After almost 2 decades with Mac, Windows 7 x64 seemed like a good alternative to the ways things were headed there.

So I jumped in with both feet, built my first computer a couple of months ago (Phenom II x 3 3200 hz, 4 gig ram), been learning how Windows works and reading here for a month trying to get a handle on what's the lightest setup needed and still survive what seems like an exponentially escallating cyberwar. I try not to get paranoid.

How I use the computer: a lot of reading online and following green links, downloading security software to try, downloading files for SimCity and X-Plane at safe sites, the usual email and watching video (no, not xxx, more like Comedy Central political stuff and the occasional cute pet youtube).

This is what I have after reading here and trying lots of security programs: OpenDNS, NAT router, UAC at max, IE8 with WOT (sticking to only green sites) and LastPass, ThreatFire, Avast 5, Secunia. On demand is MBAM, Hitman Pro, CCleaner, Revo, Sophos, and Macrium. Everything is set the way it installs, since I don't know enough to tweek anything.

If you all see any holes or redundencies please let me know, I am pretty much as noob as it gets. Thanks.

I am sure everyone here at Wilders has a ton of advice for you, may be overwhelming, and the sort of questions you have posed may just start a torrent of information with everyone chiming in with their preferred apps. At the end of the day, everyone prefers something over the other because it works for them, better than the other thing. In very general terms, use reputable apps and visit product forums to see what the trend of complaints is - for e.g in the MSE forum, more and more complaints will be regarding missed malware, in Antivir Personal forum regarding updates, in avast! forum regarding mail scan etc.
Start with a few apps and try online scans periodically to see if something has been missed.
Also, whats up with on-demand Sophos? Is it even configurable that way?
BTW, visiting only and only 'green' WOT sites must be pretty boring, no?

So how does the paranoid world of microsoft computing feel then? I can't blame you for wanting to get out of a mac, in terms of having more options on many things. Sure would seem like you are a glutton for punishment though ;)

IMHO the first thing anyone needs to do is to really examine a few things. First, and foremost, how will you safeguard your data? Backup, backup, backup. If you have your data TRULY safe, then you are free to do as you please, because a reinstall is easy to do. I see you are using Macrium Reflect, so now you can have it easy. If your data is safe, and you get smitten by something of the not-so-nice nature, just put your good image back on.

So assume that your data is safe, and you don't fear having to re-install/re-image. The next question is what might you do that is "sensitive", such as online transactions or banking. If you do much of this, in my mind there are a few things you can do to greatly reduce your chances of compromise. You could go the route of using a LiveCD (linux flavor of your choise), you could use a PE disc (bartPE, LiveXP, the newer ones for Vista/7 based on pe3). This certainly is a safe route. You could also use something like vmWare or vBox, and have linux inside that, or a windows install. You can set those boxes to be snapshots, so that they keep nothing from the session and always start clean and fresh. You could use SandboxIE, and constrict the box to force your browser into it, and to delete contents after shutdown. You can constrict the box to allow only specific executables rights to run and/or rights to internet access. I have a browser devoted to this use, in SBIE, and do nothing else with it but that.

So, after you have the first two items, data and sensitive information handled, then what else? Now it depends on how much you want to "manage" your security. Running as a limited user (aka LUA) is one easy step, does not require much on your part. Using firewalls/hips, can certainly be robust, but must put time in to these efforst to some degree. Are you to use an AV? Anti-malware/Anti-spyware?

Question these things. This is an industry. The people who make all these security programs are happy to see threats continue as it ensures them future revenue. New threats require new versions. You can certainly find a plethora of tools to use in your arsenal. Some are great freeware, some are truly worthy of purchasing. But, how many do you need for your own security? Do you really need to build an impenetrable wall? Do your habits require that? Do you want to spend more time managing your security, or doing what you enjoy, which may well be managing your security.

I say these things because many people who are capable staying out of trouble invest a lot of time into staying out of trouble they never get into. Some people just don't get it, and no matter what you do, they will have problems. Some people just like to walk on the edge and actually use thier elaborate security schemes. But I have a feeling that most knowledgable people could use far less than they feel they must if they laid out a plan in lived by it.

The question is, which type of person are you? And how will you implement your own plan for your own unique needs? Weigh out your real risks, then apply the amount of security you feel you need. Don't buy into the crazed hype that the security industry loves people to do. There are security holes, today, there will be tommorrow. Nothing you do will stop this. And likely you don't need to worry about every flaw, only the ones that pertain to you.

Sul.

@ Sully,

It seems like he just entered hell and is being told the norms by devil associates.

Justenough,
Sounds like you have everything covered for the type of browsing you are going to be doing. If you have threatfire set to default you may want to go into the controls and increase the sensitivity to 4. Others may say that you don't have a firewall but you have openDNS, windows 7 firewall and your behind a NAT firewall. Avast 5 is a good choice and default settings are good. You're good to go. Sounds like you have alot of common sense which that alone will keep you out of trouble.

-{ Quote: "Also, whats up with on-demand Sophos? Is it even configurable that way?
BTW, visiting only and only 'green' WOT sites must be pretty boring, no?" }-

I think I have used Sophos a couple of times to do a rootkit scan.

Yeah, seems like it would be boring, but I am mainly just using the web for gathering information on my current hobbies and interests, being a student by nature. And a couple of days ago I went to a well-known site I've visited a thousand times over the last few years and got what I think is called a phish, a fake security program with the loading bar and the alert saying I was infected. I managed to click out safely, I think.

edit: After reading one of Snowdrift's links, I see that it was scareware, not phishing, that got onto that totally green site.

-{ Quote: "Justenough,
Sounds like you have everything covered for the type of browsing you are going to be doing. If you have threatfire set to default you may want to go into the controls and increase the sensitivity to 4. Others may say that you don't have a firewall but you have openDNS, windows 7 firewall and your behind a NAT firewall. Avast 5 is a good choice and default settings are good. You're good to go. Sounds like you have alot of common sense which that alone will keep you out of trouble." }-

Thanks kj, I'll try the 4 setting on TF. Yes, I forgot to mention the Windows firewall.

If you use the internet only the way you've described then you need only 4 things.

1. Stay behind a firewalled router
2. Install any of the security suites ( I suggest avast )
3. Keep updated your OS and software. Mainly your security software, java, flash browser plugin and adobe reader.
4. Backup often your boot partition creating an image and backup regularely your data with any method you like.

There is no need for anything else.

ps: If you want to add something extra, just use sandboxie while browsing.

http://bulletproof-windows.blogspot.com/


http://www.dedoimedo.com/computers/windows-7-security.html


http://www.mechbgon.com/build/security2.html

-{ Quote: "@ Sully,

It seems like he just entered hell and is being told the norms by devil associates." }-
lol, sort of. With M$ being the most attacked OS because the payload is so high, there is no doubt leaving the semi-protected world of mac and entering into windows brings with it a exponentially larger chance of finding yourself becoming 'exposed'. Since the OS itself does not exactly ship 'secure', and being so targeted, one must either trust blindly that programs x,y & z will protect them, or they must learn. Learning is the better of the two options, as programs x,y & z could be any one of hundreds of different titles, with a huge difference between the offerings.

It is how it is, but over-hyped by the powers that wish to capitalize on it. Learning about it and making wise decisions based on your own personal needs is the method I think works best, but not everyone stands and views things from the same place.

Sul.

-{ Quote: "So how does the paranoid world of microsoft computing feel then? I can't blame you for wanting to get out of a mac, in terms of having more options on many things. Sure would seem like you are a glutton for punishment though ;)Sul." }-

Yeah that's what my Mac-using gf enjoys telling me when I am pulling my hair out trying to figure out the latest Windows puzzle.

Thanks for the long reply, it's a lot to think about. I haven't come across LiveCD or PE Disc or vBox, I will look into them.

-{ Quote: "http://bulletproof-windows.blogspot.com/


http://www.dedoimedo.com/computers/windows-7-security.html


http://www.mechbgon.com/build/security2.html" }-

That's a great link, Snowdrift, I'd read it before when it was linked here at Wilders, and I took what I could from it. The DEP is still something I have to figure out. And I go back and forth using Standard and Admin. I need to get used to clicking back to Standard more often.

-{ Quote: "http://bulletproof-windows.blogspot.com/


http://www.dedoimedo.com/computers/windows-7-security.html


http://www.mechbgon.com/build/security2.html" }-
Couldn't agree more. I really enjoy the simplicity of that kind of security. It is not as paranoid as you can get it, but if you just use your pc as a normal person you won't get infected.

Snowdrift, I answered without realizing you'd added two links. Those I haven't seen, I'll read them later when I come back online tonight, thanks everyone for the good ideas.

No problem... Macs are fine, but they are way overpriced and I think a Windows PC can be made *more secure* than an Apple-made one with just a little work.

-{ Quote: "my Mac-using gf " }-
I wish I had one. But as of now I am too broke to afford either.

I consider using windows for the sheer challenge. using ubuntu is too easy. who would attack me? :0

My daughter called me the other night. She told me that she went out and bought a Dell Laptop w/Windows 7 and that she was going to call whenever she needed help.
I said that's nice dear.
Then I changed my phone number.
Enjoy your new pc.
Hugger

-{ Quote: "My daughter called me the other night. She told me that she went out and bought a Dell Laptop w/Windows 7 and that she was going to call whenever she needed help.
I said that's nice dear.
Then I changed my phone number.
Enjoy your new pc.
Hugger" }-

:o ;D ;D

-{ Quote: "If you use the internet only the way you've described then you need only 4 things.

1. Stay behind a firewalled router
2. Install any of the security suites ( I suggest avast )
3. Keep updated your OS and software. Mainly your security software, java, flash browser plugin and adobe reader.
4. Backup often your boot partition creating an image and backup regularely your data with any method you like.

There is no need for anything else.

ps: If you want to add something extra, just use sandboxie while browsing." }-

I was hoping that was the case, NoIos, that with good internet practices I can keep the security software pretty much in the background. From trying different programs over the last month, since finding Wilders, I have noticed that some of them don't work well together or with my particular system.

I've kept the ones that were quiet. I don't know if Threatfire is doing anything, cause it hasn't made a peep, but it gets good reviews, so there it sits. Same with Avast. On the other hand, Secunia gives frequent notifications that it is patching the programs coming and going. And it gives my security a 100% rating, a reassuring touch that might not really mean anything for all I know.

Is there an easy way to keep track of updating java and flash? Avast updates itself, and I have PDF-XChange as a reader.

-{ Quote: "I wish I had one. But as of now I am too broke to afford either." }-

Money can definately be an issue with getting a Mac, but getting a girl-friend? I don't think so. Some of my most romantic times were when we were both dirt-poor and struggling. Seize the day.;)

-{ Quote: "http://bulletproof-windows.blogspot.com/


http://www.dedoimedo.com/computers/windows-7-security.html


http://www.mechbgon.com/build/security2.html" }-

Read through those links, good stuff, helped me set up DEP and some other things. I was half-expecting something to rebel when I set up the DEP, but so far, all is well. Thanks.

-{ Quote: "I was half-expecting something to rebel when I set up the DEP, but so far, all is well. Thanks." }-

Well, the only thing that rebels here w/ DEP is Slysoft AnyDVD, needs to be excluded. Kinda expected. ;D

-{ Quote: "My daughter called me the other night. She told me that she went out and bought a Dell Laptop w/Windows 7 and that she was going to call whenever she needed help.
I said that's nice dear.
Then I changed my phone number.
Enjoy your new pc.
Hugger" }-

Maybe I shouldn't have said 'pulling my hair out over the latest Windows puzzle'. I am in no way sorry for making the transition over from Mac. For one thing, a Mac equal to this one that I built would have cost me twice as much (not to mention the built-in restrictions, that seem to be getting worse). The frustration is just from having to learn a new OS from scratch. Actually I am very happy that the hardware and software are both working together as well as they are, considering this is my first home-built computer and my first Windows machine.

Maybe you could just give your daughter a link to Wilders, and places like Gizmo's Freeware and Microsoft solutions site. They have helped me keep my computer up and running.

-{ Quote: "[...] what's the lightest setup needed and still survive what seems like an exponentially escallating cyberwar. I try not to get paranoid." }-
First of all: Common sense. From your posts I can say check.
Then:
Firewall: NAT router + Seven Firewall. Check
HIPS: UAC+Threatfire. Check.
Browsing: IE8 with WOT. I'd prefer Firefox+NoScript+AdBlock but let's say check here too.
Backup: Macrium. Check. I'm also using Comodo Time Machine which is Windows Restore point with steroids.
AV: IMO useless for a home user if you have all above but you have AVAST. Check.

More than that and you'll get paranoid. ;D
But in the end it comes to a personal taste. As far I can see you've started on the right track in Windows world. :thumb:

-{ Quote: "I was hoping that was the case, NoIos, that with good internet practices I can keep the security software pretty much in the background. From trying different programs over the last month, since finding Wilders, I have noticed that some of them don't work well together or with my particular system.

I've kept the ones that were quiet. I don't know if Threatfire is doing anything, cause it hasn't made a peep, but it gets good reviews, so there it sits. Same with Avast. On the other hand, Secunia gives frequent notifications that it is patching the programs coming and going. And it gives my security a 100% rating, a reassuring touch that might not really mean anything for all I know.

Is there an easy way to keep track of updating java and flash? Avast updates itself, and I have PDF-XChange as a reader." }-

Keep this bookmark:
http://kb2.adobe.com/cps/155/tn_15507.html

This will tell you just by visiting the page which version of flash you have installed. Near the bottom of the page you can see the most recent flash version available. Compare the two numbers. If they match you're ok. If not go and get the latest flash player from Adobe's site.

About java. Go to Program Files folder and then in Java->jre6->bin and run javacpl.exe, there you'll find a tab which will allow to immediately check for updates or setup the frequency of automatic updates ( clicking Advanced )( note: these are instructions for a 32bit system, something very similar will be for your 64bit system)
OR
visit http://www.java.com/en/download/installed.jsp?detect=jre&try=1
To get the latest version visit the page http://www.java.com/en/download/

Both flash and java have autoupdate scheduled features but by default do not check that often for new versions. So better do it manually like once a week.

These two programs are really important to be updated because are the two of the most frequent ways that malware gets in your pc.

PDF-XChange is a great reader and not targeted by malware the way Adobe Reader does. I mean in many occasions is safer to use and alternative pdf reader.

Now about the whole "simple security" issue. There is no need for extra protection if you visit known and "green" web sites. A firewall and an antivirus are more than enough. My opinion...just use only an antivirus and a firewall. Combine them with the use of sandboxie while browsing and the use of a limited user account and you'll never have a problem...conditions: do not change your internet habbits, do not allow others to work with your pc, do not plug usb devices that others provided you, do not run a file that comes from untrusted sources, keep up to date your OS and software.

For sure you can also keep your current setup.

Continue reading Wilders but don't get paranoid. As long you visit only the "green" side of the web, the chances to get infected are really really limited. And if something goes wrong your antivirus will be there and sandboxie at the end of your browsing session will wipe out all the "bad". My advice...read some more things about sandboxie, it is important to configure some basic things ( it's really easy don't worry ).

Things to keep from your current setup: - All your on demand choices - OpenDNS - NAT Router - Avast
Things to add: A firewall ( I didn't really understand which one you use ) - Sandboxie
Threatfire note: If really does not interfere with your every day tasks you can leave it there, but like I've said my opinion is that for you an antivirus + firewall + sandboxie are the best choices.

Secuina PSI. Checks all apps are patched and have latest releases.
One stop check .

-{ Quote: "Money can definately be an issue with getting a Mac, but getting a girl-friend? I don't think so. Some of my most romantic times were when we were both dirt-poor and struggling. Seize the day.;)" }-

-http://www.youtube.com/watch?v=6vwNcNOTVzY-

-{ Quote: "Secuina PSI. Checks all apps are patched and have latest releases.
One stop check ." }-

Secunia PSI keeps statistics. If you don't mind being in their statistics then it's great to use. I don't really like others to collect data from me ( even if the collection is anonymous ).

-{ Quote: "Secunia PSI keeps statistics. If you don't mind being in their statistics then it's great to use. I don't really like others to collect data from me ( even if the collection is anonymous )." }-


Oh man, your are in trouble, let me tell you...

If you're on Ultimate, you should use AppLocker. Sandboxie would be a great idea as well. Personally, I would use Chrome over IE8, but either is fine as long as it is sandboxed. You can try LinkExtend for Chrome as well, it will poll data from 7 separate sources, including WoT as well as automated crawlers to inform you of a site's safety. WoT is useful, but I prefer a second opinion given that it is entirely community based.

I would use a Classical HIPS over Threatfire if I was in your place. However, if you don't want to deal with popups and configuring a HIPS or do not understand the alerts, Threatfire is an excellent choice for a BB.

Sandboxie is quite simple to use though and powerful. If you take away one thing from this post, let it be my recommendation that you give Sandboxie a try.

Do you mean AppLocker?

I think AppArmor is for linux. :)

-{ Quote: "Do you mean AppLocker?

I think AppArmor is for linux. :)" }-

Right you are my friend, shows you which OS I'm spending more time with right now. Thanks.

-{ Quote: "-http://www.youtube.com/watch?v=6vwNcNOTVzY-" }-

If that's what Ravi meant by a gf, best of luck to him, there won't be much left of the guy.

-{ Quote: "By the 1,000 names of Vishnu, we swear we are not devils!" }-

Thanks snowdrift, that's reassuring.;)

-{ Quote: "Oh man, your are in trouble, let me tell you..." }-

Your opinion man! Respected but not welcomed. You did not respect mine. Since you just drop a phrase and you don't explain it, using irony, sarcasm or your type of humour, man...just ignore me next time, because this is what I'll do to you...man.

-{ Quote: "Keep this bookmark:
http://kb2.adobe.com/cps/155/tn_15507.html

This will tell you just by visiting the page which version of flash you have installed. Near the bottom of the page you can see the most recent flash version available. Compare the two numbers. If they match you're ok. If not go and get the latest flash player from Adobe's site.

About java. Go to Program Files folder and then in Java->jre6->bin and run javacpl.exe, there you'll find a tab which will allow to immediately check for updates or setup the frequency of automatic updates ( clicking Advanced )( note: these are instructions for a 32bit system, something very similar will be for your 64bit system)
OR
visit http://www.java.com/en/download/installed.jsp?detect=jre&try=1
To get the latest version visit the page http://www.java.com/en/download/

Both flash and java have autoupdate scheduled features but by default do not check that often for new versions. So better do it manually like once a week.

These two programs are really important to be updated because are the two of the most frequent ways that malware gets in your pc.

PDF-XChange is a great reader and not targeted by malware the way Adobe Reader does. I mean in many occasions is safer to use and alternative pdf reader.

Now about the whole "simple security" issue. There is no need for extra protection if you visit known and "green" web sites. A firewall and an antivirus are more than enough. My opinion...just use only an antivirus and a firewall. Combine them with the use of sandboxie while browsing and the use of a limited user account and you'll never have a problem...conditions: do not change your internet habbits, do not allow others to work with your pc, do not plug usb devices that others provided you, do not run a file that comes from untrusted sources, keep up to date your OS and software.

For sure you can also keep your current setup.

Continue reading Wilders but don't get paranoid. As long you visit only the "green" side of the web, the chances to get infected are really really limited. And if something goes wrong your antivirus will be there and sandboxie at the end of your browsing session will wipe out all the "bad". My advice...read some more things about sandboxie, it is important to configure some basic things ( it's really easy don't worry ).

Things to keep from your current setup: - All your on demand choices - OpenDNS - NAT Router - Avast
Things to add: A firewall ( I didn't really understand which one you use ) - Sandboxie
Threatfire note: If really does not interfere with your every day tasks you can leave it there, but like I've said my opinion is that for you an antivirus + firewall + sandboxie are the best choices." }-

Thanks, NoIos. I've saved the flash bookmark, I'll keep flash and java up-to-date.

I will keep your advice in mind. No one else will use this computer or my flashdrive.

I am using the Windows 7 firewall. Took Threatfire off, and am trying MSE, feeling some confidence after everyone's comments that I can lighten the security up a bit (while using the built-in security of the OS such as DEP).

-{ Quote: "Took Threatfire off, and am trying MSE, feeling some confidence after everyone's comments that I can lighten the security up a bit (while using the built-in security of the OS such as DEP)." }-

I'm surprised it didn't cause any problems for you. Recently I thought I might try to give it a spin again - well... DaemonTools still broken with it (ridiculous, been reported ages ago), huge delay on reboot, the tray icon basically never showing (even after manually fixing their broken registry autostart entry which keeps randomly switching between no, single and double quotation marks) and beyond that it basically caused a severe malfunction of the system tray - half of the stuff was randomly missing there, it totally killed the safely remove HW icon, it's been fighting w/ Avast on startup etc.

Looking at the forums, it seems the development basically stopped. Probably Symantec will recycle the code for some of their commercial stuff and that will be the end of it.

>:( :thumbd:

-{ Quote: "If you're on Ultimate, you should use AppLocker. Sandboxie would be a great idea as well. Personally, I would use Chrome over IE8, but either is fine as long as it is sandboxed. You can try LinkExtend for Chrome as well, it will poll data from 7 separate sources, including WoT as well as automated crawlers to inform you of a site's safety. WoT is useful, but I prefer a second opinion given that it is entirely community based.

I would use a Classical HIPS over Threatfire if I was in your place. However, if you don't want to deal with popups and configuring a HIPS or do not understand the alerts, Threatfire is an excellent choice for a BB.

Sandboxie is quite simple to use though and powerful. If you take away one thing from this post, let it be my recommendation that you give Sandboxie a try." }-

I have Premium, seems I should have gotten Ultimate for AppLocker.

I've loaded Sandboxie a couple of times, and really like it, but with all the file downloading I do (trying security software, getting buildings and mods for SimCity, getting planes and scenery for X-Plane, copying nature pictures daily from Pixdaus for my desktop picture folder) that it added an extra step or two. I figured since I was only at trusted sites, Sandboxie wasn't that necessary. Also read that it wasn't as secure on 64 systems, though I'm guessing that the malware would have to be written specifically to get around Sandboxie, which doesn't seem that likely. After I am set on my security software, I might load Sandboxie again.

I tried LinkScanner on IE8, worked fine, but I noticed that it flagged a lot fewer sites as dangerous compared to WOT. In other words, if I stuck to green WOTs, I wouldn't be stumbling into a place LinkScanner would warn about. Since I want as light a setup as possible, I took it off.

Also took off Threatfire, since from the comments, my computing habits are safe enough to not need it.

-{ Quote: "Oh man, your are in trouble, let me tell you..." }-

NoIos, wasn't very clear was it, but I took it to mean that there are all sorts of ways our data is being collected on the web, and blocking one won't make much difference.

-{ Quote: "I'm surprised it didn't cause any problems for you. Recently I thought I might try to give it a spin again - well... DaemonTools still broken with it (ridiculous, been reported ages ago), huge delay on reboot, the tray icon basically never showing (even after manually fixing their broken registry autostart entry which keeps randomly switching between no, single and double quotation marks) and beyond that it basically caused a severe malfunction of the system tray - half of the stuff was randomly missing there, it totally killed the safely remove HW icon, it's been fighting w/ Avast on startup etc.

Looking at the forums, it seems the development basically stopped. Probably Symantec will recycle the code for some of their commercial stuff and that will be the end of it.

>:( :thumbd:" }-

Sometimes it seems some of the security software can be as much of a problem as what it is trying to stop. Security alerts on a hyper-sensitive security program are an interesting issue. They can seem like an annoying bug that's only function is to pop up a window that has to be clicked.

-{ Quote: "First of all: Common sense. From your posts I can say check.
Then:
Firewall: NAT router + Seven Firewall. Check
HIPS: UAC+Threatfire. Check.
Browsing: IE8 with WOT. I'd prefer Firefox+NoScript+AdBlock but let's say check here too.
Backup: Macrium. Check. I'm also using Comodo Time Machine which is Windows Restore point with steroids.
AV: IMO useless for a home user if you have all above but you have AVAST. Check.

More than that and you'll get paranoid. ;D
But in the end it comes to a personal taste. As far I can see you've started on the right track in Windows world. :thumb:" }-

Looking for the right balance, thanks for the list of what's needed. I have taken off TF, I will look into Comodo Time Machine. It's seeming like the stuff in the background (OpenDNS, NAT router, 7 firewall, DEP, LUA, UAC), along with keeping programs updated and patched, and knowing what to avoid, will cover most of the problems, and then having a restore point, copies of files, and a system image is the fail-safe solution. I put two hard drives into this computer so it would be easy to keep everything backed up.

I have tried other browsers, and settled on IE8 for 2 unexpected reasons. I would like to use Chrome, but it and Firefox would crash the system now and then when I scrolled the windows. Couldn't find a solution. And the other reason is that I have a Dell 2209WA monitor at 1680 x 1050, and the font is just too small on the browsers, even with the system fonts set higher. IE8 has the saved zoom level on the lower right, which I haven't found how to do on the other two. And from what I have read, IE8 is now pretty safe.

-{ Quote: "I will look into Comodo Time Machine." }-

BIG WARNING! Make absolutely sure you have a full drive image before installing Comodo. It's incredibly intrusive, almost impossible to uninstall cleanly and destroyed quite a couple of people's boxes already.

-{ Quote: "BIG WARNING! Make absolutely sure you have a full drive image before installing Comodo. It's incredibly intrusive, almost impossible to uninstall cleanly and destroyed quite a couple of people's boxes already." }-

Thanks for the big warning, Doktornotor, I won't be looking into Comodo Time Machine.

Yep, some have troubles with CTM. Big troubles.
I always have a HDD image around if things go hairy.

-{ Quote: "NoIos, wasn't very clear was it, but I took it to mean that there are all sorts of ways our data is being collected on the web, and blocking one won't make much difference." }-

Well, I have to agree and I admit that I've over reacted with anothermack. I'm sorry for that but it happens sometimes.

Now about the collection of data. There is a huge difference between the collection of data via browser, tracking cookies etc. and the collection of data directly on the machine. At least this is my view. In any case I try to make harder for the others to collect data from me. I think I have the right to handle this the way I believe better and say my opinion about it.

Anyway, I repeat that I have reacted not properly.

How to enable Structured Exception Handling Overwrite Protection (SEHOP) in Windows (http://www.wilderssecurity.com/showthread.php?t=270357)

-{ Quote: "I have Premium, seems I should have gotten Ultimate for AppLocker.

I've loaded Sandboxie a couple of times, and really like it, but with all the file downloading I do (trying security software, getting buildings and mods for SimCity, getting planes and scenery for X-Plane, copying nature pictures daily from Pixdaus for my desktop picture folder) that it added an extra step or two. I figured since I was only at trusted sites, Sandboxie wasn't that necessary. Also read that it wasn't as secure on 64 systems, though I'm guessing that the malware would have to be written specifically to get around Sandboxie, which doesn't seem that likely. After I am set on my security software, I might load Sandboxie again.

I tried LinkExtend on IE8, worked fine, but I noticed that it flagged a lot fewer sites as dangerous compared to WOT. In other words, if I stuck to green WOTs, I wouldn't be stumbling into a place LinkExtend would warn about. Since I want as light a setup as possible, I took it off.

Also took off Threatfire, since from the comments, my computing habits are safe enough to not need it." }-

Yeah, I wish I had AppLocker as well. Not enough to shell out for Ultimate though. Shame that MS restricts this feature.

Personally, I browse like you do - only trusted sites. However, with ads being a prominent means of malware spread, trusted sites can't be trusted to not unknowingly attack you. There is of course always the chance of a compromise of the site itself, and the injection of malware into the site.

For example, earlier this month 3 US Treasury sites were hacked and served malware to visitors:
http://www.computerworld.com/s/article/9176278/US_Treasury_Web_sites_hacked_serving_malware

Sandboxie or a properly configured classical HIPS would have prevented compromise of your system in this case. A classical HIPS would actually be less intrusive in the case of downloads compared to Sandboxie - Comodo, for example, would only prompt if the download was an executable of some sort. If it does, just click allow. As opposed to sandboxie, requiring you to recover no matter what. You could even set up a rule allowing your browser to write to your downloads folder and not be prompted on downloads. But, of course, your HIPS would prompt if your browser downloaded an executable and then attempted to execute it, in the case of a typical drive by download.

You really only need to spend time configuring your HIPS with untrusted applications or applications that handle untrusted data. So, web browsers and multiplayer games in your case. You can easily, in Comodo at least, mark an application as trusted and not be bothered by it.

Linkextend marks a site as medium risk if one of the 7 sources marks it as high risk or 2 sources mark it as medium, with any more being marked as high risk. 1 medium risk rating is ignored.

Site hosting malware caught by Norton SafeWeb but with a green WoT:

http://safeweb.norton.com/report/show?url=oldversion.com

http://www.mywot.com/en/scorecard/oldversion.com

Of course, if you clicked through to the WoT, you'd know something was up. But how often do you do that? However, both WoT and LinkExtend simply compliment your common sense. Honestly, WoT is probably enough.

The only remaining concern for your setup is a compromised, trusted website exploiting a zero day. The odds are extremely low, of course, of this happening to you. Yet it can be fairly easily mitigated with a classical HIPS. It all depends on how much effort you want to spend on such a low risk.

-{ Quote: "Well, I have to agree and I admit that I've over reacted with anothermack. I'm sorry for that but it happens sometimes.

Now about the collection of data. There is a huge difference between the collection of data via browser, tracking cookies etc. and the collection of data directly on the machine. At least this is my view. In any case I try to make harder for the others to collect data from me. I think I have the right to handle this the way I believe better and say my opinion about it.

Anyway, I repeat that I have reacted not properly." }-

Yeah, it happens sometimes, to all of us. Thanks for keeping things straight with the follow-up.

-{ Quote: "How to enable Structured Exception Handling Overwrite Protection (SEHOP) in Windows (http://www.wilderssecurity.com/showthread.php?t=270357)" }-

I looked at it, MrBrian, and the steps for 64 were over my head. I'll come back to it when I know more what I am doing with Windows.

-{ Quote: "Yeah, I wish I had AppLocker as well. Not enough to shell out for Ultimate though. Shame that MS restricts this feature.

Personally, I browse like you do - only trusted sites. However, with ads being a prominent means of malware spread, trusted sites can't be trusted to not unknowingly attack you. There is of course always the chance of a compromise of the site itself, and the injection of malware into the site.

For example, earlier this month 3 US Treasury sites were hacked and served malware to visitors:
http://www.computerworld.com/s/article/9176278/US_Treasury_Web_sites_hacked_serving_malware

Sandboxie or a properly configured classical HIPS would have prevented compromise of your system in this case. A classical HIPS would actually be less intrusive in the case of downloads compared to Sandboxie - Comodo, for example, would only prompt if the download was an executable of some sort. If it does, just click allow. As opposed to sandboxie, requiring you to recover no matter what. You could even set up a rule allowing your browser to write to your downloads folder and not be prompted on downloads. But, of course, your HIPS would prompt if your browser downloaded an executable and then attempted to execute it, in the case of a typical drive by download.

You really only need to spend time configuring your HIPS with untrusted applications or applications that handle untrusted data. So, web browsers and multiplayer games in your case. You can easily, in Comodo at least, mark an application as trusted and not be bothered by it.

Linkextend marks a site as medium risk if one of the 7 sources marks it as high risk or 2 sources mark it as medium, with any more being marked as high risk. 1 medium risk rating is ignored.

Site hosting malware caught by Norton SafeWeb but with a green WoT:

http://safeweb.norton.com/report/show?url=oldversion.com

http://www.mywot.com/en/scorecard/oldversion.com

Of course, if you clicked through to the WoT, you'd know something was up. But how often do you do that? However, both WoT and LinkExtend simply compliment your common sense. Honestly, WoT is probably enough.

The only remaining concern for your setup is a compromised, trusted website exploiting a zero day. The odds are extremely low, of course, of this happening to you. Yet it can be fairly easily mitigated with a classical HIPS. It all depends on how much effort you want to spend on such a low risk." }-

After reading your post Ace, I installed WinPatrol, a "light HIPS". So far I've gotten some woofs, but nothing annoying yet. I had gotten used to retrieving downloaded files in Sandboxie, so we'll see which is less intrusive, and I'll go with that one. Or go back to Threatfire, which was extremely quiet.

I also re-installed AVG's LinkScanner, but this time didn't do a custom install. It put on a Yahoo tool bar, and all sorts of other stuff I didn't want. And then when I used Revo Pro (a utility program worth the upgrade IMHO at the half-price deal;)) to uninstall LinkScanner, it found all sorts of crap left behind. What is AVG thinking with this? I won't touch another one of their products.

So then I tried Norton's SafeWeb, and it put a nice big "Norton" on my toolbar, with their own search window. I guess free can have its price. So I am back to plain ol' WOT and whatever good sense and luck I might have.

-{ Quote: "I've loaded Sandboxie a couple of times, and really like it, but with all the file downloading I do (trying security software, getting buildings and mods for SimCity, getting planes and scenery for X-Plane, copying nature pictures daily from Pixdaus for my desktop picture folder) that it added an extra step or two. I figured since I was only at trusted sites, Sandboxie wasn't that necessary. Also read that it wasn't as secure on 64 systems, though I'm guessing that the malware would have to be written specifically to get around Sandboxie, which doesn't seem that likely. After I am set on my security software, I might load Sandboxie again." }-
The solution to this problem is to use the paid version. Here you can force a browser to start in SBIE. I make a different sandbox for each browser. I limit what programs can run within this box, and what programs have network access.

Concerning downloads, all it requires is saving downloads to either "my docs" or "desktop" and SBIE will auto-prompt you to recover them. But what I do is to create a special directory (or use public downloads or user downloads in win7) and tell SBIE to have "direct access" to this folder(s). Now when I save things, they are written directly to that location and there is no extra step required.

I go one step further, and have created another sandbox that forces anything executed in my downloads directory to start in a sandbox that has no network access allowed. In this manner, I use any browser to download anything, and they all save to one directory. I don't have to recover, it is a direct "live" write. I can then move things if I want to keep them. I can execute things from this downloads directory to test them, and they are opened in a sandbox.

If you have a few specific places you save things to with frequency, just give those directories direct access so that you can save there. It goes without saying that if you are downloading a trusted file, there should be no worry. If you are downloading something untrusted, one can only hope that you place it somewhere and take some precautions before executing it.

Simple, effective and minimal setup.

Sul.

-{ Quote: "I looked at it, MrBrian, and the steps for 64 were over my head. I'll come back to it when I know more what I am doing with Windows." }-
It can be done without changing a registry value, this file does it for you: http://support.microsoft.com/kb/956607

My current security:

OpenDNS
NAT router
Windows 7 Firewall
Avast
LUA, UAC, DEP, SEHOP
IE8 with WOT and SpywareBlaster
Trying WinPatrol, will use it or Sandboxie

Secunia PSI
Hitman Pro
MBAM
CCleaner
Revo

Macrium Reflect

I was getting an Event ID on MSE that meant that a MSE file was corrupted. From reading on the internet, it happened with a lot of people, and Microsoft's solution was to delete the file, and MSE would reinstall it. But for me as with others, it got corrupted again at the next crash. So I have taken MSE off, and am now using Avast again.

Is Avast the lightest AV?

I will be buying Hitman Pro.

After the help I have gotten here, I have gone from bordering on paranoid to feeling pretty safe with the in-built protections of 7 x 64, and the other security programs suggested here. So thank you Wilders people. This is a great site that is now a regular read for me.

-{ Quote: "The solution to this problem is to use the paid version. Here you can force a browser to start in SBIE. I make a different sandbox for each browser. I limit what programs can run within this box, and what programs have network access.

Concerning downloads, all it requires is saving downloads to either "my docs" or "desktop" and SBIE will auto-prompt you to recover them. But what I do is to create a special directory (or use public downloads or user downloads in win7) and tell SBIE to have "direct access" to this folder(s). Now when I save things, they are written directly to that location and there is no extra step required.

I go one step further, and have created another sandbox that forces anything executed in my downloads directory to start in a sandbox that has no network access allowed. In this manner, I use any browser to download anything, and they all save to one directory. I don't have to recover, it is a direct "live" write. I can then move things if I want to keep them. I can execute things from this downloads directory to test them, and they are opened in a sandbox.

If you have a few specific places you save things to with frequency, just give those directories direct access so that you can save there. It goes without saying that if you are downloading a trusted file, there should be no worry. If you are downloading something untrusted, one can only hope that you place it somewhere and take some precautions before executing it.

Simple, effective and minimal setup.

Sul." }-

That looks like a better way of using Sandboxie, Sully, thanks. After I have gotten used to how WinPatrol works for a few days, I will reinstall Sandboxie and try it the way you've outlined here.

-{ Quote: "After reading your post Ace, I installed WinPatrol, a "light HIPS". So far I've gotten some woofs, but nothing annoying yet. I had gotten used to retrieving downloaded files in Sandboxie, so we'll see which is less intrusive, and I'll go with that one. Or go back to Threatfire, which was extremely quiet.

I also re-installed AVG's LinkScanner, but this time didn't do a custom install. It put on a Yahoo tool bar, and all sorts of other stuff I didn't want. And then when I used Revo Pro (a utility program worth the upgrade IMHO at the half-price deal;)) to uninstall LinkScanner, it found all sorts of crap left behind. What is AVG thinking with this? I won't touch another one of their products.

So then I tried Norton's SafeWeb, and it put a nice big "Norton" on my toolbar, with their own search window. I guess free can have its price. So I am back to plain ol' WOT and whatever good sense and luck I might have." }-

Never tried WinPatrol, might have to do that soon.

Not a big fan of LinkScanner myself, nor SafeWeb on its own. Linkextend and WOT are the only browser addons I've found of their type that don't annoy you in some way or another.

Good on you for using Hitman Pro, great software. In regards to your desire for a light av/antimalware, I would suggest prevx or avast. I'm running both, alongside immunet, and there is very little slowdown. Prevx is actually a fantastic choice, try it!

I use Sandboxie in a similar manner to Sully - it is much easier to not have to bother with launching applications in a sandbox, as the paid version quite easily handles this for you.

-{ Quote: "It can be done without changing a registry value, this file does it for you: http://support.microsoft.com/kb/956607" }-

Can't use the program to change SEHOP in 7 64, and following the instructions to do it manually, I got a message saying not allowed at the last step.

-{ Quote: "Can't use the program to change SEHOP in 7 64" }-

The Fixit did work fine for me.

-{ Quote: "The Fixit did work fine for me." }-

I didn't use the program since it said it was for something other than 7, but I'll give it a try.

-{ Quote: "Never tried WinPatrol, might have to do that soon.

Not a big fan of LinkScanner myself, nor SafeWeb on its own. Linkextend and WOT are the only browser addons I've found of their type that don't annoy you in some way or another.

Good on you for using Hitman Pro, great software. In regards to your desire for a light av/antimalware, I would suggest prevx or avast. I'm running both, alongside immunet, and there is very little slowdown. Prevx is actually a fantastic choice, try it!

I use Sandboxie in a similar manner to Sully - it is much easier to not have to bother with launching applications in a sandbox, as the paid version quite easily handles this for you." }-

I just loaded Prevx, and Sysinternals Process Monitor shows it working away nonstop, doing RegQueries. Avast doesn't do that, probably only checking actual activity on the computer. edit: Just to be clear, I don't know if that's good or bad, or if Prevx settles down after a while.

Since I have gotten good recommendations on Sandboxie, and it seems that used the right way it could replace a few other programs, I will load Sandboxie tomorrow and actually read the manual:o , and see what it can do.

-{ Quote: "I didn't use the program since it said it was for something other than 7, but I'll give it a try." }-
I am on Windows 7 x64 too, it works, just download and run, takes 1 minute and you have to restart your pc and your done.

EDIT: I see what you mean, it says it doesnt work for Windows 7 yet, but it does here at me, just a little typo by microsoft.

-{ Quote: "I am on Windows 7 x64 too, it works, just download and run, takes 1 minute and you have to restart your pc and your done.

EDIT: I see what you mean, it says it doesnt work for Windows 7 yet, but it does here at me, just a little typo by microsoft." }-

I ran the fixit, thanks for letting me know it would work with 7. Guess I now have SEHOP on, but how do you know if it is actually enabled?

-{ Quote: "I ran the fixit, thanks for letting me know it would work with 7. Guess I now have SEHOP on, but how do you know if it is actually enabled?" }-
Only way to see if it is working is by doing the following:

1. Press Start
2. In the search bar, type "regedit" and press enter.
3. Expand HKEY_LOCAL_MACHINE
4. Expand SYSTEM
5. Expand CurrentControlSet
6. Expand Control
7. Expand Session Manager
8. Click on kernel
9. In the right pane, spot DisableExceptionChainValidation

If the value between the brackets is 0, SEHOP is enabled (in other words, it is not disabled if you look at the name of the registry item: DisableExceptionChainValidation).
If the value between the brackets is 1, SEHOP is disabled (in other words, it is disabled if you look at the name of the registry item: DisableExceptionChainValidation).

The FixIt is the automatic way to turn SEHOP on. If you want to disable and mayby enable it again in the future, using regedit is the way to go (FixIt can't disable). Right-click DisableExceptionChainValidation -> Modify -> In the Value data box put the 0 (enabled) or the 1 (disabled).

-{ Quote: "Only way to see if it is working is by doing the following:

1. Press Start
2. In the search bar, type "regedit" and press enter.
3. Expand HKEY_LOCAL_MACHINE
4. Expand SYSTEM
5. Expand CurrentControlSet
6. Expand Control
7. Expand Session Manager
8. Click on kernel
9. In the right pane, spot DisableExceptionChainValidation

If the value between the brackets is 0, SEHOP is enabled (in other words, it is not disabled if you look at the name of the registry item: DisableExceptionChainValidation).
If the value between the brackets is 1, SEHOP is disabled (in other words, it is disabled if you look at the name of the registry item: DisableExceptionChainValidation).

The FixIt is the automatic way to turn SEHOP on. If you want to disable and mayby enable it again in the future, using regedit is the way to go (FixIt can't disable). Right-click DisableExceptionChainValidation -> Modify -> In the Value data box put the 0 (enabled) or the 1 (disabled)." }-

Thanks Matt, this is really helpful. I checked, and the program did turn on SEHOP for me.

After some discussion and help in PMs, this is the security I am running now:

NAT Router
Windows 7 firewall
Avast 5
WinPatrol Plus
Sandboxie (paid)

IE8 with WOT
Secunia PSI
MBAM
Hitman Pro

Using Windows 7 to defrag and make the disk image

Think this is about as simple a set-up I can get and still feel safe.

First let me say I use WOT. However a friend who uses McAfee Site Advisor and I did a quick comparison, and McAfee had ratings for sites that WOT did not. Also Site Advisor warned against a couple of sites that WOT said were ok. So on the suface at least it would appear that Site Advisor has a larger database of rated sites and may be more accurate than WOT at this time. We didn't spend a lot of time on it and it was hardly scientific.

-{ Quote: "If you use the internet only the way you've described then you need only 4 things.

1. Stay behind a firewalled router
2. Install any of the security suites ( I suggest avast )
3. Keep updated your OS and software. Mainly your security software, java, flash browser plugin and adobe reader.
4. Backup often your boot partition creating an image and backup regularely your data with any method you like.

There is no need for anything else.

ps: If you want to add something extra, just use sandboxie while browsing." }-
I totally agree. Don,t mess with a lot of security software.
Get rid of WOT, WinPatrol, Hitman etc.

-{ Quote: "That's a great link, Snowdrift, I'd read it before when it was linked here at Wilders, and I took what I could from it. The DEP is still something I have to figure out. And I go back and forth using Standard and Admin. I need to get used to clicking back to Standard more often." }-


I know I'm replying to this late, but I feel it's important enough that I keep repeating it whenever I can:


You really don't want to run as the Admin user. Run as a Standard user and when needed supply the admin credentials (password) to escalate privileges and install a new app or whatever (or run an app that affects the entire system and thus requires Admin privileges). I've seen this called "over the shoulder mode" by some people.

I've only found a very few times when I actually needed to login as the Admin user. (For example, when you need to create or modify user accounts.) My Admin account is setup with horrible, eye-curdling, bright colors, and I keep the desktop free of all icons. It's not a "friendly" place, and you just get in, do what you need, and get back out.

If there is software that won't play nicely with this, then I would suggest you look for an alternative piece of software that's done properly.

-{ Quote: "After some discussion and help in PMs, this is the security I am running now:

NAT Router
Windows 7 firewall
Avast 5
WinPatrol Plus
Sandboxie (paid)

IE8 with WOT
Secunia PSI
MBAM
Hitman Pro

Using Windows 7 to defrag and make the disk image

Think this is about as simple a set-up I can get and still feel safe." }-


The NAT router, Win 7 firewall, and Avast sound good.

I thought Sandboxie really doesn't work properly with 64-bit Windows? Has that been fixed?

I'm not a fan of IE. I'd recommend Firefox, Opera, Chrome, or Safari instead. They're less tied into the OS, so there's another layer of separation there.

Secunia PSI is good, although it's had some false positives that they're slow to fix.

I use MBAM too.

Hitman Pro seems to be worthwhile for an occasional checkup. I also run scans with SuperAntiSpyware and some of the online AV scanners too.

-{ Quote: "First let me say I use WOT. However a friend who uses McAfee Site Advisor and I did a quick comparison, and McAfee had ratings for sites that WOT did not. Also Site Advisor warned against a couple of sites that WOT said were ok. So on the suface at least it would appear that Site Advisor has a larger database of rated sites and may be more accurate than WOT at this time. We didn't spend a lot of time on it and it was hardly scientific." }-

I tried several of these browsing alert programs, and they all put an intrusive logo on the browser, and tried to put a search window on. Plus who knows what else behind the scenes. And comparing them to WOT, any improvement in alerts wasn't worth having them brand my toolbar.

-{ Quote: "I totally agree. Don,t mess with a lot of security software.
Get rid of WOT, WinPatrol, Hitman etc." }-

With 7 x64, I am getting the feeling that it might be hard to write software that fits seamlessly in with the system. So I have just done a reinstall using the fewest 3rd party programs possible.

Sandboxie is gradually giving me the confidence to lighten up in other areas. But Hitman Pro daily scans and WOT seem indispensable if I am not going to use a real-time A-V.

-{ Quote: "I know I'm replying to this late, but I feel it's important enough that I keep repeating it whenever I can:


You really don't want to run as the Admin user. Run as a Standard user and when needed supply the admin credentials (password) to escalate privileges and install a new app or whatever (or run an app that affects the entire system and thus requires Admin privileges). I've seen this called "over the shoulder mode" by some people.

I've only found a very few times when I actually needed to login as the Admin user. (For example, when you need to create or modify user accounts.) My Admin account is setup with horrible, eye-curdling, bright colors, and I keep the desktop free of all icons. It's not a "friendly" place, and you just get in, do what you need, and get back out.

If there is software that won't play nicely with this, then I would suggest you look for an alternative piece of software that's done properly." }-

I have caught hints that shifting between Admin and Regular can cause problems with software, depending on which it was installed under. Since I am still unclear on this issue, I am using an Admin. account for now, and relying on careful browsing, Sandboxie, scans, and if the walls are breached, a quick retreat to the system image.

-{ Quote: "The NAT router, Win 7 firewall, and Avast sound good.

I thought Sandboxie really doesn't work properly with 64-bit Windows? Has that been fixed?

I'm not a fan of IE. I'd recommend Firefox, Opera, Chrome, or Safari instead. They're less tied into the OS, so there's another layer of separation there.

Secunia PSI is good, although it's had some false positives that they're slow to fix.

I use MBAM too.

Hitman Pro seems to be worthwhile for an occasional checkup. I also run scans with SuperAntiSpyware and some of the online AV scanners too." }-

Sandboxie 3.45.14 is still a beta I think, but it comes in 64 bit.

I would probably go with a version of Chrome (Iron?) except for 2 things: I have had stability issues with 7 x64 with some 3rd party software, so I am trying to use as much inbuilt stuff as I can. Even have Defender enabled for the first time, though it probably doesn't do much. The other problem, or maybe the same problem, is that Chrome and Firefox would crash the system when dragging the scroll bar. Though that might have been a conflict with Logitech trackball software, I have come across a few comments about their drivers and 7 x64. So I am even using the Windows mouse driver now.

Yes, Secunia, MBAM, and Hitman Pro are working really well on my system, and I am depending on them heavily.

Since I am new to the Windows world, it hard for me to get my bearings enough to know what is causing what. But keeping it simple has paid off, using this plan with the last fresh install has given me the longest stretch with no problems.

p.s. Sunoracle, I think I misunderstood what you were saying about 64 bit Sandboxie. There is a way malware can get through, and Sandboxie isn't locked down tight the way it is on 32 bit. On the other hand, I have read that a 64 bit OS is safer, so maybe it balances out.

-{ Quote: "I have caught hints that shifting between Admin and Regular can cause problems with software, depending on which it was installed under. Since I am still unclear on this issue, I am using an Admin. account for now, and relying on careful browsing, Sandboxie, scans, and if the walls are breached, a quick retreat to the system image." }-
I don't know that there is an issue with being admin or user really so much as when you are a user you must elevate some processes to admin to use them.

Likely what you are experiencing is a admin-user-mutex program (I just made that up ;) ), where you have to be admin to install to program files (perfectly normal) and it also creates userland items. This sort of situation does exist, and goes against all that is good in the universe lol. You have to raise to admin to install, yet it puts data in the admins profile, so the user doesn't have access to it. Strange, but thankfully not very often does this happen.

As a new user to the M$ world, it would be best if you were only a user. However, contrary to what some believe, you certainly can be admin and have no problems if you understand what to do or not to do. Many here are admins and have no issues. It would certainly be better to be only a user, but whatever works for you that is secure..

Sul.

-{ Quote: "I don't know that there is an issue with being admin or user really so much as when you are a user you must elevate some processes to admin to use them.

Likely what you are experiencing is a admin-user-mutex program (I just made that up ;) ), where you have to be admin to install to program files (perfectly normal) and it also creates userland items. This sort of situation does exist, and goes against all that is good in the universe lol. You have to raise to admin to install, yet it puts data in the admins profile, so the user doesn't have access to it. Strange, but thankfully not very often does this happen.

As a new user to the M$ world, it would be best if you were only a user. However, contrary to what some believe, you certainly can be admin and have no problems if you understand what to do or not to do. Many here are admins and have no issues. It would certainly be better to be only a user, but whatever works for you that is secure..

Sul." }-

Took your advice Sully and changed to Standard Account, getting Admin approval on changes. No passwords, since I am the only one using this computer.

And since there seems to be a limit on how relaxed I can be about security, I added an AV, NOD32. I wanted something I wouldn't notice, and it felt like the lightest.

Since I started using the suggestions made in this thread, there have been no signs of any malware on my computer. So I have settled on not using a running AV. I really like this setup because of the simplicity and speed. Unless something gets through and I have to use the system image, that is how I will leave things.