General Categories > Help!
Junk Pop-ups on the Forum
SemperFiGuy:
GG:
Checked the plugins. Got lots of 'em. Now, it appears that users can't just hit <delete> and delete them. Unlike add-ons. Had 5-6 add-ons that deleted nicely. Will figger out which plugins to remove and how to do so.
Through Control Panel/Uninstall I've now uninstalled most of what I can clearly recognize to be unwanted items. A bit spooked about going further into the items w/odd or unrecogizable names.
Running Malwarebytes in the background again, just because I can and it feels good.
Ran Norton's Power Eraser yesterday, which is allegedly an "aggressive" scrubber. NPE found three BAD category items and we wiped them out.
I'm now gonna go for the search engines, per your suggestions.
Will then check out Kubuntu. Sounds like an alternative O/S.
Back later.
Thanks for suggestions.
sfg
GreyGeek:
--- Quote from: SemperFiGuy on September 17, 2014, 03:07:48 PM ---Will then check out Kubuntu. Sounds like an alternative O/S.
--- End quote ---
It is, and it is free. So are all the programs (70,000+) and all the updates and new releases. It's what is called "Open Source", the real open source based on the GPL. Basically, if you can use a mouse with Windows you can use it with Kubuntu.
Here is videos which, rather quickly, shows how to install it and then gives a brief review. It gives the entire disk to Kubuntu, wiping out Windows.
Here is one showing how to set up Kubuntu in what is called a "dual boot" mode with Win8. It's a lot slower than the previous video, and doesn't have much of a review of capabilities.
It all starts with the free download of either the 32 or 64 bit ISO file, depending on what your PC is, from here:
http://www.cdimage.ubuntu.com/kubuntu/releases/14.04/release/kubuntu-14.04.1-desktop-i386.iso
http://www.cdimage.ubuntu.com/kubuntu/releases/14.04/release/kubuntu-14.04.1-desktop-amd64.iso
After you download one of them (check the md5sum to make sure the ISO downloaded OK) then burn it as an image to a DVD. For dual booting, create a 30-50GB (or more) partition and reboot with the ISO in the cd drive. For a clean single OS install reboot with the cd in the drive. (You may have to set the BIOS so that it tries to boot off of the CDROM first.)
GreyGeek:
P.S. -- I forgot to mention that after you burn the ISO file to a blank DVD you can boot the DVD and then choose the option to run Kubuntu from the DVD without touching your HD or installed OS. It runs a little slower but it will give you a good way to check that your computer is compatible (i.e., the webcam, mic, speakers, headphones, screen, etc... all work).
GreyGeek:
Just in case you Windows users don't have enough to worry about ... there is this article:
http://www.bbc.com/news/technology-28701124
--- Quote ---Berlin-based researchers Karsten Nohl and Jakob Lell demonstrated how any USB device could be used to infect a computer without the user's knowledge.
The duo said there is no practical way to defend against the vulnerability.
...
"Basically, you can never trust anything anymore after plugging in a USB stick."
...
However, this latest research demonstrated a new level of threat - where a USB device that appears completely empty can still contain malware, even when formatted.
--- End quote ---
That is because many manufacturers, according to Microsoft's specifications, include a separate partition on each USB stick where "security" and reformatting software is stored, much like the phantom drive on most computers that come with Windows pre-installed. While one can reformat or even remove the phantom partition on a computer hard drive, the "security" partition on a USB stick is immutable. One can delete its visible contents but not the hidden contents, and one can not remove the partition, or even rename it.
What you are witnessing is a demonstration of the differences between the Windows and Linux paradigm for software execution. Windows is designed to run any program that can be moved into memory from any source, as if it were called as an executable (*.bat or *.exe or DOS command) called directly from the hard drive or USB stick. Hence, an email which contains an attachment which is an executable Visual Basic program or Java applet is seen to contain a .bat or .exe extension and a dynamically linked library, a.k.a. *.dll) given the marketing name of "ActiveX" will execute that attachment. What is really tricky is the way Microsoft wrote Windows so that an attachment can have multiple extensions. Your email client receives an email with an attachment named "nakedpic.jpg.exe". Windows email client (and Explorer as well) shows it to you as "nakedpic.jpg" but the ActiveX control only sees the ".exe", identifies it as an executable, and immediately executes it.
Compare that to Linux.
In Linux EVERYTHING is a file ... applications or programs, ports, sockets, everything ... and they must exist and reside on the hard drive.
An executable file in Linux is one which meets the following conditions:
1) It resides as a file on the hard drive.
2) It is an ELF binary (ELF=Executable Linux File) OR a shell script executable shell commands with "#!/bin/sh" as the first line. Or a java applet.
AND
3) Your account's execute permission bit for is is set.
Only if all of these conditions are met will an executable binary, shell script or java applet run on Linux.
(An aside: Apple Mac's, like Linux, are also a Unix derivative operating system, but they have relaxed the security controls somewhat. Regardless, I'd run a Mac before I'd run Windows.)
So, as a Linux user, if you were to get an email with a malware attachment the ONLY way it could run on your Linux system was if YOU detached and saved the attachment to the hard dirve. THEN, you marked the execution bit. THEN you gave a shell command to run it.
This is why Linux is not susceptible to email attachments. About the only reason Linux users run email virus scanners is IF they happen to forward an on to a Windows using friend. A friend doesn't send malware to another friend.
Why won't the invisible malware on the USB stick activate when plugged into a Linux system? After all, it is a file on the "hard drive", i.e., the USB stick. Well, even IF it were an ELF or proper bash script, it would have to have it's permission bit for MY account set. And, I'd have to know its secret name and location and deliberately set its permission bit and then deliberate give a shell command to run it. On Linux it won't run itself, there are not "ActiveX" dll's residing in memory just waiting to see an executable anywere (memory, HD, USB, Eth0, Lpr, socket, etc...) so it can execute it. This is why Windows has millions of malware programs released against it each year. It is SO vulnerable. And, to maintain backwards compatibility with pre-existing applications, it must remain so. IF you run Windows then hopefully the time gap between when a particular piece of malware is released and when it is discovered, announced and patched, is short enough that you don't fall victim. More often that not that time gap is months or years because Microsoft has threatened software security houses with crippling or destroying lawsuits IF they find a security hole and announce it to the public BEFORE Microsoft does. So, most security houses send the bugs they find to Microsoft. Microsoft decides IF they will fix the security hole or program bug AND when. If past performance is any indication it all depends on their bottom line.
I often hear Windows fans proclaim that IF Linux were as popular is Windows it would have just as many malware programs released against it as Windows does. Time has proven that belief wrong. Linux now holds about 12 to 18% market share in the US, depending on who you believe. In 2008 Steve Ballmer himself presented a graph at that time showing that Linux held 10% market share in the US. With the advent of VISTA and Win8 many, many Windows users have migrated to Linux or Mac and the Linux market share is much higher in many other countries. Two million Windows malware applications are released per year. If popularity were the rule, it would mean that at least 200,000 Linux malware programs were released last year. None have been found. The AV houses, always willing to sell Linux AV software, have taken to a dishonest tactic -- they began including the word "linux" in many of their jpg viruses just to give the impression that AV software is sorely needed in Linux. It is not. I've been using Linux since May of 1998 and I haven't used AV software. Linux has no "ActiveX" dll's which automatically execute programs.
The best way to destroy the security paradigm of Linux is to pile a lot of globally permitted Java applets on top of it, mimic ActiveX, and call it Android. :(
SemperFiGuy:
I'm gettin' computer paranoid-er all the time.
(Even tho' my Forum page nicely cleaned up after all the fine suggestions up above. Hmmm... It isn't actually paranoia when They are Really Lurking Out There and Coming to Get You.)
Question for GG: Any opinions on Reimage? PC World likes it. Reimage provides nice remote diagnostic displays (all showing that your computer has computer-Ebola, of course) and doesn't cost all that much Any real security value/utility in it?.
sfg
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version