I don’t do downloads from shady sites.
HOPE THAT WAS A CLEAN SITE…JUST WENT THERE ON MY ACTUALLY PC…OPPS BUZZED!!!
@Frank4207#3280 Ransomware like WannaCry can spread across the network. I would add firewall rules to block smb in and outbound because I don’t use smb anyway. I would take a clean vm and run an nmap port scan to see what ports it has avaliable and block them accordingly. The only other way I know malware can get out is shared folders, usb sticks, or other media plugged into the vm.
@ITAdvocate#3326 @Frank4207#3324 I use SecureAPlus, because fudding malware had became so easy I just use application whitelisting and sandboxie. When windows forced Telemetry I was able to blacklist the exe used and my CPU dropped from near 100% to rough 11%. Due to it being a more advanced and user guided than automatic I installed MBAM on my parents computer, defender seems to be in a locked on state so there is frequent blue screens.
TL;DR: I would recommend SecureAPlus and Sandboxie if your advanced, MBAM if your an average user.