I agree. For the "Zero Day" attacks though, there's really no other protection except the behavioral/heuristic av's/am's, or EMET2 which is not for less than network administrator/IT skilled people.

• Get F-Secure - includes browsing protection toolbar, and has a cloud-updated feature which warns you of malicious sites, and flags them in google searches.
• Is an awesome all-round anti-virus product.
• Use Firefox.
• Combined with No-script/Flashblock it's extremely difficult to become infected with anything.

which is exactly why I said the following......

Doesn't protect you from getting hit with USB-infections, e-mail malware/viruses and infected files downloaded from the internet.

I used to say what you do, but I've since changed my mind about it. I will, however, not use nor recommend any "free" software available.
Getting a plain anti-virus is also useless. You MUST have a client firewall, and an engine capable of analyzing behaviour and not just rely on signatures.

Again, personally I prefer F-Secure.

I think you're missing my point or maybe I'm not being clear enough.  No malware I know of is capable of being *fully* functional without making some serious modifications to your system.  Those modifications require "elevated priviledges" not given to a "limited account" not to mention if one were to modify certain other settings in a computer system's "local security policy" it is absolutely possible to secure a system in such a way as to never need any of that active monitoring software (again....my opinion based on my own tech experience). 

Of course the above requires a fair amount of OS knowledge and many may not have that or be inclined to get there.  All I'm saying is that my "manual" approach hasn't failed me yet and continues to drive my own knowledgebase with regard to security and OS structure.  Feel free to run whatever you wish, I was only pointing out that it IS possible to achieve security and safety without the need to trust "some software".   A trust that often has come back to bite one in the proverbial ass when malware has been able to disable one's AV etc. 

the Monk

EDIT:

Obviously even I have "second opinion / on demand" scanners around (as mentioned previously in this and other threads) in the event I suspect something might have slipped in.  Consider also that running one's system the way I have described in this thread allows for easier and more complete removal of any threats which may have been able to *partially* install themselves, a luxury not afforded to those running software X, Y, Z but not having limited priviledge escalation in place.  While my on-demand and/or second-opinion scanners will be able to remove any trace elements of malware which managed to sneak past my manual approach to security, "the other" guy might now be having to deal with a *disabled* anti-malware software (and other more difficult removal scenarios).

Ah, yes - you are correct.

That is why non-admin accounts across companies world-wide constantly get infections and spread malware..

I didn't *just* talk about making accounts "limited"........I clearly state "...and modifications to one's local security policy".  

Also, most non-admin accounts at companies do in fact have some other form of "escalation" in place thanks to constant staff demands and IT staff being under pressure from upper management as to make things "less restrictive" (again......personal experience)  I'd bet that there isn't a company IT structure on this planet that is as secure as the IT manager or IT security specialist would like it to be. 

Finally, compromises in security made at the behest of managment don't speak to the failure of those measures had they been properly implemented.  For example having road-warrior notebook people be only a lowly lowly "user" on the company domain but allowing those same people to be an "admin" locallly on those same notebooks is one example of overall security-policy (not measure) failure.

The only examples I have, where users are escalated to admin privileges - are for very small firms where they don't necessarily have a local administrator at all.

You are correct, of course, in that there's a balance you must walk between usability and security - but giving local administrator privileges is really not common for firms who do have their own administrative staff.

Maybe things are just very different between our two countries.

As an alternative to Linkscanner try WOT(Web of trust) it does the same thing.

WOT works by reports of sites that are infected. Linkscanner works proactively: It will report infected sites before they're recognized by WOT. It will protect you better than WOT.

Unfortunately I have avast 5.

Best regards,
Steven.

Steven, I suspect the conflict is due to the Linkseeker toolbar rather than an innate software conflict. It might also be due to Linkseeker trying to access the net to update. See if 'excluding' it from avast will allow installation. Also, try to install it without the toolbar, if Avast will let you. If you don't wish to try, I understand.

@ Doc

Sorry for my somewhat OT posts in your thread Doc! 

@ BFroberg

Not at all.  Again I wasn't focusing "escalated priviledges" only on the word admin.  As I said, lowly users at many companies have some form of priviledge escalation (due to the reasons I've already posted about).  A secruity-focused group policy can be made as tight or loose as upper management will allow.

A few examples of things which some companies may or may not be enforcing:

1.  run scripts to ensure that public wifi connections on road-warrior notebooks remain disabled when needed (ie. for example when those notebooks are attached to the company domain) or enforcement of single gateway setups when remote workers are connected via VPN so that all internet browsing (while connected via VPN) still goes through the company firewalls/filters etc.

2.  enforce blocking of USB media

3.  enforce users not being able to install anything (not even drivers) and manage all patches updates and installations via policy deployment only

4.  enforce some level of NAQ / NAP for remote systems connecting to the company domain

5.  secure email access with certificates and block all other email access when using or connecting to a company asset

.....the list goes on.

I'm betting that if some of the above points were being enforced at the worldwide infected companies you mentioned in a previous post they wouldn't be having that many problems.... 

I guess it all depends on what your definition of "priviledge escalation" is.  I mean for me escalation means any priviledge the user may have above simply using their system for necessary tasks.  Any changes beyond changing of the desktop wallpaper constitute some form of "escalation" as far as I'm concerned...hehe 

The point being, with proper policy and proper enforcement most "security software" isn't much more than verification that said policy is working.  This is the same at home or in business, create a solid policy (non-admin accounts are only one part in that equation) and then enforce it properly.  If you do that, then any security software installed on a machine is there for peace of mind rather than being the frontline of defense.

I'm not saying that security software plays no part in a comprehensive security policy.  I'm simply stating that I think many people have it backwards.  They start their "security" with third-party software, maybe because it's more "visibly" working?  I don't know, but my point is......start with the  built-in policy.......then use third-party software to verify the enforcement. 

There....everyone wins....

I would love to install that scanner on a few relatives machines!  Alas, I doubt it would do them any good (paranoid).  As for the tool bar, I wrote an article a while back on  tool bars and how they are just plain nasty!  While I swear by AVG (and the link scanner is good), the tool bar is like all the others - it sucks!  I never install it, and recommend against it.

I suppose in a few years, they will move beyond tool bars to something else.  I sure hope so, but am not looking forward to what that 'something else" is.

It is possible to have LinkSeeker (without home page or toolbar) installed with avast 5, you just have to uninstall avast and re-install it afterwards.   AFAIK there aren't any conflicts and both programs are working.  Again, AFAIK.

Best regards,
Steven.