How many of you have actually encountered a virus?

XOR != OR said:
Someone is just browsing the web, and they get hit by a drive by.
Click to expand...

What OS are you using? What privileges do your users have on there local machines? If you have some URL's pass them along. I'd love to do some Vista security testing. I really want to know if a drive by could infect a Vista machine with a firewall, UAC, and DEP. I've been trying for a year to find if this has been done.
 
never had a virus, worst ive had was a dialler, but that was caught straight awway.
 
heatlesssun said:
I think a more reasonable question is do you need an ACTIVE virus scanner?
Click to expand...
Absolutely, yes. I'm still not grasping why this is still debated. You have nothing to lose by running some AV software, so there really isn't any valid reason NOT to do so. With new attack vectors and vulnerabilities popping up, and knowing virii writers are always working hard for the "next big one", why is there such an opposition to running a small piece of software? It defies logic.
 
DeaconFrost said:
Absolutely, yes. I'm still not grasping why this is still debated. You have nothing to lose by running some AV software, so there really isn't any valid reason NOT to do so. With new attack vectors and vulnerabilities popping up, and knowing virii writers are always working hard for the "next big one", why is there such an opposition to running a small piece of software? It defies logic.
Click to expand...

There are some decent scanners, but at the same time I hate McAfee and Norton. Huge and slow and they can get in the way. I'm not the only person who thinks so.

Active scanners for the average user I don't have a problem with. But there are some many layers of security in Vista that I just don't see the benefit of an active scanner. If I've scanned my executables and any documents, even commercial apps, and I don't plug in untrusted removable media, then the only other attack vector is the net. To me that's where UAC and DEP take over. I get a UAC prompt or ActiveX prompt from I site I wasn't expecting, I click "HELL NO",I close the browser and move on.
 
SoAndSo said:
never had a virus, worst ive had was a dialler, but that was caught straight awway.
Click to expand...

We got a dialer once and that fucker did some major damage to our phone bill the next month. Thank god those charges got taken off......
 
heatlesssun said:
What OS are you using? What privileges do your users have on there local machines? If you have some URL's pass them along. I'd love to do some Vista security testing. I really want to know if a drive by could infect a Vista machine with a firewall, UAC, and DEP. I've been trying for a year to find if this has been done.
Click to expand...
Xp and Vista primarily. UAC is turned off, all users are limited users.

Next time I come across a URL I'll post it
 
TechieSooner said:
Yea... the ONLY other attack vector :rolleyes:

UAC protects you against zero-day stuff. It'll still let a virus rampage through your user-level docs. A good AV won't let it do that.
Click to expand...

Yeah, that sounded stoopid!:p

When you say "rampage through user level documents" I assume that you mean that a virus with the same permissions are the user won't trigger UAC. True, but then how does that virus get deployed? When I said the net, I should have said open ports. They should all be locked down except the ones needed. And of course, Port 80 is the big one, the web browser.

So then, in IE7 under protected mode, UAC and DEP, your virus has to use a known flaw in an existing piece of code, like Flash, but then it has to defeat DEP to do that. Once again, I'm still trying to identify a attack that can do that.
 
XOR != OR said:
Xp and Vista primarily. UAC is turned off, all users are limited users.

Next time I come across a URL I'll post it
Click to expand...

So on the Vista machines running as standard users, how exactly is a drive buy gaining access to the machine? Is DEP on?
 
heatlesssun said:
When you say "rampage through user level documents" I assume that you mean that a virus with the same permissions are the user won't trigger UAC. True, but then how does that virus get deployed? When I said the net, I should have said open ports. They should all be locked down except the ones needed. And of course, Port 80 is the big one, the web browser.

So then, in IE7 under protected mode, UAC and DEP, your virus has to use a known flaw in an existing piece of code, like Flash, but then it has to defeat DEP to do that. Once again, I'm still trying to identify a attack that can do that.
Click to expand...

Yes... User-level stuff isn't prompted. So any app that just needs to run user-level won't generate any kind of warning (unless it's from your AV).

UAC is simply there to keep it from screwing your whole system up. Your user account might be trashed, but the system is still intact.

Yes in IE7 under protected mode, you'll get prompted just as with everything else. So far, there has been NO, NADA, ZIP, ZILCH attacks that I have heard of that have bypassed sandboxed IE7... all other browsers are still fair game.
The only attack that did is really the fault of Adobe...
No matter what way you look at it, you've got to have software pre-installed that will let whatever attack get through. All the stuff to bypass UAC you see the Vista-haters claiming, ALL requires tricking the user, social engineering, or pre-installing some already malicious code. Nothing out there has beaten UAC yet, and here it is 1.5 years after the launch.
 
TechieSooner said:
Yes... User-level stuff isn't prompted. So any app that just needs to run user-level won't generate any kind of warning (unless it's from your AV).

UAC is simply there to keep it from screwing your whole system up. Your user account might be trashed, but the system is still intact.

Yes in IE7 under protected mode, you'll get prompted just as with everything else. So far, there has been NO, NADA, ZIP, ZILCH attacks that I have heard of that have bypassed sandboxed IE7... all other browsers are still fair game.
The only attack that did is really the fault of Adobe...
No matter what way you look at it, you've got to have software pre-installed that will let whatever attack get through. All the stuff to bypass UAC you see the Vista-haters claiming, ALL requires tricking the user, social engineering, or pre-installing some already malicious code. Nothing out there has beaten UAC yet, and here it is 1.5 years after the launch.
Click to expand...

This is why I have UAC turned on. You learn to deal with. But my other point was DEP. Even to gain access to user level stuff, you have to somehow circumvent the browser because it does run at a lower level than even the standard account. And then you have to defeat DEP.

I'll say it again, its a LOT of security layers to have to defeat. I'll concede that an active AV scanner would be anther layer, but if a virus can defeat DEP and elevate the security context in IE simultaneously, I contend that the AV doesn't stand much of a chance.

To defeat both of these in a single attack, wow, that's talent.
 
I built a machine for an older (65year old) neighbor and he is always "catching" various trojans and viruses. I know he visits porn sites (found the "evidence" :eek: on his hard drive) and no telling what else. After spending hours last time trying to save his setup without reformatting and reinstalling everything, I finally broke down and did the dirty deed. But this time I got smart. After getting everything setup properly, I cloned his hard drive to an old one I had laying around and left it in his machine, but not hooked up. The next time he calls with problems, I'm going to just reformat the original drive, then hook up the cloned drive and copy it back to the original. That may sound harsh, but I've told him and told him not to turn off the antivirus, to run regular scans and to use Spyware Blaster and Spybot S&D on a regular basis. If he can't do at least that to keep his PC clean, he'll just lose his info on a regular basis.
 
Wow this thread grew unexpectedly...

Last Virus was back when I ages ago when I was too lazy to update my XP install disk with the latest patch. Some of those lovely viruses that you seem to catch the second you have an internet connection.

I currently run Vista with UAC, Firefox with Adblock and NoScript. I run Avast once a week/scan any files I download before opening.

I turn on active scanning when I'm browsing anything other than forums, gaming and news sites.

My XP install is the same (minus UAC), but I have active scanning on.

Haven't had a virus as I said in 3 or 4 years. I've found a few files I downloaded, and a couple false alarms.

My wife is not retarded and also knows the rules of checking things, running AV software, updates, etc. Now she's on linux so its practically a moot point.


Jolycu said:
The next time he calls with problems, I'm going to just reformat the original drive, then hook up the cloned drive and copy it back to the original. That may sound harsh,
Click to expand...

Sounds like my Uncle. When I was living there I kept active scanning on all the time. I also had them on a seperate network segment via router. No direct traffic could be sent between the two networks, unless I initiated it from my comp.
 
Please let's keep this on topic.

Anecdotes of others getting infected or handling AV stuff at work is not exactly what I'm interested in.

I want to know how many of you computer literate folks, personally, on your own machine, practicing safe computing, have ever encountered a virus/trojan/malware.

My contention is that it's fairly uncommon with those who truly understand computers and don't do stupid things. The rest of the population, well, that's why AV companies exist.
 
heatlesssun said:
To defeat both of these in a single attack, wow, that's talent.
Click to expand...
I cannot remember exactly what they did, but in short: Adobe broke the security as it was intended to be used.

killerbobjr said:
I want to know how many of you computer literate folks, personally, on your own machine, practicing safe computing, have ever encountered a virus/trojan/malware.
Click to expand...

Yes there are some talking about other people's machines but plenty about their own... I really don't know what else you're wanting. Those who did are telling you what they were using at the time and whatnot.

But you need to realize when you bring this topic up the METHODS (UAC) used are going to come into discussion is what happened already...
 
heatlesssun said:
There are some decent scanners, but at the same time I hate McAfee and Norton. Huge and slow and they can get in the way. I'm not the only person who thinks so.
Click to expand...
I never meant to say that ALL AV scanners are good, or useful, or even worth installing. I wouldn't dream of having a computer connected to the internet without a good AV scanner though.

To stay on topic, I myself have never had a virus infection. I believe I take all precuations, so I shouldn't get one. I run an active AV scanner all the time. I use common sense when visiting websites and downloading files. I use the windows firewall and my router's firewall. I run Windows Defender, along with a secondary spyware scanner. I don't use P2P apps like BitTorrent, unless I am downloading a Linux image from a legit site. I've cleaned hundreds and hundreds of virri from friends', relatives', and co-workers computers however.
 
killerbobjr said:
My contention is that it's fairly uncommon with those who truly understand computers and don't do stupid things. The rest of the population, well, that's why AV companies exist.
Click to expand...

I agree and I think this is obvious and natural. The more you know about something, the better able you are to deal with it. I've been using Windows OS'es for over 20 years. I've not seen a virus on a personal system of mine for about 15 years. If I have been attacked then I've never seen it in any way shape or form. No charges on my cards or misssing money from my account or identity theft, knock on wood!:)

I'd like to see what this Flash bug is capable of. Does DEP contain it? Does anyone know of proof of concept site?
 
I have contracted viruses years ago which were devestating to my files....but after I became more proficient with computers, I learned the value of a good antivirus program and the lesser apps that block the malware before it gets into your computer. It's just like car insurance, you never need it until you have an unexpected wreck, then it becomes a bargain.
 
I have several times. However the amount of times I've encountered a virus that actually caused an issue vs. other problems is minimal at best.
 
killerbobjr said:
Please let's keep this on topic.

Anecdotes of others getting infected or handling AV stuff at work is not exactly what I'm interested in.

I want to know how many of you computer literate folks, personally, on your own machine, practicing safe computing, have ever encountered a virus/trojan/malware.

My contention is that it's fairly uncommon with those who truly understand computers and don't do stupid things. The rest of the population, well, that's why AV companies exist.
Click to expand...

Back in college, around 1989/1990, I was swapping games and programs like crazy with my 3l33t Mac Plus (TWENTY meg hard drive, fear it). Ran an anti-virus program and the system was just riddled with them. That was the wakeup call.

Since then, honestly, I can't remember getting any. Due to lingering neurosis about minimizing CPU load and background programs, I don't have anti-virus software running all the time....I just periodically do a sweep. Haven't found any in as long as I can remember.
I don't dl warez, use web-based email, and don't touch attachments unless I know they're safe. It's all pretty common-sense stuff. But it seems to work.
 
I have contracted viruses years ago which were devestating to my files....but after I became more proficient with computers, I learned the value of a good antivirus program and the lesser apps that block the malware before it gets into your computer. It's just like car insurance, you never need it until you have an unexpected wreck, then it becomes a bargain.
 
Seems AVG 7.5 just found a virus in one of my files :(

...\p5kpl-vm\Intel945G_VGA_V614104885_32bit\32bit\AsusSetup.exe

States "Trojan Horse BackDoor.Agent.SAA"

I built a system about a week ago using an Asus p5kpl-vm and downloaded the drivers directly from Asus. I have a strong gut feeling this is a false positive, but, damn it, now I have to call the client and drive for 45 minutes just to run a few scans just to be able to sleep at night :(

Thanks Asus.
 
I got a virus from Intel. Had my 386 sx 20. Went and got the math co-processor for it. On the utility disk from Intel was a nice virus.

Intel got a nasty phone call from me and I got some swag from them in the mail.
 
I use Windows XP Pro, an active antivirus, and a spyware program. I do not go too deep into the internet, but I can't say that I have ever encountered a virus on my machine. I think I may have caught a downloaded file or two over the years, but nothing active on my system that I have ever known. I have cleaned many people's computers with trojans, viruses, spyware, etc. Average users who know nothing about their computer and a lot of times they are not updated or secured in any way.
 
ive been online since 1993 first using compuserve and ive downloaded my fair share or pr0n and other types of data files and ive never had a virus or trojan knock on wood.
 
I've encountered viruses a couple of times. Most of them were in the Win9x days when code would silently plant itself into people's systems and then wreck havok.

Last time I had major problems with virues was a couple of years ago. I had just reformatted (or maybe got a new harddrive, don't remember). I reinstalled Windows XP (RTM at the time), and installed the networking drivers.
I connected to the university LAN and went online to download everything else like the latest drivers and various applications I use...even antivirus software, ironically.. Then BOOM.. the internet went down. Not just my internet connection...apparently I caused an outage in my dorm building, lasting several minutes. What happened was that within seconds after I logged on to the network, I got infected with some worm that utilized some security hole in the unpatched version of XP and then my computer began sending massive amounts of traffic over the network. XP RTM by default does not enable its firewall and I had forgotten to do that manually (later versions of Windows enable the firewall by default). I was banned from the network for several days... Since then, I always install and enable a firewall before I even plug in the networking cable or enable the wireless connection...

If I were to order security features by importance, here's my list:
1. Firewall
2. Latest OS upgrades and patches
3. Anti virus software

This is of course assuming you're not an idiot, don't open potentially harmful files etc.

If you've taken care of 1 and 2, any of the free antivirus programs should be enough, IMO. But you still *need* antivirus software.
 
I haven't had a virus on any of my own computers for a couple of years. I used to get them all the time but now I don't even run a virus scanner and I find it easy to stay virus free. It often happens through lack of computer knowledge. For example, a user may keep clicking on untrusted sites and eventually they have installed some programs that they didn't know they gave permission too. Also, the use of firefox greatly decreases the risk of getting a virus as it has excellent security.
 
It's been awhile since I had one, but my first was MonkeyB. That was nasty. I had to fill up the first couple sectors on my hard drive with zeros with a Hex editor to get rid of it. Format and Fdisk didn't even do it. (In hindsight, FDISK/MBR probably would have fixed it).

Robert
 
Had one back in the late 90's on OS8 believe it or not...got it from an e-mail attachment. I have not had one on my Windows boxes although I have cleaned a ton off other people's computers.
 
a few years ago i got one that turned all my exe's (bar critical windows ones) into 1k files
but i used to fileshare back then and i think a dodgy zip got me.

needless to say nothing worked and so my archive of useful software / gameinstalls was screwed

since then i have always run AVG but considering moving to avast and i might just double up on my fileserver

other than blaster i dont think I have had anything from general (normal) browsing
 
in 12 years I have never had a Virus on any of my PCs.
I don't regularly run anti virus either. I just scan my files every once in a while to make sure I didn't fuck up and get infected. I do web browsing on untrusted sites using a virtual PC and keep my machines behind hardware firewall at all times.

While I have never had a virus I have come across machines infected with the following: Win95 CIH, Code Red, Blaster, Minda, FunLove, and the love you e-mail virus.
 
Is it just me or have viruses changed a lot? They used to be all about destruction and disruption, often done by bored/angsty doers out to flex their e-peen and pull a big prank.

Now its all these incorporated criminals with trojans and keyloggers out to get your back account info, track what websites you view or use your computer as a bot to do other sorts of things.

Very different playing field imo.
 
Canadian in Berlin said:
Is it just me or have viruses changed a lot?
Click to expand...

They have, yes.. also, older viruses generally infected exe files and boot sectors and were transmitted by sharing files from an infected computer. Then we had a period of network worms and email attachment viruses. Now it seems that they're nearly all trojans or exploit browser vulnerabilities.
 
Many times I've been surfing and had AVG go crazy about a trojan trying to infect my system. The only time I know of I got one was a few years ago. I did a fresh install of xp and picked up the blaster virus within 5 minutes. For that reason I always unhook my ethernet cable until I have AVG installed now.
 
I think it really depends on your environment.

Back in high school (15 years ago? wow..) the family PC got one from a friend's game install files...

Once I got to college, I ran Win2k and later XP. Campus gave out McAfee 7.1 and later 8.0 enterprise. I enjoyed connecting to network shares and seeing what everyone had. There were tons of infected machines on campus sharing .eml files. AV would auto scan the files and alert me constantly. If the owner was a real genius, I'd have full access and my AV program would actually automatically delete the file! 2 of my 3 computers at the time got hit by Blaster...the one that didn't inadvertently updated the night before it got hit. Same thing happened at school. Out of 400 machines our department ran, we had to rebuild 80+ and patch another 100+...half had updated before infection. That incident made us set to update daily.

Since VMWare Server has come out, I run a virtual server that I use to test applications that could be questionable. I haven't had one since.

My wife's old XP laptop was constantly riddled with them; I've had to reformat twice after spending days cleaning the damn thing. She like to play all the irritating little games. She has Vista now with AVG...no problems for the past 4 months!
 
I've encountered a few on my university's network when I lived in the dorms. I run AVG on my main machine, but I've never picked up a virus while browsing.

As long as you have good browsing habits I think you're pretty safe on a 64-bit OS.
 
Other than the ones from keygens and the sort (yea yea, I shouldn't be using those, oh well) I've had Blaster.
 
I've never had one on any personal machine. I've cleaned off hundreds of other people's machines though.
 
You must log in or register to reply here.
Back
Top