Good point - I missed in your OP that you don’t run IE.
We don’t either, as a rule. The one site I mentioned, I accessed on my work computer which (at that point) only had IE. On the other site, I don’t recall which browser - it was on our home computer which generally runs Firefox but this may have been pre-firefox as well (it was 3-4 years ago). Occasionally we’ll still run into a site that simply doesn’t work with Firefox and we’ll have to trot out Internet Exploder for that.
Fortunately, in both the cases I mentioned, the antivirus caught the problem before any damage was done.
I would never run a Windows environment without AV protection (plus ZoneAlarm, plus Spybot, plus SpywareBlaster, plus plus plus…). Might as well slut rubberless through the back alleys of Bangkok.
I don’t do windows myself, but from what I have read the mean time from connection to the internet and attack is down to a couple of minutes. Viruses aren’t (from what I have heard) the worst problem anymore. Any unprotected machine connected to the internet over a highspeed connection stands a chance of being kidnapped into a bot network. That would worry me since the bots do illegal things and they might be doing it from my computer. I would rather not have to explain to the nice FBI man/woman that I didn’t know what was happening on my computer.
So, I am not sure how one protects a PC, but whatever is needed should be done by every user.
I run IE, and outlook for my business mail I have AVG installed but I only run it occasionally its disabled at startup. I DO have a router but thats pretty much it since I am running win2k pro.
The system gets imaged every few weeks and any critical business files are backed up to a secure offsite backup provider daily.
I do have some pretty elaborate email rules and I have separate email addys for anything I have to sign up for other than my parts suppliers and regular clients who I do have run AV apps since I cannot control their browsing habits. I have had zero virus/spyware problems ever since my stepdaughter moved out.
Many people confuse windows messenger spam with a virus attack, its not a virus just an exploit of a windows feature to throw you advertising. I full well know there are worms that can hit in minutes but MEAN time not even close. If a computer gets hit that quick you just happened to turn it on as someone scanned that IP addy. Even then most of the stuff that might hit would be repelled by a properly updated machine even with no AV/firewall apps. 75% of the time that I see a trashed virused machine there are 2 common factors. #1 kids, #2 cloned/cracked copies of windows with updates disabled to avoid triggering WGA .
As rbroome said in the rest of this quote; this stat isn’t talking about how long it takes to get a virus, or to get spam.
It’s how long a machine can be connected to the Internet before it starts getting port-scanned by hackers looking for unpatched systems to compromise. According to by own observations, it’s also true, although it will vary somewhat based on your IP range and the day of the week. A firewall and keeping Windows Update up to date will prevent an actual compromise, but that doesn’t mean the port scan didn’t happen (to the firewall, at least).
The root problem (which I’ve also seen more than once) is that if you’re starting from some old Windows XP (pre-service packs) disks, installing XP, and relying on Windows Update through your cable modem (or whatever) to update you to the latest version, the machine will often be compromised before the patching is complete. This happens with people using their original install disks, for example.
Solving it is as simple as placing a hardware firewall or NAT router in the equation, but many, many people don’t have one of those: hence the compromised machines that are SENDING us all this spam. I’m starting to buy cheap routers for everybody whose machine I “maintain,” even if they’ve only got one computer. NAT prevents a wide variety of problems before they can start.
Anti-virus? A good firewall system will keep you mostly safe, as TimeWinder said. (I consider a good router a form of firewall for this purpose).
BUT- that doesn’t stop Spyware. Nor does keeping away from sites you think are “dodgy”- I have had spyware attacks when I was visiting Snopes and other “safe” cites.
There are a few decent free ASW downloads out there. SpywareBlaster for example.
Kaspersky (sp?) is a great overall system if you must be 100% safe.
For gawdsakes, if you don’t use AV, at least use ASW and a good rounter/firewall.
Yes, I do definitely run a firewall, all the time. We installed XP on a machine several years ago and it was infected with an Internet worm before we could install a firewall (that was before XP included one.)
This is, indeed, a security risk but it can be avoided, even if you don’t have a hardware firewall or NAT router, by downloading Autopatcher.
It’s an all-in-one downloadable, automated and customizable installation package for microsoft’s security patches and updates as well as useful addons and utilities like .NET, Flash, java, etc. New versions are released on a monthly basis with several incremental updates per month that make it easy to keep up-to-date.
Whenever I do a fresh install of XP I make sure to download the latest Autopatcher release and burn it to CD before I start. That way I can install XP and run Autopatcher immediately afterwards to bring Windows up-to-date. Only then do I even plug in the network cable.
For those that brag of “zero spyware”, have you actually run an up-to-date spyware scan with a top-flight ASW program? You may well have been infected and not know it.
three bad experiences. (1) we downloaded a disc from FoMoCo . Should be safe. Took 50 computers down in a day and some were never the same again.
Twice at home. Had hard drive slowly break up. Ran scanner and every time a couple more sectors were gone. Then dead hard drive.Its not worth it. Generally info is not recoverable.
I don’t use any antivirus software. I run Windows XP, I keep things updated, and I use Firefox and Thunderbird for everything. I never open any email attachment unless I know exactly who sent it and what it is; the same goes for any executable I download. I do occasionally use the online virus scanner provided by Trend Micro, just to be safe, but it’s never picked up a virus.
I’m behind a firewall and a router, so no external threats for me. Every so often, again out of paranoia, I run AdAware and Spybot to make sure there’s nothing wrong with my computer; outside of an unfortunate Xupiter incident years ago I’ve had no spyware.
If you turn off just about every service running, including sndsrvc.exe, I find that although I cannot pick up emails, or connect to www, I can still go gaming online, through the LAN conn and the broadband modem.
So basically when I do this I have no way of receiving or sending anything to the net, except for game data.
Is this a way of reducing the risk of attracting viruses and nasties and at the same time freeing up resources from hogs like firewalls and AV programs ?
Actually, I don’t care nearly as much about “spyware” as I do viruses, primarily because the definition isn’t very clear-cut. I run spyware detectors occasionally, and they whine about cookies, javascripts, and plugins that are safe and performing their intended (by me) function. In fact, usually they list so many false positives that I just roll my eyes and turn off the detector again.
I’m concerned about MALICIOUS spyware, not every web site that saves it’s password or my shopping cart in a cookie. Until the tools can start making that distinction better, they’re almost useless: I’ve had to clean up after many, many users who used these tools and deleted everything it said to, then were irritated that none of the conveniences of the web were working any more: passwords forgotten, shopping carts emptied, useful toolbars (like Google and dictionary.com’s) deleted, etc.
Sure, you can claim that all those things COULD be used to violate my privacy. But there needs to be a compromise somewhere. Virtually all self-propagating viruses use Outlook’s address boot to propagate, but do we really want our virus checkers to delete the address book (or better yet, outlook itself) and install Eudora? People would have a fit, and rightfully so. But spyware detectors are in exactly that state now: making no distinction with regard to intent.
AVG will no longer support it’s free edition come January. As I’m a cheap bastard, this probably means I will have to use McAfee, which is offered as part of my ISP’s package. This is not my preferred choice.
