antivirus software

Everybody knows the fact that every computer / laptop / smart phone should have an antivirus software. But how efficient is your antivirus software? Is antivirus software serving the purpose?

First up, virus is more a kind of generic word used to describe a vast variety of malware, which are developed everyday in millions of numbers, around the world. Most of these viruses can widespread in a single day. And most of them have very short lifespan; they died before the time they are detected.

antivirus softwareStatistics indicate that antivirus software detects only about 25% of the most popular malware that are emailed to people.

A result from computer forensics and security management students at the University of Alabama at Birmingham which assessed more than 42 different antivirus software clearly indicates that of the total number of viruses that steal the passwords or the remote control trojans, only 24% are detected by these famous antivirus softwares. Pathetic!!

Antivirus softwares are only 25% efficient!!

Having known the bitter fact, it’s time to do something different to prevent viruses.
Two of the preventive measures are:

1. Run as Restricted Windows User

The concept is simple, restricted users are walled off from the guts of the operating system. For example, they can’t insert/update/delete anything in the C:Windows folder. Put another way, the operating system tries to defend itself when a restricted user is logged on. Malware may run once, but it should be prevented from permanently installing itself.

“Restricted” is the concept. In Windows XP the term Microsoft uses is “limited.” In Windows 7, restricted users are referred to as “standard.” Sadly, Administrators are the de-facto standard, and the default, type of user on Windows machines.

In Windows XP it was much more necessary than in Windows 7. In the last year or so, using Windows 7 daily, I don’t think I needed to logon as the administrator once. Both users share the same password.

This is not a perfect defense against malware, nothing is. But you are much safer running as a restricted user. The same goes for OS X and Linux, by the way.

2. Always be skeptical

If you are using an iPad and the Bank of America app says it needs to updated, you can be pretty sure that’s true. But on a Windows machine, when a window pops up claiming that an update is needed to Flash, it’s just as likely to be a scam as the real thing. Windows users are lied to all the time and they need to always keep that in the back of their mind.

Email users are also lied to all the time, a problem not restricted to Windows. Anyone using email, even on a tablet or smartphone, needs to always be conscious of the fact that it is trivially simple to forge the FROM address of an email message.

That email from UPS about a package that couldn’t be delivered most likely did not come from UPS. I personally have gotten a handful of emails claiming to be from my cellphone provider reporting that this months phone bill is $1,200 rather than the usual $70. They look exactly like the real thing (it’s not hard to do) but are a ruse to send victims to a malicious website.

Financial Transactions

So many defensive steps are required of Windows users, that the safe assumption is no one does them all. Working from this assumption, I suggest never doing financial transactions on a Windows computer.

Anyone who doesn’t think their computer is infected, should consider another warning from Perry: malware is frequently invisible and silent. Think Stuxnet and Flame.

FYI, here is a simple and easy approach to add another account to a Windows computer with a single administrator user into one with both an Admin user and a restricted user that preserves the current desktop environment. Assume the existing Windows user ID is ABC.

  1. In the Control Panel, go to User Accounts
  2. If ABC does not have a password, assign it one
  3. Create a new user called ABCAdmin with the same password as ABC
  4. Log off ABC and logon as ABCAdmin
  5. Go back to User Accounts in the Control Panel
  6. Set user ABC to be limited (Windows XP) or standard (Windows 7)
  7. Log off ABCAdmin