
 
 

Blackhat Search Engine Optimization ('Gaming Google') and hijacking flash banner ads ('Malvertisement') are two trends on the sharp rise. The bad guys realize that people are smarter than they used to be, and won't open those emails/go to those porn sites anymore. More than fooling people into clicking links from trusted sites, these techniques can actually inject attacks into trusted sites, period. Imagine one day that you click on a bookmark to visit your favorite blog - which just so happens to be serving up banner ads at that time with hidden nasty stuff - BAM! You've been hit.

There's no such thing as 'Safe Surfing'.

As a note: Blocking javascript and flash can mitigate these attacks somewhat. Use Noscript on Firefox, and whitelist javascript and plugins in Opera. And if you EVER see an attack like this with a fake scan, NEVER click anywhere in the browser or otherwise. Clicking the 'Cancel' button will initiate the download. Clicking the red X button will initiate the download. Always go to the task manager and kill your browser. Then run MBAM or similar to clean up the leftovers in the cache, which should be harmless.

I think you still need to accept the installation manually, but if you're not patched up to code or are hit by a day-0, you might get infected without doing anything. That's the case right now with the Adobe vulnerability if you have javascript enabled.
My System SpecsSystem Spec
05 Jan 2010   #5
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Web Masters who own/moderate sites, need to be doing their share by checking daily for a 'hijack' and adding patches as needed.
Neglected sites get injected code .... site owners who allow advertising, need to look into the practices of the advertiser.
My System SpecsSystem Spec
05 Jan 2010   #6

Win 7 Ultimate 64-bit SP1 (desktop)
 
 

Thanks for the reality check. I guess I will get over the annoyance of NoScript watching everything I do, and accept the extra layer of protection.
My System SpecsSystem Spec
05 Jan 2010   #7

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by Carbonyl View Post
There's no such thing as 'Safe Surfing'.
I frequently use my work laptop at home on the evenings as a web appliance for surfing the web, updating facebooks and keeping up with my forums. For that reason, I run a dual boot with Ubuntu 9.10 which is what I use when I am using the laptop at home. It's honestly the closest thing that I have for safe surfing as most of the malware/spyware/virus/trojan/activeX/javascript issues simply don't work on that platform.
My System SpecsSystem Spec
05 Jan 2010   #8

Win 8 Release candidate 8400
 
 

I also swear by NoScript. Annoying Yes worth it You Bet
My System SpecsSystem Spec
05 Jan 2010   #9

Windows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by richc46 View Post
Thank you for sharing that important information. I think that it deserves rep and I have given some.
I have to agree with you. However, I have been enjoying they latest round of malware infections..... it's been help supplement my income.
My System SpecsSystem Spec
05 Jan 2010   #10

Windows XP - Now Windows 7 Home Premium (64-bit).
 
 

Love NoScript also. Does a superb job
My System SpecsSystem Spec
Reply

 So, you think you are secure and don't need precautions




Thread Tools



Similar help and support threads for2: So, you think you are secure and don't need precautions
Thread Forum
What precautions should I take when using a public network? Network & Sharing
New CPU Any Precautions? Hardware & Devices
Is EFS secure? System Security
Precautions before buying on line Chillout Room
ESD precautions advice being sought. Hardware & Devices
Upgrading Hard Drive and RAM, precautions? Hardware & Devices
Is this secure? Network & Sharing

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:08 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33