New
#51
**Sigh**... This is going too far, for those who want complete bulletproof computing, go use the "Guest" account, that will give you complete bulletproof computing.
zzz2496
Not according to Marco Giuliani. Is Limited User Account enough? Not really...
This dirty job can be done even from a guest account; even from there it is possible to intercept and log keystrokes.
UAC and the 7 Firewall were 2 things I toasted immediately.
I use Winpatrol, Avast! Internet Security Suite (firewall/antivirus/malware/etc), and Boostspeed all the time.
Secondary apps used as needed, almost never: Spybot, Hijackthis (only as last resort, very dangerous app), Spyware Blaster, and Malwarebyte's Anti-Malware.
Other things to consider: HOSTS file manipulation (search on it)
Try this safer search page: startpage.com (you go through it when you click results, but can go direct if you want too)
WOT is a good add-on for site ratings/warnings.
I use Firefox primarily, with Opera as backup, have tried others, I always wind up back at Firefox, user since beta v.92 several years ago.
It's just too bad that the average user is never going to go through that hassle. Thus, we have UAC which is a nice medium to fit a more typical Windows user.
Nice post...I wanted to give you rep but I cannot at this point until i give others Rep.
I might just try going this route for a while on a box at work and see how things work out.
For those people, just turn off your computers and find another hobby. Regardless of what you use and how you use it...there is no such thing as "bulletproff" where software and user interaction is intertwined.
If you read that blog post, you should've understand that yes, the malware can still capture your keystrokes, BUT ONLY your keystrokes. If your wife logged in using her own user, her account won't have that nasty keylogger...
You should understand by now that LUA and Guest account can indeed limit the damage the malware/virus might cause. But in the case of Guest, you can set Windows to delete Guest account's account content upon log off (or was it not to save anything? I forgot), the point is, using Guest won't save anything...
Just like using browser in anonymous mode (dump or reject every cookie it receives).
As I said earlier, even IF you got an infection, the infection will run amok in your particular user ONLY. It won't be able to "destroy" Windows because it's running as a Limited user, your limited user account. It can't do anything as far as system destruction... Your files (documents, music, movies) might get "hit" by it, but you do have a backup of those files, right? It's much much muuuuch safer than using UAC IMHO. In a sense, yes you might caught an infection, but the infection is only affecting your limited user, and can't/won't be able to install a global service.
Again...
Here's the difference, let's say you got a keylogger installed (a malware) in your account. That keylogger will always run when you login, when your wife login (using her own LUA), her profile won't have that nasty keylogger... That is MUCH SAFER than you voluntarily clicked the UAC "OK" button because you need some crack to run some illegitimate app, and got your whole computer taken over (with LUA, only your user is hijacked, the system is safe).
I repeat, LUA + UAC = moot. As for security products (MSE, Avast, etc), it's common sense to use them in ANY KIND of Windows installation...
zzz2496
At the end, be careful: a standard LUA is really useful to avoid pc infections, but it is not enough by itself.