[xasop]

Have you considered Debian?

I have but I was hoping for something more specific to browsing.  Debian would work but if I can find something smaller, I'd be happier.

What do you mean by "smaller"? You'd be hard pressed to find a Linux distro much smaller while still being reasonably usable to laypeople, for most definitions I can think of.

[Lord Dave]

Have you considered Debian?

I have but I was hoping for something more specific to browsing.  Debian would work but if I can find something smaller, I'd be happier.

What do you mean by "smaller"? You'd be hard pressed to find a Linux distro much smaller while still being reasonably usable to laypeople, for most definitions I can think of.

Think Chrome OS. 
But PP's sandboxie link solves my problem without the need for a Linux VM.

[xasop]

Think Chrome OS.

In what way is Chrome OS "smaller" than Debian?

[jroa]

antiX is Debian based, but very light and should run fine in a VM on pretty much any machine made within the last decade.  If you do decided to go the VM route, give it a try. 

[Thork]

Irrelevant.
The site Thork linked to is basically a list of files NOT to scan.  It has absolutely no advice for actually securing your systems.

That site tells you what systems MS security essentials protects and I would hazard a guess that your one at school is one of them. I didn't realise that clicking a hyperlink to view the product would be prohibitively taxing to someone who purportedly does IT work for a living.

[fappenhosen]

So what I've settled on (unless someone has a better idea) is linux in a virtual machine.

Don't bother. Just bang Ubuntu or derivative on a USB stick. Boot into the stick. Boom.

[Lemon]

What's a Linux?

[Lord Dave]

Irrelevant.
The site Thork linked to is basically a list of files NOT to scan.  It has absolutely no advice for actually securing your systems.

That site tells you what systems MS security essentials protects and I would hazard a guess that your one at school is one of them. I didn't realise that clicking a hyperlink to view the product would be prohibitively taxing to someone who purportedly does IT work for a living.

First off, I did look at the link.  You didn't link to any product.  You linked to guidelines on what to not scan with your chosen AV software.
Secondly, We HAVE MS security essentials.
And 2 firewalls.
And a web filter.
And an Active Directory structure which limits user accounts.
Users can't even write to the "program files" folder.

Yet a virus, which hides in advertisements and runs a very normal windows function to encrypt your files (It's part of the essential functions) still got through.  There are only three known defenses:
1. Block the site before you access it.
2. Block scripts (mostly java)
3. Sandbox your browser. (or non-windows)

So thanks again for proving that you've gone soft with your Mac.

[Thork]

Irrelevant.
The site Thork linked to is basically a list of files NOT to scan.  It has absolutely no advice for actually securing your systems.

That site tells you what systems MS security essentials protects and I would hazard a guess that your one at school is one of them. I didn't realise that clicking a hyperlink to view the product would be prohibitively taxing to someone who purportedly does IT work for a living.

First off, I did look at the link.  You didn't link to any product.  You linked to guidelines on what to not scan with your chosen AV software.
Secondly, We HAVE MS security essentials.
And 2 firewalls.
And a web filter.
And an Active Directory structure which limits user accounts.
Users can't even write to the "program files" folder.

Yet a virus, which hides in advertisements and runs a very normal windows function to encrypt your files (It's part of the essential functions) still got through.  There are only three known defenses:
1. Block the site before you access it.
2. Block scripts (mostly java)
3. Sandbox your browser. (or non-windows)

So thanks again for proving that you've gone soft with your Mac.

I use a mac at work. I've been back on my windows PC for months.

Anyhoo, no more software development for me.

The company I worked for freelance have given me a new permanent job. Basically I sell the software instead. I get more money, a company car, OTE, lots of travel all over Europe, selling bonuses and basically all I have to do is talk to people and make pretty powerpoint presentations.

Also I suspect you have misdiagnosed the problem. I suspect you screwed something up, and are now blaming a virus. Just a suspicion. You'd never tell me what really happened anyway. But frankly this cock and bull story about a student in a locked down system getting a virus from a safe site advert is ludicrous. But carry on. Install Linux on the school computers. I'm sure the teachers and children will thank you for making them that much more difficult to use.

[Lord Dave]

Irrelevant.
The site Thork linked to is basically a list of files NOT to scan.  It has absolutely no advice for actually securing your systems.

That site tells you what systems MS security essentials protects and I would hazard a guess that your one at school is one of them. I didn't realise that clicking a hyperlink to view the product would be prohibitively taxing to someone who purportedly does IT work for a living.

First off, I did look at the link.  You didn't link to any product.  You linked to guidelines on what to not scan with your chosen AV software.
Secondly, We HAVE MS security essentials.
And 2 firewalls.
And a web filter.
And an Active Directory structure which limits user accounts.
Users can't even write to the "program files" folder.

Yet a virus, which hides in advertisements and runs a very normal windows function to encrypt your files (It's part of the essential functions) still got through.  There are only three known defenses:
1. Block the site before you access it.
2. Block scripts (mostly java)
3. Sandbox your browser. (or non-windows)

So thanks again for proving that you've gone soft with your Mac.

I use a mac at work. I've been back on my windows PC for months.

Anyhoo, no more software development for me.

The company I worked for freelance have given me a new permanent job. Basically I sell the software instead. I get more money, a company car, OTE, lots of travel all over Europe, selling bonuses and basically all I have to do is talk to people and make pretty powerpoint presentations.

Also I suspect you have misdiagnosed the problem. I suspect you screwed something up, and are now blaming a virus. Just a suspicion. You'd never tell me what really happened anyway. But frankly this cock and bull story about a student in a locked down system getting a virus from a safe site advert is ludicrous. But carry on. Install Linux on the school computers. I'm sure the teachers and children will thank you for making them that much more difficult to use.

I'm almost at a loss for words.

http://forum.tfes.org/index.php?topic=1388.0
http://www.bleepingcomputer.com/virus-removal/cryptodefense-ransomware-information

Also, this is for my personal PC, not work which everyone but you seems to have understood.

[Rushy]

The only way to truly secure a computer is to keep it offline in a bunker 5 miles below the surface of the earth, with all of its components disassembled and kept at least 1000ft away from each other.

Deguass the harddrive for good measure.

[Lord Dave]

The only way to truly secure a computer is to keep it offline in a bunker 5 miles below the surface of the earth, with all of its components disassembled and kept at least 1000ft away from each other.

Deguass the harddrive for good measure.

Look, I'm just hoping to avoid having my data encrypted.  Everything else I can live with/fix.

[Particle Person]

The only way to truly secure a computer is to keep it offline in a bunker 5 miles below the surface of the earth, with all of its components disassembled and kept at least 1000ft away from each other.

Deguass the harddrive for good measure.

That wouldn't be a computer.

[Rushy]

Look, I'm just hoping to avoid having my data encrypted.  Everything else I can live with/fix.

Block all websites and whitelist them as you need them.

That wouldn't be a computer.

Each component by itself, no, but when referencing all parts simultaneous it is a computer, just a disassembled one.

[Lord Dave]

Sandboxie has proven to be exactly what I need.

Thanks PP.

[Rushy]

Sandboxie has proven to be exactly what I need.

Thanks PP.

Don't rely on this too much, though. There are plenty of viruses and malware that can escape from sandbox environments.

[xasop]

That wouldn't be a computer.

Each component by itself, no, but when referencing all parts simultaneous it is a computer, just a disassembled one.

By that logic, you breathe disassembled lead.

[Rushy]

By that logic, you breathe disassembled lead.

Only if the air you're breathing was lead at one point in time.

[Fortuna]

By that logic, you breathe disassembled lead.

Only if the air you're breathing was lead at one point in time.

I' sure there are minuscule particles of lead in the air you're breathing. Every breath you probably breathe an at least an atom of a dead king's foreskin too.

[fappenhosen]

Sandboxie has proven to be exactly what I need.