How many of you have actually encountered a virus?

K

killerbobjr

Limp Gawd
Joined
Feb 6, 2005
Messages
282
I see many people here adamantly state that you absolutely have to have an antivirus scanner installed, otherwise your computer will be infected in very short order. Now I assume that most people here are computer literate, that you know not to open unsolicited attachments, download files from shady sites, or install questionable browser plugins. Yet many here seem to fear doing anything without an AV installed, even if it causes performance problems. I've only once ever had an infection, and this was a Windows 98 virus that tried to infect my then new Windows XP computer years ago (I lost a CD of an old app I needed for a project and downloaded a "backup" version that I foolishly didn't check before running -- it didn't do anything except repeatedly try to run a .vxd it installed, which didn't execute under XP).


So my question is: How many of you have actually encountered a virus/trojan/whatever that either actually infected your computer or caused your AV to set off its alarm?
 
Many, many, many times.

Also, my sister is forever picking up things on her laptop and she doesn't seem to do much save check her email, talk on AIM, and visit Facebook and similar.
 
its been about 3 years now. my wife knows what not to do, I don't browse porn and generally stick to only a small set of websites at home.
 
It tends to be dependant on what level of experience the user has with computers. I have my "own" computer which only i use, it has no antivirus and no firewall and has never caught a virus to my knowledge, i do run kasperskys free online scanner about once every 3-4 months just to check.

The other computers in the house have antivirus installed but no firewall. The antivirus software has stopped virii from infecting them on multiple occasions in the last 12 months.

No firewalls on any of them, but they are behind a router. I also have my own 3 dedicated servers running win2003 that are colocated, they all use the windows firewall and mcafee antivirus....they have never been infected either.
 
many many many times as well. My first encounter was in 1994 from a brand new pack of 5.25" disks that had Michaelangelo on one of the disks, Next was CIH, then MSBlaster that hit me no more than a couple minutes of installing XP SP0 on my wife's laptop in 2003. Since then I've not been hit by anything that my AV hasn't caught before it caused problems.
 
Ugh, the MSBlaster bug. Just going online put you at risk. I made good money that summer patching computers. I remember getting that one night though before it hit the news and I thought my Windows install was messed up. After a few reinstalls I figured it was my hardware and gave up for the night. :rolleyes:
 
I have never encountered anything besides problem areas I knew I was headed for. ie; torrents.

I could leave my AV off and never have a problem. Spybot is probably the only truly useful tool I need.
 
lots, not so much. but from time to time, and it's always blocked. I never have gotten a worm I don't use email programs just web base, much safer.
 
Hrm, I think the last time I've encountered a real virus was a boot sector virus back in the Windows 95 era, and computer didn't belong to me anyway. Oh, and I think I fixed someone else's PC that had a virus several years ago. I've never had a virus or spyware infection on any of my PCs, going back to Windows 3.1; on very rare occasions the scanner has alerted me to something, but it always turned out to be an annoyance rather than a real virus.

I think the only time I've had an actual virus on my machine was when I deliberately downloaded one of these wallpapers that are distributed as .exes, to scan it and see if it contained something bad (as I strongly suspected). It did, so I deleted it.

It seems like the great majority of things get onto people's machines through ActiveX controls in Internet Explorer, so having used Mozilla/SeaMonkey for years has probably helped there. I also don't frequent file-sharing networks or install cracked software, so my only real risks would be through an unpatched OS vulnerability or a trojan that came along with an apparently legitimate program.
 
I'm of the opinion if a "guru" has virus trouble, his "guru" status goes down the drain... That is unless it's a zero day, undocumented virus or one that his AV software doesn't cover.
That said, if you're doing something that you know could very well contain one and scan it and it finds it- I don't count those instances... Said person is smart enough to scan it.


I've personally only had 1. Been years ago and I don't remember what it was. Norton didn't do squat, put AVG on it and it fixed it right up. Again: years ago. NOD32 simply the best now.


Some more "silent" AVs like NOD32 can clean that stuff without telling you about it anyway (especially if you're in a business network).
 
The only one I've ever encountered on my own machine was a doozy and wiped out not only my machine but was also responsible for wiping out some stuff at a contract job I had at the time - however my home machine never had any connection (literally and figuratively speaking) with my work situation; the virus just happened to hit a ton of machines worldwide at the same time.

I was using Symantec Corp AV 8 at the time because it was relatively lean and ran pretty quietly without issues.

Or so I thought... and I wasn't alone.

Symantec had/has that nasty habit of once a week updates using LiveUpdate. Since they do it roughly at the same time every week: late Wednesday afternoon/evening Pacific time, that might have changed since this happened which was years ago. Because of this, anyone that was writing viruses knew that the best time to release something new into the wild would be around midnight Pacific time, or sometime Thursday morning. That way the virus would spread, it wasn't in the LiveUpdate because it came out after the update, and most people using Norton/Symantec AV would be stuck for 6 freakin' days without a real solution or way of stopping it.

So... that's exactly what some resourceful person did: dropped the bomb of a virus (I can't remember the name of it now, actually) on all of us around 2AM Pacific time on the Thursday morning after a weekly LiveUpdate.

Here's what really pissed me off about this:

Symantec "lab" where they do the testing and eradication of viruses that are reported got the virus themselves around 5AM Pacific. They sandboxed it, got ahold of it, then started the electronic dissection so they could create a signature has for it and put it up on LiveUpdate for the world to be safer...

But they didn't. Oh, they did get the sig hash about 2 hours later, and they did create an update for it, but the didn't upload it to LiveUpdate. Instead, they created a manual patcher/fixer-upper thingamabob and posted it on their website buried under like 11 clicks of links you had to go through to find it. A search wouldn't turn it up because it was so new the search engine for the site hadn't indexed it yet. For all intents and purposes, it didn't really exist - and it sure as hell never made it to LiveUpdate for everyone till the following Wednesday.

So anyway, the one time I got a virus in my entire 3+ decades of working with PCs pretty much daily was using Symantec, and they refused to put the patch up on LiveUpdate and a lot of people got a bunch of overtime fixing that situation. I found out about the patch around 11AM Pacific that day, and took care of it on my home machine by RD; work wasn't so lucky. They lost 3 weeks worth of customer data that, of course, hadn't been backed up properly because the person in charge of doing nightly data backups was on vacation and neglected to notify the proper people that he was even gone. He worked the graveyard shift so the day people rarely if ever even saw him in the flesh.

Oh well... the things you learn over time.

Symantec? Fuck 'em... they ruin every single solitary piece of code they touch. Peter Norton, if he were dead, would be rolling around in his coffin I swear...
 
I haven't had one since....1999? It was a trojan downloader. More malware than virus really. I see them on others computers often though.

I have also noted that they usually coincide with the computer owners knowledge/experience. The dumber the user = the more likely to have viruses.
Like the user that had a Win 2000 rig.......running as true admin with no password, no anti-virus, no firewall, surfing the internet like a true zombie. I didn't even bother with a fix - this was one of the few times I went straight for a format and re-install.
 
Toytown said:
I have my "own" computer which only i use, it has no antivirus and no firewall and has never caught a virus to my knowledge
Click to expand...
All of my computers are my own and no one else uses them, they all run as administrator, including the Macs, I turn off firewalls, defender, UAC, etc., I run behind a hardware firewall (and have since 99 when I first got broadband), use Firefox with Adblock and Noscript, run my own email server which runs Spamassassin and rejects all executable attachments, and only run Kaspersky manually, like you, every few months. I still have never encountered a virus, trojan, or spyware other than the one I described above.


All you folks who say you've been hit many times, are these computers your own or are they shared with others or on a network with others?
 
(All of this happened within the last month or so)

I had let my friend borrow an external hard drive to store some music and movies on it. When I got it back and plugged it in to my gaming rig, Nod32 pops up and tells me that the drive was now infected. Turns out, my friend's subscription to Norton Anti-virus had expired and he simply didn't care to get another AV. So he got infected while browsing some websites. Cleaned the virus off my external and his PC. Now he has Nod32.

My mom's laptop was horribly infected as a result of my stepdad turning off the firewall and anti-virus on the laptop. Some of the viruses attempted to spread through the network but luckily every other PC and laptop in my home had AVG or Nod32 as well as a firewall installed. So there were no other infections.

I use my laptop a lot at school and at friend's places. It was at a friend's place where my laptop was nearly hit by a virus. His own network was infected by a few viruses and he didn't know it. He didn't care for firewalls and anti-viruses. So when his bro visited some no-no sites, nearly every PC on his home network was infected. Luckily the firewall and AVG I had installed on my laptop detected the virus attempts to infect my system.

Because of these events and many like it in the past, I'll keep an AV installed on any PC I have. Especially if it's a laptop that goes on multiple wireless networks a day.
 
Had one 4 or 5 years ago that slipped right by AVG (thus I swear them off). Trojan stole my CC number and other info. Some bastard racked up nearly $1000 on my Citibank card.

Just a few weeks ago, Springsteen's keyboardist died. While looking for an article I clicked on a pic from GOOGLE NEWS and Kaspersky went apeshit over an attempted Trojan. From a fucking PICTURE linked on Google News. That alone should scare the shit out of everyone reading this.

Not trying to be mean, but don't be arrogant and think you're savvy enough to do the right thing. ALWAYS run some type of AV.
 
I got infected several times pre-XP SP2, and some family/friends as well, since updating everyone to Vista/XP SP2, no viruses or malware at all. They're computer illiterate but only do basic things with the computer, since XP SP2 and Vista have stopped drive by infections mostly, they're covered, and I personally know what .exes to trust and which ones not too and run with IE8(beta) protected mode to stop drive by downloads. They run AV, I don't but I turn on Defender every once in a while for a scan and monitor my system real close (processes, net connections, disk accesses, everything, look for unwarrented UAC prompts which I haven't seen, etc.).
 
Not in many years, have I encountered one 'in the wild'. I have run across infected files from BT downloads, and they've all been caught and dealt with.
 
Greggy_D said:
While looking for an article I clicked on a pic from GOOGLE NEWS and Kaspersky went apeshit over an attempted Trojan. From a fucking PICTURE linked on Google News. That alone should scare the shit out of everyone reading this.
Click to expand...

What type of a machine is this?

This is yet another GREAT example of what UAC can stop- yet so many people think they are "safe" enough to disable the damn thing.
Sandboxed IE7... nothing is getting through (unless, a third part like Adobe breaks the intended functionality :rolleyes:)


I wouldn't think navigating to an image would do this... Either your AV was screwy, or it was just trying to run some sort of script that you had previously allowed, only this time it contained malicious code.
 
TechieSooner said:
I wouldn't think navigating to an image would do this... Either your AV was screwy, or it was just trying to run some sort of script that you had previously allowed, only this time it contained malicious code.
Click to expand...

Depending on what software you use and how updated it is, it is actually possible to be infected by a virus injected into a simple imagefile
 
I have downloaded a few off of emule, however I never have actually been infected by one. I try never to run any executables and do not click attachments.
 
TechieSooner said:
What type of a machine is this?

This is yet another GREAT example of what UAC can stop- yet so many people think they are "safe" enough to disable the damn thing.
Sandboxed IE7... nothing is getting through (unless, a third part like Adobe breaks the intended functionality :rolleyes:)


I wouldn't think navigating to an image would do this... Either your AV was screwy, or it was just trying to run some sort of script that you had previously allowed, only this time it contained malicious code.
Click to expand...


Vista x64 SP1, IE7, fully patched, AV scan run every night. The machine was clean prior to clicking on the linked image. It was a legit catch by Kaspersky. I just about shit in my pants. I know you probably don't want to believe it, but crap like this is out there.
 
My first virus was caught a little over a year after I built my first PC. I thought the same thing as you, the odds of getting one were slim to none (this was in the fall of 2000).

I started having problems with Counter Strike. When I tried launching it, I would get an error the the executable was modified and the game wouldn't start. Well, I'd reformat and it would work for a while and come back.
A couple weeks later I go to a LAN party. We get our computers all networked and all of a sudden no one can run CS. Someone does a virus scan and finds the Win32LoveBug virus. Oops :p. Turns out an infected backup disk kept reinfecting my PC.

Been using A/V software ever since. :D
 
Greggy_D said:
Vista x64 SP1, IE7, fully patched, AV scan run every night. The machine was clean prior to clicking on the linked image. It was a legit catch by Kaspersky. I just about shit in my pants. I know you probably don't want to believe it, but crap like this is out there.
Click to expand...

Let me guess you don't remember the virus' name, right? :rolleyes: I follow this topic very closely, nothing is known to get around Vista's IE sandbox. Bad plugins requiring too many privileges for what they need to do can be compromised however (flash for instance). Which is why I run IE with flash disabled and load up any specific flash videos I want to see in firefox, after I'm sure they're safe. That keeps annoying ads from bothering me as well.
 
devil22 said:
Let me guess you don't remember the virus' name, right? :rolleyes: I follow this topic very closely, nothing is known to get around Vista's IE sandbox. Bad plugins requiring too many privileges for what they need to do can be compromised however (flash for instance). Which is why I run IE with flash disabled and load up any specific flash videos I want to see in firefox, after I'm sure they're safe. That keeps annoying ads from bothering me as well.
Click to expand...

No, I don't sit around and memorize some obscure Trojan name (amongst the thousands out there). But just for you Mr. Rolleyes, I looked in my Kaspersky log. Please keep my testicles lightly bouncing off your tongue as you read this:

Trojan-Clicker.JS.Agent.h
 
Once, and it was a stealthy rootkit that snuck past the University's firewall and my anti-virus. University IT had their hands full removing it from many computers. It wasn't an actively malicious program (it didn't harm the computers it was installed on) rather it acted as a spam relayer, but because the University's firewall was boxing it in, the net result was spam - 0, firewall - 1.
 
Very few times have I had to deal with anti virus software popping up. I also don't keep all of my software up to date. Since new versions means new bugs in certain things. I usually turn off my anti virus when I game. I keep the AV on my computer just for when other people use my computer since they tend not to know a damn thing about them.
 
Greggy_D said:
No, I don't sit around and memorize some obscure Trojan name (amongst the thousands out there). But just for you Mr. Rolleyes, I looked in my Kaspersky log. Please keep my testicles lightly bouncing off your tongue as you read this:

Trojan-Clicker.JS.Agent.h
Click to expand...

What file was it in? If it was in the browser cache, that doesn't indicate an infection or compromise of the system. I've searched google and can find nothing that says this virus can bypass IE's protected mode. It would be pretty big news if it could and since I follow this subject closely I'd have heard it.
 
I can't believe this point is actually debated, or that anyone still thinks you don't need AV software loaded.

Let me ask you this question then. Do you have health, life, and/or auto insurance? How about home insurance for the home owners in the crowd? You do? Good, and that's exactly why you should run AV software. The argument that AV software slows down your system is so old it belongs in a museum behind velvet ropes. The argument that it costs to much has more holes than a slice of swiss cheese. This is a tired old debate that needs to be put to rest.
 
devil22 said:
Bad plugins requiring too many privileges for what they need to do can be compromised however (flash for instance).
Click to expand...

Indeed, there was a 'PWN 2 OWN' hacking competition earlier this year where OS X was hacked through a browser vulnerability, but no-one was able to hack Windows Vista until Flash was installed on the machine, allowing an exploit in Flash to be utilised.
 
devil22 said:
What file was it in? If it was in the browser cache, that doesn't indicate an infection or compromise of the system. I've searched google and can find nothing that says this virus can bypass IE's protected mode. It would be pretty big news if it could and since I follow this subject closely I'd have heard it.
Click to expand...


Jesus Christ.....it was in a LINKED PICTURE FILE from Google News. I clicked on the pic of Danny Federici (Springsteen's Keyboardist) next to the 2,415 related news articles displayed from the Search. It wasn't in my cache. Google News linked an infected picture/site. As soon as I clicked on the linked pic, Kaspersky went nuts.
 
Greggy_D said:
Jesus Christ.....it was in a LINKED PICTURE FILE from Google News. I clicked on the pic of Danny Federici (Springsteen's Keyboardist) next to the 2,415 related news articles displayed from the Search. It wasn't in my cache. Google News linked an infected picture/site. As soon as I clicked on the linked pic, Kaspersky went nuts.
Click to expand...

I don't get it what makes you think it wasn't in the browser cache then? Because that's exactly where'd it go when you clicked on it. I mean kaspersky doesn't tell you things are infected on the internet, it tells you things are infected on your computer, so it had to be in a file on your computer (even if you downloaded that file from the internet). If the file was in the browser cache however, that's not actually an infection and therefore IE's protected mode works. But whatever cause I'm not sure you understand any of this or believe me.
 
delvryboy said:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=JS_IFRAME.CW
Click to expand...
If anyone else read this, it's a Javascript issue... Opening up a JPG doesn't run Javascript.

DeaconFrost said:
The argument that it costs to much has more holes than a slice of swiss cheese.
Click to expand...
It's pretty stupid, that's for sure. Most folks are too cheap to drop $50/year (if that) on AV software, yet pay a "computer guy" a couple hundred bucks to clean an infection away.

Greggy_D said:
Jesus Christ.....it was in a LINKED PICTURE FILE from Google News. I clicked on the pic of Danny Federici (Springsteen's Keyboardist) next to the 2,415 related news articles displayed from the Search. It wasn't in my cache. Google News linked an infected picture/site. As soon as I clicked on the linked pic, Kaspersky went nuts.
Click to expand...
There's a world of difference (which IMO I don't think you understand) between a "picture file" and clicking on a linked picture.

Clicking on a linked picture can go anywhere... In this case, it either ran some Javascript or it took you to another URL that did.

Greggy_D said:
Vista x64 SP1, IE7, fully patched, AV scan run every night.
Click to expand...
As we can see here, we've yet to verify whether UAC is even enabled. If UAC is disabled, IE7 becomes much more susceptible to this stuff.
 
DeaconFrost said:
I can't believe this point is actually debated, or that anyone still thinks you don't need AV software loaded.
Click to expand...

I think a more reasonable question is do you need an ACTIVE virus scanner? I offline scan executables that I run, but to be honest, if you turn on the firewall, UAC, DEP, Windows Defender and keep the system patched, I do not see the need for an active virus scanner.
 
DeaconFrost said:
The argument that AV software slows down your system is so old it belongs in a museum behind velvet ropes.
Click to expand...
Try running a multitrack sequencer sometime with lots of tracks and plugins. An AV program running in the background, especially a badly written one, will cause plenty of dropouts, stutters, and halts.
 
They tend to be in files people download. I've had a few while looking for hardware drivers over the years. It was a good thing my computer had McAfee running.

All in all, my machine has been hit less than a dozen times. Only one virus took down the machine so bad, I had to reformat the drive.
 
Just about every day. I work in IT for a city though, so it's kind of my job. The funny thing? Our mail server strips and scans all attachments. Executables can't get through, password protected zips are dropped too. Where the infections originate, 9 times out of 10, is from a remote web server. Someone is just browsing the web, and they get hit by a drive by.

And it's not porn. Or gambling sites. It's usually shopping sites ( last one was a website for shoes. The ad server had been compromised ).

So yes, an AV package is important. I'd recommend never going online without one.

Oh, and IT professionals are usually the most susceptible to infection. Think about what we do all day; We find problems, tinker with issues, and fix them. That usually means running strange files, using the internet unrestricted, ect...
 
bmaverick said:
They tend to be in files people download.
Click to expand...

Exactly. If you're running Vista with maximum security (firewall, UAC & DEP), don't plug in flash drives off the street, patch regularly and scan your downloaded files, especially executables, getting malware is very unlikely. Not impossible, but that's an awful lot security layers and precautions for malware to breech. If a piece of malware gets through all of that, I don't know what difference an active scanner would even make.
 
heatlesssun said:
Exactly. If you're running Vista with maximum security (firewall, UAC & DEP), don't plug in flash drives off the street, patch regularly and scan your downloaded files, especially executables, getting malware is very unlikely. Not impossible, but that's an awful lot security layers and precautions for malware to breech. If a piece of malware gets through all of that, I don't know what difference an active scanner would even make.
Click to expand...

It'll actually pop up and tell you "HEY THIS IS A VIRUS". Remember the best security systems in the world is easily defeated by one idiot.
 
You must log in or register to reply here.
Back
Top