Author Topic: How to prevent your pc from 90% of all malware in 30 seconds  (Read 10642 times)

Admin

  • Administrator
  • Sr. Member
  • *****
  • Posts: 456
How to prevent your pc from 90% of all malware in 30 seconds
« on: November 14, 2013, 04:11:51 PM »
The single most important factor in your system's security is still your online behavior.

If you open email attachments that you didn't ask for, or click on links to collect the million dollar cash prize you just won in a lottery you didn't enter, no one on this planet can help you.

Also, if you're running your OS with administrator-privileges, malware can mess you up even if you don't click bad links, especially if your router (aka hardware firewall) is not set up properly.

They key factor is admin-rights. Malware can't spread, gather information or send it to someone else without admin-rights. You don't need them for everyday computer work - just for installing, removing and configuring applications and system settings.

According to Secunia, the average user installs 2 new programs every year. That means that, if you don't use a user account with admin-rights, you'd have to enter your admin-password twice a year. Or whenever you're going to modify system files. I hope that wouldn't be too much of an inconvenience for you.

How to set up a user account that doesn't have admin-rights when you are using the standard account you created at setup:

Symbols:
-> means user interaction, usually a left click
"" content in between is the name of the actual button you should press

    -> Start -> Control Panel -> "Add or remove user accounts"
    -> "Create a new account" -> choose a name and check "Administrator" -> "Create account"
    You're back at the Manage accounts window. Click on your newly created admin account -> "create a password" -> enter password and password hint -> "Create password" -> "Manage another account"
    You're back at the Manage accounts window. -> chose the old account you used so far -> "Change account type" -> check "Standard user" -> "Change Account Type".
    Sign off or restart your computer.


You're done, that's it. A high percentage of all malware that exists now has no chance to ever compromise your system from now on.

Congratulations!


sgbotsford

  • Newbie
  • *
  • Posts: 4
Re: How to prevent your pc from 90% of all malware in 30 seconds
« Reply #1 on: November 12, 2016, 04:51:50 PM »
I get asked for my admin password a LOT more often than twice a year:

*  Every time I install a new software package, or an update.
*  Every time I install an operating system update.
*  Every time I add, change or delete a user other than myself.
*  Every time I run wire shark.
*  Every time I change network preferences.

And that is from admin account on my Mac.

Your advice is sound for windows machines, especially older versions of the operating system that are no longer under active support.

If you are *really* concerned about malware:

From a fresh format-the-disk-first install:
*  Install verified patches from another local network server to get the OS up to date.  Ideally you can trace the pedigree of these patches back to the vendor, and have a clean MD5 sum on them computed on a a different platform.
*  Install virtual box
*  Install a copy of  your preferred OS in VB.
*  Get it up to date.
*  Change it to immutable.

THAT is what you use to surf the internet.