Thinking about Vista

[CU]

It is my under standing that UAC would prevent anything from installing without me clicking OK correct? Recently I have been getting hit by viruses/malware while using Firefox. I never see anything install, but it downloads and installs through Firefox. Granted I am visiting the darker corners of the internet, but still. I am thinking about installing Vista64 if UAC will prevent this type of attack. Actually to me it sounds like UAC would stop any and all viruse/malware unless I am dump enough to click OK and tell the OS to install it.

Before I install it I would like to image/clone my C:\ (basically OS only), so if something goes badlly with Vista I can jump back to XP. What is the difference between imaging and cloning? What do you recommend to use that is free for this? Basically I just want my C:\ to become a file that I can later restore if needed to C:\.

Does 30gig sound like a good C:\ (OS only) partition size for Vista?

Thanks.

 

[pugh]

This is your problem right here. "I am visiting the darker corners of the internet"

Until you curtail this it wll continue. You could do some things to help by having the right programs installed to alert you and hopefully fix the infections.

Or you could stop visiting the sites that infect you and have a healthy system.

In vista you will still catch things. Make no difference.

 

[CU]

I plan to reduce my amount of exploring on the internet and spend more time gaming. I also plan to use AVG and Windows Defender now. I already have and plan to keep Malwarebytes installed as it seem pretty good at removing things. Nothing has every gotten me until recently. A few weeks back I got hit twice by AntiVirus XP 2008, and removed it. Last night I got hit by a ton of stuff all at once, that I am still working on getting off. See post for details on how that's going.

How will things get installed in Vista without a UAC prompt? I thought that was the point of UAC. Am I missing something?

 

[Crusty]

UAC will only stop the malicious programs if you use it correctly. Aside from your initial setup of applications and windows install you shouldn't be getting UAC prompts regularly, and when you DO get them take care to actually read what it's stopping. Running as a User account instead of Administrator will further segregate your actions from the OS.

UAC is different from other protections in the fact that it does not matter what kind of threat or attack the malicious software is employing(unless it's using an actual flaw in UAC), UAC will prevent it. Whereas AV scanners/spyware scanners have to rely on definitions and heuristics in order to stop/prevent the threats. Running your computer naked with UAC is better then running it naked with an AV scanner. A good security solution for a PC requires proper use of UAC, using limited rights user accounts, and regular scans for spyware and viruses. After all of that, it's still up the user in the end to allow malicious programs to run which is why I recommend using AV/spyware scanners in addition to UAC.

 

[bsobel]

UAC is going to prevent persistent changes to the system, but not browser infections that live until your next reboot (for example)

 

[CU]

I plan to use a non Admin account. And, if I am browsing the web and a UAC pops up, trust me I will read it and only click OK if I know I triggered it on purpose and want to install something. Most apps will run without being Admin right? If not can you do a runas Admin or something and give it a password, for a known app of course?

 

[Mem]

Vista x64 with UAC enabled and better anti-virus software then AVG will help,I recommend Avira which is a far better AV then AVG, you can disable the splash and popup for Avira too via google search..

Personally I do find my Vista x64 a lot better then XP spyware wise etc...infact I no longer worry about spyware/viruses etc mainly because I use good user habits like UAC enabled,Spywareblaster and Avira with my router etc...common sense when browsing goes a long way too.

30GB I think is a bit small,you got SP2 coming down the road etc plus whatever else you decide to use in Vista, personally I would go for a bigger partition,best to have it larger then too small.

 

[Crusty]

Originally posted by: CU
I plan to use a non Admin account. And, if I am browsing the web and a UAC pops up, trust me I will read it and only click OK if I know I triggered it on purpose and want to install something. Most apps will run without being Admin right? If not can you do a runas Admin or something and give it a password, for a known app of course?

Yep, sounds like a good plan. There are some applications that still require admin rights, Visual Studio .NET for example, but for the most you shouldn't have to worry about that

 

[CU]

So a browser infection could just live in ram and send any information from your computer they want, to whoever, until you reboot? Are there known browser infections that do this and do they infect Firefox? That is certainly a short coming of UAC I didn't think of.

 

[CU]

Originally posted by: Mem
Vista x64 with UAC enabled and better anti-virus software then AVG will help,I recommend Avira which is a far better AV then AVG, you can disable the splash and popup for Avira too via google search..

Personally I do find my Vista x64 a lot better then XP spyware wise etc...infact I no longer worry about spyware/viruses etc mainly because I use good user habits like UAC enabled,Spywareblaster and Avira with my router etc...common sense when browsing goes a long way too.

30GB I think is a bit small,you got SP2 coming down the road etc plus whatever else you decide to use in Vista, personally I would go for a bigger partition,best to have it larger then too small.

Will try out Avira. Might help my current XP infection. Does the free version do realtime protection like AVG? Should I remove AVG before installing it?

50gig sound OK then? I don't plan to install anything on C:\ besides the OS and things that have to go there, codecs etc.

 

[pcslookout]

You should try running sandboxie as well in Vista 64 bit while you are surfing the internet on firefox. That way if something does infect you it will be within the sandbox and once you close that out your main system won't have been compromised.

Do this with all applications to first make sure you like them or the source was safe. It will save you in the long run.

 

[Mem]

Will try out Avira. Might help my current XP infection. Does the free version do realtime protection like AVG? Should I remove AVG before installing it?

50gig sound OK then? I don't plan to install anything on C:\ besides the OS and things that have to go there, codecs etc.

Avira has a realtime scanner (Avira guard),I would remove AVG before installing Avira,also 50GB should be fine.

Don't forget do a full AV scan with Avira after its updated,never know what it might catch that AVG missed.

 

[Arkaign]

Step 1 : Get Ubuntu : http://www.ubuntu.com/

Step 2 : Burn to CD

Step 3 : When feeling desire to be utterly careless on the internet, boot to Ubuntu on your CD, no install necessary. Not only will 99%+ of malicious things be unable to affect ubuntu/*nix, but even if it did, your HDD/Windows can't be affected, unless you mount the volumes inside Ubuntu.

Step 4 : When done, reboot to Windows.

 

[Crusty]

Originally posted by: Arkaign
Step 1 : Get Ubuntu : http://www.ubuntu.com/

Step 2 : Burn to CD

Step 3 : When feeling desire to be utterly careless on the internet, boot to Ubuntu on your CD, no install necessary. Not only will 99%+ of malicious things be unable to affect ubuntu/*nix, but even if it did, your HDD/Windows can't be affected, unless you mount the volumes inside Ubuntu.

Step 4 : When done, reboot to Windows.

Why bother rebooting, just use a virtual machine if you want to go that route.

 

[CU]

Thought about a LiveCD. Although I don't want to have to reboot, and may want to download and keep something. Also just thought it was time to move to Vista anyway.

 

[CU]

A virtual machine with a virtual HD to store stuff would work. I may do that instead of Vista, not sure yet.

 

[Mem]

CU, link here for Avira pop up disabling. .

As to splashscren,

In order to turn off the AntiVir splash screen, please follow these steps:

1. Start the Windows registry editor (Start -> Run -> regedit)
2. Under \HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ click on avgnt
3. Add the parameter /nosplash (Windows 2000/XP) or -nosplash (Windows Vista) to this entry

The splashscreen will no longer appear during startup and AntiVir will start in the background.

link.

 

[Griffinhart]

Originally posted by: pcslookout
You should try running sandboxie as well in Vista 64 bit while you are surfing the internet on firefox. That way if something does infect you it will be within the sandbox and once you close that out your main system won't have been compromised.

Do this with all applications to first make sure you like them or the source was safe. It will save you in the long run.

Also, IE7 is sandboxed while UAC is turned on.

 

[CU]

Originally posted by: Griffinhart
Also, IE7 is sandboxed while UAC is turned on.

Really. So even if you tell UAC it is OK to install something like a ActiveX control it still want change your system? How would that work? What if you want IE7 to install something that would change your system like installing an ActiveX control?

 

[realredpanda]

are you not using adblock with firefox?

 

[CU]

No, believe it or not I am the one Firefox user that doesn't use any plugin's. Would adblock prevent malware/viruses?

 

[Mem]

Originally posted by: CU
No, believe it or not I am the one Firefox user that doesn't use any plugin's. Would adblock prevent malware/viruses?

I don't use adblock either in Firefox if it makes you feel better .

 

[Arkaign]

Originally posted by: Crusty

Originally posted by: Arkaign
Step 1 : Get Ubuntu : http://www.ubuntu.com/

Step 2 : Burn to CD

Step 3 : When feeling desire to be utterly careless on the internet, boot to Ubuntu on your CD, no install necessary. Not only will 99%+ of malicious things be unable to affect ubuntu/*nix, but even if it did, your HDD/Windows can't be affected, unless you mount the volumes inside Ubuntu.

Step 4 : When done, reboot to Windows.

Why bother rebooting, just use a virtual machine if you want to go that route.

Serious question, is the VM fully insulated from the host OS?

 

[pcslookout]

Originally posted by: Griffinhart

Originally posted by: pcslookout
You should try running sandboxie as well in Vista 64 bit while you are surfing the internet on firefox. That way if something does infect you it will be within the sandbox and once you close that out your main system won't have been compromised.

Do this with all applications to first make sure you like them or the source was safe. It will save you in the long run.

Also, IE7 is sandboxed while UAC is turned on.

Yep but this is only for your browser. I am talking about for applications as well if you not sure you can trust the source. For example download.com, etc. I remember a while back people got a virus from there. You can even get a virus from a game cd or dvd you bought.

 

[Crusty]

Originally posted by: Arkaign

Originally posted by: Crusty

Originally posted by: Arkaign
Step 1 : Get Ubuntu : http://www.ubuntu.com/

Step 2 : Burn to CD

Step 3 : When feeling desire to be utterly careless on the internet, boot to Ubuntu on your CD, no install necessary. Not only will 99%+ of malicious things be unable to affect ubuntu/*nix, but even if it did, your HDD/Windows can't be affected, unless you mount the volumes inside Ubuntu.

Step 4 : When done, reboot to Windows.

Why bother rebooting, just use a virtual machine if you want to go that route.

Serious question, is the VM fully insulated from the host OS?

Yes, the only impact the VM will have on the host OS is a flatfile that is the binary representation of the entire VM. You are still open to a virus that will exploit across local networks, but installing spyware in the VM will not install the same spyware in your host OS. As far as the operating system running in the VM is concerned it's sitting on a full dedicated piece of hardware.