Can Windows get infected from ...

Sunrise12

New member
Member
Local time
7:00 AM
Messages
62
I am into web design and am more aware of the dangers of dealing with malware from hacked web pages.

I recently discovered that some of my websites were hacked with malicious codes and am redoing the sites to make sure they are clean after switching to a more secure host.

My computer was infected so I reinstalled Windows to make sure it was clean of root kits and other malware.

I was advised not to go back on the infected servers with my newly clean Windows machine. So, it was agreed that going onto the servers with the iPad is the safest option and that is what I have been doing to retrieve needed files and information.

Is it possible for Windows to become infected by opening a PHP or similar file that has malicious code in it?

Or would it only be infected by visiting the infected web page from the URL?

Not sure if you have to 'activate' the malicious code from the URL or if just opening the coded page is enough to activate the malware.
 

My Computer My Computer

At a glance

Win 7 64
OS
Win 7 64
PHP is a server side code so that wouldn't infect the users machine. It would have to be a code that can exploit something on the users machine, such as Java. Most people just get trickted into running a "plugin" for the page to display correct.
 

My Computer My Computer

At a glance

Windows 7 Pro 64-Biti716GBNvidia
Computer Manufacturer/Model Number
Custom
OS
Windows 7 Pro 64-Bit
CPU
i7
Motherboard
Gigabyte
Memory
16GB
Graphics Card(s)
Nvidia
Sound Card
Onboard
Monitor(s) Displays
Asus
Hard Drives
Seagate
PSU
Antec
Case
Fractial Design
Cooling
Stock
I might have fallen victim to that trick of installing an "update" to the plugin or the actual "plugin" to view a page.

How does one know if it's the real deal or not when asked to install a plugin?
 

My Computer My Computer

At a glance

Win 7 64
OS
Win 7 64
Simple things to do:
1) Have a good always on Anti-Virus/Anti-Spam.
2) Do not download plugins from websites other than the MFG of that program. So if they say flash needs to be updated. Go to adobe.com and see if that is true as they make flash.
3) This ties in with anti-virus/spam. Get one that has a screening feature to filter websites it knows are bad.
4) Question everything you allow to run from the web or e-mail. Even if it is from a friends e-mail, as e-mail address are easy to spoof.
5) Watch for programs that want higher privileges. As since Vista Microsoft has had a feature called UAC, which governs and protects your core system files and folders.

UAC:
Be very careful when agreeing to let this prompt go by:
Windows_7_UAC.png


Main reason is the program is not digitally signed. If it is unsigned that might mean it is very new or released by a small company. This doesn't mean you shouldn't trust it just means do research on the publisher name and program name that is requesting access.


Windows_7_UAC_Signedcode.png

Now the screen above is more secure and has been signed.

User Account Control - Wikipedia, the free encyclopedia <-- Read this site on how UAC works.


UAC should be the first red flag in your mind to rethink about what you are doing. As when UAC pops up it is asking you to give that program full access to secure areas of the system.
 

My Computer My Computer

At a glance

Windows 7 Pro 64-Biti716GBNvidia
Computer Manufacturer/Model Number
Custom
OS
Windows 7 Pro 64-Bit
CPU
i7
Motherboard
Gigabyte
Memory
16GB
Graphics Card(s)
Nvidia
Sound Card
Onboard
Monitor(s) Displays
Asus
Hard Drives
Seagate
PSU
Antec
Case
Fractial Design
Cooling
Stock
Thank you! This is important information that everyone should know about.
 

My Computer My Computer

At a glance

Win 7 64
OS
Win 7 64
Back
Top