Dear all,, just to spice up the discussion.

Since a few months I have followed teh advice of my company for PC home use.

Use the inbound firewall of my Nat-router, Antivir free, CuberHAwk free and DefenseWall paid. I also used SafeXP to disable some useless XP parts, used SpywareBlaster to fill my host file and enabled DEP for all programs.

My PC starts fast, surfing is a breeze with the unsafest browser in the world (IE7 with high-medium security).

My company told me to use Ad-Aware and AVG Anti-spyware on a regular base as on demand scanners (yes I update before).

Those scanners do not fins anything since the last three months. I thought, what I am doing wrong? I started to visit security forums, to find security tests, other on-line scanners. I even tried some russian crack sides to see if the PC shoudl get an drive by infection.

So what is the fuss about malware????

-{ Quote: "just to spice up the discussion.

surfing is a breeze with the unsafest browser in the world (IE7 with high-medium security)" }-As I am still twiddling with IE 7 RC1....just what with this version causes you to say or feel that the Internet Zone default setting of high-medium security is "unsafe" :-\

Bubba

Sorry I it was ironically intended.

All the Firefox fans (like my son) tell me IE is the most unsafe and slowest browser in the world.

Nice visual you have, what are you sniffing on?

Regards Kees

-{ Quote: "...surfing is a breeze with the unsafest browser in the world (IE7 with high-medium security)." }-

Since your topic seems a bit tongue-in-cheek, I must say that...

+AIDS is highly overrated.:o

+Fric says: "I use IE as my browser and my computer is completely clean."
Frac says: "I use mosquito repellent, and although I have spent MUCH time camping in the Florida Everglades, I have never been bitten by a snake."

+Your level of security is only revealed when it fails. Not being infected doesn't necessarily mean that you're OKAY.:blink: :wacko: :shifty:

Well your son and "all the Firefox fans" doesn't seem to know much :)

IE can be tweaked into being as secured as any browser, it is just a matter of knowledge.
Firefox (and I am a fan) is just a bit easier to tweak (noscript extension and a couple more).
Personally I don't find IE slower than any other browser (well maybe K-meleon).

Regarding malware. Just give out your email address here and there, download files like "Windows vista key generator" or some cracks from your favorite p2p network and open every attachment you get in outlook and see what happens. Three month is not very long time tbh. I have not had any malware for at least two years. That is until tonight :) I did download vista keygen after I heard from a friend he got infected from it. My AV, Drweb, did not detect it, (along with a bunch of other top notch AV´s according to jottis). But I´ve sent a sample to Drweb so I hope they will include it fast.

Bellgamin,

Frac: Every day I keep my hand for my eyes and see no evil.
Fric: I always carry my PC with me to slam snakes, so I will never be bitten.

It's true what you are saying (not the Aids, with a PC infection you can perform a clean restore, with Aids not), but I agree with your statement that security level is only revealed when it is broken.

Only 100% protection is a not obtainable, for the average user a balance between usability and safety has to be the point. Some security experts say the person behind the PC is the largest treath. We can focus on security as much as we like, but will never obtain a 100% level.

Regards

Sukarof


That is why I started this discussion. When I did not get any malware, I started to look for it. Just to check how strong the protection was. It occured to me that in daily life, I do not walk outside, pick a stone and throw it against a window of my house, just to check how strong the windows are.

Although I promised myself not to try and crack my own security, I am curious what you are going to do.

You did download the vista keygen to check your security. You use an impressive multi layered set. Still got infected. So now you tried. What are you going to change to your security settings?

Regards Kees

-{ Quote: "Well your son and "all the Firefox fans" doesn't seem to know much :)

IE can be tweaked into being as secured as any browser, it is just a matter of knowledge." }-Oh yeah... but maybe NOT. Maybe IE can be tweaked into being as secure as any browser (?), if you turn all its features off. And I still wouldn't be sure about that. ::)

Actually IE can't be made as secure as FF or Opera for the simple reason that IE is integrated into the core of windows, if IE is breached at all it is a clear shot into the OS. I have had two trojans actually make it to my comp in around ten years. Both of those trojans were stuck in Operas cache and were not able to activate in there and were deleted with just clearing the cache. something IE is not capable of. I have the latest version of IE7 and it is a major step forward but as far as security goes it is no match For FF or Opera.

bigc

-{ Quote: "
You did download the vista keygen to check your security. You use an impressive multi layered set. Still got infected. So now you tried. What are you going to change to your security settings?

Regards Kees" }-

I´m not gonna do much really. I will continue to run Windows with admin rights and hope that if I ever get any malware (unknowingly) my layered defense will catch it. I run with admin rights of my free will and know that as long as I do that my system wont be 100% secure. But I like to think that my common sense takes care of the rest :D

-{ Quote: "Actually IE can't be made as secure as FF or Opera for the simple reason that IE is integrated into the core of windows," }-

Personally I have never encountered malware with IE in restricted mode (just read about it), but if you run into malware with IE as a restricted user in a admin environment (tweaked via "Microsoft Management Console" ), wouldn't IE be pretty safe then?

Probably safer than the average setup IE but I do not trust it. I use it only when absolutely necessary. But everyone to their own.

-{ Quote: "Actually IE can't be made as secure as FF or Opera for the simple reason that IE is integrated into the core of windows, if IE is breached at all it is a clear shot into the OS. I have had two trojans actually make it to my comp in around ten years. Both of those trojans were stuck in Operas cache and were not able to activate in there and were deleted with just clearing the cache. something IE is not capable of. I have the latest version of IE7 and it is a major step forward but as far as security goes it is no match For FF or Opera.

bigc" }-:o Gee why didn't I think of this. If IE is breached it could be like a "stroke" occuring in the Operating System. It is a really great point BigC:thumb: I just never thought about it that way and it makes very good logical sense. ;)

There is nothing like getting infected when you least expect it.
Going around looking to get infected doesn't count because you are prepared for it.
It is not pleasant and a similar experience to having your home burglarized (depends on the scope of the damage).
If you want to learn more about this, go to some of the hijack this forums and read about all the nightmares and despair that people have to go thru because of malware.

Because of your company's very intelligent security education policies and your adoption of these positive steps, you are far ahead of the majority. You are aware of the dangers and actively avoiding them.
The fact that you haven't been infected yet is proof that the security steps are working.
Rest assured, there is plenty of malware out there just waiting for your security to lapse for a moment.

Very true Devinco, the one and only time (before I got BOClean) anything got by my firewall and AV. I started losing PC functions. Clock stated losing time like 20 minutes in an hour. I rebooted then my AV was disabled all sigs disappeared. :blink: :o . Oh no now I am in trouble. I really wanted to find out what kind of bug I had but I was losing computer function so fast. I was afraid it would be come useless. The whole time I was wondering what could have I done. I have been to no risky sites. I have downloaded very little and I did an AV scan just a day earlier. When I lost key board function. I did a Sytem Restore two days backward. Loaded up new AV and it found nothing. All was well after that.

To this day I wonder what bug I got. :-\

I think malware is underrated.

I mean look at http://www.morgud.com/interests/security/dfk-threat-simulator-v2.asp it can kill any of your security programs. GSS, PG, online armor, whatever, it kills them all.

-{ Quote: "I think malware is underrated.

I mean look at http://www.morgud.com/interests/security/dfk-threat-simulator-v2.asp it can kill any of your security programs. GSS, PG, online armor, whatever, it kills them all." }-

I did test DFK Threat Simulator v2 and it is a real naughty one :o

Prevx1 did catch some of its activity but not all. It killed Dr.Web and prevented it from starting again (renamed the files)
Once loaded it killed Process Explorer after a couple of seconds so I could not kill its live files.
I could not kill it through Port explorer either.
It didn't kill Comodo though, but I guess the simulator has to have it in its database? but Comodo stopped it from receiving data at least.
I had to use DiamondCS "Advanced Process terminator" to kill the live files loaded by the simulator.
It couldn't do any harm in sandboxie though...
It is a real eye opener :) even though I guess it is hard to get malware using all those techniques used by the simulator.. interesting nevertheless.

*edit*

I did a test with this simulator with Ghost Security Suite and I do not agree that it will bypass GSS.
I allowed the execution of Ipod-commercial.exe but on the next catch by GSS when it tried to create the projector.exe I denied and that stopped the intrusion. Of course if I let it run the temp file it will start the intrusion. So imo GSS passed since it catched the intial process creation. If I want the intrusion to happen I have to allow alot of popups from GSS.

-{ Quote: "I did test DFK Threat Simulator v2 and it is a real naughty one :o

It didn't kill Comodo though, but I guess the simulator has to have it in its database? but Comodo stopped it from receiving data at least.
" }-

Yeah looks like the author didn't borther to target Comodo. It seems to be using the same 2 techniques to kill security programs, so it's trival for him to include a large bunch of proggies.


-{ Quote: "
It couldn't do any harm in sandboxie though...
" }-

Obviously...


-{ Quote: "
It is a real eye opener :) even though I guess it is hard to get malware using all those techniques used by the simulator.. interesting nevertheless." }-

A real malware would pick and choose what techniques to use, the threat simulator tries to do way too much. But yes the targetting of security programs is really comprehensive and I find it quite realistic. It's like he sat in here, look note of what we guys like to use (except comodo), and made sure they were included. :)

I think it's child's play

-{ Quote: "Dear all,, just to spice up the discussion.

Since a few months I have followed teh advice of my company for PC home use.

Use the inbound firewall of my Nat-router, Antivir free, CuberHAwk free and DefenseWall paid. I also used SafeXP to disable some useless XP parts, used SpywareBlaster to fill my host file and enabled DEP for all programs.

My PC starts fast, surfing is a breeze with the unsafest browser in the world (IE7 with high-medium security).

My company told me to use Ad-Aware and AVG Anti-spyware on a regular base as on demand scanners (yes I update before).

Those scanners do not fins anything since the last three months. I thought, what I am doing wrong? I started to visit security forums, to find security tests, other on-line scanners. I even tried some russian crack sides to see if the PC shoudl get an drive by infection.

So what is the fuss about malware????" }-

A reminder in case if you don't notice.

There's no way to ensure you are 100% clean.

When the scanner says "you are clean", it is actually meant to be "you are clean from the malware we know". But how about the malware you don't?

Accoridng to malware-test.com and AV-comparatives.org, AVG and Ad-aware are only average. They do miss many malware. For anti-virus, AntiVir and Kaspersky have the best detection rates. For anti-spyware, probably Spy Sweeper, CounterSpy, Trend Micro Anti-Spyware.

Here's what my research about the effectiveness of different on-demand scanners. The result is disappointing :(.
http://www.wilderssecurity.com/showpost.php?p=839371&postcount=33

How about kernel-based malware or rootkits? They are able to bypass and override your AV/AS.

How about if you encounter a personalised or home-made trojan/keylogger? Since your researchers hardly get reach to the malware at all, your scanners cannot detect them. They can be hidden for years without detection.

How about if your malware manage to nullify or terminate your security products? Your security products seem to be running fine. However the malware has already nullified its protection, so the security product cannot detect that malware.

Don't forget all software can be cracked and exploited, they are very competent in finding holes to exploits. Once you connect to the Internet, you can still be infected even if you just visit legitimate websites. If the malware writer can holes of your OS, they will be able to infect you directly without you doing anything (apart from connectng to the Internet).

-{ Quote: " There's no way to ensure you are 100% clean.

When the scanner says "you are clean", it is actually meant to be "you are clean from the malware we know". But how about the malware you don't?
" }-

Okay this stops now. Just because one can't be sure 100% one is clean doesn't mean that one is definitely infected.

If you are really so agnotic about whether you are infected or not, you can't say you are safer with all your bells and whistles either because you don't know that you are uninfected either!

-{ Quote: " Accoridng to malware-test.com and AV-comparatives.org, AVG and Ad-aware are only average. They do miss many malware. For anti-virus, AntiVir and Kaspersky have the best detection rates. For anti-spyware, probably Spy Sweeper, CounterSpy, Trend Micro Anti-Spyware. " }-

And what if I scan with all that and still find nothing? As you said scanning proves nothing.

-{ Quote: "
How about kernel-based malware or rootkits? They are able to bypass and override your AV/AS
" }-

Your point?

-{ Quote: "

Don't forget all software can be cracked and exploited, they are very competent in finding holes to exploits. Once you connect to the Internet, you can still be infected even if you just visit legitimate websites. If the malware writer can holes of your OS, they will be able to infect you directly without you doing anything (apart from connectng to the Internet).

" }-

Scary, so how does your security program prevent all that? if we are talking about attackers who uses unknow exploits, he can find holes in your OS, your security programs and own you. So you are not safe either with all your toys.

-{ Quote: "Okay this stops now. Just because one can't be sure 100% one is clean doesn't mean that one is definitely infected.

If you are really so agnotic about whether you are infected or not, you can't say you are safer with all your bells and whistles either because you don't know that you are uninfected either!" }-

At least someone with higher/more portection security is safer than someone who doesn't.

The point in security is not to get 100% secuirty (which is impossible), but as safe as possible.


-{ Quote: "
And what if I scan with all that and still find nothing? As you said scanning proves nothing.
" }-

Considering:
1) a file is declared clean by 1 AV.
2) a file is declared clean by all AVs.

Which one is safer?

Apart from relying the AV to tell you if it is clean, why don't you research yourself? Allow it to run on a test machine. Record all the changes. That's the most definitive way to determine whether that file/program is clean, although it requires more computing knowledge.

For newbies, if they suspect their files are not clean, they can always submit it to AV/AS vendors for further analysis. It is again safer than just relying on the AV/AS programs.


-{ Quote: "
Scary, so how does your security program prevent all that? if we are talking about attackers who uses unknow exploits, he can find holes in your OS, your security programs and own you. So you are not safe either with all your toys." }-

That's true. Once you are connected to the Internet, you can be affected by doing nothing. Seeing is believing! You could try to run a test computer. Install the original Win XP. Don't install any security product. Just connect to the Internet and do nothing. Your computer will become malware bed after 1 day.

Talking about vulnerabilities, one can prevent hackers/baddies from exploiting some of the vulnerabilitiesby hardening your security. This may include:
- use limited account
- tweak your security settings
- close potentially unsafe services
- install security products: AV+firewall+AS+HIPS

The whole point of security is to take the control back. Long long ago, we didn't impose many restrictions on the program. The program could do many things it wished to.

Now there are millions of known malware. We no longer trust the programs. They need to get approved before they made some changes.

The more restrictive your system is, the safer your computer is.
However the more restrictive your system is, the less enjoyable your computer is.

Quote
The more restrictive your system is, the safer your computer is.
However the more restrictive your system is, the less enjoyable your computer is. End Quote

I agree with that, and have decided that if it requires all the security applications that some recommend, then I am just going to get infected.

If KAV 6/Avira Classic, LnS/Kerio 2.1.5, Win Patrol Plus, Ewido Plus, SuperAntiSpyware/Counterspy 2, UnHackMe, and Snoopfree are not enough then so be it. I have two computers hence the two AT, AVs and firewalls. I am also behind a NAT.

Best,
Jerry

Once I go on-line with my off-line installed computer, I consider my computer as infected, no matter what security softwares I have on my computer.
All my special clean backup files and clean archived snapshots are created on a fresh off-line installed computer. I only use them for restoration, never for backup.
I consider all my daily backup files and archived snapshots as possible infected.

Lots of users claim they never had an infection on their computer. I really wonder how they know that for sure.
A good working computer doesn't necessarily mean you are clean and your scanners can't be trusted either. In your mind you are clean, not your computer.

-{ Quote: "Once I go on-line with my off-line installed computer, I consider my computer as infected, no matter what security softwares I have on my computer.
All my special clean backup files and clean archived snapshots are created on a fresh off-line installed computer. I only use them for restoration, never for backup.
I consider all my daily backup files and archived snapshots as possible infected.

Lots of users claim they never had an infection on their computer. I really wonder how they know that for sure.
A good working computer doesn't necessarily mean you are clean and your scanners can't be trusted either. In your mind you are clean, not your computer." }-

Hi Erik,
If my computer runs well, and I have no evidence that there is a problem, then I don't care if it is "infected." Frankly, I do not believe it is under those conditions.

I don't do banking and such on my computer, and there is nothing on it that would be a major problem for me if it were compromised.
So far in about 7 years now I have not been infected as far as all my system security applications or operations are concerned.

Best,
Jerry

ErikAlbert, I am 100% sure my computer is not infected. But if there was some nasty hidden it is not connecting to the net nor is it affecting the way my computer is working. As far as I am concerned that is not infected. all of my security apps (I won't list them all) aren't finding anything during scans and they are good apps.

-{ Quote: "Actually IE can't be made as secure as FF or Opera for the simple reason that IE is integrated into the core of windows, if IE is breached at all it is a clear shot into the OS. I have had two trojans actually make it to my comp in around ten years. Both of those trojans were stuck in Operas cache and were not able to activate in there and were deleted with just clearing the cache. something IE is not capable of. I have the latest version of IE7 and it is a major step forward but as far as security goes it is no match For FF or Opera.

bigc" }-

Unfortunately , you are right .
IE7 for XP SP2 is still integrated into the core of Win
IE7 for Vista is a major improvement with its Safe Mode which doesn't allow malware to spread ;)

-{ Quote: "ErikAlbert, I am 100% sure my computer is not infected. But if there was some nasty hidden it is not connecting to the net nor is it affecting the way my computer is working. As far as I am concerned that is not infected. all of my security apps (I won't list them all) aren't finding anything during scans and they are good apps." }-

Curiosity speaking, how do you make sure your computer is 100% clean?

You know it is 100% clean because you are very careful or strict at using that computer, or what?

It seems to me that if I feel well, tests show that I am "clean", and I have no symptoms then I am not sick. That is a logical conclusion as far as I am concerned.

If my car runs well, then I do not need a reparir.

Best,
Jerry

-{ Quote: "Hi Erik,
If my computer runs well, and I have no evidence that there is a problem, then I don't care if it is "infected." Frankly, I do not believe it is under those conditions.

I don't do banking and such on my computer, and there is nothing on it that would be a major problem for me if it were compromised.
So far in about 7 years now I have not been infected as far as all my system security applications or operations are concerned.

Best,
Jerry" }-

How about if there's a trojan hidden in your computer for many years?
What if the hacker uses your computer as a zombie computer to do all sorts of bad or illegal activities (eg spamming, DDoS attacks, cracking passwords)?

Will you be concerned?

-{ Quote: "It seems to me that if I feel well, tests show that I am "clean", and I have no symptoms then I am not sick. That is a logical conclusion as far as I am concerned.

If my car runs well, then I do not need a reparir.

Best,
Jerry" }-

It is probably okay for some malware like virus, but not for trojans/keyloggers/rootkits and so on.

They are designed to be as hidden and unnoticeable as possible. They try to hide everything, including running processes/programs, files, registry keys and so on, so you cannot simply assume your computer should be clean since there are no weird symptoms on your computer.

Your computer runs well but behind the hands of the hackers. :-\

-{ Quote: "How about if there's a trojan hidden in your computer for many years?
What if the hacker uses your computer as a zombie computer to do all sorts of bad or illegal activities (eg spamming, DDoS attacks, cracking passwords)?

Will you be concerned?" }-

Not really. If I do not know it I won't be worried. However, I really believe that such thinking is paranoid, and is one in the millions as to probability considering that I do have some top notch anti-malware applications. If I had to go to the trouble some suggest, then I would get rid of my computers.

I am not afraid to fly, and that is probably more likely to cause me problems than the hackers.

Best,
Jerry

-{ Quote: "Unfortunately , you are right .
IE7 for XP SP2 is still integrated into the core of Win
IE7 for Vista is a major improvement with its Safe Mode which doesn't allow malware to spread ;)" }-

Knows who to blame?
Bill Gates... who wishes to monopolise the internet browser market.
The most stupid design in the world. :thumbd: :thumbd: :thumbd:

However there is a safer way to run IE7 - run it within sandbox or virtual machine - so any infection is not going to affect your host computer. ;)

Is IE7 for Vista still integrated into the core of Windows?

-{ Quote: "Once I go on-line with my off-line installed computer, I consider my computer as infected, no matter what security softwares I have on my computer.
All my special clean backup files and clean archived snapshots are created on a fresh off-line installed computer. I only use them for restoration, never for backup.
I consider all my daily backup files and archived snapshots as possible infected.
" }-

your restoration approach sounds like a very strong protection.
However a few questions:
- where do you store your special clean backup files?
- you need to save many changes on your system every day. This may include your personal data/files, settings of your programs, your OS, settings/saves of your games, your work, and so on. If you exclude them from restoration, what if the malware infect these partitions or locations?
- what if the malware can cause you non-recoverable harms during the session? For example, a trojan/keylogger can still steal your files and passwords before you restore; a destructive virus can kill your computer up before you have any chance to restore your computer. You even can't boot your computer at all. The computer is dead. :(
- what if the malware kicks in and compromise/infect your restoration program, making it malfunction?

Thank you.


-{ Quote: "
Lots of users claim they never had an infection on their computer. I really wonder how they know that for sure.
A good working computer doesn't necessarily mean you are clean and your scanners can't be trusted either. In your mind you are clean, not your computer." }-

That's called false sense of security. ;)

-{ Quote: "However there is a safer way to run IE7 - run it within sandbox or virtual machine - so any infection is not going to affect your host computer. ;)" }-There's some irony in running a whole virtual OS because the browser in that OS is so integrated with the system that you need a whole new system to separate it from your 'real' system... :-\

-{ Quote: "There's some irony in running a whole virtual OS because the browser in that OS is so integrated with the system that you need a whole new system to separate it from your 'real' system... :-\" }-

Yes, you are right. Let's blame Bill Gates. 8)

PS: But don't forget Firefox/Opera.
Bill Gates can't make us all use his holey product. :P

-{ Quote: "- where do you store your special clean backup files? Hopefully it's not in your drive." }-
At the end of the day, I boot in my off-line snapshot, turn ON my external harddisk and do my backups and archives and turn it OFF when I'm done. My special clean backups/archived snapshots are also stored on the same harddisk.
My off-line snapshot is malware-free, because it doesn't have an internet connection.
I use that off-line snapshot for several other things that need a quiet environment. It's the only snapshot where I can work in peace and without losing my concentration, because there are no annoying disturbing security messages, popups, etc.

-{ Quote: "
- you need to save many changes on your system every day. This may include your personal data/files, settings of your programs, your OS, settings/saves of your games, your work, and so on
" }-
Personal files are NOT stored on my system partition [C:], I have a second internal harddisk [D:] for that.
My system partition has still the folder "C:\Documents and Settings", but it's EMPTY regarding personal files.

I installed my off-line 6 months ago and it doesn't receive any updatings because there is no internet connection.
Neither Windows is updated, nor any other software. I recently uninstalled PerfectDisk 7 and installed PerfectDisk 8 without being on-line.
Why do I need all these security patches of Windows ? There is no internet connection. As long everything is working fine in this off-line snapshot, I don't need any updating or upgrading.

My on-line snapshot is something else, that is the dangerous one and needs more protection. That's why I frooze it and it has only LnS and Prevx1 as protection for now, because I'm still working on it.

-{ Quote: "
- if you exclude them from restoration, what if the malware infect these partitions or locations?
" }-
How can a malware infect my external harddisk, when it's turned OFF ?
My data partition [D:] is still vulnerable, but I'm not finished yet.
That is the main reason why I'm looking for security softwares to stop the installation and execution of malwares in order to protect my system and data partition.

-{ Quote: "- what if the malware can cause you non-recoverable harms during the session? For example, a trojan/keylogger can still steal your files and passwords before you restore; a destructive virus can kill your computer up before you have any chance to restore your computer. You even can't boot your computer at all. The computer is dead. :(" }-
As long my hardware isn't damaged, I can recover from any disaster, using FDISR or Acronis.
BTW Are you a FDISR-user or not, because you don't seem to be familiar with FDISR and its possibilities ?

-{ Quote: "
- what if the malware kicks in and compromise/infect your restoration program, making it malfunction?
" }-
Acronis True Image Home is installed only in my off-line snapshot. Even when my on-line snapshot is compromised, I can still boot in my off-line snapshot and recover my system from there.

I also have Acronis True Image Home on a Rescue CD, which can be used to restore my system via my external harddisk, even when both harddisks are wiped out by the KillDisk Virus or any other destructive malware.
I've tested this months ago and zero-ed both harddisks (= EMPTY) myself to see how I could recover this extreme situation. This is peanuts for Acronis. :)

-{ Quote: "At the end of the day, I boot in my off-line snapshot, turn ON my external harddisk and do my backups and archives and turn it OFF when I'm done. My special clean backups/archived snapshots are also stored on the same harddisk.
My off-line snapshot is malware-free, because it doesn't have an internet connection.
I use that off-line snapshot for several other things that need a quiet environment. It's the only snapshot where I can work in peace and without losing my concentration, because there are no annoying disturbing security messages, popups, etc." }-

Good! :thumb:
But it seems like a lot of repetitive work.
Will you get too bored, or forget to turn your external harddisk off?

-{ Quote: "
Personal files are NOT stored on my system partition [C:], I have a second internal harddisk [D:] for that.
My system partition has still the folder "C:\Documents and Settings", but it's EMPTY regarding personal files.
" }-

I think quite many apps can do.

ProcessGuard can do it. It can stop any new/changed installatoins/programs hard and cold. But it appears this app has compatiiblity issues with your restoration program, isn't it?


-{ Quote: "I installed my off-line 6 months ago and it doesn't receive any updatings because there is no internet connection.
Neither Windows is updated, nor any other software. I recently uninstalled PerfectDisk 7 and installed PerfectDisk 8 without being on-line.
Why do I need all these security patches of Windows ? There is no internet connection. As long everything is working fine in this off-line snapshot, I don't need any updating or upgrading." }-

Yes, you are probably right.

You may wish to update if the OS has issued fixes regarding some features, or your program can't be installed or run properly due to the bug in the OS (a fix would help), or you wish to get some new features.

Just make sure you don't get infected from external sources (eg infected floppies/CDs). I might imagine you may get infected if you bring your data on your [D:] drive. It's possible a malware is hidden there.

-{ Quote: "My on-line snapshot is something else, that is the dangerous one and needs more protection. That's why I frooze it and it has only LnS and Prevx1 as protection for now, because I'm still working on it." }-

Depending on your needs, it may be adequate or not.
Let's say I will try to download new stuff from the net, so I would like to make usre it's clean before I use it. Some AV/AS are good since they can act as the first guard to filter infected files.

Prevx1 is weak at on-demand scans. I think it is very weak at scanning packed/encrypted/zipped files.

I might replace LnS with some other firewalls. I realise it is far too easy to nullify/terminate this application. I would like to have a firewall with good self-portection (against any attacks).


-{ Quote: "How can a malware infect my external harddisk, when it's turned OFF ?" }-
Not possible, unless you forget to turn it off by mistake.
But I do think it might happen unless you can automate your routine.


-{ Quote: "My data partition [D:] is still vulnerable, but I'm not finished yet.
That is the main reason why I'm looking for security softwares to stop the installation and execution of malwares in order to protect my system and data partition." }-

You may think of encrypting the whole data partition.

Don't use the default path to save personal data. It's true even if you change the default paths of my documents, images etc. to drive [D:]. There's record on your system about your path, so the malware writer knows where to locate your personal files.

I simply leave the default paths as it is (stuffing with some stupid things). I manually save my personal data in secret places. Even if the trojan intruded into my system, they might trap into stealing/cracking the stupid things. :)

My computer is a maze. :)

To add just a bit extra security, I don't install my OS on Drive C.
(Note: Actually there are non-security purposes too)


-{ Quote: "As long my hardware isn't damaged, I can recover from any disaster, using FDISR or Acronis." }-

-{ Quote: "
BTW Are you a FDISR-user or not, because you don't seem to be familiar with FDISR and its possibilities ?" }-

-{ Quote: "
Acronis True Image Home is installed only in my off-line snapshot. Even when my on-line snapshot is compromised, I can still boot in my off-line snapshot and recover my system from there.

I also have Acronis True Image Home on a Rescue CD, which can be used to restore my system via my external harddisk, even when both harddisks are wiped out by the KillDisk Virus or any other destructive malware.
I've tested this months ago and zero-ed both harddisks (= EMPTY) myself to see how I could recover this extreme situation. This is peanuts for Acronis. :)" }-

Since you keep your snapshots and have the additional imaging program (as a backup of your main restoration app) in your external drive, so yes! Unless it can damage your BIOS, you can always restore your system. If the virus manage to make your drive unbootable, you just need to take more time to restore your system. Just extra trouble.

No, I don't use FDISR.

By the way, are you going to implement an *really* uncrackable security system? ;)

-{ Quote: "By the way, are you going to implement an *really* uncrackable security system? ;)" }-
No of course not, everybody at Wilders says that 100% security doesn't exist and this is common for all securities in life.
My intention is to get as close as possible to 100% without too many security softwares and without losing much time on security.
In the past I had more security softwares on my computer than I used for work/hobbies. That is absurd. I didn't buy my computer to protect it. ;D

-{ Quote: "No of course not, everybody at Wilders says that 100% security doesn't exist and this is common for all securities in life.
My intention is to get as close as possible to 100% without too many security softwares and without losing much time on security.
In the past I had more security softwares on my computer than I used for work/hobbies. That is absurd. I didn't buy my computer to protect it. ;D" }-

Every security software is crackable. So yes, it is true 100% security doesn't exist. But it is true as far as each security software stands on its own.

What if you combine different security software together to form a super-security system? Not all security system is uncrackable, but not all security system is crackable either.

I do think a 99.99%, if not 100%, uncrackable system exists if you do know how to combine all sorts of protection together. It is not easy to form a well-matched well-chosen security system, and I do think many security system are crackable, but a few of them are just nearly impossible to beat.

PS: Oh, but you still haven't answered some of my previous questions. Probably you are still figuring out the answers. Best wishes. :D

-{ Quote: "PS: Oh, but you still haven't answered some of my previous questions. Probably you are still figuring out the answers. Best wishes. :D" }-
How can I give all the answers ? I just started my new security setup and I didn't fix all problems yet. You are going way too fast for me. I'm not in a hurry, because malwares won't disappear tomorrow. I work in step mode, systematically and I get rid of my problems one by one.
But don't you worry about that, I learn ALOT from your posts too. Don't forget that. So keep on writing. ;D

-{ Quote: "
But don't you worry about that, I learn ALOT from your posts too. Don't forget that. So keep on writing. ;D" }-

Why do I need to worry when someone can learn a lot from my posts?
This is a good sign indeed.
It is nice to hear someone find my posts helpful. :)
So keep reading my posts. ;)

Wai Tai,

Why are you using three AV's, two fire wall's and three Anti Spyware programs? More of the same does not close the gap, see AV Comparatives, Firewalleaktest, spywarewarrior.

Better is to:
a) setup up good backup/recovery mechanisme
b) think of a layered approach, see picture`

The whole point of this discussion is that:
- 100% security is illusion
- throwing in a lot of the same does not close these holes in your security

-{ Quote: "Wai Tai" }-
Who is Wai Tai? ;)

-{ Quote: "
Why are you using three AV's, two fire wall's and three Anti Spyware programs? More of the same does not close the gap, see AV Comparatives, Firewalleaktest, spywarewarrior." }-

I think you are misled by my signature.
Please blame Wilders Security since I can't write just a little more (recommendations on security products).
There are simply my security recommendations to others.
I'm not using 4 anti-virus (real-time), 2 firewalls, 3 anti-spyware (real-time). That would be crazy otherwise since this would only cause more trouble (conflicts, slowdown, resources used-up) than security.

-{ Quote: "
Better is to:
a) setup up good backup/recovery mechanisme
b) think of a layered approach, see picture`

The whole point of this discussion is that:
- 100% security is illusion
- throwing in a lot of the same does not close these holes in your security" }-

Thanks for your mentioning, after all. :D

Wai Wai,

Apologies for spelling your forum name incorrectly.

Kees

-{ Quote: "Wai Wai,

Apologies for spelling your forum name incorrectly.

Kees" }-

It doesn't matter. ;)

After all, thanks for your goodness about the tips of security. :)

-{ Quote: "Is IE7 for Vista still integrated into the core of Windows?" }-

No it isn't and btw this was already news 1 or 2 years ago... ::)

-{ Quote: "
Lots of users claim they never had an infection on their computer. I really wonder how they know that for sure.
A good working computer doesn't necessarily mean you are clean and your scanners can't be trusted either. In your mind you are clean, not your computer." }-

When I believe my Pc is clean, it is sure clean. I don,t bother myself with hypotheses and theories.
If u are healthy u believe that u are sure healthy. U don,t think of an occult cancer or undiagnosed AIDS!
PC life is like practical life for me.

Malware isnt over rated, but it doesnt take a army to combat it.

;D
some here are prepared for computer armaggedon

Sometimes. the little:) stick, carries the biggest wallop.

Malware overrated ? i personally dont know of anyone who rated malware at all letalone highly . . under rated perhaps, under apreciated definatly, un nerving yup and under estimated . . . . . but never over rated

Uh TechWG how about at this site? It's overrated here, IMO.