In this thread I'll clear up some urban myths about computer security then give you a step-by-step guide to improving your computer's security in less than a minute.

If you don't care about what, why and who, just skip to the spoiler for the instructions.

First off, this guide doesn't apply solely to Windows 7 with SP1 installed, but it's highly recommended. Using XP/Vista or having an outdated OS (Operating System) will get in the way of security.

1. "There are convenient software solutions that protect you."

Let's get this straight. Having a secure system is neither effortless nor achieved by a single security program. Not even if they market it as a "suite."

2. "I use MacOS/Linux because of its security."

http://news.cnet.com/8301-13846_3-20011403-62.html

The 2 reasons why MacOS/Linux are supposed to be more secure than windows systems are:
a) Unlike windows, user accounts don't have admin rights by default.
b) Currently, there are far too few clients using these OSs for them to be a viable target for widely spread attacks.

For that reason, I contacted a friend and specialist at Symantec research labs and got a very informative heads up on the current technical state of malware. As a sidenote, the hacked user doesn't care if it's called a virus, trojan, malware, spyware or badware, and in reality, every attack is a combination of all of these, so we just stick to "malware". He has access to basically every kind of exploit that ever has been recorded.

I specifically asked if there was any malware that meets the following criteria:

1. Can spread via networks without user interaction, i.e. clicking a link or opening email attachments.
2. Can't be detected by current AV (Anti-Virus programs)
3. Has the ability to gather and identify personal and crucial data such as account names, passwords, credit card information, etc ...
4. Can use your network to send this data to the creator of the malware
5. Does not need admin-rights to be executed.

The simple answer, there are none. This statement is valid as of March 18, 2011.

However, this picture changes drastically when you alter #1 and #5 of the criteria.

The single most important factor in your system's security is still your online behavior.

If you open email attachments that you didn't ask for, or click on links to collect the million dollar cash prize you just won in a lottery you didn't enter, no one on this planet can help you.

Also, if you're running your OS with administrator-privileges, malware can mess you up even if you don't click bad links, especially if your router (aka hardware firewall) is not set up properly.

They key factor is admin-rights. Malware can't spread, gather information or send it to someone else without admin-rights. You don't need them for everyday computer work - just for installing, removing and configuring applications and system settings.

According to Secunia, the average user installs 2 new programs every year. That means that, if you don't use a user account with admin-rights, you'd have to enter your admin-password twice a year. Or whenever you're going to modify system files. I hope that wouldn't be too much of an inconvenience for you.



These measures only prevent you against common attacks, but at least nearly against all of them.

Also, funkyworms' CTH security sticky is basically mandatory to further secure your system, it just misses the "remove admin rights from your everyday user account".




http://news.cnet.com/8301-27080_3-20001359-245.html

http://www.tomshardware.com/news/win...are,10054.html


http://arstechnica.com/microsoft/new...min-rights.ars

.

Also, if all of this is completely new to you and my instructions are too complicated, please let me know.
It's no problem to do screenshots or a video of it, but it's only 15 mouseclicks, so chances are this might be way easier to do than you might think after the first look.


I hope there will be a further discussion about UAC, the hidden admin account, possible problems with ownership of system files and general security statements specific to Windows7.

Ask away!

Running in admin mode is something lots of people do by default and its just a huge mistake. It's just operating in a very vulnerable state for no reason. Not that I'm a high-risk user based on my habits but when I stopped running as an admin 24/7 problems dropped dramatically.

wellju

this is so simple but great advice .. cant believe ive been running in admin for so long ..

this is great advice! If only people would actually do this!

Thank you, been meaning to do this for ages and never quite got around to it.
Top advice as per usual

.

waaay too easy NOT to do. Makes a lot of sense, admin has access to everything whereas standard user will have more restrictions for system overtaking o.ov

Completely agree with wellju on this. The only reason I didn't mention limited user accounts in my videos is because it's virtually impossible to run as a limited user in XP.

ive dont this but now i have a problem... i can run hem from admin but not my non admin acct.... says path to "c/program filesx86/rvg software/hem/config/statranges.xml" is blocked. tried running as admin from my acct, didnt work... any ideas? thx

Have you followed this guidance?

http://forums.holdemmanager.com/mana...m-manager.html

I have to enter my admin password every time I run HM now, but thats no great issue to me.

If this does't work - cross post here
http://forumserver.twoplustwo.com/16...-tracker-1535/
and Fozzy will likely respond more quickly than here. It wouldn't hurt to link back to this thread as well.

will try this 2morrow, thx

Pokertracker doesn't work without admin rights

Does it help to give the pt3.exe administrator privileges?

You do so by right clicking the .exe -> run as administrator.
(Works for every other program as well)

You'll be asked to enter your admin password.

Great post. I use placemint and it needs to be run with admin privileges.

I am not 100% sure but I believe that AHK scripts also need admin privileges - can someone confirm this?

Yes, AHK scripts might need admin rights.

You can compile your script to an executable and run the .exe as admin (if you don't constantly make changes to the script) or add some code to the beginning of your script.

You can copy&paste a working script/code snippet directly from:

http://www.autohotkey.com/forum/topi...+vista&start=0

How about the programs I use, shall I set "run as admin" on them?

Problems, almost all programs do not work now, even if I run them as admin :S What to do?

On many programs it says it can only be run by an administrator.

Yes, programs you knowingly bought and installed can be run as administrator and should be set up to always run as administrator. (Takes 4 clicks once, per application)

That's basically the whole point of this exercise. That only applications you know and trust have these administrator rights. They need them to work. Malware won't be able to get these admin rights in future, that's why it increases your security on any OS so tremendously.

If you want to assign permanent administrator rights to a program, follow this tutorial.

If you want to run a program as admin only once, just hold ctrl+shift while opening it, or right click "run as administrator".

You will be asked to enter your admin password.

There's a description from HEM support, which is applicable to all other applications as well. Besides the point with turning UAC off. You don't ever do that.
http://faq.holdemmanager.com/questio...w+an+exception

Problem is, the programs didnt even work when I set it to admin rights. Maybe I have to restart computer after setting admin right to programs for it to work?

Restart shouldn't be necessary imo, it isn't like something would be written in the registry.

What if you just copy&paste working code and paste it on top of your script?
http://www.autohotkey.com/forum/topi...+vista&start=0

No program at all works. HEM, AVG, zone alarm, etc etc.