Answer - put the frog in a pan of cold water and turn the heat up slowly.
Apparently the frog won't notice.

For some time now I have run my pc's with only a firewall and Firefox to protect me - no real time programs, no HIPS, no software firewall, no AV , No AS.

Just read an article praising Spyware Doctor so with Returnil turned on I loaded the program and ran it. I wasn't surprised that it found nothing wrong ( have yet to find an Av or AS or rookit that can find a problem) But what did surprise me was just how much slower everything ran. One program that would load in 6 seconds the first time and 3 seconds thereafter took 12 seconds the first time and 8 thereafter. Outlook took for ever to load.

Yes I know some programs are lighter than others but all will have some impact. I can only imaging that adding more layers of real time protection will make the situation worse - so a quick reboot and everything was back to normal.

So just like a frog I suspect that many ( looking at the bloated signatures) are really having to buy new machines just to provide the necessary power to run programs which may not really be necessary anyway.

I have cut back on security apps. also, and know I have gained loading times by replacing bloat-for-open-source. I have also cut back a lot of Windows services. Loading times are quicker and ram usage is at a minimum, but I am also a safe-surfer. I would not take my current set-up to the "dark-side", but suspect that those with large signatures do!
P.S.;put a lid on the frog-pot, they are spooked easily and jump because of movement and eye-contact.

lol

One of the reasons why I don't run antivirus, I cant stand how they slow a system.

Count me in as one who did not feel the water getting hotter. The one exception was real-time AS's. The slowdown was noticeable on my comp.

I was another. Ran AV/AS for so long didn't notice how much of an effect it was until I took them off. Disabling doesn't accomplish the same thing.

I used to run several AS/AT's, but found the AV was the only one I needed. Lots of downloads and a couple of teenaged-daughters, you know. When it was just me I only had an AV as an on-demand scanner and a firewall. When the girls are gone in a few years, I'll probably just use on-demand AV and the router. And Windows 7...

Returnil works for teenage daughters, sons, wives, and friends who just can't resist loading the latest cat chasing a dog screen saver.

By the way I consider your suggestion that I put a lid on the pot as yet another example of excessive and totally unnecessary security. You'll be suggesting next that I cook the frog in a locked/hidden room just in case something bad gets into the house and contaminates my frog.

-{ Quote: "By the way I consider your suggestion that I put a lid on the pot as yet another example of excessive and totally unnecessary security. You'll be suggesting next that I cook the frog in a locked/hidden room just in case something bad gets into the house and contaminates my frog." }-
No. I used to catch frogs. If you make eye-contact with them, any sudden movements will make them jump. So if you don't go near the pot while the water is heating, you won't need the lid. But if you get curious and look, you'll startle the frog.
P.S.;the legs really do taste like chicken!!!

Hello,
Indeed, one of the reasons why not to use 300 layers of everything.
First, it will cripple the machine. Second, no need, simpler solutions are available.
Mrk

The same here. At this moment, I'm asking myself why I need :
1. A firewall, when I have already a router.
2. Anti-Executable, which only protects my system partition between two reboots and this one certainly slows down my computer.
3. DefenseWall, which only protects my system partition and supports my browser.
My system partition recovers itself during each reboot and removes any infection.
So why do I need these 3 security softwares, maybe I can live without them. I wished I had this vision sooner.
Why didn't I see the Light 3 years back ? :)

Interesting question. I have never had my computers without at least AV, I might uninstall it just to see how it goes.
But I noticed after I ditched all the HIPS and other antimalware stuff and went for LUA, the speed of loading apps and general speed of the computer is much faster. When I used the other security software I didnt think my computer was slower but I can clearly see the difference now. So the boiling frog analogy isn't that far fetched, for me at least...

-{ Quote: "I used to run several AS/AT's, but found the AV was the only one I needed. Lots of downloads and a couple of teenaged-daughters, you know. When it was just me I only had an AV as an on-demand scanner and a firewall. When the girls are gone in a few years, I'll probably just use on-demand AV and the router. And Windows 7..." }-


The pot will do better if you season it with Linux salt;D ;D ;D

-{ Quote: "The pot will do better if you season it with Linux salt;D ;D ;D" }-
And maybe a little "Apple-butter"... ;D ;D ;D

-{ Quote: "For some time now I have run my pc's with only a firewall and Firefox to protect me - no real time programs, no HIPS, no software firewall, no AV , No AS." }-

I just add limited user accounts, which don't slow down my system any.

I ran limited for a while but this was on an existing system and there were one or two minor irritations. I'm sure that on a clean install things would have been better. Certainly limited user gives a great deal of protection for very little overhead. I think though that probably the main reason I reverted to admin is lack of motivation. Forgetting about the odd stale cookie I have never, never seen a virus nor downloaded any spyware. On a regular basis I load up A/S and A/V programs and run them and nothing. Well nothing is not quite true. Occasionally a program will show up a problem. I report it to the company and they come back with sorry - false positive now fixed. It really is difficult to get motivated to load up a program when it does nothing. I have installed HIPS and waited patiently - nothing.

For my kind of surfing and good hardware firewall and Firefox seems to be enough. Limited would help if something bad ever did get in but I don't see how I'm going to let anything bad in.

-{ Quote: "

For some time now I have run my pc's with only a firewall and Firefox to protect me - no real time programs, no HIPS, no software firewall, no AV , No AS.

" }-

I have a system that just has a firewall without anything else. It hasn't been infected (but then I don't use it that often), so a lot depends on where you surf to. You may never get infected with rudimentary or no defenses and you may be bombarded with malware with a huge boatload of defenses. A lot depends on how you use the PC. I guess I am of the same school that there are safety in large numbers. I hope to get by with minimal security and hope that the bad guys bypass me. 8)

BTW, I am not one to buy a new system in order to be able to run a new set of software. If the software isn't compatible with my system, I just don't use them. A frog is poikilothermic and reacts to changes in temperatures very slowly if at all. I may be like a frog with respect to PC technology. I am always behind on the current trends, but that is because my knowledge base comes from the 1980's.;D

No real time AV running and only Spybot & ZAP v4.5.

No problems and my system is nice and fast.

Common sense goes a long way towards computer security IMO.

I'm going to try the frogpot in practice, because I have two computers in one computer :

1. An off-line computer + data partition, which has the very best security in the world : NO INTERNET.
That is where I do all my work and hobbies. This is also my fastest computer, because there is NO SECURITY.
So this is already an extreme form of the frogpot and is in fact the opposite of the honeypot.

2. An on-line computer + data partition, which is the black sheep in my system, but :
- during each reboot, every change is removed automatically.
- the data partition is constantly locked : no reading, no writing, no stealing, which makes any malware/hacker powerless.

I will start with removing "Anti-Executable", which scans my on-line snapshot constantly to protect it against unauthorized executables and that makes any action slower on my computer.

Suppose an unauthorized executable installs itself in my on-line snapshot. Let's see how serious this can be :
1. It can't do anything in my LOCKED data partition.
2. It can't do any stealing, because there is nothing to steal in my system partition.
3. It can only damage my system partition and I see only 2 kinds of damages :
- damages that can be recovered during reboot (boot-to-restore), that's easy.
- damages that corrupt FDISR, which can be recovered by restoring a clean image.
In other words, whatever damage it is, it can be recovered completely.

This must be very frustrating for the Malware World : trying to infiltrate in my system, coming back the next day and find out that all their preparation is destroyed and neutralized like cats by ... a newbie with the I.Q. of a monkey.
This must be an insult for their intelligence, including A.I. ;)

Is that it??? Take it all off Erik...
(that just sounds so-o-o-o wrong:shifty: )

-{ Quote: "Is that it??? Take it all off Erik...
(that just sounds so-o-o-o wrong:shifty: )" }-
No that's not it, that's just the beginning, but I won't ditch my Forecastfox extension. :)

lol that's my favorite FF-extension too lol:D

-{ Quote: "I can only imaging that adding more layers of real time protection will make the situation worse." }-
Keyword: realtime. On-demand is a different thing.

I'm a firm believer in security software and have too fallen into the frog conundrum. I really believe it's a balance one has to make based on the type of activity you seek (personally I love FeFe LaRue) and the hit on resources you're willing to take for this adventure. I've slimmed down my security apps since joining PINOSS (www.wilderssecurity.com/showpost.php?p=1090942&postcount=10)
The last app I ditched was Spyware Doctor, and Ohh what a faster machine I have for it.


...screamer

I confess that i too fell victim to security-ware overload, in my case doubling up HIPS with SSM, and at one point running 2 firewalls, Kerio 2.15 + Comodo at the time as well as throwing in CyberHawk for good measure then shadowing them all with Power Shadow plus SAS for occasional On-Demand scans.

My new much more performance efficient and light but STRONGER shieldings now come on the order of Kerio 2.15, PC Security, SandboxIE, with Returnil or Power Shadow for virtual coverages over my FD-ISR snapshots.

EQSecure IMO is about as worry-free & light a HIPS as they come plus i have Tweaked it's settings substantially increasing protection with absolutely no additional CPU or memory useage build-up and all is quiet once again on the home front, even when plowing headlong into potential malware laced sites for the occasional reaping of those latest stupid malwares that my HIPS suspend in mid-air so i can easily collect them up and store them in a Locked chamber for research & submission purposes.

The only fear i have to concern about now is if/when Windows itself does something radically frustrating which is been a sore spot for me a long time.

That security array may appear a bit overdone by some, but so far this layered shield of guards is amazingly formidable and oh joy! how very light in the system now in comparison to before.

Also EQSecure can take up those extensions ScriptSentry can't cover, and since ScriptDefender needs an update.

Run NOD32, SuperAntiSpyware Pro and ProSecurity beta2 all realtime and do not have any slowdown on a 2.8G XP Pro system with 1G RAM; none, zero zilch. Wired router serves as a firewall.

Interesting Thiggy. These are 3 excellent programs. I ran Prosecurity for about 3 months which is not very long I know but nothing of interest showed up during that period. Every so often I load up NOD32 or SuperAntiSpyware and they also never show up adnyting. The Hardware Firewall I like and consider to be an essential.

Question: when did your programs last show up a nastie ( cookies not included) ? Do you recall how you let this nastie onto your system and could it have been avoided by simply taking more care ?

It may well be that such and such a program is lite enough not to notice ( alone) but my attack or criticism is not against individual programs per se but more against an attitude which says I don't understand what I'm doing so I will install a program. As I really don't understand what I'm doing I will install as many programs as possible.

Provided you are "safe" surfing I would argue that the 3 programs you mention
may not be slowing anything down but ask are they really doing anything either ?

lol.... frogs had always been a coveted delicacies for us Mandarins! :D

Basically, i am into the 'minimalist' approach - a real-time non-hoaging AV, a standby for-safeMode-only scanner & an every-15days spyBot scheds. Never experience slowdown on my AMD64 laptop. Except for those AVs mentioned, the configs has been chuggin along for more than 18mths since... yet to be nuked!

Currently have nod32 2.7, Comodo 2.4, and ProSecurity 1.40 beta 3, all behind a NAT. I just dropped BOClean because it seems unnecessary. Comments?? |||

I think it´s mostly realtime scanners who slow things down, but most HIPS and firewall won´t. I really wonder if there are people out there who are using tools like Panda and F Secure IS, I´ve tried these tools and they are complete jokes. :wacko:

-{ Quote: "lol.... frogs had always been a coveted delicacies for us Mandarins! :D

Basically, i am into the 'minimalist' approach - a real-time non-hoaging AV, a standby for-safeMode-only scanner & an every-15days spyBot scheds. Never experience slowdown on my AMD64 laptop. Except for those AVs mentioned, the configs has been chuggin along for more than 18mths since... yet to be nuked!" }-
And do your security softwares (scanners) FIND something ???
I ran KAV, NOD32, SAS and a few others : No Threats Found, but each of them ran more than 20 minuts to tell me what I already knew in advance.
That is 60+ minuts to run 3 scanners, I clean my computer in less than 2 minuts.

-{ Quote: "And do your security softwares (scanners) FIND something ???
I ran KAV, NOD32, SAS and a few others : No Threats Found, but each of them ran more than 20 minuts to tell me what I already knew in advance.
That is 60+ minuts to run 3 scanners, I clean my computer in less than 2 minuts." }-

Erik I know what you mean when you say "I clean my computer in less than 2 minutes" but I wonder if there is really anything there to clean ?

The general assumption seems to be that as soon as a computer is plugged into the internet it is in a high state of risk and that infection, corruption, contamination, call it what you will, will take place within seconds, if not quicker.

I agree with you that it is comforting to know that every time a machine reboots any bad stuff that might have crept in is now toast BUT I have to question just how likely it is for a machine to become contaminated at all provided that the user follows some fairly basic rules.

-{ Quote: "BUT I have to question just how likely it is for a machine to become contaminated at all provided that the user follows some fairly basic rules." }-
Very unlikely if by "fairly basic rules" you mean using common sense and some security setup.

exactement

-{ Quote: "
I agree with you that it is comforting to know that every time a machine reboots any bad stuff that might have crept in is now toast BUT I have to question just how likely it is for a machine to become contaminated at all provided that the user follows some fairly basic rules." }-
I don't want safe surfing and I don't want basic rules and my boot-to-restore is something I will never ditch, no matter what I do. That's why I also lock my data partition, when I leave my desktop and start surfing like a mad man.
I just want my newbie period back, when I was surfing unaware of any threat.
My problem in those days was that my computer was constantly infected and without any recovery solution at all.

I'm dreaming of this since I was member of SWI-forum, but I didn't know how to do this. Everything I did was a part of a plan to accomplish this dream, including buying a new computer and all this without having 30+ security softwares on my computer.
I still have doubts of doing a Windows Update or not, because I have an arrear of 80-90 patches. :)

-{ Quote: "
I just want my newbie period back, when I was surfing unaware of any threat.
My problem in those days was that my computer was constantly infected and without any recovery solution at all.

I'm dreaming of this since I was member of SWI-forum, but I didn't know how to do this. " }-

What you are looking for is the same as the quest for eternal youth. Doesn't exist. Same for the internet. You just can't go back. Thats life.

-{ Quote: "I still have doubts of doing a Windows Update or not, because I have an arrear of 80-90 patches." }-

Shhhh. Don't tell, but i don't patch :shifty: What's the use?
Well, i do go as far as SP1 and i have install disks with SP2 integrated but rarely bother with them.
I used to experience more issues from $M so-called patches then with malware drive-bys on 98 and i never forgot all those lost hours & efforts. >:( and i'm not about to fudge up a stable XP Pro in exchange for a ton of patches in a list 50 long or more everytime $M hits the panic button in another one of their marathon (announcements)

Times have certainly changed though for the better and of good measure in the user's favor now a days. Thanks to ISR's like FirstDefense as well as HIPS, sandboxes, virtualizations, Combos like OnlineArmor and others, and all sorts of reliable new security programs with which to choose your shield from ;D

Not even $M own O/S can turn on you with any real threat to make trouble for you anymore like they used to, and thats a huge welcome relief.

It's nice that the user finally has the leg up and corner on confidence for a change while they do the squirming now ;D

-{ Quote: "The same here. At this moment, I'm asking myself why I need :
1. A firewall, when I have already a router." }-For outbound protection.

How do you lock down your data partition ?

-{ Quote: "Shhhh. Don't tell, but i don't patch :shifty: What's the use?
" }-
Each time when I reboot, I have my original system partition back, patched or not, it won't make a difference and that's why I have doubts and asked myself "What's the use?".
I didn't do it yet, because Windows Update will increase the volume of my system partition enormously and that means bigger archives, bigger freeze storage, longer boot time, etc.

At SWI-forum, the qualified helpers always recommended Windows Update as the most important thing to do in order to avoid infections.
I never did Windows Update and my system partition has no infections and advanced+ scanners couldn't find anything either, which wasn't a surprise for me, because I remove any change during reboot.

-{ Quote: "What you are looking for is the same as the quest for eternal youth. Doesn't exist. Same for the internet. You just can't go back. Thats life." }-
Internet is still the same, it only has more malware and more bad guys and that doesn't change anything.

-{ Quote: "How do you lock down your data partition ?" }-
PC Security, because that was the only practical one, the rest was unpractical or a nightmare to use.
Two mouse clicks and a password for locking/unlocking and no waiting and no reboot.
It might be possible not to use a password, but I have to verify this first.

Regarding system/applications updates, I prefer to have as much security provided by the OS and then close the gaps/get the control with third-party apps. That's why I favour having a patched system, hardware DEP enabled, rational hardening and LUA (if possible).
Take that system (trusted base), image it, build a tripwire with integrity checkers (Tiny Watcher, FileCRC, whatever you like) and benchmark/forensic tools (RkU, IceSword, Autoruns, etc), add an isolation layer (sandbox), network access control (rule-based firewall), secure mailing/browsing (third-party apps, content filtering/whitelisting) and signature scanners for newly created/downloaded files and you're ready to go.

I agree with thiggy run nod32 you wont even notice it running.why would one take chances with no protection just to gain some speed and have A virus destroy your hard drive.even though virus protections are not 100 percent of catching a virus even 50 percent is better then no percent

-{ Quote: "I agree with thiggy run nod32 you wont even notice it running.why would one take chances with no protection just to gain some speed and have A virus destroy your hard drive.even though virus protections are not 100 percent of catching a virus even 50 percent is better then no percent" }-

Hi djohn

Those of us running not running AV's never said no protection. Just different protection. BIG difference.

Pete

-{ Quote: "I agree with thiggy run nod32 you wont even notice it running.why would one take chances with no protection just to gain some speed and have A virus destroy your hard drive.even though virus protections are not 100 percent of catching a virus even 50 percent is better then no percent" }-
I didn't want 50%, I wanted 100%.
I don't remove "viruses", I remove "changes" and any virus changes my harddisk somewhere, that's their weakness, viruses expose themselves by changing my harddisk. That's why I kill them all, even the undiscovered viruses and viruses that aren't born yet and without false positives.

-{ Quote: "PC Security, because that was the only practical one, the rest was unpractical or a nightmare to use.
Two mouse clicks and a password for locking/unlocking and no waiting and no reboot.
It might be possible not to use a password, but I have to verify this first." }-I'll check it out. BTW, do you mean this one ?

http://www.tropsoft.com/pcsecurity/

-{ Quote: "I'll check it out. BTW, do you mean this one ?

http://www.tropsoft.com/pcsecurity/" }-
Yes that's the one and use the icon in the system tray for the shortest way.
First tell PC Security what to lock.
Right mouse click on icon and then click "Security On" (lock) or "Security Off" (unlock) + Password. Any other method takes longer.

The software was looking promising until I read the following page which shows there is a back door:

http://www.tropsoft.com/order/pwdreset.htm

-{ Quote: "One of the reasons why I don't run antivirus, I cant stand how they slow a system." }-I know at least 2 antivirus programs that cause ZERO discernible impact on computer speed & responsiveness. Of course, what is true for my computer might not be true for yours.

But... yes, the height of security is to restore an image. I only wish I could do that same thing with bad stock market investments.

Hi all :)

Very interesting question (since I'm a FROG ! ;D ) LOL

A well protected system is always a balance between security and usability.

I'm often astonished to see so much poeple relying on a huge collection of "heavy" security stuff instead of few lights ones...

For sure I prefer to have an AV (avast), few AS ( spywareblaster + Windows Defender (yes :-[ ), Look'n'Stop. I never used IE but Firefox with NoScript. I feed my HOSTS file with the MVP's hosts.

That's all. I have these security programs just like a car insurrance even I never had any accident.

Sometimes I have the feeling that I'm wrong and I start a long and boring procedure to check my system even it's working like a swiss watch...

This "paranoid" period always finished the same way: no root kit, no Trojan, no spywares, no virus. Nothings.

Did I'm right to say that a bit of common sense a.k.a Safe-Hex us the best security stuff: free and efficient ?

IMHO a complete collection of the best security programs will never replace the common sense.

WE the "cyber-frogs", we knows how to avoid pan full of water... :o

Best regards.

:)

Hehe, this is why we would talk about the ability to use Prevx as a single solution, if the person wanted to. :)

It's not a lax attitude towards security or over-estimation of the product's capability, it's just that 99% of people outside of the forum got tired of this kind of thing almost immediately. Most people can't stand the slowdown, so when they go looking for a new solution, their first question is: "I'm tired of running AV+AS+FW+everything else. I'm looking for something that will detect all kinds of malware (realizing that nothing catches 100%). Something that I don't have to maintain and won't slow down my system. Can you do that?".

Often the only willing alternative for these folks is to run AVG and the Windows Firewall. They're also tired of big suites with undocumented functionality that causes problems that they can't work around (because they're undocumented).

The ironic thing is that when I'd help people clean off a machine, the huge amounts of apps wouldn't do that much to stop the infection from happening. Often times it was the folks that ran the most reasonable setups that were the best off. The decent apps would stop the bulk of it and just leave the person with one or two things to clean up, but the HIPS and such would be ineffective and just complicate matters.

Unfortunately there's been a huge disparity between the common wisdom in and out of the forums for some time. The theory is just all too often different from the practice. Then again, the issues between the average user and folks willing to spend time playing with computers has been an epic battle since the beginning. Those willing to invest the time just have greater patience and tolerance for technical issues than those that just want to check their email, watch YouTube, and go do something else. There's nothing wrong with either perspective, it's just that the technology is just now starting to find an adequate balance between both worlds.

Common sense may give 90 % of the total security. The remaining 9.9999999 % (the "what if" and shoot in the foot scenarios) is covered by the security setup and backup strategy.
-{ Quote: "those that just want to check their email, watch YouTube, and go do something else." }-
The solution for this usage pattern is:
- Good mail provider.
- Up-to-date system.
- LUA (they don't need to install new applications)
- SpywareBlaster.
- Smart HIPS (Prevx, Threatfire, etc)
- Boot-to-restore app.
- Browser with ad and pop-up blocking.
- A little education about mail attachments (ecards), phishing, fake codecs (they should have all the needed codecs in the fresh install), fake security alerts, etc.

Greetings up above there Climenole

Your preferred choice for an AV in Avast wouldn't possibly have any bearing on your geographical location now could it? ;D

Former AVAST user here myself for sometime beginning at version 4 i believe on Windows 98 into XP and forum regular the whole time, LoL

Really like what they done with it over it's run and see it's still well regarded by many just like yourself.

Very good point on mentioning BALANCE. The Layered approach is certainly widened it's range though with the introduction of HIPS, Behavior Blockers, and such though wouldn't you agree?

Unfortunately though for some users common sense is in rather short supply where haste is more preferred than protection.
But lucky for all of us that the security industry as a whole makes provisions also especially for them ;D which trickle on over to the rest of us in even more improved and automated versions. :thumb:

Common sense is good, human mistakes is less good.

-{ Quote: "The software was looking promising until I read the following page which shows there is a back door:

http://www.tropsoft.com/order/pwdreset.htm" }-
As a non-technical person, I can't evaluate how serious this backdoor is.

I'm in contact with TropSoft regarding the absurdity of the locktype "Hide Contents and Lock" and to replace it with or add the more usefull locktype "Hide and Lock" or "Lock and Hide", which sounds better.

My next question might be about the backdoor. :)

-{ Quote: "As a non-technical person, I can't evaluate how serious this backdoor is.

I'm in contact with TropSoft regarding the absurdity of the locktype "Hide Contents and Lock" and to replace it with or add the more usefull locktype "Hide and Lock" or "Lock and Hide", which sounds better.

My next question might be about the backdoor. :)" }-

Rule of thumb about any perfect solution. It isn't perfect;D

-{ Quote: "Rule of thumb about any perfect solution. It isn't perfect;D" }-
That statement counts for anything made by mankind. That doesn't keep me away from using PC Security, otherwise I have to ditch all my softwares.

-{ Quote: "Rule of thumb about any perfect solution. It isn't perfect;D" }-


I think that "The general theory of second best" Lipsey & Lancaster 1956/57
might be applied here. My simplified interpretation is that with a given set of parameters the best solution may often involve a series of second best solutions for a number of the individual parameters. Meaning that a less than perfect solution is in fact the best solution attainable.

-{ Quote: "Question: when did your programs last show up a nasty ( cookies not included) ? Do you recall how you let this nasty onto your system and could it have been avoided by simply taking more care ? " }-

Over the years NOD32 has popped several times on inbound trojans, etc. One time a nasty non-viral ad popper got through, so I added SUPERAntiSpyware Pro.

SAS has popped a few times, so I know it's working.

ProSecurity beta 2 pops quite a bit while learning the system, but afterward the pops are appreciated. It does have a learning mode I use at first install. If a nasty got through NOD32 and SAS, I feel ProSecurity would do the warning; but, this is where you have to know what you are blocking or allowing. Unlike an anti-whatever, it's a HIPS and sees all types of activity. BTW, beta 3 is out, but I haven't tried it yet.

If I'm going on an adventure into unknown territory, I may fire up Sandboxie for virtual browsing. I do find it slows my broadband browsing down a bit.

Taking more care? Well, I went to a page one time that seemed harmless, walked away from the computer for a couple of minutes leaving IE open on the page and came back to find the ad popper mentioned above solidly installed. You just never know, no matter how much care you think you're using.

Cookies not included. Darn, and I like cookies too. Especially old fashioned chocolate chip. Joking aside, I use IE Privacy Keeper to keep select cookies. All others get deleted when the browser closes. It also deletes the cache each time the browser is closed; nothing more, just those two things. Of course, it has many more features. I just don't use them.

-{ Quote: "You just never know, no matter how much care you think you're using." }-
That's what's bothering me.
They say "use common sense", what is "common sense" worth, if you don't have knowledge enough to see what is going on.
System objects and malware objects look the same to me and malware objects don't call themselves "malware.dll".
If a HIPS asks me "Allow" or "Deny" OR "Yes" or "No" I will most probably give the wrong answer.

That's the main reason, why I have a boot-to-restore, which removes any change in my system partition, that is for me the only way to be sure that everything is removed, because I can't depend on myself and there is always some malware that passes through my firewall or my other security softwares.
My security softwares might even bad configured by me.
My boot-to-restore removes at least the mistakes of my security softwares and my mistakes.

That's why I also LOCK my data partition, when I start surfing, to make any reading, writing or stealing in my data partition impossible. One wrong click on a website and a virus might infect my data files and most probably I won't even notice it.

How many users do really know how their security softwares exactly work and
1. against WHAT they are protected and above all
2. against WHAT they are NOT protected ?

A real-time shield of a scanner blocks a virus and shows a popup "I blocked this virus". The same real-time shield won't show a popup, "Hey I missed that one.", but my computer IS infected.

Well, in that case I prefer my approach, which offers at least more certainty. :)

-{ Quote: "That's what's bothering me.
They say "use common sense", what is "common sense" worth, if you don't have knowledge enough to see what is going on.
System objects and malware objects look the same to me and malware objects don't call themselves "malware.dll".
If a HIPS asks me "Allow" or "Deny" OR "Yes" or "No" I will most probably give the wrong answer." }-
A man with a very high IQ can spend years studying about Lions and their behaviors. He then might decide that he has enough knowledge to approach the Lions. End result, the 'intelligent' man is now cat food.

However, a man with common sense, wouldn't go near the Lions to begin with. At least not without a gun ;D .

By now most of us use common sense with our emails. We are also vigilant in keeping our programs up to date. We also download from known sources and scan them with multiple scanners or upload them to VT or Jotti. We also know that if we visit the dark side :shifty: that our chances of infection are greatly multiplied.

If we use common sense then the chances of getting eaten by a 'Lion' are slim. I also think there is nothing wrong with carrying a 'gun' when amongst the 'Lions'. Some our 'guns' may vary in caliber, length and the amount of barrels, but they all protect us against the same things.

peace out

Hello,

Actually, lions will not attack a man unless threatened.

They also eat once every two weeks or so and spend 16-20 hours sleeping and only hunt at dawn or dusk. They will not care for human interlopers if they are fed and have no cubs nearby ...

How does this analogy compare to computers? I don't know.

Mrk

Are lions related to frogs in any way ???

Ancestry.com

-{ Quote: "Ancestry.com" }-

While granted this topic is somewhat broad. This post is pointless. Please refrain from these types of posts.

Thanks,

Pete

-{ Quote: "That's what's bothering me.
They say "use common sense", what is "common sense" worth, if you don't have knowledge enough to see what is going on.
System objects and malware objects look the same to me and malware objects don't call themselves "malware.dll".
If a HIPS asks me "Allow" or "Deny" OR "Yes" or "No" I will most probably give the wrong answer." }-
If you are installing a trusted software you'd know to allow....
-{ Quote: "That's the main reason, why I have a boot-to-restore, which removes any change in my system partition, that is for me the only way to be sure that everything is removed, because I can't depend on myself and there is always some malware that passes through my firewall or my other security softwares.
My security softwares might even bad configured by me.
My boot-to-restore removes at least the mistakes of my security softwares and my mistakes." }-
That's why you don't need HIPS....
-{ Quote: "That's why I also LOCK my data partition, when I start surfing, to make any reading, writing or stealing in my data partition impossible. One wrong click on a website and a virus might infect my data files and most probably I won't even notice it.

How many users do really know how their security softwares exactly work and
1. against WHAT they are protected and above all
2. against WHAT they are NOT protected ?

A real-time shield of a scanner blocks a virus and shows a popup "I blocked this virus". The same real-time shield won't show a popup, "Hey I missed that one.", but my computer IS infected.

Well, in that case I prefer my approach, which offers at least more certainty. :)" }-
Your approach is necessary as you have a data-partition that has value. In my case, I have nothing that can't be easily replaced (including the OS) so HIPS and AV are the only thing that are needed.

-{ Quote: "And do your security softwares (scanners) FIND something ???
I ran KAV, NOD32, SAS and a few others : No Threats Found, but each of them ran more than 20 minuts to tell me what I already knew in advance.
That is 60+ minuts to run 3 scanners, I clean my computer in less than 2 minuts." }-

Sorry E_Albert for my late responds...

My 'real-time' = VBA; 'safemode-on-demand' & an alternate = Norman MC (latest) & AVERT (obsolete but a fav); 'scheduled' mWare-cleaner = SpyBot.

Of course, my home system was behind a Wifi/NAT.

My VBA got the major task of pre-emptive realtime actions & when i browse its report with indications, i do the routine VBA run again. Then reboot on safeMode for a check with Norman or AVERT. Lastly... a spyBot scan after another reboot.

On average, the VBA gave me about 2 pre-emptive strikes per month; spyBot gaves me a minimum of 3warnings (that's due to my intentional XP-SC settings & a couple of unusual 'bypass') every time its run... if S&D gaves me more than 3... then i sense trouble lurking! That's the time i switched to possible 'Yellow' terror-sweeping.

;D

If you're using additional programs, whether they be security software or not, and it runs in the systray, it's bound to be using memory. Remove those programs, and the system runs faster. I thought everybody knew this?

I'm only using KIS, but it doesn't seem to impact the running of my computer too greatly. I agree that I notice a speed improvement when KIS isn't installed, but that's to be expected.

I have to admit I don't run several applications at once. Right now I just have the browser window open.