Seeing the setups in the "what is your security setup" thread. Has anyone been hit with a bad virus before or how long has it been? I think maybe back in the day when I was new to computers, I had a couple of virues. But I haven't been infected with a virus in quite some time.
Dont remember the last time. I have had the odd false positive(or not) when i didnt understand Windows security so if it was real I dont know
I haven't been infected for some time now. Actually I don't remember what was my last infection and when it actually happened. Last "infection attempt" was few years ago but Malware Defender stopped it. Now and then I also get some www sites blocked by ESET but nothing serious.
well yes all the time lol. but i test av's all the time and i beat them up during testing so ive seen a ton of major infections but in every day use i think its been maybe a good 7 or more years that ive seen a really nasty one that was not stopped. i do see many things blocked here and there and see a bunch of web pages blocked.
It's been a long time but the last one I can remember is a rogue security program that was very difficult to get rid of. I quit playing with malware since then and haven't been infected for years. Since then the main method that I have personally seen is through email attachments and infected web pages. Even before you install a crazy amount of third party security programs, Windows OS and browsers such as FF, IE, and Chrome have security features built into them to keep you from visiting bad sites and installing shady software, e.g., Google Safe Browsing, Windows Smart Screen Filter, User Account Control, Windows Firewall, Secure Boot, EMET, etc. Anymore, I have to try very hard to get infected with malware. It helps that I'm a little smarter about things now. I have backup plans so I can start with a clean slate if I do get infected.
It's been just a few months for me since I've been infected. But it's been quite some time since I've been infected with anything bad. In the rare occasion that I do get infected, I never have any trouble removing the threat/s - I would never reinstall Windows or restore from a clean image to recover from an infection.
For me it was just once, a number of years ago now. It was Blaster. And I got thoroughly into firewall software and routers right after that one. Been running without AVs for about 5+ years now. Hardened system, decent network security knowledge and a handful of common sense.
Almost 10 years ago, when I was a kid. Been secure (or at least no detectable infections) ever since a teen.
now see for me personally ANY infection gets a fresh image or a previous image restored. im ocd like that.
Same thing here. I just don't trust that I can get it completely cleaned or that files haven't been corrupted.
Got hit by Win32/BitCoinMiner a few months ago , eset didn't detect it at that time . Now it does detect but says unable to quarantine so I just right clicked on the file and quarantined it
Sounds like a solemn statement, here at Wilders most members would recommend to restore an image and re-install if that fails. Could you tell us why you would prefer to remove the threat for the sake of the argument... Like many people I discovered Wilders Security because I was keen to learn how to protect my computer from malware. Back in 2004 my computer always had something related to spyware, odd downloads, but I was also very naive at the time. Since joining Wilders, I have experienced in 9 years maybe 4-5 instances of online malware which were detected by my AV, always in a virtualized/sandboxed volume, the only situation that I would allow my system to survive an infection. For me even a safe detection from my AV without sandboxing/virtualization would require a mandatory restoration of an image backup. In my job there are times that I have to plug in a large number of third party USB flash drives , and that is where I've encountered literally hundreds of infections. In the last 4 years, however, these flash drives seem to be significantly less infected, perhaps due to the fact that MS, Avast, AVG, Avira etc are doing a good job as freebies.
In the past I've been very slack when it comes to doing backups, so haven't had a clean image to restore to. Now days I do backups, but with a nearly fill 500GB hard drive, it is time consuming to restore a backup. Also, I'm continually installing new software, if I was to restore an image I would not have the latest software and updates I have installed. Becuase I tend to install a lot of software, I prefer not to do a clean install and start from scratch. On top of that I'm not at all paranoid when it comes to security. If I clean an infection and it seems to be gone, I don't worry that there may still be a remaining infection. Maybe I'm too trusting. Or maybe, others are too paranoid? Also, when it comes to removing infections from customers computers, they usually don't have a backup I can restore from, and I find it easier to remove an infection than having to do a restore and then install the software they use again.
I can relate to your position. I also think we often make such a big drama about being infected, forgetting perhaps that we are dealing with machines...
I often lurk the WiYSSTD thread, sometimes I see the name of an interesting tool I've never been heard of before. And about the infection, it depends on what kind of infection we are talking about. For classical malware (viruses, trojans, worms), it was quite a few years ago since the last time I got infected with those. Well, I got infected with them a lot in the past. It's a non issue for me now. But PUPs, I just got infected with one of them in... let me try to remember it, last month, I guess? =/
I deal with on average - 'hundreds' of infected machines a week. I spent 4-5 hours today at work stopping a Cryptolocker infestation, and salvaging files before they were encrypted. I took the opportunity today to test a variety of AV products on active Crypto machines, and all of them generally failed. The closest I got to a traditional AV stopping it was to run Avira rescue disc, then drop ESET on the machine as quickly as possible - even then it was a lost cause under Windows. I tried Webroot, and it bluescreened on every crypto machine I dropped it on. Anyway, standard procedure for us to to drop a Linux live CD in, make the recovery, and flatten it - in this case I use a Mint Build for that task. Lower your attack surface (remove/stop unneeded services/tasks/etc, uninstall unused drives/applications). Keep everything up to date. Use an adblocker, and a decent AV and you shouldn't run into too much trouble.. I would say use a UTM, because I think it is suicide not to use a UTM these days - even at home. But for whatever reason the masses seem resistant to deploying them. A UTM will drop your exposure and risk by 50-80% conservatively - with no other changes. My daughter snagged a virus that Norton caught, she tried to download something for the 20-30 minutes my UTM's were offline last weekend while I was upgrading things. That wouldn't have happened otherwise.. AV on the desktop is like a gun in your nightstand, it's a last resort.
With that many infections a week you should try this lifesaver: http://www.sarducd.it/ Just buy the fastest USB stick around and go, multiple antivirus rescue iso:s on the same stick and a lot more utils. This guy, Davide Costa, who makes this util, (on his spare time I think) deserves all the credit he can get. /E
Not virus, but come across phishing attempts via email quite often. Last week a couple. One email asking for confirmation of Apple login & ID and credit card details. Checked with VirusTotal and only ESET had the URL down as a phishing site, that increased after 48 hours. Second one last week was wife got an email from a friend asking her to login to see pictures - wife clicked on the link and she was taken to a gmail login page, she called me through to check and we looked at the link together. Turns out it was flipora. If my wife had logged in, flipora would have spammed her contact list and installed a browser tool to report back to flipora her browsing habits. This was the email link: hxxp://invites.info-emailer.com/ On VT ESET has it down as a PUP, WOT warning as well. I noticed quite a few AVs missing from the VT list - I have checked with McAfee SiteAdvisor, it also marks flipora as spammer/phishing. Norton safeweb seems to think is ok. Flipora seems to think they have a legit business model, but it looks like they are using trickery to get to your gmail contact list to spam them.
