How I got infected last time thread

Transhumana

Level 6
Verified
Well-known
Jul 6, 2017
271
My first and last infection was when I downloaded and installed a fake AV. I was still naive that time, you know. :D I only noticed that my laptop was infected because I couldn't click and go anywhere except the screen of the fake AV. I had Avast installed that time, but Avast was silent. But it was weird because Avast detected and deleted it when I ran a boot-time scan. :D

This reminds me of my first and last big infection - delightful rogue Antivirus 2009. :D It managed to squeeze its way through somehow and stay unnoticed by (to be honest, who knows when last time updated) Bitdefender and ZoneAlarm. I had almost zero knowledge on malware or security at the time and all my efforts to make my AV do something against this nasty bugger were useless. Luckily, Malwarebytes saved the day and made my PC usable again. :)
 

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
I got infected by updating CCleaner :-( and because I was one the unlucky people having Swedish text in my Dutch Outlook 2007 (after windows/office update) I lowered all protections trying to figure out what the heck had gone wrong with my Outlook 2007. I am home from nice Canada holiday and the first thing what I am going to do is an image restore.

I know that the chance of winning the lottery twice is very small, and after incidents all processes are updated and improved, so rationally I should reinstall CCleaner, emotionally I am still doubting (have downloaded both latest CCleaner and Wise 365 care but not installed one of them yet).
 

SecretKeeper

Level 3
Verified
Well-known
Dec 25, 2015
120
I was young, I'd say about 7 or 8. I somehow managed to download Zango, I don't remember how I got to it, but I downloaded and Installed it. To those who don't know what Zango is, it's basically adware. Some ads were safe, whereas others were malicious.

AVG, at the time, didn't pick up on it so I immediately thought it was safe to use and run. Until my PC (baring in mind, it was the family one), began to crawl and crash continuously. I managed to do a scan and it detected more than I could bargain for: Viruses, Trojans, the lot. Mother had to call her friend who came over and had to reinstall the whole computer for us. o_O

Probably the first and only time I ran into malware.
 
Dec 25, 2017
2
Thanks for sharing this awesome forum post on how you got infected. It is sad that you lost most of your data on your D:\ drive, but I have a few tips to keep yourself from allowing an infected machine to spread its virus to your computer!

Here I go:

1. Never, ever allow an infected machine to make contacts with the internet (unplug your host machine's ethernet wire/LAN cable or disable the internet via the Network tab in settings.).
1a. If your host machine becomes infected, do the same thing and disable internet.

2. Make sure all shared-folders are read only, or properly deleted.

3. While testing, do not plug-in any removable drive or disk drive.

4. If you are testing on a physical machine, repeat the same steps.

I hope it helped!
If not, call me (reply to this comment).
 

Itachi Sempai

Level 2
Verified
Sep 20, 2017
93
i don't remember last remote infection it was too long ago but the bad one was when one guy send me a file via skype it was exe disguised as a photo... he got my passwords and did some stuff... i remember that infection badly it was 10 years ago... after that i learned what file extensions where and since then i don't open any vulnerable files send to me by anyone

another one was 3 years ago when my friend installed keylogger when he came to visit me and got my password for some game
 
D

Deleted member 65228

8 years ago My system would have been so heavily infected that there was nothing an anti-virus solution could do about it, and I was too arrogant and inexperienced to do anything about it. I wasn't even aware that it was a real "risk". :ROFLMAO::ROFLMAO:

A 10 year old does what 10 year old's do - click-happy trying to find online games. Trying to reach that 8 ball pool page on Miniclip was like going through a tricky maze of rogue redirection's with performance reduction due to the active malware infection's. Then again, I doubt a criminal felt like logging into my 8 ball pool account to win me coins. LOL. Who knows though. :unsure:

We're in 2018 now and awareness about online threats is a lot higher, at-least there's that.
 
Last edited by a moderator:
5

509322

We're in 2018 now and awareness about online threats is a lot higher, at-least there's that.

Yes, there is awareness, but security itself is not given a priority status commensurate with most peoples'\families' computing risk - which for the Average Joe family with kids is quite high. The actual security priority level among the general population is even lower than cleaning the toilet, cleaning out the garbage bin or some other task that people are really averse to do - and therefore just never do for one reason or another.

After you get past the "I don't have time," the usual objections are given - "I don't know," "I don't understand," and "I don't want to pay [for a security soft]."

Like I keep saying, nobody is teaching the general population about IT security. And with Windows it takes more than the basics. Microsoft made it that way.

Security begins with knowledge.

The Average Joes I talk to are bewildered by Windows security. And it has gotten a whole lot worse with Windows 10 instead of getting better. "I know what Windows Defender is, but Windows 10 Exploit Guard, what's that ? What do you mean I have to configure it ? What kind of configure ? I never heard of configure. Is this something new ? When did this happen ? What do you mean ? What do you mean I have to do a registry hack ? What is the registry ? I never had to do that before. Listen, I don't understand any of this. Why is this always so difficult ? Why does Microsoft do this to us ?"

The above exchange is not an exaggeration. The person doesn't even know the difference between configure and configuration. It is typical exchange with an Average Joe.
 
Last edited by a moderator:
F

ForgottenSeer 58943

The actual security priority level among the general population is even lower than cleaning the toilet, cleaning out the garbage bin or some other task that people are really averse to do - and therefore just never do for one reason or another.

If that in some cases.. I always illustrate this with my father in-law.. He spent weeks thinking about and researching what blinds to put in a spare bedroom they were remodeling. He talked to dozens of people, had a designer out, spend hours online. He even asked my wife and I a couple times about our thoughts on blinds, who installed ours, what we thought of them.. My wife got tired of it and said "Dad, I paid someone to come in and do it, that's their specialty, I didn't spend more than a few hours on the issue..".. But security? He heads to Radioshack for a $19 router, spends 15 seconds googling for a free AV and calls it a day. He keeps adding more and more IoT to his home but never spent more than the $19 and 15 seconds on security.

Pathetic.

I do remember the old days where you tossed an AV on your computer and called it a day. I think at most I would run BOCLEAN or Pest Patrol scans here and there, but the basic AV did the job. These days it's a vastly more dangerous landscape with blended environments that drag along blended threats. A guy I know has 83 IoT devices on his home and 9 'Google Dot's', even in the bathroom. I asked what his security was and he said "ASUS Router and AVG". Speechless. Here's a guy with a LOT of money and some decent expertise, and he has a free security solution and cheap router protecting his home that is 100% wired for surveillance? What a joke.
 
  • Like
Reactions: Cats-4_Owners-2
5

509322

If that in some cases.. I always illustrate this with my father in-law.. He spent weeks thinking about and researching what blinds to put in a spare bedroom they were remodeling. He talked to dozens of people, had a designer out, spend hours online. He even asked my wife and I a couple times about our thoughts on blinds, who installed ours, what we thought of them.. My wife got tired of it and said "Dad, I paid someone to come in and do it, that's their specialty, I didn't spend more than a few hours on the issue..".. But security? He heads to Radioshack for a $19 router, spends 15 seconds googling for a free AV and calls it a day. He keeps adding more and more IoT to his home but never spent more than the $19 and 15 seconds on security.

Pathetic.

I do remember the old days where you tossed an AV on your computer and called it a day. I think at most I would run BOCLEAN or Pest Patrol scans here and there, but the basic AV did the job. These days it's a vastly more dangerous landscape with blended environments that drag along blended threats. A guy I know has 83 IoT devices on his home and 9 'Google Dot's', even in the bathroom. I asked what his security was and he said "ASUS Router and AVG". Speechless. Here's a guy with a LOT of money and some decent expertise, and he has a free security solution and cheap router protecting his home that is 100% wired for surveillance? What a joke.

Until security is as simple and as reliable as a wind-up alarm clock for Average Joe, it is never going to work. Never. And that means bringing the overly-complex attack-surface way back down to Earth.

People don't want to hear this and it causes a wide array of spit-flying reactions.

Digital devices and PCs are way too feature-packed for end-user needs. This has always been the case. Marketing versus what people actually need. Remember the VCRs of the days of old ? "Let's market VCRs with 218 button remotes and prominently feature the remotes in all our marketing materials." That's the logic. Pack a huge number of features in that only a handful of technofiles will use, but no Average Joe ever will use and exposes everybody to greatly increased security risks. It didn't matter that people couldn't figure out what buttons 6 though 218 did. All that mattered was that the more buttons there were on the remotes, the more VCRs that flew off the shelves. More buttons = more features. Of course we're not talking about security here, but the concept of increasing features that people don't need. That principle is still at work in the digital device \ PC world.

And as far as a general operating system like Windows, it isn't needed. All that attack surface is absolutely unneeded and a completely preventable security risk.

Use Chromebook.
 
Last edited by a moderator:
F

ForgottenSeer 58943

Every VCR I remember perpetually flashed '12:00', so yes, you are correct.. A bunch of useless garbage and marketing gimmicks.

Agreed on Chromebooks.. I sold a box of Lenovo Win10 Notebooks and replaced them all with Chromebooks. Not a single problem. Not a single complaint. Not a single security worry. Since 'Help Google with this OS' was unchecked the outbound telemetry is infinitesimally smaller than Win10. I couldn't be happier with that decision. So much so, I even bought MYSELF a powerful touch screen 2 in 1 Chromebook and never looked back.

My OCD about reformating/refreshing is satiated.. I just powerwash the Chromebook in 15 seconds each time I feel the urge.. :love:

So yeah, should these people ever ask me about what to buy again my answer is going to always be 'A nice Chromebook'.
 

Brie

Level 10
Verified
Well-known
Jan 1, 2018
493
hi

i just got a popup/malware, a couple of days ago. the malware got through bitdefender TS, voodooshield free, comodo and avira browser extensions and a router with a NAT and SPI firewall.

i only went to sharewareonsale. i got the link from free giveaways on MalwareTips.

i also installed comodo, webapi and avira browser extensions.

if anyone knows how i got this, please tell me.

thanks in advance.
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
hi

i just got a popup/malware, a couple of days ago. it got through bitdefender TS, voodooshield free, comodo and avira browser extensions and a router with a NAT and SPI firewall.

i only went to [edited], which i got the link from free giveaways on MalwareTips. i also installed comodo, webapi and avira browser extensions.

if anyone knows how i got this, please tell me.

thanks in advance.
So you downloaded and installed a free giveaway?
Did you get any prompts from BD or Voodoo, when you installed? If you got prompts, but you clicked through them, that is why. Also, you can often avoid installing the PUPs by selecting custom install, and paying very careful attention to every stage of installation. They try to trick you into installing extra stuff, without you realizing it.
It sounds like you got adware, if it is popping up. It is very common for giveaway software to be bundled with PUPs. Probably nothing serious enough for your browser extensions to block the site.
 

Brie

Level 10
Verified
Well-known
Jan 1, 2018
493
Every VCR I remember perpetually flashed '12:00', so yes, you are correct.. A bunch of useless garbage and marketing gimmicks.

Agreed on Chromebooks.. I sold a box of Lenovo Win10 Notebooks and replaced them all with Chromebooks. Not a single problem. Not a single complaint. Not a single security worry. Since 'Help Google with this OS' was unchecked the outbound telemetry is infinitesimally smaller than Win10. I couldn't be happier with that decision. So much so, I even bought MYSELF a powerful touch screen 2 in 1 Chromebook and never looked back.

My OCD about reformating/refreshing is satiated.. I just powerwash the Chromebook in 15 seconds each time I feel the urge.. :love:

So yeah, should these people ever ask me about what to buy again my answer is going to always be 'A nice Chromebook'.
can you operate a cable modem and/or a wifi on a chromebook?
 
Last edited:

Moonhorse

Level 38
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,728
hi

i just got a popup/malware, a couple of days ago. it got through bitdefender TS, voodooshield free, comodo and avira browser extensions and a router with a NAT and SPI firewall.

i only went to [edited], which i got the link from free giveaways on MalwareTips. i also installed comodo, webapi and avira browser extensions.

if anyone knows how i got this, please tell me.

thanks in advance.
thats very weird, i had webapi installed too and last night i had immunet finding few malware samples, after that comodo noticed something aswell. I just thought the immunet was causing the problem because my forticlient web filter had turned off.

After i had to boot pc because of comodo findings, i just ran computer on like 5minutes and it randomly shut down..

It was pretty late so i was like cba, and did clean install and today morning i re-installed apps i need.

Oh well
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top