Over in GQ, I have been chronicling my battle with the loathsome virtumundo virus. And it got me thinking…
For one thing, most of the time it spends scanning is in programs that never get infected. I have Flight Simulator X on my system, and that is probably half the scanning time.
What about this.
Three partitions, one for OS and Vital Applications, one as a copy of that, and another partition entirely for huge gaming apps like FSX?
That way, in case of infection, the boot partition could be nuked, and restored from plan B?
Many programs that scan your drive, allow you to select drive letters to scan, but not directories, either to include or, ideally, to exclude.
The malware infects the backup partition and then what?
Difficult to put too much heavy security on it like encryption as that makes it harder to copy it during the restore stage. (You’d need a booting OS to get get to it.)
But someone could do an all-in-one boot CD that decrypt’s, copies, etc.
Note though that the backup partition would need to be regularly updated.
And of course, the malware could just corrupt the backup partition and be done with it.
It could also modify programs on the other partition as well.
You could create two accounts for yourself on the computer, one with administrative rights and one without. When you aren’t installing software, use the one without administrative rights. That way you may be unable to install things you wouldn’t have known you’re installing and wouldn’t have wanted to.
You can keep your data files on a separate disk, ideally a networked fileserver with a non-Windows OS. That’s what I do at home. The only places I ever save things are my X:, Y: and Z: drive. Z is most of my stuff and I’m the only one with access. Y is a drive common to all the users in our house, for sharing things. X is just for backup. Z and Y are partitions on one physical drive, and X is on another drive located in a separate room.
You could always try something like the schools where I went to school used. It was called “Deepfreeze” and it allowed you complete control of the computer, and could make any changes you wanted. However, on reboot it loaded an readonly backup. A certain key combination or boot method could allow you to make permanent changes, and I believe you could set directories or patitions that wouldn’t be effected at all.
its not free, but it could be just what you are looking for.
I have friends whose family entertainment computer is used by a bunch of their kids & friends, from youngsters to teens, who visit unsafe websites, download unknown files, etc. And with little regard for parental warnings, or even the previous problems they have suffered. They’re kids!
A solution they have found is a usb-attached hard drive, onto which they have cloned the entire hard drive in the machine, at a time when they knew it was clean. This is their backup/restore drive, used to restore the system if (really, when) it becomes infected & unworkable again. But other than that, this usb hard drive is kept locked away, in the parents office.
And a big part of their procedure is that the usb hard drive is NEVER plugged into the computer unless the Internet connection is unplugged. And it is unplugged before reconnecting to the internet.
This seems to have worked for them for a while.
The computer still gets infected at times, or course, but they can fairly easily restore it to a clean, working condition. Sometimes data on the machine is lost, so your latest conquests in games, or downloaded ringtones, etc. are gone – well, that’s just the cost of disregarding parental advice about safe computing. (The important family records, financial info, etc. are kept on a different computer. An older one, too slow to be used for games.)
You might consider that. Not really a way to avoid disaster; rather a quicker way to recover from a disaster.
Hard drives are cheap. Get a couple. Clone the entire hard drive once a week and then unplug the backup hard drive. Lock in a bank safety deposit box if you have really really important stuff and in another location if it it moderately important. Put it in a fire proof box in your hidiey hole place at home or just leave it laying around. As long as it is unplugged, the bad guys online can’t mess with it.
I can clone 80 Gigs of info in less than an hour. You got 5 terra bytes, let it run over night. Weekly house cleaning… Got to do it or cry later.