(April 26, 2013 at 2:55 pm)Love Wrote: What method would you use to safely "test" a piece of Windows malware without infecting the host machine? Also, at the organisation/company where you work, I would be interested to know the security measures that you undertake in terms of protection from malware.
Hah, what I meant is that users who get infected machines provide me with the experience for both avoiding malware in the first place, and dealing with it when there is an infection.
We use Vipre Enterprise on our systems, having switched from Symantec Endpoint Protection a year or two ago. I remain unimpressed by most enterprise AV, and to be honest the thing that has reduced our incidence of virus infections is plain old user experience. Most attempts at infecting a machine are still either through email attachments or pop-up warnings that prompt the user to install a "virus cleaner." Employees here have become suspicious enough that it's very rare that anyone opens an infected attachment or clicks on a download link without checking with me first.
Malwarebytes and TDSSKiller are still my go-to tools when a machine is infected.
"Well, evolution is a theory. It is also a fact. And facts and theories are different things, not rungs in a hierarchy of increasing certainty. Facts are the world's data. Theories are structures of ideas that explain and interpret facts. Facts don't go away when scientists debate rival theories to explain them. Einstein's theory of gravitation replaced Newton's in this century, but apples didn't suspend themselves in midair, pending the outcome. And humans evolved from ape- like ancestors whether they did so by Darwin's proposed mechanism or by some other yet to be discovered."
-Stephen Jay Gould
-Stephen Jay Gould
