when was the last time anyone found a real live virus ?

Remember what happened last year when people visited the Superbowl site. You run the chance of getting hit by a nasty anywhere you surf now days.

 

Honestly...never

 

Honestly, I'm surprised that anybody could say "never", and I suspect they actually don't realize it when something is trying to hit them with an exploit that just fails...

I find malicious sites all the time. I'm not talking about when I'm at work (of course, that happens, since I'm looking for them). I'm talking about sites that use exploits on blogspot.com and several other sites, with very normal searches. Not to mention that those fake codecs pop up everywhere also with very normal searches (not just porn).

 

I was looking at a favorite gaming forum during lunch break where I work and Avira (which I bought myself and put on the pc) alerted me to html.infectedwebpage.gen. I was thinking it was *maybe* an FP at first but Linkscanner Online and Dr. Web Online said the page was infected with an I-frame exploit.

I told the site admin's about it and they cleaned it up and updated their forum software.

 

Hello all you unbelievers!
No one needs to worry, no risk!

 

oh... and oh yea! here's another nice one!

 

And for those who really love rootkit photos...

 

I agree. Just few minutes ago I was browsing 'trusted' site where I visit almost everyday, surprisingly F-secure informed that there was trojan...

Nowadays those damn trojans are everywhere...

 

No kidding... I stopped trying to convince people... Now I just post pretty pictures...

Imagine, I probably see only less than a 100th of a % of those infected, and I cleanup so many viruses its not even funny anymore. Still there are those that keep denying virus even exist....

Also most of those I get, it's usually because their AV didn't actually do the job, and their other defenses failed as well...

 

Hello,
Hermes, just a Devil's advocate question: what do your screenshots mean and prove?
Mrk

 

Honestly?

The screen shots simply are proof of infections being a real and present danger.
Also they demonstrate the reality of the multiple infections per single users is also a common occurrence. Demonstrating multiple risks operating in parallel. Therefore increasing the likeliness of infections being possible even for those operating with care.

Well, as for the major issue this is usually this with me:

1: Major Anti virus protection where on these infected systems
2: Major Anti Spyware protection where on these infected systems
3: Firewalls where on these as well

The 3 points above prove that even if you have protection you will possibly be victim of an infection sooner or later.

They also disprove the theory of some that it's perfectly ok to rummage the internet without protection. Can you imagine the consequences of not having security software given the damage taking place even with protections active and current, most specially considering that even with current standards of protections it is barely able to mitigate the risks. On a personal note, I have read many times in these posts users who openly downplay risks as they stand currently. I think those who promote not using protections should be severely rattled then caned! as they facilitate everyone else's infection... Given that some moron is likely to follow their advice!

 

yes, but promoting your words hermes makes you a healthy living.

the people of wilders are not stupid.

people will use whatever software they like, and its usually either an antivirus or a suite, this is totally fine.

its the user who decides whats on his machine with his own usage, take risks... expect problems.

however, some people think they can do as they plese because they have the av/suite, this is just arrogance.

 

You mention exploit attempts, the OP asks for successful infections
And even I need to work somewhat to find sites with active exploits.

 

Oh Boy... I will have a lot of those in a week or two... Do you really want some?
Companies hire me to cleanup their forums, and user lists from the "Unwelcome" links that creep up... and I often analyze these just for fun, and sometimes for profits.. Let me know!

 

Thanks, but my knowledge is limited so I can't deal with malware in-depth.
I was trying to say that with my normal surfing pattern (which involves lots of deep search and a fair bit of Web 2.0 sites) I have a hard time finding active exploits. I have no doubts that if I start hunting exploits, I'll find them easily.

 

one of my message contacts who i went to school with is infected with the photo album trojan
http://www.cisrt.org/enblog/read.php?62
may tell him at some point once i find out which tools can remove it.

 

I get email malware from time to time, oft they come in batches. Recently, there have beenmore than usual.

So far,AFAIK, no harm as my AV program catches them, or I am not foolish enough to open such messages.

 

Your only safe if the girl on the pictures is a DDD

 

Hello,

Just an analogy - a picture of a nuclear explosion does not really prove you will be a victim of a radioactive holocaust sooner or later.

And it does not disprove the theory. The question of "safe" is not the right one. It's the question of how.

People can have any security program they like, if they try hard enough they will infect their machines.

Your suggestion of punishment is funny. Medieval to say the least. Instead of focusing on possible advancement, you seek to repress them. And what if these new ideas are better than the old school?

You can still fix computers - it does not mean people have to run 100 programs, as if the choice or quantity mean anything.

I'm not in the mood to even begin explaining how I perceive computers and software. But once you get the hang of the basic, the magic of evil infections goes away.

But you don't need specific programs to keep safe. You need a strategy. Pure and simple. And that can be something as trivial as self-discipline, a complex setup of scripts and policies, a few programs, a mix of all these, or none at all.

But with the strategy - you need to understand what each step means. Without it, you're a blind man shooting ducks.

Mrk

 

LOL!

It's not often I agree with Mrk's statements, but I sure do on his last post.

Those pictures to me just prove that someone was careless and/or does not know what they are doing.

 

they show that you have found some nasties - nothing more. Infections may or may not be a real and present danger - but screen shots alone prove nothing.

This one really amuses me. Those who argue that they have had no problems for years running without AV, without AS and without software Firewalls are criticised and then you show examples of people who have AV, AS, and Firewalls who still got infected. Is it not possible that these people would get infected even in a Nunnery ?

As to the misuse of the word proof. I'm of the school of conjectures and refutations (Karl Popper et al). i.e something can be disproved by the evidence but no amount of evidence can prove a case

Yes I can imagine. Even though I have never had a nastie on any of my machines I can imagine that it would be irritating. I would have to stop work for 5 to 10 minutes and restore a clean image. Of more concern would be theft of bank details and credit card but as I only use these on machines with
encryption following a reboot ...... the risks are minimal.

Anway as the OP I can only add that I wish I had asked not only when was the last time but perhaps more importantly how did you managed it ? The focus should be on prevention and not on software solutions. There is nothing inevitable about infection nor is infection necessarily a serious problem if you know how to deal with it.

 

You people are such experts... what more can I say?
You can downplay it all you want but the evidence is in your face!

 

Since you are not convinced... here is some more to please your eyes! (I can go on like this forever!)

This one is a browse to infect with a phony anti spyware !

 

hermes, its your place of business, so obviously you will see this kind of material.

its no different with eset forum here on wilders, only the problems get posted.

AV companys see thousands of malware per day, they dont panic, so why should we?

if you were a pornstar, im sure you would watch more porn than anyone else, because its your business,

more examples?

you understand what im trying to say?

 

Yes Please