Could explain me how is it possible for a person to get infected by malware in 2016?

A guy I know got viruses recently from downloading a fake torrent for an anime game

I actually had a few viruses that I probably accidentally installed with some software from sourceforge or whatever. Even though you give those installers admin, the viruses actually plant themselves in %appdata% which is per user and requires no elevation

they just do shit like hijack your browser homepage and other such annoyances

>go to movie streaming website
>YOU HAVE >9000 VIRUSES ON YOUR COMPUTER
>click here to remove them all
>download, install, done

Everytime I go to my in laws they ask me to check their computer because some shitty site said their computer had viruses and they ran the " recommended utility".

All because $10/month for a fucking netflix still isn't cheap enough for them.

some popular sites had some ads that were injecting malware.

Easy. They go to the store and buy a computer that already has malware in it, such as Microsoft Windows.

Yepp, Forbes and Yahoo to just name two. Plenty more though.

Literally these days viruses are from flash or javascript exploits which require no user input. Granted there is still the idiots that download sketchy tv or movies that are in a .zip or .rar file.

>this person uses a mobile OS developed by an advertising company

This is why adblockers are more effective than antivirus. Don't like me blocking ads? Don't serve malware.

You can get infected by normal PDFs...

Only happens when you open the attachment. Assume all attachments are malicious unless you specifically solicit one.

What course of action should you take if you were a retard and opened it anyway?

>doing engineering phd
>group has 3 phd students including me
>get new lab computer
>one of the phd students uses it to look for movie streams
>computer gets so much malware that you can't go on a website and click anywhere without two new windows popping up
>one day, about two weeks after we got the computer, adviser comes in and says he needs to use the computer
>every time he clicks somewhere more windows pop up
>one of those free cruise windows shows up
>professor is a jew and starts reading what it says
>have to walk out of the lab because can't contain laughter

not as related but here's a story about the second phd student
>uses another desktop
>never closes tabs in browser
>doesn't clear history
>the browser usually has 50+ tabs open
>he uses the computer for pretty much everything
>one day professor is in the lab but facing the computer with his back
>the phd student in question takes the computer out of sleep
>backpage ad for an escort shows up with the professor about two feet away
>if you try typing in any link it starts bringing up backpage escort ads from the history

Normies know nothing about basic security. Getting malware is only incomprehensible to us because we use Common Sense CurrentYear.

That's why I installed adblock on my father's computer on day one. My mother is thankfully not bad with computers since she used them since coming to the states 26 years ago. My father on the other hand, can't even install simple updates w/o screwing something up.

You are an idiot don't worry

Fat middle-aged women in payroll and HR will open anything emailed to them, even if any sane person would think its suspicious. Resume.exe? Sure. Invoice.vbs? Alrighty.

I looked at the programs installed on my Windows 10 computer, and the only questionable thing was a candy crush saga application. Is checking for malware on your computer that simple?

How do you check?

>windows 10
the entire OS is malware

What the fuck are you doing on a technology board? Lurk more.

Browsers are bloated and insecure

The only difference between a browser and flash is the browser normally has FOSS "auditing", or at least someone more competent than fucking adobe working on it

Should I take it back to Windows 7?

That's why I'm here. I want to learn. This is literally my second day. I haven't been lurking for 24 hours, actually.

>Windows 10
Yep, you have malware

do you have hids/nids/siem in place to tell you if you're actually hacked or do you just assume that you've never been rooted?

Now i'm going to spoon feed you for this because it is actually a pretty common question and being a dick to people over it isn't going to help anyone.

When it comes to keeping your computer safe there is a question you have to ask yourself:
>Do I have sensitive data on this machine that could be be very harmful if someone were to get it (nudes, work documents, state secrets, etc).

We'll start with you answering no to that because saying yes is where things get involved.

If you wan't to keep your machine safe for normal use:

Get an ad block for those ad based bugs. This is one of the most common routes of attack nowadays since even well known and reputable sites don't control the ads that get automatically put up by ad sense and google ads.

Don't open links and attachments in emails that you weren't expecting to receive. If for example linkdin is sending you emails to "log in to your account through the link provided" but you don't remember making an account with them, don't click the link.

Don't put random CD's and flash drives you found on the street on your main computer. You wouldn't eat a sandwich you found on the road.

As for anti virus. Look up free anti virus software (don't download it w/o looking it up further to make sure it's not a scam first ofc). Avast and Malwarebytes have virus scanning in their free versions. For the fire wall, Windows defender is good enough for your computer. You can download it for free from Microsoft's website if you have a registered copy of windows. Don't pay for anti virus unless you answered yes to the question from earlier.

And if you are manually looking through your computer looking for malware, basic rule is if you don't recognize it, look it up and if it looks shady, uninstall it. Especially if you bought your PC pre-built.

Thank you very much.

I was concerned I about Windows 10 as I had to sign into my microsoft account, but could still do it while the laptop is offline -- AKA my password for my microsoft account exists on the computer somewhere.

I have nothing to hide, and have nothing to worry about which is why I kind of brushed off initial concern about Windows 10, but I want to get more into this stuff as stupid as it sounds, so I'll go for it.

I already rolled my computer back to Windows 7! I'm such a poseur. :(

Thank you again.

Eh I still use 7 and don't intend to upgrade unless I absolutely have to. Problem is that date is coming up fast since software developers are already announcing stuff that they are only keeping Win 10 in mind.

Win 10 is fine if all you do with your computer is play vidya and watch chinese cartoons (Windows doesn't give a fuck about you jacking off to cartoons).

If you really don't want to go into Win 10 because you are paranoid/really want to buy into the freedom lifestyle, there is the wonderful world of Linux.

Normies see 4kb bigboobs.exe and get infected.

I mostly just read Sup Forums, wikipedia, and need to upload music I make to the internet once in a while.

Yeah, Linux is mentioned so much here I'll have to look into that next.

Older normies don't know how to google.

They think you have to put ".com" at the end of everything and it takes them to shady phishing/malware sites.

>logintofacebook.com

I myself got malware from pirating music software the other day, it's still probably embedded in my Win10 installation. Luckily this is only a trial version. I'll reinstall something else.

Malware doesn't infect people.

If you get into Linux or have any more questions, we have a Stupid Questions Thread /sqt/. You won't get memed on for asking anything there (mostly).

>Upgraded to Windows 10
>Install and update Avast
>USB security always on
>Firewall always on
>Use blocklist for torrent
>Use uBlock Origin
>Avoid shitty websites
>Always use https
>Still get infected by malware

What the flying fuck? I thought Windows 10 had the best security?

The easiest "manual" way for me is to:

>check startup
>check scheduled tasks
>check processes and services
>check network logs
>remove/disable everything you dont want/need

Interestingly enough, I mostly have to do this for Microshit programs rather than actual malware. Recently installed VS2015, and by default it was starting up two or three separate processes that kept calling to their servers somewhere in the US. Not only that, two processes were continuously using like 120,000 K memory.

Thank you very much! So gracious! You are truly my hero today

>I have nothing to hide, and have nothing to worry about

I'd love to see your face when someone installed a keylogger on your system, is reading your mails, has access to your bank account and so on.

And even if you "don't open supicous mails", stuff like cross site scripting, software exploits and everything is still a thing.

It all depends on how "intersting" you are as a target. For example Singapore decided to complete shut down Internet connection for gouvernment workers because they got so much attacks they just can't expect to deal with all of them. Humans are creative and if somebody desperately wants access, he will get it sooner or later.

>edition.cnn.com/2016/06/08/tech/singapore-internet-access/

I went back to Windows 7. I'm looking at the task manager, and I appear to be using 50% of my computers power with 4 tabs open in chrome, using an iPhone ad hoc for internet.

The processes and services seem to have a ton of random shit but are probably for the most part legitimate.

Is that what you're talking about?

All you would find is that I'm into designer fashion and use tumblr. I don't view pornography at all.

Of course I don't want someone to fuck with my bank account, but even in my main e-mail there isn't anything going on

why did you think installing a keylogger & botnet on your machine was secure?

Most people don't realize if you upgrade from 7 to 10, you are asking for an ass fucking.

Use the media creation tool to download ISO and do a clean install using your Windows 7 license key which will activate instantly. Then you have a clean slate with proper drivers and registry entries. Upgrade is a massive fuckup, not sure why M$ decided to make bad first impression.

If there was a keylogger, Avast would have picked it up, it has been a helpful tool for years, even recently when I got infected, it isolated the malware and cleaned my system. Didn't need to reformat.

My infection came from a flash .swf which I am not sure where I got from because that shit is so outdated.

I run windows and I run pirated shit by UAC with abandon.

I haven't had any malware with has caused noticeable damage in about 15 years. Rarely I will download a game which has a trojan attached and I just replace the exe file and everything runs fine.

Pretty much, but I would advise to use Process Explorer over task manager.

Are you saying, I should go back to Windows 10, use the media creation tool to download an disc image file for windows 7, and then install that to go back one more time?

I use the top, free anti virus software from av-comparisons. Currently using Bitdefender free because it has minimal impact on performance, yet equal level of detection rate compared to the best anti virus software. I used Viper for several years before that.

I also use the latest ad block software. Right now it's Ublock Origin.

Using AV software and ad block software on my pc, along with every pc at where I work, has resulted in 0 viruses in the last 6 or 7 years.

kill yourselves you fucking retards
that is the most obvious bait i've seen in my life and you took it
freetards once again showing that they have no social skills

Good for you!

All I'm trying to say is that this you souldn't underestimate security issues.

Download Windows 10 media creation tool. Choose the option to create ISO file and save it your desktop. Then use 7zip to extract the ISO onto a NTFS formatted USB drive. Restart the PC and boot from USB, it will trigger Windows 10 setup and you delete all your previous partitions and start fresh. When it asks for CD-Key, use your Windows 7 CD-key, it will work and activate.

Till July 29, you can use your Windows 7 and 8 cd keys to activate Windows 10 provided they are genuine.

So, is Microsoft Security Essentials not recommended on Sup Forums anymore? It's been awhile.

What is a reliable place to download this from? I'm sure a pleb but I'm already staring at it on cnet with a bunch of awkward advertisements and clickbait.

I was self-aware to this in the past, and can identify what I need to click to actually download it, but is this the best route to go?

Sup Forums recommend that shit? It has always been garbage.

It is almost placebo at this point. Even M$ does not recommend relying on it completely. I always ran Avast alongside Windows defender in 7 and 8. However, it disables defender in Windows 10 now, not sure why.

technet.microsoft.com/en-us/sysinternals/processexplorer.aspx

Literally first result senpai

Thank you! I definitely will not

Noted, will install Avast tomorrow.

If you can afford a paid option, you can try others like Kaspersky, and premium version of Avast.

I am poor so I use the free version because only Avast has active protection which scans files as they are written to or accessed from the HDD. I used Malwarebytes earlier but you had to manually scan every few days.

I am definitely looking into this. Thank you.

It was a decent, lightweight option at one point. Then MS got threatened with anti-monopoly legislation, so they just kinda stopped putting effort into it.

>50tabs open
My stepmom is doing the same
Whenever she finds something interesting she keeps the tab to "read it later"
>me needing to look something up
>close about 20tabs, still more
>she complains
>tell her to use bookmarks
>she gets angry

The easiest way is to leave your computer unattended with a login session still active and unlocked.

A faggot can, for example, simply sit down and install malware onto your machine to watch you masturbate.

I think just the free version should suffice. I read that uninstalling MSE will re-enable Microsoft Defender, does Defender play nicely with Avast or should I uninstall it too?

I also have Malwarebytes installed but I only use it every once in awhile to do a scan.

who is this cream devil

reinstall from disk

Atiendeme muchacho
>start menu
>settings
>update and security
>windows defender
>open windows defender
Do a full scan

You can also backup/copy your personal files to an hdd and boot to factory settings to keep your pc running smooth.

A common one now is javascript. I know some customers that have been getting phishing emails that have a zip attachment that say various things like "Here's the invoice you requested."

Inside the zip file is an obfuscated javascript file that by default Windows will execute with the script host. To solve that I just switched default program to open .js files to Notepad.

Isn't Mawarebytes Antimalware scan every week sending weird file to virustotal and using ublock with filters and noscript enough?

Are you sure, modern chrome is really secure browser, each tab per process + sandbox, right now it require 0day to get to user from clean browser.

They think they're updating flash to watch that pirated stream of whatever movie.

Not the one you referring to, but please someone explain this further.

>aids

>A guy I know
Come on its you

>got viruses recently from downloading a fake torrent for an anime game
Hentai tentacle rape game

>Getting bullied by her husband's son
Top kek.

I got infected the other day by that shitty fake Daz Loader that's currently the #1 hit on Google search results

t. idiot

>reading pop up
fucking normies

I'm still using windows 7 and I if I ever want to upgrade my PC I only will change parts of my PC (don't know how it's called in eng)

When you want to save $89.99 and pirate a PC game or software and have to use the provided patcher.

Not setting up a VM to do that shit m8.

Your refusing to believe something that has been well documented has nothing to do with our social skills.

They have file extensions turned off in folder options in windows yet they are 'savvy' enough to download files and drivers yet download scripts and .exe's etc.

Running windows natively on the machine and not running windows virtually in linux while trusting some antivirus software to 'keep them safe'. Not using linux for browsing and downloading files and managing folders.

OP post more of that chick

They just google "%program% download for free without viruses" and OF COURSE it gets them to some shady warez sites.

i'd infect her firmware with my hpv.exe and hsv.bat

...

Most recent I got was a click hijacker that I got somewhere. I believe from one of the popup ads that happened.

It happens rarely, so I'm not too bothered by it.

It usually goes like this in my experience.
>Normie want to watch a movie or TV show
>Not on Netflix or Hulu
>They have no clue how to torrent
>Google free movie streaming and click random sites
>"You must install moviewatchersupreme plug in to watch this!"
>They click okay thinking a movie is coming
>They now have malware

Don't marry kikes.

>somebody is running malware.pdf.exe

.pdf itself can contain malware, no need for the .exe part

you can now see how "easy" it is to get infected

I get that "ad" 9/10 times from news websites. Even with adblock..

No, there are all kinds of exploits.
Pen tester here, you can open a tons of document-type files and get infected.
There are also people who allow ***JAVA*** to run on their system.
Or, send them to a .hta file.
Idiots.

How are they able to keep their fake domains or servers for c&c safe/secure?

>right now it require 0day to get to user from clean browser.
...dude
0day means a bug in current versions of a software that isn't known yet(known for 0 days)
any decent software vendor will patch bugs as soon as they are made public, but 0days aren't public by definition. So your whole sentence makes no sense

use ublock rather than abp, slap on some additional filter lists and keep them updated(ublock can autoupdate, not sure if it's the default though)