FAO: Microsoft Security Essentials lovers...
- Thread starter Nelly
- Start date
Soldato
UAC isn't a security boundary so shouldn't really be relied upon.
Soldato
I remember that one, it got me too
Soldato
Even "safe" websites have been known to serve up bad stuff from time to time and unfortunately malware generally doesn't ask nicely for permission to install.
Associate
Soldato
UAC isn't, no. But Windows NT's security is. And UAC is merely an added convenience on top of that.
UAC simply provides a "split token" that allows an administrator account to operate as a standard user and then partially elevate as and when needed by applications. It also provides cryptographic services by verifying any code signatures on the program you are about to execute which gives the user a greater ability to make an informed decision.
Soldato
That requires an exploit which generally suggests the victim wasn't up to date with their patches.
Soldato
Autoruns, Rootkit Revealer et al? And then there's non direct approaches like listening to what your computer is telling you. Is it running slow? Are apps randomly crashing with no obvious pattern? Has your bandwidth suddenly taken a severe drop? Is the Event Viewer full of suspicious activity? If any of these suspicions seem founded then it takes 5 minutes to boot into a Recovery Console prompt and take a peep at your System32 folder for any strange looking .sys files. Even the most advanced rootkits can't hide themselves if you don't boot from the OS on which they're installed
Generally though if a virus is sophisticated enough then no tool, and certainly not some poxy "anti virus", will be able to detect it. Just look at the Iranians. I'm sure they were running AV on their nuke lab computers but it didn't save them did it?
Associate
Back to basics, when my parents surf the net.. and my dad looks a dodgy site then who's going to protect him? Superman? No, an anti virus program
Soldato
No it won't. An AV cannot provide a consistent and predictable level of security.
Lock your dad's machine down with a standard user account. And set Windows Update to the recommended settings. Remove vulnerable crap like Java JRE, Flash, Acrobat. Job done.
No. We wouldn't have a malware problem if AV protected people. He should be protected from drive-by exploit kits if his system is fully patched.
Patch his OS and set updates to automatic.
Remove Java if installed.
Download latest version of Flash, default option is automatic updates.
Download & install the latest version of Adobe reader or install a superior alternative such as Sumatra.
Install Secunia PSI, let it scan and update any out-of-date software.
Do the above for him to get him going and it'll provide way more protection than any AV.
Associate
My parents live 150 miles away. In the last 5 years they have discovered the internet and love it - but viruses galore. My brother works in IT and says don't bother with anti virus programs, he fixes their machine when it goes wrong. And it goes on.
Mum gets fed up. God knows what Dads looking at.
So anyway, to cut a long story short, I'm fed up with them running into problems with viruses. I Installed Kaspersky on the laptop, and honestly, no problems for a year and a half.
Mum gets fed up. God knows what Dads looking at.
So anyway, to cut a long story short, I'm fed up with them running into problems with viruses. I Installed Kaspersky on the laptop, and honestly, no problems for a year and a half.
Soldato
Just take the situation out of their hands by locking the machine down. Simples.
What OS is this btw? And what steps have you taken to remedy the situation before just reaching for the tin foil hat that is an AV product?
What OS is this btw? And what steps have you taken to remedy the situation before just reaching for the tin foil hat that is an AV product?
Associate
you know I was about to edit my post, they still use Vista.
Associate
Ignorance isn't bliss. That's why I installed Kaspersky on their laptop last year. I'm not an expert. But Updating to an new OS would be a good idea
Soldato
If the security value in verifying image signatures is based on gathering information to make an informed decision, then antivirus software and/or services can contribute to that information.
1. UsefulProgram.exe has a verified signature
2. UsefulProgram.exe has a verified signature and also checks clean against hundreds of thousands of known malware definitions.
The second scenario is logically more informed than the first and can aid decision making in a positive way.
Soldato
Client side or server side?
User education is far more powerful and effective than paying for an AV product and assuming it'll protect them from all ills. Did you sit down and explain about the web, email attachments etc?