How can you get a virus by just visting a web page & not clicking...?

Page 1 of 2 12 LastLast

  1. Posts : 1,557
    W10 32 bit, XUbuntu 18.xx 64 bit
       #1

    How can you get a virus by just visting a web page & not clicking...?


    How can you get a virus by just visiting a web page & not clicking anything? To top it off, I am using Firefox 64 bit. That suppose to provided better security.

    Category: Trojan

    Description: This program is dangerous and executes commands from an attacker.

    Recommended action: Remove this software immediately.

    Items:
    file:C:\Users\user name\AppData\Local\Mozilla\Firefox\Profiles\un68b6ch.default\cache2\entries\76D1F107391DACB900F6C13F EE93B2DBA73CC107


    It was detected & removed by Microsoft security essentials in windows 7 but I will restore from back up & hope this doesn't happen again. I am beginning to dislike computers. Just because you visit a medical site you shouldn't get viruses.

    Marking this solved for now, I am going to restore from a backup image.


    Edit
    After restoring my image.
    I did a full system scan using MSE in windows 7 & Defender in Windows 10 nothing found.
    I also scanned with Malwarebytes also nothing found. Yes, I checked the root kit detector option.

    At least, I know my restore image is clean.
    Last edited by groze; 30 Nov 2015 at 19:11. Reason: Update & correction
      My Computer


  2. Posts : 1,366
    Windows 10 Pro x64
       #2

    I may be wrong, but if it is embedded in a jpg or a script...something that loads/runs when the web page loads, that's what can bring that in to you system.
      My Computer


  3. Posts : 56,806
    Multi-boot Windows 10/11 - RTM, RP, Beta, and Insider
       #3

    groze said:
    How can you get a virus by just visiting a web page & not clicking anything? To top it off, I am using Firefox 64 bit. That suppose to provided better security.

    Category: Trojan

    Description: This program is dangerous and executes commands from an attacker.

    Recommended action: Remove this software immediately.

    Items:
    file:C:\Users\user name\AppData\Local\Mozilla\Firefox\Profiles\un68b6ch.default\cache2\entries\76D1F107391DACB900F6C13F EE93B2DBA73CC107



    It was detected & removed by Microsoft security essentials but I will restore from back up & hope this doesn't happen again. I just did a clean install of window 7 the other day. I am beginning to dislike computers. Just because you visit a medical site you shouldn't get viruses.

    Marking this solved for now, I am going to restore from a back image. I do suspect one software that may of cause the problem. I can really not believe that company would really go that low just to get back at another company.
    As soon as you went to that site, you did, in fact "click" on it, just by going there. Cookie, anyone?
      My Computers


  4. 1PW
    Posts : 369
    W10
       #4

    f14tomcat said:
    As soon as you went to that site, you did, in fact "click" on it, just by going there.
    Absolutely correct. Dozens of facts about your system/browser will have already been revealed. Which probably includes your WAN IP address if a VPN/TOR was not employed.
      My Computers


  5. Posts : 3,367
    W10 Pro x64/W7 Ultimate x64 dual boot main - W11 Triple Boot Pending
       #5

    DeconFrost had the much more accurate answer as far as auto scripting dropping bugs on you as soon as you hit a bad site! This is one of the main reasons I tell people to go with av programs that offers Internet Security type features like web filtering which will automatically block suspect sites on the spot! In fact on some sites found clean but simply a pop up for a download I have to shut the av software down entirely!

    Web filtering and an effective firewall are two things that help add multiple layers of protection since most bugs come from where? The web! If you are getting hit it means you lack adequate filters!
      My Computers


  6. Posts : 1,557
    W10 32 bit, XUbuntu 18.xx 64 bit
    Thread Starter
       #6

    Night Hawk

    I am wondering if that medical site even knows they are infected. I notice there were some comments on that page, unless people don't care they are infected. I do, because I do banking but I do use a separate Firefox profiles for that.

    I also take this to mean 64 bit browsers are not more secure than a 32 but browser. Which brings up a interesting theory. Instead of 64 bit systems. Wouldn't it be better to use 32 bit system and add Physical Address Extension (PAE) to access memory above the 4 gb ram.
      My Computer


  7. Posts : 1,255
    Windows 10 Pro
       #7

    groze said:
    Which brings up a interesting theory. Instead of 64 bit systems. Wouldn't it be better to use 32 bit system and add Physical Address Extension (PAE) to access memory above the 4 gb ram.
    Won't work.

    Since about XP SP2 the use of PAE will NOT allow access to RAM above 4 GB. PAE will allow the CPU to access RAM over 4 GB but that does you no good unless the OS will use it. All modern client versions of Windows are specifically designed to ignore RAM above the 4 GB mark and no application can use it.

    In the early days of XP Microsoft discovered that many third party device drivers behaved very badly in an environment with over 4 GB RAM. It makes no difference to applications. So from about XP SP2 the kernel ignores RAM above 4 GB and that has not changed in more recent versions of Windows.
      My Computer


  8. Posts : 1,557
    W10 32 bit, XUbuntu 18.xx 64 bit
    Thread Starter
       #8

    LMiller7 said:
    Won't work.

    Since about XP SP2 the use of PAE will NOT allow access to RAM above 4 GB. PAE will allow the CPU to access RAM over 4 GB but that does you no good unless the OS will use it. All modern client versions of Windows are specifically designed to ignore RAM above the 4 GB mark and no application can use it.

    In the early days of XP Microsoft discovered that many third party device drivers behaved very badly in an environment with over 4 GB RAM. It makes no difference to applications. So from about XP SP2 the kernel ignores RAM above 4 GB and that has not changed in more recent versions of Windows.
    A little off topic. I take it certain puppy Linux operating system distros are specifically built to use PAE

    PuppyLinux: PAE (Physical Address Extention)

    I couldn't get puppy slaco to work on my system. Actually, no slackware linux would work or work well on my system.

    unfortunately, I don't remember if I was able to use puppy PAE distro, it been awhile since I tested those. I don't link running as root.
      My Computer


  9. Posts : 3,367
    W10 Pro x64/W7 Ultimate x64 dual boot main - W11 Triple Boot Pending
       #9

    groze said:
    Night Hawk

    I am wondering if that medical site even knows they are infected. I notice there were some comments on that page, unless people don't care they are infected. I do, because I do banking but I do use a separate Firefox profiles for that.

    I also take this to mean 64 bit browsers are not more secure than a 32 but browser. Which brings up a interesting theory. Instead of 64 bit systems. Wouldn't it be better to use 32 bit system and add Physical Address Extension (PAE) to access memory above the 4 gb ram.
    With Vista, 7, 8 definitely with Vista and 7 while still dual booting Vista with the 7 beta builds back then both 32bit installs would see anything over 3.571gb mapped out to hardwares automatically while the 64bit 7 beta saw full access less what Windows takes up as well as your start ups to the 4gb total. That would have been the perfect op there for comparing the 32bit 10 on to see where the mapping either remained identical or saw a difference.

    Now for MS Security Essential reporting a dropped trojan upon reaching a medical site of all places that was either a false positive typical of the MS SE or you picked it up just prior to going to that particular site and suddenly seeing it finally getting flagged when it tried to come to life. What I was referring to about being nailed upon first arriving at some strange new site happened when the Bing search engine was first introduced and when running a search and the results came up I clicked on one of the first links and got whamied while still running with AVG which lacked any web filtering.

    The web site was specifically geared to bug bomb new arrivals on the spot apparently while professionals tend to look after medical and other commercial sites where no one bug bombs you but might see things simply not work at the site itself which is what gets effected when infected. The server information gets a bit trashed.
      My Computers


  10. Posts : 16,325
    W10Prox64
       #10

    groze said:
    How can you get a virus by just visiting a web page & not clicking anything? To top it off, I am using Firefox 64 bit. That suppose to provided better security.

    Category: Trojan

    Description: This program is dangerous and executes commands from an attacker.

    Recommended action: Remove this software immediately.

    Items:
    file:C:\Users\user name\AppData\Local\Mozilla\Firefox\Profiles\un68b6ch.default\cache2\entries\76D1F107391DACB900F6C13F EE93B2DBA73CC107


    It was detected & removed by Microsoft security essentials in windows 7 but I will restore from back up & hope this doesn't happen again. I am beginning to dislike computers. Just because you visit a medical site you shouldn't get viruses.

    Marking this solved for now, I am going to restore from a backup image.


    Edit
    After restoring my image.
    I did a full system scan using MSE in windows 7 & Defender in Windows 10 nothing found.
    I also scanned with Malwarebytes also nothing found. Yes, I checked the root kit detector option.

    At least, I know my restore image is clean.

    I would upload that file to VirusTotal and see if it might be a FP.

    Infected ads and malicious scripting will hit you upon arrival, especially if it can take advantage of Flash or Java which is not up-to-date and/or set as "Always Activate" in the FF browser. I always set them to "Ask to Activate", then install AdBlock Plus add-on, and Malwarebytes AntiExploit, and CryptoPrevent.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 09:52.
Find Us




Windows 10 Forums