Malware alerts in the past year

Discussion in 'polls' started by Mrkvonic, Dec 3, 2006.

?

Malware alerts in the past YEAR

  1. Single port scan

    6 vote(s)
    19.4%
  2. Multiple port scan

    11 vote(s)
    35.5%
  3. Homepage change alert (any browser)

    4 vote(s)
    12.9%
  4. Anti-malware alert during download

    8 vote(s)
    25.8%
  5. Anti-malware alert for email attachment

    9 vote(s)
    29.0%
  6. Anti-malware alert for various exploits

    11 vote(s)
    35.5%
  7. HIPS warning of DLL injection, hook etc

    9 vote(s)
    29.0%
  8. Other (please specify)

    4 vote(s)
    12.9%
Multiple votes are allowed.
Thread Status:
Not open for further replies.
  1. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,

    Prompted by Escalader's idea, here's a complex poll that should give us a rough indication of what happens daily in our PC environments.

    First, I would like to note that the poll is multiple-choice, as you can experience more than one type of alert. Second, I would kindly ask you to be as detailed as possible in your answers. Third, please refer to alerts ONLY that occurred when you were innocently using your machine - NOT during testing.

    Some explanations to the categories:

    Port scan - single port alert.

    Multiple port scan - several ports scanned at once.

    Homepage change alert (any browser, not just IE).

    AV alert to a download from website (which you thought was good).

    AV alert to a download from email (not Re: your website spammery).

    Any program alert to a malicious web script being blocked - Here, I would kindly ask you to elaborate - was it your AV/AS/AT that stopped a WMF vulnerability, a web filter that stopped a javascript exploit etc.

    HIPS alert to a DLL injection, illegal hook, hijacking while browsing / chatting / gaming / p2ping etc.

    I think that's about it. Once again, if you could go into details, tell us of specific settings that brought you to experience these prompts - and how you responded.

    Please refer to the last YEAR, if you can remember that far back.

    Mrk
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    only a multiple port scan here. This occurs when I remove the NAT/SPI box
     
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    *Anti-malware alert during download*

    sometimes i just happen to download a bad file via p2p. its usually a simple trojan, i just tell my AV to delete it.

    *Anti-malware alert for various exploits*

    i recently tried LinkScanner Pro and it blocked a site that i found via google search. also it blocked me from running the Man-X-L-erator spam tool but thats not serious.
     
  4. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    Honestly, I've had no alert whatsoever from any of my applications for the last 12 months!(AV+FW+HIPS+Registry protection+Virtualization+Opera).

    The only thing that really is out of control and getting worse every day is spam, and even though I deal with it trough MailWasher Pro, it is infuriating to see how these guys can violate your privacy and get away with it.
     
  5. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    Multiple port scan - a few times a day, especially when running Azureus (bittorent).

    EDIT: I see no alerts on the desktop, the mentioned port scans just appear in the log.
     
    Last edited: Dec 5, 2006
  6. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Just multiple and single port scans.
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,048
    I don't even look at port scans, but where I see pop ups on sites is from OA alerting me to Active X. I could silence the alerts, but it does block some of the annoying dancing ads. On the other hand I do want some things that are active X so it's working well for me.
     
  8. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    I get multiple port scans every other day.
    The AV alerts to a download from email have gone down recently, but this year there have been quite a few virus infected spam emails (attachments), maybe 2 every other week on average.
    I had 1 adware (NDIS popups) that made it past NOD32 this year on a game download. After finding the adware popups in IE during windows update and that manual removal process did not work (it came back after a few weeks), Boclean was installed and permanently removed it.
     
  9. ASpace

    ASpace Guest

    None . In 2006 I wasn't infected by anything nor I have received any malicious action alert . The last time I got something was back in the summer of 2005 ;)
     
  10. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    Everyone here has been port scanned. You can't prevent that. So noone can possibly say none. Besides port scans, I have seen webpage exploit alerts from my av when I was just surfing around, but no malware to speak of over here :D

    Alphalutra1
     
  11. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    Just to be clear,You mean no alerts that turned out to be malware right?
     
  12. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    No alerts of any kind.
     
  13. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,322
    Location:
    Philippines
    Believe it or not, zero alerts
     
  14. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    Wow, you must be using some super intelligent system that never prompts at all. Or it's broken.
     
  15. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    The only thing that is intelligent is my mind, compared to a computer, and your comments we all know are always over the top, but then it is your problem and chosen identity to create this kind of persona... Feel free to comment as much as you like, it is a forum after all!
     
  16. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    No port scans, no alerts of any kind, just like Osaban.
    My off-line snapshot has no internet connection and my frozen on-line snapshot is always the same after reboot.

    BUT I had several problems with legitimate softwares this year, going from insignificant installation errors to BSOD's and I was even stucked in an infinite loop without getting to Windows.
    So FirstDefense-ISR and Acronis True Image saved me many times.
    Isn't it funny that legitimate softwares are my worst enemies ? :rolleyes:

    Isn't it funny that my computer works a little slower, not caused by malwares, but caused by anti-malwares. :rolleyes:
    That's why I created an off-line snapshot, where everything works much faster, safer and without any disturbances.
    It works like a computer BEFORE internet existed, an oasis of rest and peace. I love that snapshot.
     
  17. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    Erik, I wonder how did you manage to bsod yourself?
    Mrk
     
  18. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Sorry, but I don't remember the legitimate softwares anymore, that caused BSOD's and even when I would remember them, it's very possible that they wouldn't cause any BSOD's on your computer. Each software has fortunate and unfortunate users.

    Since I have my new computer, I don't even panic or care anymore when something very bad happens to my system partition.
    FirstDefense-ISR or Acronis True Image save me each time. I don't even spend time on what caused the problem.
    So it doesn't matter to me anymore, which software it was because I recover so EASILY.

    All what I have to do is backup my computer BEFORE I start fooling around with unknown softwares and/or create a test snapshot.
    My personal data partition is another physical harddisk and can't be damaged by a system partition disaster.

    If I ever have a BSOD again, I will send you a PM about it. :D
     
  19. Devil's Advocate

    Devil's Advocate Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    549
    Saying your various security programs don't prompt at all is far more over the top than anything I can say.

    But i agree it takes a lot of intelligence to define prompts the way you do.

    IE "If I expect them or can explain them, they don't count as prompts".
     
  20. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    The very fact that I had NO prompts whatsoever does not imply that my system is faulty or too sophisticated. Most people who posted in this thread had similar experiences apart from port scans.

    I have been protecting my computer for almost two years choosing security applications according to Wilders community experiences, and by and large, I think we are all over protected (better more than too little).

    My security applications work well and I will keep them even if in most cases they are not needed. What really did the trick in terms of no alerts whatsoever are the following applications: LnS (stealth ports), Opera the most secure browser IMO), Mailwasher Pro which lets me preview e-mails with attachments.

    I can't be absolutely certain about rootkits, but I have more important things in life to worry about.
     
  21. pipester

    pipester Guest

    None. I cannot remember when was the last time I had an alert or infection.
     
Thread Status:
Not open for further replies.