Has anyone actually ever had a virus? I've never been a victim to one since I started using computers in about '92.

Is this normal, or am I just lucky?

tygertung - 2021-07-29 10:05:00

There are two kinds of luck - some people have had the other kind. I've removed trojans etc from people computers, but more often it's been browser hijackers etc. Had the occasional malware attack on a browser myself but it's rare. People are sold A/v programs when they buy a new device by the salespeople who, of course, make a commission and really know very little about the product and whether it's necessary or not. Scare tactics.

nice_lady - 2021-07-29 10:26:00

Maybe some people will download and install software which they have no idea what it does.

tygertung - 2021-07-29 10:31:00

I find it tends to be the same people over and over that have these sorts of problems ie a good chunk of the contributing factor is user behaviour, types of sites visited, propensity to click on everything and anything etc... Some learn from it the first time, a lot do not...

These days the OS and security software are a lot better at dealing with it, but even in the old days of XP it was still usually because someone clicked on something they shouldn't have and/or they had no / multiple / expired security software

Edited by king1 at 10:58 am, Thu 29 Jul

king1 - 2021-07-29 10:57:00

i looked at some viruses with kate editor on my linux mid 2000 year.

intrade - 2021-07-29 13:00:00

tygertung wrote:

Has anyone actually ever had a virus?

I had one back in the day, the "stoned" virus. Back before it was a common thing. Since? Never.
As a tech though I cleaned a LOT of machines, fully patched, up to date.
Most of it is common sense and the other few percent, having a decent AV that monitors the browser as well.

lythande1 - 2021-07-29 13:33:00

the big thing that helps these days is AV and firewalls come with the OS.

years ago we used to have techs, especially commercial techs, who would remove AV etc from home pc's. consequently infections where common.
there was a lot of issues with commercial techs dumbing down home pc security. until worms started to really make an impact. home pcs had the power to stop entire networks. so suddenly the industry started to treat home pcs far better.

2nd problem was many had brand name AV but it was never updated or license renewed. lack of customer understanding.

tweake - 2021-07-29 14:21:00

tygertung wrote:

Has anyone actually ever had a virus? I've never been a victim to one since I started using computers in about '92.

Is this normal, or am I just lucky?

{touch wood} My house has never suffered fire or earthquake but I still have house insurance. :-)

But the luck thing does raise a point. Some people will say "I've been using the Kamakoozer Antivirus for 15 years and I've never been infected. It's a good product" — or perhaps you've just been lucky?

wembley1 - 2021-07-29 14:37:00

No, just one bit of malware tho

lilyfield - 2021-07-29 14:49:00

wembley1 wrote:

{touch wood} My house has never suffered fire or earthquake but I still have house insurance. :-)

But the luck thing does raise a point. Some people will say "I've been using the Kamakoozer Antivirus for 15 years and I've never been infected. It's a good product" — or perhaps you've just been lucky?

i don't think its luck.
simply because an unprotected pc typically doesn't take long before its infected.
you don't actually have to do anything, worms etc will find your pc and infected it.
there still plenty of infected web sites around.

tweake - 2021-07-29 15:00:00

I've been attacked but never infected. Windows defender always seems to stop them.

muppet_slayer - 2021-07-29 17:31:00

tweake wrote:

i don't think its luck.
simply because an unprotected pc typically doesn't take long before its infected.
you don't actually have to do anything, worms etc will find your pc and infected it.
there still plenty of infected web sites around.

What if I get a computer and do a fresh install of XP on it and connect it to the internet with no AV? Will it get a virus real soon or not?

tygertung - 2021-07-30 07:54:00

I got malware dropped onto my work PC by an online ad a few years ago. It was due to a corporate policy preventing timely updates of browsers, so a fairly old vulnerability was still available to be exploited. It was detected but not blocked by the McAfee antivirus software, and the third-party contractor that the virus detection alerts were sent to took a full day to respond to it. Things have improved a bit security-wise since then thank goodness.

drsr - 2021-07-30 08:38:00

tygertung wrote:

What if I get a computer and do a fresh install of XP on it and connect it to the internet with no AV? Will it get a virus real soon or not?

I had a Win 7 system connected a few years back as a media PC, no security software, network connected, but not used for internet - nothing happened, no doom and gloom, no end of world scenarios...

if it is fully patched and just sitting there doing nothing, with no user intervention, it is highly unlikely... the only reason XP might would be because it is such an old system that has missed out on 10 years of security updates.

One potential risk with this scenario is it would be vulnerable if another machine on the network got infected, say with a cryptovirus that accessed any network shares...

Having said all that, I would not recommend trying this, especially if it's one you intend to use online...

Edited by king1 at 8:59 am, Fri 30 Jul

king1 - 2021-07-30 08:55:00

tygertung wrote:

What if I get a computer and do a fresh install of XP on it and connect it to the internet with no AV? Will it get a virus real soon or not?

some of the security companies actually do that test.
do a fresh install, no patches (ie someone at home who has to go online to get the patches), see how long it takes.
last one i heard of took ~5minutes until infected.

tweake - 2021-07-30 09:38:00

king1 wrote:

One potential risk with this scenario is it would be vulnerable if another machine on the network got infected, say with a cryptovirus that accessed any network shares...

Having said all that, I would not recommend trying this, especially if it's one you intend to use online...

I should also add another reason not to try this is the thus far undiscovered and hence unpatched vulnerabilities...

king1 - 2021-07-30 09:48:00

Say if I do a fresh install of XP on a "burner" machine, use it online and it gets infected somehow, will it be a risk for the other machines on the local network?

The other machines are duel booting more modern versions of Windows 7/10, or various Linux distributions which are kept up to date, but they spend most of the time on Linux.

Am I correct in thinking that if a Windows XP machine gets infected, it isn't going to affect the Linux machines as the operating systems are running on a different "architecture"?

tygertung - 2021-07-30 10:49:00

Most likely, but there are so many variables to consider when determining the level of risk, but high on the list will be XP hasn't had updates for many years and has no UAC, and most user profiles had admin rights by default.

I might be inclined to try it with with win 10, but I think XP is just asking for trouble...

As for the last paragraph, it would depend on the payload, a malware could conceivable search the network, find a linux installation and target an attack based on that... likelihood of that, who knows...

although not as common with linux it does happen and is apparenty becoming moreso. I imagine the same rules apply, keep patched and system up to date, don't do anything dumb online...

an interesting read
https://www.forbes.com/sites/daveywinder/2020/11/08/new-rans
omware-threat-jumps-from-windows-to-linux-what-you-need-to-k
now/?sh=3393bcc93265

king1 - 2021-07-30 11:10:00

tygertung wrote:

Say if I do a fresh install of XP on a "burner" machine, use it online and it gets infected somehow, will it be a risk for the other machines on the local network?

The other machines are duel booting more modern versions of Windows 7/10, or various Linux distributions which are kept up to date, but they spend most of the time on Linux.

Am I correct in thinking that if a Windows XP machine gets infected, it isn't going to affect the Linux machines as the operating systems are running on a different "architecture"?

infected machines can effect the network itself.
when the big worms hit, they took down networks including entire usa cable networks. this is because they flooded the network with traffic.
also infected pc's get used in bot networks, or as spam relays or crims using your pc for their business and it gets traced to you.
so you do not want ANY infected pc's on your network.

there is other repercussions and liabilities to consider. for eg there was a company in NZ that almost lost their franchise because their office pc had no protection.

tweake - 2021-07-30 12:46:00

So it would be better to have the test machine on its own internet connection, or ensure all the other machines were powered off whilst the test machine was connected? And then power off the test machine when the other machines get connected?

tygertung - 2021-07-30 13:03:00

I worked in a computer shop in the late 90's early 2000 and it was the always the same people. One women come in angry as her computer had a virus again and why didnt I fix it the first time. I said to her its because your husband is looking at a lot of porn and I can show you what he is looking at. She said its ok and can I please fix it again. Paid me and quietly left.

Edited by sirrab at 6:09 pm, Tue 3 Aug

sirrab - 2021-08-03 18:09:00

theres generally multiple external protections to any computer. Every router I have ever seen in use in NZ has a firewall &/or NAT. Every ISP operates DNS servers which have some level of blocked IP's.
Windows comes with a firewall on by default. (even XP)
Without a user to open up websites, click links, download files theres almost zero chance of getting infected, under normal circumstances.

bitsnpieces2020 - 2021-08-03 22:38:00

How do these firewalls work? If somebody has a 12 year old router, is the firewall still going to be effective, or would it be outdated by now?

tygertung - 2021-08-04 08:07:00

tweake wrote:

i don't think its luck.
simply because an unprotected pc typically doesn't take long before its infected.
you don't actually have to do anything, worms etc will find your pc and infected it.
there still plenty of infected web sites around.

You missed my point. I was commenting on how partisan some people are on their choice of AV. Because they haven't been infected, their product is the best in the world.

The reality being that most AV products would have stopped the hazards they have exposed themselves to; they are prudent enough not to expose themselves to hazards; or in the end, luck.

And, in today's world, a Windows machine is protected by default.

Edited by wembley1 at 8:21 am, Wed 4 Aug

wembley1 - 2021-08-04 08:21:00

tygertung wrote:

How do these firewalls work? If somebody has a 12 year old router, is the firewall still going to be effective, or would it be outdated by now?

firewalls block traffic. you want to hack my ageing printer without any security on my LAN? good luck finding that via NAT when its IP is private 192.168.1.x from the internet. It would require me to poke holes in the firewall and open ports that are directed towards my printers IP.
IPv4 traffic anyway. IPv6 is whole other attack surface.

bitsnpieces2020 - 2021-08-04 08:40:00

even with firewalls, if the OS opens a port and its service is flawed, then that can be a path way in. that certainly has happened and continues to happen.
MS likes to have things open by default to make easier usability, but it comes with risks.
an unpatched system can still be exploited even behind firewalls.

tweake - 2021-08-04 18:48:00

tygertung wrote:

How do these firewalls work? If somebody has a 12 year old router, is the firewall still going to be effective, or would it be outdated by now?

maybe, some old routers have known exploits.
biggest problem is that often the firewall is turned off.
then its relying on the OS firewall.

however the simplest, and most common, way to get around all that is to trick the user to download and run a program that connects to the net, the user allows it through the firewall and then it downloads the nasties.

tweake - 2021-08-04 18:53:00

Surely it would be advisable for one to know what the software actually is before downloading it?

tygertung - 2021-08-04 20:29:00

tweake wrote:

even with firewalls, if the OS opens a port and its service is flawed, then that can be a path way in. that certainly has happened and continues to happen.
MS likes to have things open by default to make easier usability, but it comes with risks.
an unpatched system can still be exploited even behind firewalls.

no.
firewalls are not "app aware" they will allow outbound traffic, and outbound traffic can initiate a response, which is allowed to come in but none of microsofts internet services (ie IIS, FTP, etc) are either enabled by default, or capable of anything but listening. It requires a trojan to 'call home'. Things like DNS for name resolution that need to be configured to talk to external servers, are not installed, running, or configured by default.

bitsnpieces2020 - 2021-08-04 21:42:00

tygertung wrote:

Surely it would be advisable for one to know what the software actually is before downloading it?

Yeah, advisable. But even when you do "know" you can be wrong
https://www.groovypost.com/news/ccleaner-for-windows-hacked-
to-spread-malware-update-now/#:~:text=CCleaner%2C%20the%20po
pular%20file%20clean,researchers%20at%20Cisco%20Talos%20Grou
p.

bitsnpieces2020 - 2021-08-04 21:43:00

bitsnpieces2020 wrote:

no.
firewalls are not "app aware"

software firewalls are app aware.
its only external firewalls that are not.

tweake - 2021-08-05 17:15:00