Study: If you havent been infected by malware in the last 2 years

Lets see if this may tell us anything. If you fit in this category, just state what you use your computer for, brief online surfing habits and what type of computer protection you use. Brand specific must be excluded please.
Thank you.

 

What if you downloaded an malicious file but the malware didnt infect your computer?

 

Virtually every malware trace ever detected on any of my machines (excluding tracking cookies and the errant toolbar) arrived there via my installations of anti-malware products.

 

No infections whatsoever, not even tracking cookies. Scanners have either shown false positives or nothing. My surfing habits are usually revolving around reading newspapers, downloading lots of pictures, doing research in many fields. Sometimes I surf where I shouldn't, but never to test my computer.

I'm 99% of the time in shadowmode, excluding only 3 folders from the virtual volume: 'My Pictures' 'My New Documents', and 'Bookmarks'. My mail is through G-mail, also protected (not really needed) by the virtual volume.

I always use Opera, registry protection, antiexecutable, software firewall.

I never play with malware, and never test programs unless I really want to have them on my system.

I almost forgot: Wilders is the only security forum I routinely check... Unfortunately it is quite addictive.

 

Back in 2001 I believe it was, I was infected with some kind of malware. It was bundled into a cracked Mcafee firewall I had downloaded from some warez site. I had it running for three months until I changed my AV which I switched to after noticing one day that I had a connection to russia running in the background all the time.
That was my last warez I used on my computer.

After that I have not been infected, if I not willingly let it.

I surf everywhere I want even some pornsites. I do Download movies with P2P occasionally. I download software sometimes from sites that are not so known. I go to warez sites now and then when I want to look for some malware (havent found much though) I install and test relatively many programs. I never get any spam (I have made it very clear to anyone that I do not enjoy funny videos or other stuff people send to each other, just plain emails if they have anything to say.)

My defences up till Octoer last year has been a firewall, AV and different flavors of HIPS (tried them all). They never (in 5 years) reacted to bad stuff sneaking into my computer. (Thats one reason why I got rid of them)

My defense nowadays are Vista, Limited account and a couple of SRP´s (so I have to whitelist the software that tries to execute) a firewall. No realtime AV, I do some on demand scans now and then, no HIPS. And of course a browser that wont let scrpts run unless I say so. Not sure I need it though when I have LUA but it does no harm so I might as well keep it. Well, a snapshot and imagining software too if they count as security (against malware)

 

Hello,

Have not been infected.

Usage: Lots of p2p, lots of porn, online gaming, email, IM etc. The standard security includes firewall + browser. The "highest" security also includes an anti-virus.

Regarding anti-virus in the mentioned setup: it never saw real malware once - only several stupid FPs.

Mrk

 

Nothing here in ages - quite a while back I once got a warning that my home page was attempting to change, but in hindsight I think I must have accidentally hot-keyed the "make this my home page" thing, or maybe clicked an equivalent link on the page, rather than encountering malware.

Surfing habits ... "morning rounds" are mail, news, weather and comics, then later into boards like here and games, and probably in the evening some erotic not-quite-porn. Never any problems with the last one (I stick with a couple of favorites), and I once commented to the webmaster that he (?) obviously took great care to keep the site safe.

 

Not in the last 2 years.

Heavy online gaming and torrenting. Moderate adult surfing, office work, and general internet browsing (such as searches, couple of forums, shopping, etc...no real 'dark net' browsing any more).

Have used a security suite from one vendor or another during those 2 years and generally nothing else.

 

Haven't been infected for a lot more than the last two years.

Other than what I've got showing in the screenshot (which are all the running processes I've got going at any given time, minus IE, Frostwire and/or Trillian, none of which is running at the moment) the only other program I rely on is Javacool's SpywareBlaster.

I surf any-and-everywhere, do P2P, do IM'ing through Trill.

Sure, I check things out with a bunch of different programs just to make sure nothing's sneaking through - and nothing has. I'm not even real sure when the last time I had a false positive was.

Pretty anti-climactic, I guess. Sorry. Pete

 

My PCs are clean for better than two years, except for test units I infect deliberately. My primary PC is a dual boot, Win98 and 2K, most of the time running 98. It's a home PC for all the usual purposes, e-mail, IM, browsing anywhere, CD burning/ripping, some office work, etc. I occasionally use P2P. It's used on and off by about 6 different people, most of which qualify as typical users, not techies. It's rare when there's not someone using the computer here. Doesn't get much idle time. Except for the MVPS hosts file, there's no restrictions on where anyone might browse. Except for a few online games that require IE6, SeaMonkey is the browser that's used. IE6 is forced to go thru Proxomitron by firewall rules and is limited by rules to use on only a few sites.

Both operating systems are protected by default-deny security policies which are enforced by a firewall and HIPS. Both have very restrictive rulesets in place and are configured not to prompt the user. The PC is fully equipped with software for all the usual tasks, so other users have no need and are not able to install any more software. Web content is filtered thru Proxomitron. No AV, AS, AT, etc installed.

This PC has run into more than its share of malicious websites, e-mails, etc. None have been able to make any changes to the OS or the installed apps. The default-deny security policy and the apps that enforce it have worked flawlessly for over 2 years.
Rick

 

nothing for a long long time
FP's about the only frights I get these days.

behind router, AV, AT/S, firewall,
torrent junkie, some naughty bits [getting too old and the stuff getting too scary ]
anything really dodgy goes to a VM first, I occasionally have Boclean or Avast grab something in there, VM has same set up as real world,

yet I clean boxes with more nasties than you can imagine, well you probably can, and wonder how they got so infected

 

Just like our knowledgable and very sharp member Spy1 (plug) LoL

In over two years absolutely not a single intrusion, only on Windows 98SE. I once picked up something named command.com in the C:\ folder when i first started with XP, nothing malicious and it couldn't call out because of Kerio 2.15, that old obsolete iron wall of a firewall. I could only knock it down when i used to play in the Yahoo Groups Boot Rooms for fun, nothing on the internet or sites ever disabled it.

When HIPS popped on the scene, it was like using concrete instead of mortar between the bricks and this PC is been quiet ever since.

Just to humour myself at times, and only works on SP1 XP of course, i occasionally would run those old HTML exploits that use IFrames, remember the site that hosted You Are An Idiot! by white sheep or something, that rapid barrage of bouncing windows was so impressive to me that i just had to keet those files for fun.

 

Nothing on my main system for over 2 years. Its primary use is games, multimedia, surfing and email. I don't browse the dark side of the web or open dodgy emails. My basic protection consisted of a hardware firewall, a realtime av and hips.

 

Never been infected on 3 machines at home. The only detection of malware was when a member of my family was sent a file via IM which was detected and deleted before execution.

Wasn't even infected whilst running pc-cillin 2002. My surfing habits are quite safe, usually visiting unknown sites for research (Uni college/assignments), IM, skype, email, etc, etc.

Largely, attribute this to deficiency 'darkside' disorder (ddd as I call it). One has no inclination of visiting that side of the world wide web i.e. no fettish for porn, warez, or illegal activities.

Have tested many security software, but have always come back to running a (free) Anti-virus in the long run. As my experience has proved, one does not require anything else.

 

Since March 2006, I didn't have any infection I know of.
I don't run scanners anymore, so it's very hard for me to see if I'm or was infected or not. I just replace my possibly infected system partition with a new one and that removes any change.
Anti-Executable should warn me, but it never did and I never check my sandbox.
I don't like to spend time on malware. In theory, I'm not supposed to have any malware on board after reboot.
I know the weaknesses of my approach and I can solve them.

 

I have not been infected for at least 4 years, but honestly I can not say, since I use no AV for 2 years and I had no firewall for a year, but I run random ondemand scans with various tools. I visit only a few webpages in my favorites, watch movies, listen music via WMP, chat via WLM, no games or porno.

 

Hi trjam,
I don't think this kind of subjective test is going to result in a "Eureka!" moment as you are trying to make a causal (maybe) connection between long term "cleanliness" and the use of strategy "X".

I believe the more important factor in determining the likelihood of long term "cleanliness" would be the learning experiences that user has had and how it caused them to use strategy "X"...

Just my 2 cents YMMV

Mike

 

all good points Mike. I guess what I am looking at is that it diesnt take 10 apps to do what 1 or 2 might. But it is subjective based on a users habits.

check your pm.

 

Sorry i would like to say i never got infected in my life which was true until 2 weeks ago....

I really regret not putting in more layers....

 

Could you tell us about this?

Probably a useless measure, per Murphy's laws. If you were to get infected, adding layers wasn't going to help much

 

Well as you would expect to nail one of us paranoid ones, it has to be a targetted attack by a world class hacker, employing the latest in malware techniques including rootkit techniques (bios jumping/metamorphic/polymorphic) and zero day exploits *specifically* designed to bypass the state of the art behavior blocking/sandboxing/hips software and the rootkit is invisible to all known rootkit detectors (even the private versions I have failed) I'm also convinced he has some way of cracking AES 512 bit and no it isn't a dictionary attack, cos my password is 40-50 characters long....
Oh and did i mentioned that this machine is airgapped with no access to any other machine?

Nah, not really...

I just turned off most of the security software (excluding firewalls) while I was doing some maintaince, i left for a while and forgot to lock the machine (admin account), some idiot came in before the screensaver lock out started and started playing flash games, and before i know it the machine was nailed.

 

Hello,
It has nothing to do with hacker xyz ... the person you mentioned probably installed something, as simple as that. Pure self-defeat, seems to me.
Mrk

 

No I haven't been infected.

Lots of p2p. Surfing news sites, forums etc. Moderate porn and a little warez.

I use AV, firewall and classic behavior blocker. Surf sandboxed. Light virtualization for the dark side of the internet.