Reformat hard-drive and install Ubuntu 10.10
Run Windows in a VirtualMachine.w/ backups.
If it ever gets corrupted, pull out a copy of a previous Virtual Machine backup.
If you ever worry about viruses,the only way to run windows is in a VM. It is like going out in the rain fully protected in a rain coat.
Most users aren't going to want to run linux and then install windows inside of that. It's just asking too much. VMs are susceptible to malware anyway so why run windows in virtual? Sure, you can create and image and re-image when needed but why not image a windows host instead? A host is faster rather than running a guest in a VM. Simple: image your drive and make a couple of copies of it.
Education on how and where to surf and what to download and not download is far better. That in itself is a challenging task to tell users as well.
I run MS Security Essentials (free, highly rated by independents) and use Firefox with AdBlock Plus for any "risky" browsing. Scans with MalwareBytes and AdAware every 6 months result in no infections.
Education on how and where to surf and what to download and not download is far better. That in itself is a challenging task to tell users as well.
x2
I run Microsoft security essentials, windows firewall, and the firewall built into my router. Firefox x64, adblock plus. Spybot and MSE run scans every night, and every couple months I run malwarebytes. Very rare that I get a virus, even with visits to some not so friendly sites...
M$SE, MBAM, WinPatrol, Win 7 Firewall and Router Firewall. All that plus some common sense and I'm happily virus free.
My dad just got infected by Win 7 Home Security 2012 - I had it blasted away in less than 30 minutes, mainly b/c his laptop HD was a 5400 rpm drive and MBAM took 25 minutes just to scan the entire thing....
Oh, did I mention that I am an old school official beta tester of MBAM as well as Symantec Security products? I probably should...it should help put some of my commentary in a new light.
Device(s): Galaxy S3 (Verizon)
Evo 4G - retired/rooted
Carrier: Verizon
Thanks: 3,023
Thanked 1,721 Times in 1,162 Posts
Quote:
Originally Posted by andruoid
Most users aren't going to want to run linux and then install windows inside of that. It's just asking too much. VMs are susceptible to malware anyway so why run windows in virtual? Sure, you can create and image and re-image when needed but why not image a windows host instead? A host is faster rather than running a guest in a VM. Simple: image your drive and make a couple of copies of it.
True, but most virtualization software allows for snapshots, which restore much faster than if you were to restore an image of the host.
Oh yeah, hosts are much faster... especially on my old hardware
Quote:
Education on how and where to surf and what to download and not download is far better. That in itself is a challenging task to tell users as well.
Most users aren't going to want to run linux and then install windows inside of that. It's just asking too much. VMs are susceptible to malware anyway so why run windows in virtual? Sure, you can create and image and re-image when needed but why not image a windows host instead? A host is faster rather than running a guest in a VM. Simple: image your drive and make a couple of copies of it.
Education on how and where to surf and what to download and not download is far better. That in itself is a challenging task to tell users as well.
I never surf on Windows natively. It is either in a VM or I use something else. In fact, it is a household policy.
You can have a hardware firewall, another software installed on the host, and MS Security Essentials, disable all javascript and still be at risk. Sure, block every single port except 80 and 445, and you'd still get infected.
There was a zero day exploit that lasted over 90 days last October before Microsoft was able to contain it. The Duqu zero-day exploit was an inherent flaw in the true-type font engine that could latch itself to the kernel. We have these boot-kit attacks that go un-detected by many of the up-to-date virus software like AVG. They couldn't even detect an infected Word document.
How does Duqu infect computers? Can it spread via USB devices?
In the cases we have analysed, Duqu infects a computer through a targeted attack involving a Word document which exploits the CVE-2011-3402 vulnerability. This is a 0-day vulnerability in the Windows kernel component Win32k.sys which allows the attackers to run code with the highest privilege level , bypassing pretty much most of the protection mechanisms from Windows or security software. According to our knowledge, Duqu is the only malware using this vulnerability to infect computers. All Kaspersky Lab security solutions detect this vulnerability under the name Exploit.Win32.CVE-2011-3402.a as of November 6, 2011.
When was this threat first spotted?
The first Duqu attacks were spotted as early as mid-April 2011. The attacks continued in the following months, until October 18, when news about Duqu was made public.
Since the payload is carried out through a true-type font. You can now browse websites where CSS embeds fonts as part of the HTML5 spec. So basically, no firewall is gonna examine a font for infection (well, they haven't done it before since Duqu).
It was sitting in the wild (April 2011) and Microsoft wasn't able to get a patch out until Dec 13. . Who knows how many variants have mutated.
Do you know what a boot kit is? It goes resident into bios and loads up at boot. The NT (Windows 7) kernel can't even detect it and hence, no anti-virus, malware app is gonna help you. It even effects 64-bit kernels of Windows. It loads up before the operating system.
Here is one that 148k and totally bypasses UAC. (A locked down, non-admin user can infect your system)
All the education in the world isn't gonna help when you get work files and all the software virus scanning isn't going to help when you get a zero-day exploit that has been sitting in the wild for 90-180-360 days un-detected and un-patched. It is like a ticking zombie time-bomb ready to execute code.
Last edited by mrspeedmaster; January 16th, 2012 at 10:46 AM.
Wow, and here's me with maybe 20 years online using Win3.1, Win3.11, Win95, Win98, Win2000, Windows XP and now Windows 7, as well as OS/2 as my primary OS for some of that time, and I've yet to pick up a virus or malware infection. Guess I must just be lucky.
Yes I use AV software, yes I've got a well-configured firewall in my router, but there's also no substitute for common sense and good practice. That applies whatever your chosen platform/OS.
Reformat hard-drive and install Ubuntu 10.10
Run Windows in a VirtualMachine.w/ backups.
If it ever gets corrupted, pull out a copy of a previous Virtual Machine backup.
If you ever worry about viruses,the only way to run windows is in a VM. It is like going out in the rain fully protected in a rain coat.
As posted elsewhere, this is what I do as well, although sometimes use OS X as the base system.
Quote:
Originally Posted by andruoid
Most users aren't going to want to run linux and then install windows inside of that. It's just asking too much. VMs are susceptible to malware anyway so why run windows in virtual? Sure, you can create and image and re-image when needed but why not image a windows host instead? A host is faster rather than running a guest in a VM. Simple: image your drive and make a couple of copies of it.
Education on how and where to surf and what to download and not download is far better. That in itself is a challenging task to tell users as well.
Depends on your needs. Sandboxing is the ultimate protection.
A good malware strategy is the next best thing. Sandboxing is for people who don't have the time to mess with other strategies, and need guaranteed environments.
My sandbox machines don't get infected because they're only used to run the virtual machines.
And as for running slower in a VM - not always.
Last edited by EarlyMon; January 16th, 2012 at 04:52 PM.
Slug, I have similar experience, 13 years online have had maybe 3 viruses in the first 4 years, nothing since.
MrSpeedMaster, I know all that info would be great in a critical environment but for my laptop and home network, no thanks. Best thing I have purchased is a router that has IPS sigs updated regularly which is potentially helpful for zero-day anomalies. It also has a 2nd CPU to do the packet inspection so the network doesn't slow down. Nothing is 100% but at least this solution doesn't tie up resources on my system.
As for ultimate protection, unplug or kill the WiFi. ...but then what is the point in that? ;-)
Best is free!! This is the first time in 20 or 23 years that I don't have to buy any anti-virus software. I currently use the Norton Security Suite (same as Norton 360 but without the online backup/storage). I get this Norton software free with the Xfinity-Comcast cablemodem subscription (I have half a dozen computers installed with it).
I've tested Symantec's stuff for a long time, and their consumer grade software has never been as up to par as the corporate stuff. Now, even he corporate stuff has gone down hill, b/c they started adding 'features' like antispyware, etc.
In the old days, if I had a centralized server for getting definition updates pushed to a client, and the client could not connect to the server for whatever reason, as a backup it would connect online to Symantec to get updates. Now, not happening - or, at least, last I looked, not as easy to set up, if there is such an option.
So, I parted ways with Symantec and when M$SE came out that cinched it.
Device(s): Three Chinese Androids: Kliton I806LS, Lenovo P700i, Ampe A76
Carrier: China Mobile, China Telecom.
Thanks: 1,375
Thanked 1,171 Times in 825 Posts
Quote:
Originally Posted by mrspeedmaster
I never surf on Windows natively. It is either in a VM or I use something else. In fact, it is a household policy.
You can have a hardware firewall, another software installed on the host, and MS Security Essentials, disable all javascript and still be at risk. Sure, block every single port except 80 and 445, and you'd still get infected.
There was a zero day exploit that lasted over 90 days last October before Microsoft was able to contain it. The Duqu zero-day exploit was an inherent flaw in the true-type font engine that could latch itself to the kernel. We have these boot-kit attacks that go un-detected by many of the up-to-date virus software like AVG. They couldn't even detect an infected Word document.
Since the payload is carried out through a true-type font. You can now browse websites where CSS embeds fonts as part of the HTML5 spec. So basically, no firewall is gonna examine a font for infection (well, they haven't done it before since Duqu).
It was sitting in the wild (April 2011) and Microsoft wasn't able to get a patch out until Dec 13. . Who knows how many variants have mutated.
Do you know what a boot kit is? It goes resident into bios and loads up at boot. The NT (Windows 7) kernel can't even detect it and hence, no anti-virus, malware app is gonna help you. It even effects 64-bit kernels of Windows. It loads up before the operating system.
Here is one that 148k and totally bypasses UAC. (A locked down, non-admin user can infect your system)
All the education in the world isn't gonna help when you get work files and all the software virus scanning isn't going to help when you get a zero-day exploit that has been sitting in the wild for 90-180-360 days un-detected and un-patched. It is like a ticking zombie time-bomb ready to execute code.
Funny that, I've been using Windows for 21 years now, never had a problem. Maybe I'm lucky as well?
__________________
The People's Guide to Android in the People's Republic.
Honorary Grand Poobah Shenzhen University English Corner. http://welcometomychina.tumblr.com/ There are nine million bicycles in Beijing.
There are nine million Androids in Shenzhen.
The Following 2 Users Say Thank You to mikedt For This Useful Post:
I run MSE and a handful of other programs, behind both software and mechanical firewalls. I also browse using a fairly secure browser like Chrome. I keep my windows usage to safe sites and do all my risky web surfing on Linux or Mac rigs (both behind firewalls and also on secure browsers, but with no particular security software.
I feel like 'best AV' is kinda subjective. Everyone has their personal preferences for anti-virus software. Personally, I love my Avira Premium subscription. If I had to pick a free version, it would be MSE. I also swear by Spybot S&D and Malwarebytes.
It's ultimately up to you. We can give you some suggestions as to where to look and what to choose, but whether or not you desire to spend $ will be up to you.
__________________
I talk to corporate like a BAWSS!
what is the best antivirus for my windows pc ?
I think kaspersky is the best
