Security

Poll: When was the last time you had to deal with an actual computer virus?

The TechRepublic Microsoft Windows Blog polls members: When was the last time you had to deal with an actual computer virus?

I have been using personal computers, both professionally and as an enthusiast, for a very long time. During the past 25 years, I have been compelled to deal with the occasional computer virus or other malware. Most of these incidents have been from novice computer users within the family tree. However, I (knock on wood) have not had a problem with a virus or malware attack in many years.

Sure, I still use Microsoft Windows -- I have PCs running Windows XP, Vista, and Windows 7 -- but I just don't get viruses or malware anymore. By deploying numerous lines of effective defense ranging from firewalls to virus scanning applications to common sense, I have been able to avoid these annoying attacks. And, by teaching these same tactics, I have been able to fairly effectively protect those family members naive to some of the hazards that the Internet can bring to bear.

But what about you and your business environment? When was the last time you had to deal with an actual computer virus or other malware attack on your Windows system? Do you find yourself putting out those fires every day or have your security measures paid off to reduce such attacks to the point of being practically a nonissue?

About

Mark Kaelin is a CBS Interactive Senior Editor for TechRepublic. He is the host for the Microsoft Windows and Office blog, the Google in the Enterprise blog, the Five Apps blog and the Big Data Analytics blog.

63 comments
danerd
danerd

hi,here is a message to all mac owners, i recently got a mac (for security ), i downloaded a small program, installed this program, the next thing i know my bootup jumped from 30 seconds to 5minutes plus, i was knobbled, my fault in trusting this program BUT it goes to show there is malware out there even for safe (ha ha ) macs.

jeslurkin
jeslurkin

...the only 'dealing' I've done is tell Threatfire, etc. to quarantine something. I use a 'Downloads' partition, and run MBAM before accessing any file in it. (Yes, I shut down the browser and all other anti-malware apps before running MBAM.)

jeroldo
jeroldo

Just this last week when my neighbor came over with his newly acquired laptop complaining about it being "screwed up". He had been searching multiple xxx websites with no firewall, no malware protection and no anti-virus software. Just running it bareback. Serves him right!!!! I fixed it for him. Updated everything. Installed the missing software including a firewall and sent him back home. So far, no further problems. Oh, I also set myself a blind access so that I can get in an make changes but he can't. I told him about it and explained why I did that and he seemed ok with it. Other than that, I haven't experienced a true virus for many years. Otherwise, just a couple of pieces of crapware that kept loading pop-up advertising is all I've found.

Zeppo9191
Zeppo9191

Personally: too long ago to remember. Professionally: Just this week. Multiple times. It seems that all too much of my workday is spent cleaning viruses from users' computers. However, I must say that if it keeps me employed, I'm happy to continue doing it!

bobdavis321
bobdavis321

About once a month I remove a proven virus, last time it was a fake AV on a company laptop. I had to use Regedit to shut it down then MBAM to remove it. However even the best AV misses a lot of virus' and Last week I replaced a computer because two apps stopped working and reinstalling them did not fix them. Virus? Corrupted Windows? Who knows....

jevans4949
jevans4949

One of those trojans with the pop up "your computer has dozens of viruses" jobs. On my daughter's Vista home laptop. A friend had a similar one last autumn.

john barker
john barker

the last time you had one it got on my conputer or i gave it to youall a girl was help me out so i dont know who gave what john barker

ultimitloozer
ultimitloozer

The poll question asks when was the last time you had to deal with a virus on YOUR Windows system, but most of the responses here are about work systems or other people's systems. My systems have NEVER been hit, but I do have a WinXP VM that I created specifically for the purpose of infecting it so I can show people how to use the boot CDs that I create to clean up systems. And I do clean up systems for a lot of my friends and neighbors. About 2 weeks ago was the most recent one. I think I have the family side of things taken care of now so they are no longer getting infected.

joy64
joy64

I have always owned computers that ran Windows. My son started us online when he was a teenager 19 years ago. He and I have always had a firewall and run anti-virus programs. Neither one of us has ever had to deal with a virus, trojan, etc. If you're going to be online you have to be smart about it. I can't believe that there aren't more people who checked never on your survey.

roch
roch

My wife's laptop was infected (badly!) by koop via some Facebook attachment that she openned... which then infected my FB account when I checked in using her computer. Using AVG 9 (free) but this one slipped through, and then disabled AVG from running, even in safe mode. The "virus/malware/bad thing" effected the BIOS to force shutdowns of the system, and I was unable to keep anything running long enough for a full virus check/cleaning until the BIOS was updated by the manufacturer. Then I used an Avira AntiVir bootable CD to fully disinfect the system (7 infected files found and removed by Avira). NOT something I want to have to go through again soon!

john3347
john3347

I don't know that I have ever had a "virus" that was technically a virus. I have incurred several forms of malware over the years, the most recent being a phishing attack on a credit card account. This was very recently and such malware seems to be more prevalent - and sophisticated - than it was as recently as a year or two ago.

widd11e
widd11e

The first and last virus I got was in the year 2000, and it was the feliz navidad virus. (hope I spelled that right) After going through that... it was time to put my thinking cap on, and learn how to keep them off of my computer. I use a AV and firewall, and just common sense.

rquance
rquance

The last malware I dealt with was the poorly behaving AVG link scanner, it completely shut down my wife's Internet access. I have used AVG for years and this is actually the second time they have made a mistake in their programming.

Dr_Zinj
Dr_Zinj

Other malware on the other hand, I get to deal with every couple of months.

Osiyo53
Osiyo53

I answered "more than six months ago". But I'm not sure that incident even counts as it was not work related. It was a machine belonging to a relative. Professionally, at work? The last time we had a successful virus attack was about 4 or 5 years ago. And that got traced down to an employee who brought in a disk with some files he'd downloaded off the Internet. Note, I specified that it was the last time we had a "successful" virus attack. From time to time I've noted that our system has reported that "suspected" files were either blocked or promptly deleted. The same goes with malware. In all reality, worry and concern about a virus or malware problem for us is pretty much a non-issue. Both as a result of preventative measures taken, such as firewalls, protective software, etc. AND as a result of care taken by our users. That last successful virus attack was a lesson to all. Our folks are EXTREMELY careful about bringing in disks or memory sticks or whatever with questionable files on them and then inserting the same on a work place machine. We don't prohibit them from doing so. But its been made clear that folks will be held accountable for their actions. No, we didn't fire the guy responsible for that incident. He was disciplined appropriately. But perhaps the worst of it was his embarrassment as it became known to EVERYONE that it was his goof-up. No one else wants to be the next one up to get his or her name and picture in our in-house magazine, associated with such an "Honor". Likewise, we do not block Internet access from the office. But it is well known that the company monitors and records all sites visited. That's no secret. And our users have been educated as to the kind of sites where they would be most likely to encounter viruses and malware. Needless to say, they're very cautious about what sites they visit on company time using company machines and Internet access.

Ocie3
Ocie3

I replaced the internal primary HDD on my computer with a new one, then installed Windows XP on it along with the drivers and all of the software that I use, either from the original CD-ROM or from a "fresh" download. Of course I updated and reconfigured all of it as well, and restored copies of data files from an external USB HDD on which I had retained them before nuking the former internal HDD and removing it. That external USB HDD now has some copies of disk and partition images on it, too. The reason I did all of that work was to eliminate an evidently [i]"undetectable rootkit"[/i]. This was my sixth or seventh attempt to do that. After each of the previous nuke-and-reinstall odysseys, the rootkit has become evidently re-installed within 3 to 7 days after I've finished the re-installation tasks. Yet, thus far there have not been any anomalies which would disclose that the rootkit has been re-installed. Also, I have not returned, so far, to a web site which I have come to suspect as the origin of the rootkit. If that web site has indeed been the origin, then the rootkit was probably installed by using JavaScript or by a Java program while I used services that the web site provides. Nonetheless, the rootkit usually announced its presence by crashing either Windows Explorer or explorer.exe, and that hasn't happened thus far. However, one time it was re-installed within three days without my visiting that web site, and yet another odd entry in the firewall log at the time left the impression that its re-entry might have been preceded by a worm passing through the firewall. Shortly after finishing the most recent re-installation tasks, I ran Malwarebyte's Antimalware. It found 14 copies of a worm (Autorun.B -?-) masquerading as Windows XP OS files that were in the external HDD Recycle Bin. I had accidentally copied some Windows XP OS files to the external HDD, but stopped the process and deleted them. The worm would have had to infest those files before I began the task of "starting over from scratch". Then again, more than 40 days passed since the day I last visited that web site and the day that I began the "re-install it all" remedy. .........??? Oddly, aside from probably serving as spyware and evidently communicating with other computers [i]via[/i] the Internet, the malware seemed to have no purpose except to slowly corrupt the OS and the utilities and applications that I use. As far as I could determine, it neither corrupted any data files nor attached itself to any outgoing e-mail messages. The performance of the computer would eventually degrade so much that re-installing "everything" [i]literally[/i] became inevitable. It has seemed most likely to me that the undetectable rootkit was the work of a rogue employee of the web site owner or operator, since it seems that the enterprise would have little to gain and much to lose by installing it as a policy and practice. As to how many computer systems have been compromised by it, I have no idea at all. Well, if life gets too boring around here, with everything that I've learned about dealing with malware during the past two years, I can go back to that web site armed and "loaded for bear". ;-) :-)

andrewgauger
andrewgauger

I regularly self infect my lab to test my ability to respond to an infection. Does that count?

KarrasB
KarrasB

Added the much-maligned Norton in spring of 2000 and have never been hit by a virus since.

NickNielsen
NickNielsen

Probably back in 2008. And that one got in because a new hire clicked on the "Your computer may have a virus. Click 'Scan' to remove" link.

jlwallen
jlwallen

at work? every day. but we support mostly windows machines. at home? never. why? Linux.

DoCAnalyst
DoCAnalyst

Back in 2004 a major virus ran rampant though the Princton Medical Center, I was brought on as temp help to stem the tide, and stayed an aditional 8 months.

Tink!
Tink!

It was a minor thing though. My boss brought in one of his home computers that had just suddenly quit connecting to the internet. A friend of his had "fixed" it and got it working temporarily but then it went out again. He did a System Restore but still no luck on the internet. Lo and behold when he brought it in, I found that Windows Security Center had been disabled, he had SpySweeper but it hadn't been updated recently and had the anti-virus component was off and no longer available. It was a really simple fix. Just re-enabled Windows Security, updated SpySweeper and ran a full scan. It found a few malware and a few minor virus which it cleared. He took it home and it worked just fine. The big question is WHY or HOW all the anti-virus and security measures became disabled in the first place, but that I can't tell just by looking at it.

itpro_z
itpro_z

I have about 300 users on my network, a mixture of XP, Vista, and Win7. While the Vista and 7 machines have been very secure, I regularly have to clean infections from our XP systems. Most are of the fake AV variety, of which some are easy to remove while others not so much. Interestingly, most of the infects originate from Google searches. Google is riddled with false and hijacked links that lead to infected sites. As I have encouraged my users to stop using Google I have observed the rate of infections to decline.

Tommy S.
Tommy S.

It came on a floppy with a copy of Wolfenstein 3d on it. On my personal computer that is. I always had at least 2-3 windows machines at a time. I cant help but being too l33t for viruses I guess... I always see them from time to time at work or on other people computer thought.

Slayer_
Slayer_

And it was a funny virus. But Avira quickly stomped it once I did a full scan. The other virus I had was now a long time ago, was a real brutal one, every time you went online it started downloading more viruses. Had to format the disk from that virus.

richard.moore4
richard.moore4

I deal with laptops, which people take home, and while we suggest that the owners install antivirus, it's not mandated. I last dealt with a virus yesterday. I'm a bit surprised I haven't run into any yet today.

Mark W. Kaelin
Mark W. Kaelin

When was the last time you had to deal with an actual computer virus or other malware attack on your Windows system? Do you find yourself putting out those fires every day or have your security measures paid off to reduce such attacks to the point of being a non-issue?

HAL 9000
HAL 9000

Malware for the Unix type systems that by no means means that you have to place your brain in a bottle to keep it safe and do as you like. Every OS has it's attack vectors and every OS has problems. Here though instead of opening a e-mail you had to manually install something so from that prospective it's safer than a Windows OS but that by no means implies that it's not possible to infect a MAC. Just keep in mind the very first Computer Hacking and Infections where all aimed at Linux Systems and it has only been since the advent of Mass Appeal of the Net that Windows has become the preferred Platform to attack. ;) Col

DNSB
DNSB

We have a couple of infested VMs we use for testing but I wouldn't refer to them as "infections". There was the embarrassing moment when we infected a laptop connected to the test network but that took a real group effort.

nospam.online
nospam.online

On my personal computers it's been a couple year's since I dont do some of the more common way's to get any infections. As far as computers I've worked on, yesterday. Lady handed me a laptop with illegal software, malware, virus's and the cooling fan was clogged up so bad it would shut off after 20 minutes. I did a complete wipe and had your get original recovery disks for re-install and then did a complete cleaning. used up my air and cleaning wipes. Had to install Vista home, so now I need cleaning.

danekan
danekan

we had our first major outbreak here in over 3 years about two months ago. the latest version of Symantec Endpoint Protection with latest virus definitions didn't even stop it. It affected XP and Vista computers alike, and spread over the network not by users doing anything stupid on their computer. It took thousands of man hours across the company to cleanup and caused some security concerns. This particular virus instantly downloaded any saved password from the users' browser and uploaded them to FTP sites the virus authors had set up. Then from there, the virus authors had their own robots somewhere that were constantly re-downloading the files off of the FTP site. once we blocked the traffic on the firewall that wasn't a big deal, but uhh.. :X It seems like modern virii don't care as much about wiping out all of your drives like they used to, now they want to steal data. Minor outbreaks are pretty common... I see a lot of Internet explorer stuff come through as this or that downloader trojan type stuff. Symantec usually deals w/ that and it doesn't require manual intervention. spyware/malware... now that's a whole other topic IMO. those happen a lot.

Dave O
Dave O

It was a rootkit that arrived in a PDF file I accidentally opened. Our head LAN Nazi doesn't like us to upgrade to newer versions of software without his sayso, so we are running an outdated, insecure version of Adobe reader. Symantec AV said "I tought I taw a rootkit. I did! I did!" Did it stop it? No. The document wanted me to turn javascript on in Reader, but I said hell no and I think I stopped most of it. Still, I had my laptop reimaged and am back in business again with the newer version of reader installed. Better safe than subservient.

moriarty the mundane
moriarty the mundane

Working in a school with 400 plus pc's we get a lot of viruses(virii?)we have the same ones week in week out and Symantec does the job albeit seems a little fragile. Three years ago I had a major breakout that took a server down permanently needing a total rebuild and badly affected another. Luckily, we got through it but it necessitated rebuilding most machines and leaving them off whilst we sorted out the attack. Personally, I could happily castrate the instigators of these viruses....

the_webninja
the_webninja

Now a days they create Viruses that are so Complex you are lucky if you can even Detect them! Most people don't even know it is a Virus that causes the Blue Screen of Death to appear in Windows when their system crashes and they can't reboot. Or their system becomes unbelievably slow, and they don't know why. Things such as the Russian Mafia farming out computers for e-mail Spam is just one small example. Then there are the whole OTHER group of Russian Mafia who is trying to hack your system for your Credit Card information. Do you think your Anti-virus program is going to detect it? Don't you think they they thought about that before they designed the Mal-ware? As far as myself I had to Re-install TWO Windows Based Operating Systems recently because Track Zero in the Hard Drive was Corrupted. Now if I am right THAT didn't actually solve the Problem, because those types of Viruses will cause Windows to Crash but it moves Track Zero on the Hard Drive to a Different Location so it cannot be detected by your Anti-virus Program, thus when you re-install Windows the Virus hides itself in the REAL Track Zero and just slowly Destroys all the files on your New installation of Windows. So how do you know if you have a Virus? Most people don't. An NYB virus is just one of many that can behave like the type I just explained and it has been around since 1995. And they have gotten WAY more complex since then. Now with Root Key type Viruses you will never even know they are there. And they can do all kinds of Damage in the background. Such things as sending a Copy of every Word Document you type to the Creator of the Virus in hopes you will someday reveal enough information so they can use it for Identity Theft. Or Keystroke Recorders that do nothing more than record every Keystroke you make and track your URLs hoping you will go to your On-line Banking Site. Your Anti-Virus Programs are not going to detect these kinds of Programs because they already thought about that when they made them! To learn more about how to actually spot Viruses and Mal-ware go to Microsoft and Download their Process Monitor Programs so you can SEE just how many things are running around inside your Computer in the Background. Then you will have a much better idea of how to tell what IS and What is not a Virus. Or you can Switch to UBUNTU and lower your Chances of getting Viruses all together. :) http://www.ubuntu.com

XnavyDK
XnavyDK

I'm getting really good at removing them. if they would stay off the sites they get them from...

Thack
Thack

I'm not a sysop; I'm only responsible for my own computer. I've had a PC since Windows 3.11, and I've never had a single virus infection. (I had other computers before then, but virus infections were unheard of for those.) Since I got broadband (when it first came to my area) my machine has been permanently connected to the Internet via a straightforward ADSL router with NAT and the usual security features. Before then it was connected via dial-up. I used various security products over the years, including the Zonealarm suite, the Symantec stuff, and most recently NOD32. It all came to a head five years ago, when I realised that I had never, not once, had any kind of genuine virus/malware alert - i.e. a real infection that was blocked and logged. So I decided to get rid of all the third party anti-virus/malware software on my machine, and just rely on whatever comes with the OS. So far, no problems at all. How do I know? I scan my machine every six months using the free Kaspersky scanner (which has the same detection performance as the paid-for product). It is true that there is a very small chance that an embedded rootkit could evade such a scanner, but may have been picked up on its way in, so to speak. But bearing in mind I've had such a long history of zero malware, and every scan comes up clean, and my machine is entirely free of suspicious activity that I can detect, I'm as confident as I can be that my machine is clean and always has been. Even malware protection doesn't give you 100% confidence. If you live in the East Midlands in the UK, you'd be welcome to come and check! To what do I attribute this success? Well, my PC runs all the time and is connected to the Internet all the time, but I've used the Opera browser ever since it came out (I believe IE was a major target for malware writers). I practice safe surfing (which I think deals with 98% of the risk). I never use bit-torrents for downloads, and in fact all downloaded software comes from trustworthy sources. I never open unexpected email attachments, and I'm fairly computer- and internet-savvy. I don't do any online gaming. I never put any disks or memory sticks in my PC without knowing exactly where they've come from. I always keep my machine fully patched and updated. Oh, and just because I'm an inveterate tinkerer, I usually end up formatting and reinstalling Windows every couple of years or so. That's about it. Frankly, such basic, common sense procedure seem to be all you need. It doesn't restrict my usage of the computer at all, and it has worked for me. Important note: I am emphatically NOT advocating this approach for anyone else! I am merely relating to you my particular approach, and my particular experiences. Every time I report this in various forums or newsgroups, I get flamed by people who seem to think I'm being selfish and irresponsible and putting everybody else at risk. No doubt it will happen this time. To them I say: where is your evidence? Pop round to my place and see if you can find ANY kind of malware infection on my machine.

nancy0123
nancy0123

One month back virus attacked in my system due to this i suffered with lot of problems my complete important data get lost but after that incident i always create backup of my system so that i can prevent from it.

matthew.flower
matthew.flower

I bought a bargain reconditioned Sat Nav from the TomTom Outlet store, but as soon as it was out of the wrapper I connected it my computer to back it up and update the maps and software. My virus checker immediately stopped autorun.inf from running. It didn't warn of any actual virus, so I assumed it was precautionary stopping the automatic install of TomTom Home (which I has already downloaded seperately, so I didn't care). However the backup process was stopped by the virus checker and a subsequent scan of the device highlighted a worm hidden in a wastebasket directory (one that shouldn't have been there). I deleted autorun.inf and the wastebasket folder with all its content, and everything has been fine since. It only took 3 iterations through the software update process to get up to date. The big question in my mind however is what sort of company sells reconditioned kit without completely wiping the device memory and installing the latest build?

JuliaX111
JuliaX111

Not my system.. yet another XP machine with Norton Internet (in)Security installed. w32.vundo an old friend.. I get rid of Norton and install avg, firefox and noscript .. stops them coming back a week later

DNSB
DNSB

In my work environment, I find the majority of the users practice "safe computing". The majority (90%+) of the problems come from around 2% of the users. The type of idiot who takes his laptop home and let's the teenage offspring use it to download music and warez. The nincompoop who disabled the virus scanner because "it made the computer too slow." The one who installed a downloaded game after having his son use ERD Commander to change the administrator password.

dwdino
dwdino

Seem to remember something about them a while back.

jfuller05
jfuller05

I'll have to deal with a malware/spyware attack at work. My boss wants the web browsing to be wide-open just like you're at home. Users can download anything they want, like I said, it's as if the users are browsing on their home computers. I don't have control over the matter.

V.H. Scarpacci
V.H. Scarpacci

Unfortunately we have been hit mostly from various Fake AV types of attacks. Our AV software is old and doesn't have the functionality to stop these before it is installed. Worse is the users that don't listen and go ahead and click OK as if this is real. Training is the second best teaching tool for them, experience is #1.

AV .
AV .

It was a rootkit, too. The user claimed that she clicked on a picture in Google images and thats how she got infected. I'll never know if thats the real truth, but the troubling thing is that our Windows desktops at work are all locked down. Users can't install software. The virus protection and malware detection didn't even notice it. The rootkit contained several trojans, dnloaders, lots of malware, etc., that would normally be picked up by one of our scanners individually. Combined in a rootkit, they were able to elude the scanners. Lately, our virus/malware defenses aren't enough. Most viruses that we have are coming from the web and it doesn't seem to matter if the PC is locked down. We don't have web security software where I work. Management never wanted to pay for it, but since it was one of the managers that had the rootkit, they decided it was worthwhile. AV

AnsuGisalas
AnsuGisalas

Might have been 1993. Forgot a 3,5" disk in the drive on boot, and up it went. Really simple virus, not capable of doing harm to files or anything. Blocked windows loading though, but a simple boot disk worked and it could be manually removed. I didn't get any kind of malware tool until much later. Now I have zonealarm extreme, and it seems to work ok. Hell of a drag on the system when it updates though, but it's also extremely possessive, and won't let any other AV or firewall run properly. As long as it's just as effective against malware I guess I'm okay.

TheProfessorDan
TheProfessorDan

When my son was little, he called everything that had wheels a truck. We do the same thing with the term virus. Most of what we call a virus nowadays is more than likely spyware or malware. The way that I equate the difference between a virus and spyware is a virus is a thief that has to break into your house and spyware is like a really annoying salesperson that you invite in and won't leave.

wizard57m-cnet
wizard57m-cnet

A long time ago, as far as my own personal computers go. My daughter was playing on AOL, got sent some sort of old DOS bug via IM. Last one I dealt with to any extent for family/friends was in 2003 or so, brother-in- law, some sort of trojan from a Limewire server on his computer, sent him a bootdisk with cleanup tools, off he went. Also told him to disable Limewire, or use extra precautions!

bboyd
bboyd

outside of work its a matter of habit and caution. I've perused some risky websurfing investigating things. In the course of that had to isolate and delete a few infected files. No active infections from it though. Behind company firewalls my restrictions are high enough that I would have a hard time just getting to said sites. The only vector we have had an intrusion in that way is a .pdf attack that could have been avoided by better email filters. Adobe is on the company S**t list now. In my outside support work F&F I've had two friends that needed help recovering from bad attack that should never have happened. No updates and old Norton AV.

leo8888
leo8888

Sounds like your boss is not concerned for downtime and the possibility of lost or corrupted data from the constant infections. We also have web browsing pretty much wide open, with the exception of blocking facebook, myspace and utube at our routers, and we never have any downtime due to infections. What browser are you using on your network workstations? We have everyone using SeaMonkey for general browsing and I.E. only for work related sites that require it. We also have settled on running Vipre antivirus after having used eTrust for years. Vipre is an excellent product with centralized management via a server console application and is very cost effective. You may want to look into it.

jred
jred

We support many different companies, and one of the big things is cleaning them up AFTER the fact. The fake AVs are what we see the most of. Some of them are a bugger to clean, too.

ultimitloozer
ultimitloozer

You don't want to have multiple firewalls or AV products running on a system simultaneously in any case. It's only gonna cause problems, especially if the AVs both do on-access scanning.

tbmay
tbmay

Hard Drive Protection Regardless of the malware, it's the best answer. Lots of users won't like it. The question then becomes how important productivity is. If they need the web to do their jobs, and honestly most people working at computers do these days, then this is much more effective than fiddling with desktop policies and web filtering. (Of course filtering the web has purposes beyond malware.)

taylorstan
taylorstan

I will say that most of the F&F infections i deal with are from computers that have Limewire on them. I tell them to stop using it, but do they listen, NO! So I get a call every 4-6months about their computers going kaput. At work, I am sad to say that I don't have control of the network. I have an uneducated superior that thinks firewalls and proxy servers are "too expensive" to deploy and having restrictions on the internet will hender productivity. So guess what, I get an infected machine every month. Guess I can call it job security...pfft.

jimmeq
jimmeq

Knock on particle board. (No real wood in my office) I ran Malwarebytes and it found nothing on my work PC. The few attempts to infect it were thwarted by Symantec Endpoint. I wish I could say the same for end users. Do to loose Internet policy, our organization gets a malware infection about once a month. Despite having SEP on the all the PC's, Trojan.Dropper planted itself on one. I have noticed a pattern of the same staff members PC's being infected over the years and they are company executives. Sigh. Well, this does keep us employed!

jfuller05
jfuller05

I can't block any sites, or disallow downloading and that's where a lot of the problems come from. Each user doesn't get infected once/twice a month, it's different computers that are infected, but you're right that shouldn't be happening. IE is the popular browser, I don't choose that either. :) Some users run McAfee while the majority run AVG for business.

Oreamnos_americanus
Oreamnos_americanus

The last actual virus I had to deal with was seven months ago, however I have moved from direct user support to software acceptance testing since then. As other posters have mantioned malware is more common with the controls we have in place. Defense in depth is our answer, Firewall, e-mail scanner (AV & spam), AV on servers and on the desktops as well as a managed desktop limiting user rights to install things. My last personal experience was three months ago when researching a software issue. A tech question and answer site in the Netherlands tried to plant JS_REDIRECT.SMF on me. Trend caught it and I notified the site owner in case they had been unknowingly comprimised. Didn't hear back.

pgit
pgit

Limewire per se isn't in itself the problem. But it's too easily misused, and the ethical considerations have me recommending it not be installed, let alone used in any way. But you're right, the debate always shifts back to the end user, their diligence, the fact that many tell me having to be careful at all while using a computer is "unfair," all the usual factors...

Datacommguy
Datacommguy

Limewire - and it's free cousin Frostwire - often show bogus 'matching' hits for a search involving a music file, video, or picture. If the user is not smart enough (or educated enough) to ignore a 'match' that's one tenth the size of the music file they were looking for or an obvious executable instead of a wav, mp3, jpg, avi, wmv, etc, and then download and double click it, that's only partially the fault of the peer-to-peer sharing software and it's network and servers. Granted, those extra 'hits' are bogus and potentially dangerous - and so is sharing files with an unknown source - but a little common sense coupled with the use of a commercial (or free) anti-virus package which will usually catch infected files as they're written to disk or scan them after the file has been downloaded seems to me to shift the bulk of the responsibility to the user. Personally, I've used several peer-to-peer programs for years - including Frostwire - and have never seen or had a problem beyond the obviously bogus hits. The virus/trojan problems I see from users these days usually come from inadvertant access to an infected web site or ill advised trust in attachments in email from what appears to be a friend.

pgit
pgit

Limewire is poison. I lost count of how many users have been hosed through limewire. A lot of the compromised boxes belong to end users who are very careful, keep everything up to date and do nothing untoward. But junior or missy come home for the holidays and load up limewire, and that's all she wrote. Most of my users that have been screwed like this had no idea limewire was on their system, most have no idea what it is, even. So far this year I recall around a dozen folks who came to me with problems, and left with a new policy; the children do not touch their computers, either they get their own or do without. The last one of these was an accountant, utterly dependent on a single computer despite my constant nagging people like him have "n+1" computer(s) available when engaged in money and/or time critical commerce. He brought the computer to me on April 12 and needless to say needed it a minute before immediately. Sometimes I don't know whether to loathe limewire or thank it for all the work...

mic1235
mic1235

Malware is what I run into mpstly.

Tink!
Tink!

it can be a useful tool, when used by someone with a little computer sense. I feel for you though, as the average user seems to lack the necessary computer common sense.

ngoodey
ngoodey

we have a fortigate scanner, a sonicwall firewall and mail security for exchange (+ SEP on each server) covering the network as a whole, and that has been fine for about 16 months now. However, I have about 40 remote users, and although they also have SEP installed, it is always the same one or two users who manage to get an 'infection' (usually safestrip or similar) every couple of months because they also use facebook etc and don't consider the risks properly when browsing. very frustrating, but it keeps me employed!!

Editor's Picks