aprocfu
Programmer
- May 25, 2007
- 64
- 0
- 0
HI, my question is how to make the "Loacal Disk C:" where the Windows is installed kind of read only so viruses cannot install themselves.
Thanks
Thanks
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
How to Protect Local Disk C: from viruses
- Thread starter aprocfu
- Start date
- Status
goombawaho
MIS
Your best bet is an antivirus program and logging in as a user that does not have ADMINISTRATIVE equivalent rights. The drive can't be read only or Widnows wouldn't function.
Because of the way Windows is written changing data is mixed into the same directories as the programs. A case in point is cookies and temporary internet files.
Putting the changing data into a different location would probably help make the wish come true. Something like Apple did with their early machines. But that creates another problem, one of creating more difficulty doing program upgrades.
Rather than an anti-virus program I would suggest one of the internet protection suites.
Putting the changing data into a different location would probably help make the wish come true. Something like Apple did with their early machines. But that creates another problem, one of creating more difficulty doing program upgrades.
Rather than an anti-virus program I would suggest one of the internet protection suites.
- Thread starter
- #6
SimonDavies
MIS
I think it might be easier if you explain what you're trying to accomplish.
If you want a system that users can use and not worry about infections then you're best off looking into something like Faronics Deep Freeze ( or MS Steady State (
Simon
The real world is not about exam scores, it's about ability.
If you want a system that users can use and not worry about infections then you're best off looking into something like Faronics Deep Freeze ( or MS Steady State (
Simon
The real world is not about exam scores, it's about ability.
goombawaho
MIS
You hardly even need antivirus or a security suite IF you only go to known sites. In all the years I've been on a Windows computer - only twice has a web page tried to install something that AV detected. Once in 1999 and once a month ago.
And that was when I was looking at some adult content. If you spent your life at your bank's site or PCMag.com, tek-tips.com, etc., you would probably never encounter any malware.
Now, start downloading free programs, file sharing software/sites and looking at scantily clad samples of the opposite sex, and you'll start to find all kind of nasties.
I don't advocate that people go naked on the internet, but it really is more about where you go rather than that there is danger lurking at major, legitimate sites. With that said, get a free AVG (if you're cheap) and stop worrying.
And that was when I was looking at some adult content. If you spent your life at your bank's site or PCMag.com, tek-tips.com, etc., you would probably never encounter any malware.
Now, start downloading free programs, file sharing software/sites and looking at scantily clad samples of the opposite sex, and you'll start to find all kind of nasties.
I don't advocate that people go naked on the internet, but it really is more about where you go rather than that there is danger lurking at major, legitimate sites. With that said, get a free AVG (if you're cheap) and stop worrying.
Yes, you are pretty safe if you don't switch on the machine.
Why might you become infected, there could be several reasons?
Basically your security, both programs and user behavior, has fallen down and allowed an infection to pass through your defenses.
How many users are on your computer besides you? Do you know their surfing habits? Are your users using an Administrative account rather than, the less damaging in case of problems caused by malware, Limited User account?
With Administrative privileges anything which gets into your machine can do whatever it likes, but if you are only a Limited User then any damage is limited too.
Programs like virus scanners only mainly concentrate on viruses (and some more common worms and Trojans), but that still leaves many worms and Trojans as a danger. Which is why many people have what is loosely termed a "layered approach", where you have specific programs for specific threat attacks. You can spend lots of money preventing the chances of infection but the biggest danger is from sloppy user control.
Another thing to watch out for (besides E-mail) are portable media such as DVD's, CD's, SD Cards, or USB, shared and inserted by friends from other less controlled machines.
No matter how good your virus scanner is, unless it knows about an infection threat (updated definitions) it will not detect it, although many have heuristic detection to advice of a possible infection or suspicious file, which produces as many false positives as it does positives.
To help your virus scanner manufacturer/programmer you could send them a copy of the infected file, via a zipped file and E-mail so that they may better handle it in the future.
Why might you become infected, there could be several reasons?
Basically your security, both programs and user behavior, has fallen down and allowed an infection to pass through your defenses.
How many users are on your computer besides you? Do you know their surfing habits? Are your users using an Administrative account rather than, the less damaging in case of problems caused by malware, Limited User account?
With Administrative privileges anything which gets into your machine can do whatever it likes, but if you are only a Limited User then any damage is limited too.
Programs like virus scanners only mainly concentrate on viruses (and some more common worms and Trojans), but that still leaves many worms and Trojans as a danger. Which is why many people have what is loosely termed a "layered approach", where you have specific programs for specific threat attacks. You can spend lots of money preventing the chances of infection but the biggest danger is from sloppy user control.
Another thing to watch out for (besides E-mail) are portable media such as DVD's, CD's, SD Cards, or USB, shared and inserted by friends from other less controlled machines.
No matter how good your virus scanner is, unless it knows about an infection threat (updated definitions) it will not detect it, although many have heuristic detection to advice of a possible infection or suspicious file, which produces as many false positives as it does positives.
To help your virus scanner manufacturer/programmer you could send them a copy of the infected file, via a zipped file and E-mail so that they may better handle it in the future.
goombawaho
MIS
That's a good point about other malware. Anti-virus programs will let a lot of things through that get installed via web sites (drive by downloads) or in an e-mail or that autorun off a memory stick, etc. But my point still stands that behavior is a big factor in "getting something" vs. running smoothly. Still not advising you to run naked on the internet.
I should have mentioned MalwareByte's Anti-Malware. Install it and update it and run a scan periodically. I actually recommend purchasing this product. I use it nearly every day to clean out the bad stuff that people have collected on their computers.
It's the best thing I've found for all types of malware. Couldn't do my job without it. It, coupled with an up-to-date anti-virus scan, should flush all the nasties out of your computer unless you have something really dreadful.
I should have mentioned MalwareByte's Anti-Malware. Install it and update it and run a scan periodically. I actually recommend purchasing this product. I use it nearly every day to clean out the bad stuff that people have collected on their computers.
It's the best thing I've found for all types of malware. Couldn't do my job without it. It, coupled with an up-to-date anti-virus scan, should flush all the nasties out of your computer unless you have something really dreadful.
CharlieJax
MIS
Hello Apro,
You can indeed make certain parts of drives read only by using the permssions for the drive or the folders (or files). However the results can be very unpredictable when you try to set things to read only.
For example:
If you mark the Program Files folder as read only, you would not be able to install new programs there, nor would Microsoft Word, Excel, PowerPoint, etc work correctly because they make changes to their own files as they run.
If you were to make the Windows folder read only it could be ugly. The registry is constantly changing and the files that is stored in sit in the Windows directory. The result: Windows would probably not start correctly.
If you make the drive where your virtual memory is stored read only your computer will probably fail to even start Windows.
Securing parts of the drive to be read only is handy for stopping people from deleting files such as Word documents or other "user" files.
For antivirus protection your best bet is to install some protection and if you are serious about protecting and ensuring some files are not overwritten you can put them into read only parts of the drive or even save them to CDRs.
The short answer to your question is that it is not possible to make the "C" drive write protected, but you can secure parts of the drive or other drives / partitions to be read only.
CJ
Don't drink and post, save that for driving home!
You can indeed make certain parts of drives read only by using the permssions for the drive or the folders (or files). However the results can be very unpredictable when you try to set things to read only.
For example:
If you mark the Program Files folder as read only, you would not be able to install new programs there, nor would Microsoft Word, Excel, PowerPoint, etc work correctly because they make changes to their own files as they run.
If you were to make the Windows folder read only it could be ugly. The registry is constantly changing and the files that is stored in sit in the Windows directory. The result: Windows would probably not start correctly.
If you make the drive where your virtual memory is stored read only your computer will probably fail to even start Windows.
Securing parts of the drive to be read only is handy for stopping people from deleting files such as Word documents or other "user" files.
For antivirus protection your best bet is to install some protection and if you are serious about protecting and ensuring some files are not overwritten you can put them into read only parts of the drive or even save them to CDRs.
The short answer to your question is that it is not possible to make the "C" drive write protected, but you can secure parts of the drive or other drives / partitions to be read only.
CJ
Don't drink and post, save that for driving home!
You could also look at using Live Cd's / USB.
it has to be said, Linux is way better than windows at this (Bart PE can be added to to make it more functional).
But you are limited in what you can do.
Most people spend their time on the "urgent" rather than on the "important."
it has to be said, Linux is way better than windows at this (Bart PE can be added to to make it more functional).
But you are limited in what you can do.
Most people spend their time on the "urgent" rather than on the "important."
- Moderator
- #14
goombawaho said:
Not entirely true. I was on a well-known site (trying to remember which one) and my anti-virus popped up. Turns out that there was drive-by stuff on one of their ads. Granted, those ads were hosted on another site (like doubleclick), but I still had an attempt.
Just my 2¢
"What the captain doesn't realize is that we've secretly replaced his Dilithium Crystals with new Folger's Crystals."
--Greg
- Status
Similar threads
- Locked
- Question