Security Advice Needed

[appzter]

Since getting my laptop (a few years ago) I've been using an Admin account. I now realize that's foolish and I'm very concerned because I do a lot of surfing and downloading from nsane (and other) forums! The thing is I don't know how to switch over to a LUA while retaining continuity with the data-files that have accumulated in my Admin's Documents & Settings folder. Any help would be appreciated.

Furthermore, my only security app is NIS 2010 which I believe is pretty good, but if you feel I should complement it with something else, please let me know.

Ps. I'm running WinXP Pro SP3, IE8, and Rollback Rx 9.1

[Atasas]

To change user privileges? was that the question?- thats quite simple, just create same privileges user

:unsure:

[HX1]

What you should do is create an LUA ( Limited User Account ).. and keep the admin account your using.. which is probably the main one when you installed.. You can do two things..

1. Install your programs for usage in that account... that you need and copy your Application Data for those programs over so you have the same resources... from the Admin while in Admin..

2. Copy you Documents and other files to the desktop.. from the Admin while in Admin..

Now if you still cannot use or access.. You will need to go back to the Admin account and add your new LUA Account with all permissions to the files which are on your Desktop or App Data files.. This should give the Security Privileges to the new account and allow reading and writing of those files is denied.. ( but be careful its not something you don't want to change where you just want read permissions on.. Simple.. I think there are some migration tools but it should be simple enough...

You do not want to just copy your Admin Folder over... Been awhile since I have been using XP Pro.. so there could be something else in there.. But this should work.. I did it for mine.. ( Win7U ).. BUT there are a few issues that can arise.. So be sure to install the programs you use daily first.. then add in the resources.. and other files...be careful about some of the INI's and so on.. because they can point to resources within the Admin account which will give you ( or should give ) and access denied notification.. OR you will have to 'Run as..' to get it to work properly... should be simple.. Might try the built in Transfer Files thing..

To change user privileges? was that the question?- thats quite simple, just create same privileges user

:unsure:

Uhmm If you do that.. whats the point of using LUA?

[Night Owl]

Be careful about moving to a Limited/Standard User Account. An LUA in Windows XP can't even do something so simple as double clicking the time and date in the system tray to see the calendar and clock.

Much software is written expecting a Windows (XP) user to have administrative privileges. So you're going to have to "run as" an administrator anyway to install much of the software you want to use. And then some applications may not run correctly because they have been developed and tested only on accounts with administrative privileges where they had full read/write access to all the folders and files needed. I have read and heard about so many people who have been so frustrated by this that they say an LUA isn't really worth it on Windows XP.

An LUA is possible on Windows XP, but proceed with extreme caution and be prepared to be frustrated.

[appzter]

@heath28m, thanks for the first relevant reply (though it sure sounds like a lot of work)!

@Night Owl, that's sure a 'rude awakening' (although your warning is most probably correct)!

As you know, AV's see most keygens and other cracks as malware (although it's usually a FP), so I'm very curious as to what you guys use to protect your systems against truly malicious downloads-installs?

[henz]

As you know, AV's see most keygens and other cracks as malware (although it's usually a FP), so I'm very curious as to what you guys use to protect your systems against truly malicious downloads-installs?

sandbox

[appzter]

As you know, AV's see most keygens and other cracks as malware (although it's usually a FP), so I'm very curious as to what you guys use to protect your systems against truly malicious downloads-installs?

sandbox

I do not see a sandbox (SBIE for example) as a preventitive measure for this issue. Say the app (with crack) appears to be working safely in the sandbox, so you decide to make it permanent. Only then does the nasty activates itself and you are infected. :fear:

[HX1]

Second relevant answer to first post.. Hitman Pro, SpyBot S&D ( especially since you have XP , WinASO... ( Guessing you have NIS.. saying you have a Firewall with Interactive Monitoring would be a given.. HIPS..HIDS if not cover it..).. HiJackThis!.. Tenable Nessus Home Feed ( I think I am the only person who uses it absolutely fabulous though...)..HoneyPorts.. Good Backup Software.. like Acronis ( who also has a SandBox as well ) or FarStone.. R-Studio...Eraser.. Microsoft Update and other Update Software like CNET Tech Tracker, or Software Informer.. ( have to keep internal parts of programs like plugin and extensions up to date as well.. ) .. I use a HASP Key method of locking my system if I want to step away or turn my back.. SuperHashCalc for file verification, TrueCrypt... and I have a Camera Server and Recorder that can be used to monitor areas.. or even my computer.. BIOS Password, Hardware Lock, ( Drive Encryption Lock for some )..

Complimenting your security means covering all of the bases..

Then you have change your habits and become familiar with your system.. run regular maintenance... and know what to check should you think you have an infection.. its broader scope.. than just saying .. I'm covered..

EDIT: I forgot to say.. Get a good BootDisc for various operations including but not limited to file operations ... and accessing external data.. and have several methods of access should your system become inoperable.. Have a plan.. then have another one.. and add to it... as you go..

[appzter]

Whoa - I'm an out-of-work guy on a 5 yr old laptop (Pentium M 2GHz, 1GB RAM) and all or most of those security apps would bring it to its knees!!!

Fwiw, I believe NIS2010's Sonar is a HIPS of sorts, and I do image my drive on a weekly basis.

PS. Have you heard of PE Guard? It's getting rave reviews!

[HX1]

None of those are Real Time protection like Norton.. quite a bit different.. Just so you know..LOL. AND most of them are free! :)

These are just simple tools that can help you make sure your system is clean and protected.. Many more items I culd list to maximize your system.. Optimize it for more efficient usage..

[Bizarre™]

@appzter:

If you're not sure about the programs you download, then run it inside a virtual environment.

If the virtual environment goes down, at least your system won't go down along with it.

[myidisbb]

i am not a fun of lua/guest accounts. they break too many apps and cracks/patches. on top of that you not able to actually use your computer. just ess suite, mbam with sandboxie version that was patchable/keyed. online virus scan any files you have questions. always wait a few days before you install anything so the others can install and see if they get a problem. also look at the file size when you at downloading. it its a unusually size then something most likely wrong.

[appzter]

@appzter:

If you're not sure about the programs you download, then run it inside a virtual environment.

If the virtual environment goes down, at least your system won't go down along with it.

Good point ....which vm do you use/suggest?

[Bizarre™]

@appzter:

VirtualBox. It's easy to install and easy to use.

[appzter]

esetnod32 -peace

ESS/KIS/NIS = way too many FPs!!!

[someone]

As you know, AV's see most keygens and other cracks as malware (although it's usually a FP), so I'm very curious as to what you guys use to protect your systems against truly malicious downloads-installs?

sandbox

I do not see a sandbox (SBIE for example) as a preventitive measure for this issue. Say the app (with crack) appears to be working safely in the sandbox, so you decide to make it permanent. Only then does the nasty activates itself and you are infected. :fear:

@appzter:

If you're not sure about the programs you download, then run it inside a virtual environment.

If the virtual environment goes down, at least your system won't go down along with it.

Good point ....which vm do you use/suggest?

Your concern regarding a malware disguising itself in sandboxie applies to VM's too. A suggestion can be use Buster sandbox analyzer with sandboxie to create a log of the actvities. I know there is some options you can add to Buster sandbox analyzer and in VM's to make more hard to malware detect the virtual enviroment, but i don't know how do it. Maybe someone here with experience in reverse enginering know how to, or you can create a login at sandboxie forum and ask the developer of this tool on how-to.

[someone]

esetnod32 -peace

ESS/KIS/NIS = way too many FPs!!!

ok what does "FPs" stand for!? tia! -peace ;)

Think is "false positives".

[appzter]

esetnod32 -peace

ESS/KIS/NIS = way too many FPs!!!

ok what does "FPs" stand for!? tia! -peace ;)

Think is "false positives".

Correct.

[Lite]

Might wish to take the "step inbetween" and create a "power user" account to us as your main account; it can do most of the things an admin can, but not all.

Start > Run > "control userpasswords2" and then change the user account type.

User account types..