Can Windows get infected from ...

Sunrise12 · 25 Oct 2012

I am into web design and am more aware of the dangers of dealing with malware from hacked web pages.

I recently discovered that some of my websites were hacked with malicious codes and am redoing the sites to make sure they are clean after switching to a more secure host.

My computer was infected so I reinstalled Windows to make sure it was clean of root kits and other malware.

I was advised not to go back on the infected servers with my newly clean Windows machine. So, it was agreed that going onto the servers with the iPad is the safest option and that is what I have been doing to retrieve needed files and information.

Is it possible for Windows to become infected by opening a PHP or similar file that has malicious code in it?

Or would it only be infected by visiting the infected web page from the URL?

Not sure if you have to 'activate' the malicious code from the URL or if just opening the coded page is enough to activate the malware.

ThermoDust · 25 Oct 2012

PHP is a server side code so that wouldn't infect the users machine. It would have to be a code that can exploit something on the users machine, such as Java. Most people just get trickted into running a "plugin" for the page to display correct.

Sunrise12 · 26 Oct 2012

I might have fallen victim to that trick of installing an "update" to the plugin or the actual "plugin" to view a page.

How does one know if it's the real deal or not when asked to install a plugin?

ThermoDust · 26 Oct 2012

Simple things to do:
1) Have a good always on Anti-Virus/Anti-Spam.
2) Do not download plugins from websites other than the MFG of that program. So if they say flash needs to be updated. Go to adobe.com and see if that is true as they make flash.
3) This ties in with anti-virus/spam. Get one that has a screening feature to filter websites it knows are bad.
4) Question everything you allow to run from the web or e-mail. Even if it is from a friends e-mail, as e-mail address are easy to spoof.
5) Watch for programs that want higher privileges. As since Vista Microsoft has had a feature called UAC, which governs and protects your core system files and folders.

UAC:
Be very careful when agreeing to let this prompt go by:

Main reason is the program is not digitally signed. If it is unsigned that might mean it is very new or released by a small company. This doesn't mean you shouldn't trust it just means do research on the publisher name and program name that is requesting access.

Now the screen above is more secure and has been signed.

User Account Control - Wikipedia, the free encyclopedia <-- Read this site on how UAC works.

UAC should be the first red flag in your mind to rethink about what you are doing. As when UAC pops up it is asking you to give that program full access to secure areas of the system.

Sunrise12 · 02 Nov 2012

Thank you! This is important information that everyone should know about.