How many times do you guys reinstall Windows???

[mdchesne]

every 4 months. seems like I need to. and yet, no matter what I do or don't do, I still get crap on my system I never installed. system slows to a crawl due to registry overflows, msconfig random programs, etc. I miss my mac

 

[nweaver]

Originally posted by: dnuggett

Originally posted by: BikeDude

Originally posted by: dnuggett
I've always wondered how people have the time to go through the registry etc. to determine if they have been hit by a virus when running an antivirus is much easier. Or is it they that don't know, and assume since the machine is running ok that there isn't a virus? Rhetorical question BTW...

Cute.

But: What do you do when faced with a brand new virus? You're the first person hit; Now what? Your AV is dead in the water. All it does is provide you a false sense of security.

I scan from time to time (using Housecall). Never found anything.

netstat and process explorer are your friends. AV is just for show. First identify the target vectors, THEN figure out if AV is really worth it. I've certainly seen more AV related problems rather than virus-related ones!

Cute? What do you think the percentage chance of being the first one hit by a virus is?



What's even better is you assume that virus is going to show up in the process explorer, now thats a good one. Do you honestly think it has to? Be careful how you answer, you may just being throwing one of your methods out the window. Or you may just be confirming you aren't really sure how a virus can mask itself. Either way....

Will you will be looking at netstat 24/7 to stop an attack? Or is your computer only on when you are on it? Do you do a data verification on all data down/uploaded?

Netstat is great as a bandwidth monitor activity monitor, that's where it stops.

Now stare at that thing for one minute when you are not using an outgoing/incoming connection.
Why are you still getting an incoming reading every now and then. Do you know what it should/shouldn't look like?
Is that the ISP pinging the modem?
Is it really? What else could it be?
There is no preventitive measure with that program, and if you think there is I feel for you. Talk about a false sense of security.

Actually, netstat is more reliable then your AV, as is process viewer programs. I also watch the net traffic on my *nix router, so if a rootkit is hiding, and not showing itself on the netstat, I can still nab it. If it's low enough to dodge Task manager's process tab, and netstat, then Norton is dead in the water. I don't run AV, and my wife runs XP Pro without a s/w firewall or AV (she does run MS Antispyware, although we havn't picked anything up in about a year). Safe setup + Safe habits > poor setup + poor habits + AV

 

[imported_BikeDude]

Originally posted by: dnuggett
Cute? What do you think the percentage chance of being the first one hit by a virus is?

So your basic security philophy is that you won't be the first one hit? You can safely click on any e-mail attachment without any worry whatsoever?

Or you've done the "right" thing and disabled e-mail attachments completely? (this week I had the pleasure of mailing a bunch of .txt files to a very tight security outfit, I could zip down a directory tree containing .txt files, and I wouldn't be surprised if using ftp was off-limit as well, very awkward as the solution was mailing each directory of .txt files seperatly; not zipped of course)

What's even better is you assume that virus is going to show up in the process explorer

Are there many rootkits for 64-bit Windows? (http://www.microsoft.com/whdc/driver/kernel/64bitPatching.mspx) And how do you install a rootkit anyway if the user isn't running with administrative privs?

And you're assuming I run viral code in the first place. I just don't.

Last week showed that many people now has Sony's rootkit installed. I think you'll find many of them were running resident and up-to-date AV scanners. (I weren't affected btw)

I've seen several cases where it is almost impossible to shut down a worm, because the victim insists he is running updated AV software.

confirming you aren't really sure how a virus can mask itself. Either way....

Do you? Tell me: Have there been many buffer overrun exploits on DEP protected systems? (it is still possible in certain situations, but do you know how?)

Do you know what it should/shouldn't look like?

Yes.

Is that the ISP pinging the modem?

Does it matter? My router is configured to keep me shielded using PAT and can't be configured from the outside. There are no incoming connections that reach my box. And if they did, they'll reach a properly patched box with a minimum of services running. I'm not too worried.

And no resident AV solutions are relevant at this point. They're not firewalls. They only activate as something is written to the drive (or read). So, at this point you need an open security hole, and you need an idiot hacker clever enough to exploit that hole yet dumb enough to (somehow) stick with an existing virus that your AV scanner can recognise... Fairly odd mixture. Eliminate the security hole, and you do not need the resident AV scanner at all. (the user is an obvious security hole, as some research suggest that most users would gladly trade their password for a chocolate bar...)

Resident AV: Sort of a safety net in limited circumstances -- yes. Ultimate solution? No! If it were, we wouldn't see new threats arise every week.

Talk about a false sense of security.

Indeed.

 

[cool]

Maybe once in 18 months... XP runs pretty stable

 

[Doom Machine]

i average a reinstall about once a month if that.

to those that think thats crazy, there can be many reasons why pple do it so often, performance changes along with need for accurate marks, trying out alot of different drivers/software which will quickly bloat and cause xp to slow down a bit in performance. corruptions or other odd sudden problems that while some can be fixed, doesnt solve the problem of how it came to be to begin with.

i use nlite which only takes like 10 minutes for unattended reinstall plus installs all my drivers/patches/tweaks/configurations...anyone that reinstalls alot uses it, if not then whats the matter with your brain?

 

[Andres3605]

when i change my mother board and cpu

 

[dnuggett]

Never said it was an ultimate solution.. it is a safety net indeed. The user is the ultimate solution, but the fact remains best practices are to have one running.

 

[imported_BikeDude]

Originally posted by: dnuggett
The user is the ultimate solution, but the fact remains best practices are to have one running.

Best practices according to who? (AV manufacturers?) For everybody?

I've seen several people argue the way you do since '88 or so. AV has been adopted widely since, yet the number of attacks is still on a rise, is it not?

Security net? More like a false sense of security. AV fools users into thinking they're safe, thus they gladly click wherever it pleases them. "I'm protected, ergo I click". I certainly recall Melissa and the delay before the AV companies managed to get their signatures updated. Not pretty.

AV is there because we can't be bothered to educate the users. It is far from foolproof; We need to make considerable progress with heuristic scanning methods first.

I'd also like to point out that for regular users, mail worms are the least of their worries. Phishing attacks designed to lure the user to surrender e*bay account details is a sign of things to come. At the end of the day, the users need to be educated. (but then again, the same holds true for the "real" world -- plenty of con men/women around)

AV boils down to a very crude method of protection. You might as well wear a plastic cup on your head.

 

[caz67]

Originally posted by: BikeDude

Originally posted by: dnuggett
The user is the ultimate solution, but the fact remains best practices are to have one running.

Best practices according to who? (AV manufacturers?) For everybody?

I've seen several people argue the way you do since '88 or so. AV has been adopted widely since, yet the number of attacks is still on a rise, is it not?

Security net? More like a false sense of security. AV fools users into thinking they're safe, thus they gladly click wherever it pleases them. "I'm protected, ergo I click". I certainly recall Melissa and the delay before the AV companies managed to get their signatures updated. Not pretty.

AV is there because we can't be bothered to educate the users. It is far from foolproof; We need to make considerable progress with heuristic scanning methods first.

I'd also like to point out that for regular users, mail worms are the least of their worries. Phishing attacks designed to lure the user to surrender e*bay account details is a sign of things to come. At the end of the day, the users need to be educated. (but then again, the same holds true for the "real" world -- plenty of con men/women around)

AV boils down to a very crude method of protection. You might as well wear a plastic cup on your head.

AV might not be the perfect solution. However for all those grandmas and non computer users, it's the only solution.

I consider myself fairly knowledgable, however i don't have a degree in computer science, so all the precuations i take are fairly standard for most experienced users.Most people know about phishing and opening strange email attachments, the word is getting out slowly..

 

[Doom Machine]

but not everyone wants to be educated....they just want the d@#N thing to work!
its not about grandma users, only computer geeks like us in forums like this have a care for such things, most users dont care to know anything about security and viruses, false sense of security or not if we didnt have them then even the old backorfice and gf clients would still be in high circulation lol

i have seen many typical family pc's and thier av's arnt even maintained much less anything else and to most users just tell them about hackers and watch their attention draw elsewhere...they dont care as long as it works.

so what realistic solution do have there bikedude?

 

[Xpage]

usualyl once a year, something always happens that screws with ym system though it's been a bit longer since I got XP, guess i torture my OSes

 

[imported_goku]

Originally posted by: atchon
I reinstall about once a month on average probably...but i have a seperate boot harddrive and all my major programs on a dvd so its not to bad to get everything back to how it was.

noob

 

[timswim78]

I probably reinstall about once every 6 months. Technically, it's not a reinstall because I just copy a saved image back to my main partition. I'm at 6 months on this current installation, and I don't see any need to reinstall any time soon because things are going just fine.

 

[roselan]

I have no antivirus neither. It causes more troubles than a virus!!!

Unlike BikeDude I like p#0n and test new stuff. So I keep a ghost of my OS on a bottable dvd for my home computer, just in case of.

I don't get much problem with viruses and spybots. I get performance problems with programs crippling the registry. So I reinstall once per year in average.

Now, I run 3-4 online antiviruses each 2-3 months to get rid of some spywares.

@work, I do programming. I need plenty memory and power. An antivirus just slows stuff arround. Plus a virus will need to bypass 4 firewalls, 3 antibots, avoid a virtual network (trap), etc, etc, etc. So if one reaches my computer, he is allowed to stay, for all the efforts he did

all my source code and emails and any documents are on "file" servers, so I risk nothing. But I will never plug my laptop at home ^_^.

My worry is that until now, the vector by witch viruses find their way to your c:\windows was thru the user (by email), but more and more, breaches are opened by spywares. This mean that again we can have malicious software installing on your computer without any intervention. That's why I finally did set up a firewall at home

 

[dnuggett]

Originally posted by: BikeDude

Originally posted by: dnuggett
The user is the ultimate solution, but the fact remains best practices are to have one running.

Best practices according to who? (AV manufacturers?) For everybody?

I've seen several people argue the way you do since '88 or so. AV has been adopted widely since, yet the number of attacks is still on a rise, is it not?

Security net? More like a false sense of security. AV fools users into thinking they're safe, thus they gladly click wherever it pleases them. "I'm protected, ergo I click". I certainly recall Melissa and the delay before the AV companies managed to get their signatures updated. Not pretty.

AV is there because we can't be bothered to educate the users. It is far from foolproof; We need to make considerable progress with heuristic scanning methods first.

I'd also like to point out that for regular users, mail worms are the least of their worries. Phishing attacks designed to lure the user to surrender e*bay account details is a sign of things to come. At the end of the day, the users need to be educated. (but then again, the same holds true for the "real" world -- plenty of con men/women around)

AV boils down to a very crude method of protection. You might as well wear a plastic cup on your head.

What is your genious plan to educate the users? You expect hem to run all that crap you talked about originally? LOL get a friggin clue and admit it... wait, you did admit the reason for A/V when it comes to the home user. /end conversation

As far as best practices... where do you think that verbage would come from and apply to?

 

[Doom Machine]

Originally posted by: goku

Originally posted by: atchon
I reinstall about once a month on average probably...but i have a seperate boot harddrive and all my major programs on a dvd so its not to bad to get everything back to how it was.

noob

lol, what would you know about noob's, i reinstall oncea month, have seperate bootdrive and keep everying on dvd's too
i didnt realize that despite the fact that i've been using computers since around 1985 on black n white tandy's i guess i must be a noob too.

 

[Smilin]

Stupid is as stupid does.