Internet Security

Portable Apps. The Portable Apps versions of Chrome  and Firefox write nothing to the registry and if, by some chance, they get hosed, a reformat of the flashdrive and reinstall of all your backed up apps will solve that. I only have IE actually installed on my machines and I also use the portable version of Skype. The PA platform itself keeps them updated. As a bonus they can be used anywhere I go, on any rig.

P.S. There are also portable versions of some good security/anti-malware software worth having along with the browsers.

That's interesting, I use IE 10 with Win 7 and have no problem leaving comments.  What OS are you using?  Not sure what you mean by protected mode.

EDIT:  Just checked my IE 10 settings and I am running in protected mode.

The best suggestion I can offer (and I know Doc will jump on me in about a second to get that guide I keep talking about finished...hehe )  is to make sure you approach all of your devices from 'least privilege' thinking.

Never....and I mean NEVER use an account that has ADMINISTRATOR rights to browse the internet etc.  Of course your system needs an ADMIN account but keep that one aside for installing/uninstalling etc. and use your regular USER account for everything else.  Teach yourself the power that is your system's 'local security policy' (administrative tools) and again, provide your USER account with the least privileges necessary in order to use your system on a daily basis.

The single best protection your devices will ever enjoy is that from ourselves and least privilege goes a long way in providing that.  No third-party security software can come close to providing the 'protection' that the above ensures on a system-wide basis not to mention that as always prevention is worth so much more than a cure.

Oxymoron.

Speak for yourself, Oxy.

That's what I've been saying, Monk.

And when the hell will you get off your lazy butt and do that guide?

http://www.windows7update.com/Windows7-Local-Security-Policy.html

Maybe some suggestions on how to open and configure?

Thanks for all the replies.

I'm using IE 10 in protected mode Win 7 Home Premium here now and forums posting works.  It is only WC Gallery posting that doesn't work for me.  Compatibility View does not change this result.

Yes unfortunately this is my Admin account but.... I only tend to go to safe websites with it.  Even a limited access user account will not prevent viruses from landing on a computer.  It will prevent most viruses from executing their destructive effects.

I do use a limited access account for general web browsing.

This is the Hijack threat it found:

HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXE (Security.Hijack) -> Quarantined and deleted successfully.

and:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe|Debugger (Security.Hijack)

I don't know for certain if these are true Hijack Threats or not since these were also reported as quarantined and deleted yet I had to manually use Regedit to really clean the registry.

Could it be the Data Value that Malwarebytes didn't like?

Anyway after re-installing the latest Firefox these entries are no longer in the registry though.

I don't need to protect my system from me. If I ever get to the point that I do, I'll give up personal computing.

Least priviledge is for the kids. I want and will have access to anything and everything on my PC, or I don't need the thing.

Amen.

BDBF, it has been my experience that there are too many apps out there flagging other apps for who knows what reason.  Avast, MSE, and a few other A/V apps flag my gadgets ( the ones I make) as malware/trojans and quarantine them.

You get the results you got from HiJack This. ( or whatever you used )

My point, everyone out there says everyone else is bad. This app flags that app....etc, so on....

It's crazy.  Half of all the results seem to be false positives.

Be smart, know what you're working with, don't over do security.    The ONLY way to really be safe is to disconnect from the internet and print photos or play games on your PC.

No those Hijack Threats were reported by Malwarebyte Pro.  Since I don't use Firefox for anything other than posting comments in WC Galleries pretty much, I saw no reason not to take the threat seriously.

In any case Firefox is reinstalled and the registry entries are gone.

Unfortunately there are no 'safe websites'.  I can't tell you over the years how many people have been infected by drive-by attacks from 'safe websites'. 

Of course limited user accounts do not prevent malware from 'landing on a computer'  (although that usually entails a temporary file folder somewhere so their initial payload is easily removed etc.) but using 'least privilege' does prevent not only the execution, installation, modification (ie. registry entries etc. etc.) of most malware it does block access to additional areas of the system as far as dumping payload is concerned.  For instance a lot of malware these days comes in parts.  The first part is designed to gain access and act as a 'receiver' for its friends.  The friends can be engineered to gain access to lower areas of the operating system who in turn can allow access to yet other malware designed with other purposes in mind.  Even just preventing where malware you come into contact with can 'land' helps in a big way.

 'Least Privilege' done right does not prevent you from using your computer or having access to anything/everything.  I have been correcting this major fault in the IT world with my clients for many years and have yet to have even one single complaint.  'Least Privilege' does not = UAC turned on.   In any case suggesting 'least privilege' is "for the kids" is not helpful.

One of these days I will get that guide I keep promising to Doc completed. 

I've had a couple of false flags in Malwarebytes. Before removing the alleged exploit check out the date of the file. If the file has the same date as the programs installation the chances are high its a false flag. I also use HJT to check the list of registry entries to see if anything latched on. A great place to check your logfile is here http://www.hijackthis.de/

Monk is very fortunate I have no pic of him. Very. 

so why do allow any executable to run it's code on your computer and hope your antivirus-solution might catch it?

Whatever. I have used Windows in Administrator mode for years and have never gotten a virus.

I believe in running my PC with full admin rights no matter what I'm doing. To do less is allowing MS more control over my rig than I have.

I want total control over my PC as much as possible. I make my own decisions, I don't want MS or my machine making them for me.

YMMV.

I see that as paranoia. As I said, if you're gonna be so afraid of things as to give up control, then unplug the thing from the internet, play games and print pictures.

Hardly paranoia, haven't you been infected just this week?

Microsoft did it wrong with Vista, but on Windows 7, and probably Windows 8 as well, UAC doesn't get in the way.

it is you who gives up control, i prefer to be asked if an executable wants to run on my computer for the first time.

@RedneckDude

Allowing MS more control.........?    The OS always 'technically' has more control over what your PC is or isn't doing at any given moment regardless of your own user credentials.  There are any number of processes or services running with local system or other elevated privileges that are independent of your user account anyway.

By your responses it is obvious to me that you are not understanding the 'least privilege computing' concepts I am talking about so I think I'll just leave well enough alone as it is.......

Quoting DrJBHL, reply 14

Monk is very fortunate I have no pic of him. Very.   

@Doc

Hehe........don't I know it!  

Well whatever right back at ya!   It's not at all like I just happen to work in the field but hey............ignorance is bliss as they say!  

Please don't, this is enlightening.  I'm wondering how you see UAC fitting in.  I know a lot of people hate it but I've never used it or researched it.

Why don't I believe yrag would agree with that?   

I'm not ignorant. Evidence speaks for itself. I have gone years without a virus. All that time I have used Windows in admin mode. I have very good browsing habits. Perhaps other people being paranoid is the word of the day.

You have to have used it. UAC is enabled by default on a new install of Windows.

XP, Kona, my machine and I are dinosaurs.    (And ya I know, "April 2014" )

I wonder if Microsoft will again extend that deadline. So many computers are still running XP out there, and no one likes Windows 8.