Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Methods to avoid getting infected.

Methods to avoid getting infected. 7 years 10 months ago #28923

  • skepticals
  • skepticals's Avatar
  • Offline
  • Expert Member
  • Posts: 783
  • Karma: 0
I have already switched one of my machines to Linux because I am sick of getting infected. I would switch my main PC as well; however, I need to run the Adobe Suite and I do not think it will run well in a Virtual Machine.

I know I should already know methods - which I do - but, I am generally too lazy. I keep getting burned and need to make some adjustments.

1) Will running as a non-administrator in Windows XP really help stop a Virus? I had some strand of Vundo and it infected almost every system file on my machine.

2) I tried firewalls like Comodo, but hated it because it prompted me to do every little thing.

3) Anti-virus - I was using Avast and it didn't do crap. I showed that the files were infected, but could not repair them.

4) How helpful would using system restore be?

What do you people do?
The administrator has disabled public write access.

Re: Methods to avoid getting infected. 7 years 10 months ago #28925

  • KiLLaBeE
  • KiLLaBeE's Avatar
  • Offline
  • Expert Member
  • Posts: 466
  • Karma: 0
1. What some viruses do is try to run as the logged on user and try to bind themselves to system files and cause havoc. Being that non-admins can't modify system files, running as a non-admin will help prevent the malware from doing damage to system files (since non-admins won't have access to the files). The same applies to other functions that non-admins can't do.

2. I know S0lo loves AVG (or maybe Avast...forgot which one)...maybe he'll spot this post and tell you how great it is better. I use AVG but rarely pay much attention to it...I simply play safe on the Net and rarely have problems.

3. I'd suggest trying a commercial AV solution but I'd like to see solid tests that show that commercial AV solutions are better than free solutions before I suggest that.

4. It depends on the virus. I've noticed several that users have gotten at work also infect files in the system restore directory. We use Norton and it usually is good with cleaning them out.
The administrator has disabled public write access.

Re: Methods to avoid getting infected. 7 years 10 months ago #28931

  • skepticals
  • skepticals's Avatar
  • Offline
  • Expert Member
  • Posts: 783
  • Karma: 0
Thanks for the reply KiLLaBeE. That's pretty much what I was thinking. I need to way the pros and cons and the annoying factor of not being an admin. I was also thinking I could run any shady software in a VM first to see if it causes any havoc.
The administrator has disabled public write access.

Re: Methods to avoid getting infected. 7 years 10 months ago #28932

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
What do you people do?

Here is what I do, much of it might sound trivial though.

1- Immediately after formating and installing Windows OS I turn on the windows firewall before connecting the PC to the network. This is the most important part that many fellow IT forget to do. Since many viruses now a days use some ports (That are open by default after a fresh Win install), and since the updates have not been installed yet to patch the holes. The firewall will close those ports wither or not your system is patched.

I find the built-in windows firewall very convenient. It doesn't nag on every net access, only server (inbound) access prompts you to confirm it.

2- Install a decent AV and keep the auto-updates ON. Yup as KiLLaBeE said I find the freeware AVG very good. But not excellent, I have seen it slip a new virus. But if you keep the auto-updates on, sooner or later it spots the virus. I believe Smurf uses Sophos. I used to like NAV (Norton/Symantec) but not any more, too heavy. My work place is using TrendMicro and I can tell you so far so good.

3- Install the newest service pack then all critical windows updates. Make sure you put auto-update ON. I prefer to schedule it to automatically install them at 3:00AM

4. I'd keep Spybot there.

Once you reach this point, you are locked in the secure area. The 3 biggest threats that might infect you now are:

1. Opening attachments that your not sure of.

2. Using other people's USB flash drives. I can't avoid that so I'll always manually update my AV before inserting the flash, just to make sure.

3. Mis-configuring the firewall. Keep an eye every now and then on the open ports and programs allowed. I find it quite surprising how this list expands. Every time you click the (Unblock) button a program/port is added to the allowed list.

Add to this, every time I install a new software (that I'm not sure of), I manually check the list of auto-start programs in those registry keys:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

This is not perfect or complete. It's just what I do.
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.

Re: Methods to avoid getting infected. 7 years 10 months ago #28942

  • skepticals
  • skepticals's Avatar
  • Offline
  • Expert Member
  • Posts: 783
  • Karma: 0
Thank you for your thoughts! I am giving AVG a try. I have used it in the past, but switched to Avast - I think it's time for something new. I will start using the built-in firewall too.
The administrator has disabled public write access.

Re: Methods to avoid getting infected. 7 years 10 months ago #28943

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
No probs. By the way, if you happen to suspect a file being a virus and your AV states it's not. You can scan the file online using 39 well known anti viruses. Here: www.virustotal.com/
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.083 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup