How did your machine get infected

[jimbo45]

Hi all
I keep reading in this section of people with zillions of problems of Malware, trojans, viruses etc.

In my experience, and I've been using computers for a long long time I've rarely come across ANYBODY whose ever had a problem on a HOME computer (note not a WORK one) and the ones that have had problems is because they have downloaded some music or films from those "mustn't say where sites".

So I'd like to ask people who seem to regularly get their machines infected - please state how your machine got infected and if possible the site address or at least a description of the site (no direct links please to warez / torrents).

These bad link and download descriptions would do the community a huge service.

I still feel the problem is more perceived than real.

cheers
jimbo

 

[harpua]

I download lots of "stuff" from various sources on the net, and never get infected with anything. A little common sense, AV scanning, checking suspect files with virus total if indicated, test installing in a virtual machine on occasion if really concerned, and it's pretty safe, at least ime.

And if I did get infected and couldn't clean it out with Malware Bytes or a similar tool, I could always just swap in one of my recent backup clones or restore a recent image backup. So I don't personally see a great need to be afraid of being a bit adventurous with the downloading. But, of course, there are some sites and files I would definitely avoid. I usually know them when I see them.

 

[aem]

Download program and installing is the main threat for me. Before i used to just click the .exe and never thought about what it is. Nowadays, i think heaps before i click. Always do scans of the file before clicking, Alway unzip any zip file or .exe and then do scans, and finally use abit of common sense i suppose. If a program you download looks small in size than what it should be, chances are it's dodgy and you shouldn't install or open.

 

[gamepro127]

ESET NOD32 Smart security v4 let in a USB worm. (Yes, Fully updated, legit license, exc)

 

[TheSchaft]

A number of the infections come from popup ads on otherwise legitimate sites.

As a class of sites, I have found that a lot of the animated screensaver sites are honeypots for all kinds of malware - go there and they will try to download something.

I run WoT to at least give me a heads up on sites, and would recommend it, or something like it, for everyone.

 

[Dinesh]

I search for malwares, trojans and other viruses so that I can infect my OS (Virtual win xp) and then I try different AV to remove the malware. You might think I m crazy but this gives me something to do. LOL.

 

[harpua]

@gamepro: No AV app is or should be counted on to be, 100% foolproof. It's better than nothing though and if it keeps 98% of malware out, it's doing pretty well, imo.

@TheSchaft: Thanks for the recommendation re WOT. Going to give it a try out. Rep added.

@Dinesh: I sometimes play around the same way and take similar security measures when doing so. Or I just download stuff that I know is risky. I think it's fun too (if in a virtual machine) and good practice for dealing with and removing malware.

 

[blackroseMD1]

I went out of town for a week, came back and my roommates had gotten one of those fake AV malwares onto my machine. I was able to remove it and, since then, make sure to use Deep Freeze anytime I am going out of town.

 

[Jacee]

jimbo45, here are two forums and their index page for just the people who are infected and need help...
Virus/Trojan/Spyware Help - Tech Support Forum
BleepingComputer.com -> HijackThis Logs and Virus/Trojan/Spyware/Malware Removal

There are many more forums who help these people ... I am a member of a few who help with the malware situation.
Read through just a few of the posts and decide for yourself if you still believe this statement to be true:

I still feel the problem is more perceived than real

BTW, posting where you got infected really is of no service to anyone reading this topic. Those of us who work in the "field of Security" know more than you think we know and it's being passed on to the proper people

 

[torrentg]

because they have downloaded some music or films from those "mustn't say where sites".

It's not so much multimedia files that pose a threat on these unbeknownst distribution networks. The problems and threats are mostly posed by the application software(s) that are downloaded. Many times, install .exe are patched in such a way that they actually really do install the software the "user" wanted, but either silently or not very, install malware in conjunction.

Best to use A/V under said scenario. Otherwise, with NAT devices so common nowadays (simple home routers), most users are pretty much safe unless they click on those "wonderful" spam type ads or while using browser with vulnerabilities.

 

[Creer]

Hi all
I keep reading in this section of people with zillions of problems of Malware, trojans, viruses etc.

In my experience, and I've been using computers for a long long time I've rarely come across ANYBODY whose ever had a problem on a HOME computer (note not a WORK one) and the ones that have had problems is because they have downloaded some music or films from those "mustn't say where sites".

So I'd like to ask people who seem to regularly get their machines infected - please state how your machine got infected and if possible the site address or at least a description of the site (no direct links please to warez / torrents).

These bad link and download descriptions would do the community a huge service.

I still feel the problem is more perceived than real.

cheers
jimbo

Hi jimbo,

It is not so easy to explain.

You see... recent studies have reported that about 48% from infected websites are dirty sites that feature adult content. More about it: Norton Safe Web, from Symantec - Dirtiest websites of Summer 2009

But there are also trusted websites - infected by hackers - it is very popular because you can get infection when you are sure that nothing bad happen to you at this moment because you surf on your trusted site with news or whatever. This is very dangerous because you don't have to download anything or open! - to get infection you have to only enter on that (infected) website - et voila - you are infected. This type of attacks is called "drive-by download" anti-virus rants: what is a drive-by download?
Drive-by Downloads: How much of a Threat Are They? - Wilders Security Forums