I have twice managed to pick up infections, the first time due to my actions, and quickly resolved by my antivirus. The second time though...
So, sometime about a year ago I inserted my flash drive into an infected computer and picked up a rather nasty virus. Yes, I know -- I've heard them all. Fortunately I had a solution on hand -- the antivirus on my laptop picked it up immediately, and I managed to track down and remove it from a computer I had infected and the original infected machine. No real harm done, just a nuisance.
But today I clicked on a link from a comment in a technology blog -- and clearly this indicates trouble, because what was I doing trusting a post in a comment? And it was also dumb because my whole reason for clicking was that I wasn't quite sure how the (bot-generated) fake comment related to the original topic. Still, to blame me is to ignore that this was arbitrary code that I in no way authorized, that took over my computer without any intervention from me. That is a broken operating system, without doubt.
But I digress.
I noticed the page taking a while to load, and the tab flashed a couple times--also a "java loading" splash screen had appeared, which I've never seen before, so I closed it quickly. I then got a little security notice down by my clock and immediately forced-off the power. Still, when I booted into safe mode, windows security popped up and told me I had no antivirus and I should install "them." And then another warning, and another. All fairly authentic looking, from a slight distance.
That's all it take to compromise my computer now? I'm genuinely amazed, and somewhat disappointed in Firefox and Vipre both. I'll be re-imaging my machine, and then scanning all my documents thoroughly. I'm also adding no-script to my standard extensions. And recommending Ubuntu to anyone who'll listen.