I am reading here that people are starting to put down ProcessGUard and Regdefend with this new talk about HIPS. Now I hear talk about OA (Online Armor), Anti Hook, and more about Safe'N'Sec.

What do you guys think? I mean all you guys that are Processguard + Regdefend followers and those of us that add RegRun as an extra defense. You think our line of defense is getting old with this new and upcoming programs? Is it time for a change?

I don't think we need that many programs that do the same thing running together case as they say with two active antiviruses, they my conflict and make things worse. Don't get me wrong, I am not ready to change, but if it is time, then let it be. What are you guys using, it would be nice to see lists. And for the other people that have answered my other threads before, lets see if you still use the same programs you recommended me before or are you considered traders, haha.

dja2k

-{ Quote: "Is it time for a change?
" }-

I'd say, yes give OA a try - but of course, I'm a little biased :-)

If you send me a PM, I'll send you an eval key.


Mike

-{ Quote: "I am reading here that people are starting to put down ProcessGUard and Regdefend with this new talk about HIPS. Now I hear talk about OA (Online Armor), Anti Hook, and more about Safe'N'Sec.

What do you guys think? I mean all you guys that are Processguard + Regdefend followers and those of us that add RegRun as an extra defense. You think our line of defense is getting old with this new and upcoming programs? Is it time for a change?" }-dja2k,

I wouldn't take either PG or RD off the table with respect to functionality, they have as much as you will ever need, buts that's only one part of a programs characterisitic when considering whether to use it. You can see what I have available on demand and what I'm running realtime here (http://www.wilderssecurity.com/showpost.php?p=352128&postcount=6) at the moment. Right now I'm looking at SafenSec and the driver is for the functionality available to the people I support - the rest of the family at home.

PG was and is great for me. I knew what to do with the popups as they occurred, but as Mike Nash has mentioned elsewhere, and I know I have as well, there is the issue of popup fatigue as well as being equipped with the necessary system knowledge for more casual users. Putting some type of intelligent and adaptive front end into these programs is, in my personal estimation, critical. This is somewhat new ground so you will see all the various options somewhat feeling their way around, as are potential users. So far I like what I see with SnS, and that's where I've focused for the present, but it is still developing. Same with OA, read the various threads related to OA and you will see a number of positive comments. This also applies to the other options (Prevx, etc.) that one could employ as well. I don't know what other peoples objectives are, but mine are simple - good protection with a minimal impact on realtime system responsiveness, a minimal number of requests for user intervention upon detection of a potential issue while maintaining suitable protection, and a good description of the situation and options when user intervention is required.

These options do not necessarily provide more protection than, for example, PG and/or RD, but they may be more suitable for the mass market at this time. The intrinsic protection afforded by these various applications is only as good as the decisions made by the user when prompted for action. In general, and as I note above, I feel that providing an intelligent and dynamically adaptive front end which filters the mundane and not critical events from those characteristic of a possible intrusion is where the future lies. As potential threats change, the definition of mundane may be somewhat fluid, hence the need of an adaptive solution either through updates of general behavioral rulesets reflecting potentially malicious operations or through maintainence of white/black lists of applications and/or system operations.

Would I change my protection? Well, it depends on the situation. If I were the sole user on one PC and I was comfortable with the intervention requests from PG/RD/etc., probably not. On the other hand, if I was continually getting requests on what to do with this or that dialog box, I'd keep an eye on the various programs mentioned and probably try a few of them out.

Blue

Hi dja2k,

Online Armor seems to be a very nicely defined product, with lots of excellent security, compatibility, reliability, and support characteristics. However, it is a new product, and because it isn't as "transparent" and "configurable" (i.e., adding and substracting security definitions) as ProcessGuard and RegDefend, I will be staying with WormGuard, PG and RG for the time being. This combination is a known quantity to me, and it is going to be difficult to beat this as a security combination for the time being - especially since I am very comfortable with them.

As Blue recommends, there are free trials and it is certainly worthwhile to test Online Armor if you do not have PG and RD installed. If you do, then I do not see any significant reason to switch at the moment - especially if you have a good AV in place, since the AV is going to still do the vast majority of work and provide the most security for the time being.

Hope this helps,
Rich

-{ Quote: "I am reading here that people are starting to put down ProcessGUard and Regdefend with this new talk about HIPS. Now I hear talk about OA (Online Armor), Anti Hook, and more about Safe'N'Sec.

What do you guys think? I mean all you guys that are Processguard + Regdefend followers and those of us that add RegRun as an extra defense. You think our line of defense is getting old with this new and upcoming programs? Is it time for a change?

dja2k" }-

You know what I think?

I think you are perfectly safe. There will always be something newer, something that claims to, or actually provides more protection eg OA and it's ability to rollback plus antispoofing methods, but the question as always is whether you will need that additional protection.

Given that lots of people don't even use HIPS, the fact that you use Regdefend+Processguard makes you one step above 99.999% of people already.

Add the knowledge that comes from understanding malware generally, you are as safe as you can be.

Of course, if you are like most of us, caught up in this for fun as a hobby, I say go for it!

But if you are really not interested in computer security, except for the minimum to get by, I don't really see the need to read this forums daily or even weeky.

-{ Quote: "But if you are really not interested in computer security, except for the minimum to get by, I don't really see the need to read this forums daily or even weeky." }-

I disagree. What I am discovering is that so-called "legitimate" companies are just as likely to invade a user's privacy as the "bandits" are - and products like ProcessGuard alert me. Apparently, my actions on my computer have become free-game for the "free-market system".

Until Microsoft designs an operating system that puts control of the computer back into the hands of the user (or another operating system with such control has widespread usuage), I feel that products lilke ProcessGuard provide valuable services.

Rich

All i'll say is
ProcessGuard
Regdefend
Proactive

There, think that'll get Rich's attention.

There comes a time when the word obsession needs to be used...

I know plenty of people who only use a AV, FW, Firefox, MSAS (or another anti-malware like say BoClean) and maybe Ad-aware and/or Spybot, and they never have any problems whatsoever!

I think all this HIPS talk is just that, a bunch of talk. But when it comes to the real world, it's not really necessary. Plenty of people get by without them, and the people who don't probably don't even use an up to date AV, or just don't care much about computer security.

How many times, I wonder, have these HIPS programs ever REALLY been necessary in real world situations? Could the same problems have been stopped by your AV/FW/AS/AT in most cases? From what I've seen, the answer is yes.

So all these people are spending, spending, spending for protection, in most cases, they'll never really need. They could probably have all the protection they'll ever need with just their AV/AS/AT/FW. Using something like PG, AH, Safe'n'Sec etc...is just an added measure of security that most will probably never need.

But not to say you shouldn't be using HIPS or other IDS software, if you want to, just that I don't feel, from what I've seen, that they're really that necessary. But like another poster said, if it's your hobby, then go for it. ;) ;D

It depends upon individual perspectives. If you trust MS (MS AS) to decide what should or shouldn't run on your system, then MSAS is a very good solution. If you trust that KAV will have all of the definitions for zero-hour attacks, very quickly, then KAV is an excellent solution. If you trust all of your vendors, that they will not "intrude" and do things on your computer and collect information with clear permission (sometimes hidden in the fine print), then there is no reason to be concern.

I am not so trusting. I would like to have a personal say on what runs and what doesn't run on my machine. What gets installed (services/drivers) and what doesn't. What hooks my screen and keyboard, and what doesn't. For this reason, I appreciate that ProcessGuard and Online Armor (as examples), give that "Right" back to me. This is simply my individual right to determine what happens on my machine.

Rich

-{ Quote: "It depends upon individual perspectives... I would like to have a personal say on what runs and what doesn't run on my machine... This is simply my individual right to determine what happens on my machine." }-Well put, Rich, and an important point.

I would hope we could beome less critical about setups, and instead, focus on discussion of the various products and users' experiences with them.

What someone else decides to do is her/his own business, and we should be grateful for the myriad selections of fine products that are now and becoming available.

I like Spy1's comment in another thread:

--------------------------
Please bear in mind that what works fine for me does just that - works fine for me, my computer set-up, my other programs..., etc.

I can neither tell you it will work as well for you (since your set-up and applications are totally different than mine), nor hazzard guesses or make pronouncements about things I haven't a clue about.
--------------------------

regards,

-rich
________________
~~Be ALERT!!! ~~

-{ Quote: "I would hope we could beome less critical about setups, and instead, focus on discussion of the various products and users' experiences with them.
" }-

I don't think anyone is critising setups. The original poster asked if it's necessary to go beyond PG+Regdefend, some of us said no in varying degrees, Richrf said yes.

I don't know why Richrf though started declaring his right to use whatever he wanted, unless he wanted to act like a victim. That was never in question.

Of course, everyone has the right to do what he or she wants.

Still the meaning of the word "overkill" seems to be lost on some. But hey, it's their right , no question. It's their right to disagree on whether it's overkill as well of course.

Just as it's my right to advise most people that they don't need to run 4 different HIP products at the same time. Or keep up with the Jones for security software.

I suppose when someone else recommends that you should run Regdefend,Processguard,Wormguard,KAV it's okay? But when people sugguest that it's isn't strictly necessary, it's critising setups??

I completely agree with those comments ---.

I wasn't insulting anyone's setup either. I was simply pointing out that not everyone HAS to have the latest and greatest IDS type programs to be safe on the internet.

On one of my computers for example, I only have Tea Timer, WinPatrol, Firefox, Pest Patrol and my AV/FW and I've never had any problems on that computer in years. And that's usually more than many other people I know, and they don't seem to have any problems either.

I don't think anyone should feel threatened by my recommending different software than what they feel is the ideal setup. But perhaps they are offended when others come along and show that it really isn't necessary to go to such extreme lengths to be safe on the net, or maybe they're trying to justify their expensive purchases by accusing others of criticizing who disagee with them.

At any rate do what you like. I'm not telling anyone to do it one way or the other. I'm just posting about what I've seen work for myself and others. Some of us use what others may call an unsafe minimal setup and still do just fine. ;)

I was not offended at all. I was merely pointing out, that there is a significant, qualitative difference between relying on other vendors to protect my machine (via signatures, heuristics, and their own internal decision making process), rather than relying on myself.

I, personally, would like to be the final arbitor of what runs on my machine - not MS, Spybot, Norton, or anyone else. Just like I decide who I allow into my house. Somewhere along the way, things really got wierd on the PC, and vendors decided that they were entitled to put software and and other things on my machine. The "bad guys" came along, and simply decided to take advantage of the "facilities" in the OS (Windows) that the "legitimate companies" were exploiting. Not surprisingly, government goes along with it, because big companies make tons of money intruding into my space. It is as if I let every traveling salesperson/fundraiser into my house.

This is a significant difference between the classical "AV" approaches and the HIPS approach. HIPS closes the doors, and only opens them if I say its OK. Whether or not it provides more protection than signature/heuristic approaches, I have no idea at this time. But it does make me in charge of my own machine and my own life.

Rich

-{ Quote: "On one of my computers for example, I only have Tea Timer, WinPatrol, Firefox, Pest Patrol and my AV/FW and I've never had any problems on that computer in years. And that's usually more than many other people I know, and they don't seem to have any problems either." }-

Actually, this is quite a bit of protection, but not sufficient for you to know whether or not your machine has been really compromised. It is unfortunate, but it is the state of affairs with the Internet nowadays.

RIch

-{ Quote: "HIPS closes the doors, and only opens them if I say its OK" }-

Provided you know what you are doing. Lets hope you do, and that's it's not a case of 'thinking' you know what you are doing. If you allow something that you believe is safe and turns out it's not then you could be toast. That's the problem with HIPS applications - The decision is mostly left to the user. And that is very dangerous unless you are really clued up.

What advantages does HIPS software have over "traditional" approaches and what are the disadvantages of HIPS?

-{ Quote: "Provided you know what you are doing. Lets hope you do, and that's it's not a case of 'thinking' you know what you are doing. If you allow something that you believe is safe and turns out it's not then you could be toast. That's the problem with HIPS applications - The decision is mostly left to the user. And that is very dangerous unless you are really clued up." }-

If I don't know what I am doing, then I am no worse off than I was before. However, there are ways for HIPS vendors to "smarten up" the alerts, to assist users during the learning process. Online Armor has begun to add these assists in their products, though lots more can be done.

HIPS is a very valuable addition to my security. If something happens out of the ordinary, then my gut reaction is to reject - i.e. "rejection by exception". It actually does work beautifully. For example, when I seemingly benign program tried to load a new driver/service, I replied "No". It was the right move. Without HIPS, it would have been able to load the driver because I would have no idea that it was trying to do so.

Rich

-{ Quote: "What advantages does HIPS software have over "traditional" approaches and what are the disadvantages of HIPS?" }-

Depending upon the quality of the HIPS product, it can:

1) Alert the user whenever a new, untrusted executable is attempting to gain access to system resources.

2) Alert the user if the new executable is attempting to perform some action which would be considered potentially damaging or malicious.

3) Provide guidance to the user with additional information about the executable and possible actions the user can take as the process continues its execution path.

Basically HIPS is a way for a user to know what is trying to run on the users machine and what it is trying to do - espececially if it is deemed abnormal.

The classical AV/AT approach:

1) Attempts to used automated means identification signatures or heuristics to identify a process as a potential Bad Guy. If potentially Bad then the user will receive an alert. This identification can be done during On Access (before it begins to process) or while it is processing.

An analogy could be made like this:

1) Classical: A person wants to gain entrance to a home. The person's fingerprint is compared to a set of known Bad Guy fingerprints or "profiles". If the fingerprint is not on file, then the person is allowed in, no questions asked. No way to stop it. Therefore, any Bad Guy who is not "known" is let in.

2) HIPS: Any "new" person is stopped, no matter what, and not let in unless specific authorization is given by the owner of the home. Period. The owner of the house decides whether to let the "unknown person" in. If the person is trying to enter in the middle of the night (an Exception situation), it is wise to reject the person. Otherwise, the owner of the house can ask for more details before letting the person in. If, the owner mistakenly lets in a Bad Guy, the owner can use a camera to follow the Bad Guy around, and if the Bad Guy tries to do something naughty (like steal some goods), the owner can catch this action, before it is completed, and ...... hmmmmm .... kill the Bad Guy legally. ;D

HIPS provides LOTS more information and control.

Rich

We have the advantages and now what are the disadvantages of having a HIPS program installed?


Starrob

-{ Quote: "We have the advantages and now what are the disadvantages of having a HIPS program installed?


Starrob" }-

Depending upon the HIPS program, it may be a "slow learner" and provide too many alerts (alert incorrectly on non-exception conditions) that are difficult to understand. This is a refinement process. Online Armor, has been stellar in this regard. It will be interesting to see how other users react.

Should a user incorrectly allow a Bad Guy in, the user is no worse off than the user was before with a simple AV solution. In this case, the AV let it through and the user let it through. However, with a HIPS product, there may be more opportunities to "catch the mistake", since the HIPS product can also guard the "precious goods" within the house - i.e. multiple lines of interior defense.

-{ Quote: "

If, the owner mistakenly lets in a Bad Guy, the owner can use a camera to follow the Bad Guy around, and if the Bad Guy tries to do something naughty (like steal some goods), the owner can catch this action, before it is completed, and ...... hmmmmm .... kill the Bad Guy legally. ;D

HIPS provides LOTS more information and control.

Rich" }-

Of course, in most cases, the actions taken by the "Bad guys" is not as straight forward as 'steal some goods' , so some guessing is required.

Letting a stranger in, sadly in most cases can't be avoided, if you want to trial software, in such cases which I personally find very common, the HIPS is useless really despite Richrf's motto of 'catch them before they start'.

So I prefer that HIPS try to be smarter in catching actions that are almost likely to be done only by the bad guys.

-{ Quote: "If I don't know what I am doing, then I am no worse off than I was before. " }-

Well if you don't consider the monetary cost , effort of checking compatiability, of handling popups etc that is.

As mentioned popup fatigue can be a bad thing, leading to users clicking yes just to get rid of it. A very bad habit...

-{ Quote: "Well if you don't consider the monetary cost , effort of checking compatiability, of handling popups etc that is.

As mentioned popup fatigue can be a bad thing, leading to users clicking yes just to get rid of it. A very bad habit..." }-

No problem at all. The few bucks I spend is no more than an evening out. The couple of pop-ups I receive is a whole lot easier to handle than scrolling down and clicking on a list returned by Google. But I guess, it is possible to find something wrong with anyything. In fact, let's get rid of Google all together since it returns way to many listings.

-{ Quote: "No problem at all. The few bucks I spend is no more than an evening out.
" }-

Yes. For you.

-{ Quote: "
The couple of pop-ups I receive is a whole lot easier to handle than scrolling down and clicking on a list returned by Google. But I guess, it is possible to find something wrong with anyything. In fact, let's get rid of Google all together since it returns way to many listings." }-

Strange change of topic.

Google? Yes, I would prefer relevant results to a million irrelevant ones. Pointless to index, a billion billion pages, if it's ranking algothrims place useless pages first.

What's your point again?

The point is:

1) An extra two clicks a day isn't all that painful,

2) An extra $20 a year isn't all that draining,

3) An extra couple of decisions more in my life isn't all that stressful,

and ...

There is such thing as making a mountain out of a molehill.

However, I do find it interesting that people like to throw around loaded labels like "paranoid", in order to put fear into people .... Or maybe I am just being too paranoid.

HIPS stands for what?

I don`t know about now, but to me it meant a well defined woman. :)

-{ Quote: "The point is:

1) An extra two clicks a day isn't all that painful,

2) An extra $20 a year isn't all that draining,

3) An extra couple of decisions more in my life isn't all that stressful,

and ...

There is such thing as making a mountain out of a molehill.
" }-

You sure picked a wrong example to argue about then. In your google example, it's not coverage alone that makes google successful, it's relevance.

Similarly, It's not the quantity of popups/decisions you have to make that makes your computer secure. I can set up a computer such that every file I/O access is being reported to you , is that really more secure?

Based on your reasoning it gives me even more control....



-{ Quote: "The point is:


However, I do find it interesting that people like to throw around loaded labels like "paranoid", in order to put fear into people .... Or maybe I am just being too paranoid." }-

LOL, the label paranoid puts fear into people? Fear of what? For being called a paranoid?

On the other hand, for someone who loves to assert his right to run software he wants, you sure are quick to critise other people's setups.

-{ Quote: "Actually, this is quite a bit of protection, but not sufficient for you to know whether or not your machine has been really compromised. It is unfortunate, but it is the state of affairs with the Internet nowadays.
" }-

How do you know?

Host-base Intrusion Prevention System.


There ya have it. :)

-{ Quote: "Host-base Intrusion Prevention System.


There ya have it. :)" }-

AYBABTU :)

What will Online Armor offer differently than what I am using now? Also, would Safe'n"sec offer anything else to my current setup? Do any of you still use programs like regrun and script defender with this new programs?

dja2k

-{ Quote: "What will Online Armor offer differently than what I am using now? Also, would Safe'n"sec offer anything else to my current setup? Do any of you still use programs like regrun and script defender with this new programs?" }-dja2k,

I tend to think of SafenSec as an integrated PG/RD with a more user friendly front end, although the differences are clearly not just at an aesthetic level. There is a lot of sophistication under the hood.

The basic SafenSec design strategy is provided here (http://www.star-force.com/computer_security/protection.phtml?c=207). Rather than allow (or force, it depends on perspective) a user to delve into the minutiae of what to block/how to block/etc., most of that is provided by the internally held policies and rules of SafenSec. What that means is fewer alerts - generally better for a casual user trying to fight popup fatigue - and a coarser selection of how the application can be tailored. For example, one can set the control levels at Total, Strict, or Trusting. That's it. Clearly not the degree of fine tuning possible with PG/RD, but it happens to be at a level I want for my family machines, and basically I think that is their target - the mass market. Personally, I like it a lot and think it is a great application. It is installed on all of my systems and it has been rock solid with no conflicts or stability issues from the day of the initial installation.

If you satisfied with the functionality of PG/RD now, I wouldn't necessarily recommend a switch. If you find yourself increasingly bogged down answering questions regarding pop ups (that was the trigger for me), or you find the configuration options of PG/RD a little distressing, I'd recommend that you take a look at SafenSec or one of the other so-called HIPS solutions.

Blue

Nope, no complains on pop-ups here with PG\RD combination. Just wondering what safe'n'sec compared to those and\or other programs. Like I read, Antihook is no necessary if you have Process Guard. So I guess Antihook and Safe'n"sec are out for me then. But what about all this talk about Online Armor? Why would I try OA if I think I have enough with PG\RD, Regrun, Script Defender (extra scripts), Ewido 3.5 in addition to Nod32 and ZA PRO 6 running as first defense. What would I benefit with OA? And if I install OA, should I drop any active security program?

dja2k

Didn't need Online Armor personally. Don't think many people who use programs like Regdefend 1.3, ProcessGuard 1.500 Full, Zonealarm 6 Pro, Ewido 3.5, Unhackme, Regrun 4.1 Gold and SnoopFree Etc. would like to have more pop-ups and additional softare that does the same thing. Furthermore, not to mention paying $40 for a new program that is just the combination of the softare mentioned above.

I mean this is a good program for a new user to all these, but for someone like me who already paid for the non-free software mention above, it isn't much of a different program. Anyways, good work on Online Armor, seems to be a complete package.

dja2k

-{ Quote: "Didn't need Online Armor personally. Don't think many people who use programs like Regdefend 1.3, ProcessGuard 1.500 Full, Zonealarm 6 Pro, Ewido 3.5, Unhackme, Regrun 4.1 Gold and SnoopFree Etc. would like to have more pop-ups and additional softare that does the same thing. Furthermore, not to mention paying $40 for a new program that is just the combination of the softare mentioned above.

I mean this is a good program for a new user to all these, but for someone like me who already paid for the non-free software mention above, it isn't much of a different program. Anyways, good work on Online Armor, seems to be a complete package.

dja2k" }-

Obviously, if you have laid out $50 for trojan hunter, $29.95 for processGuard, $29.95 for Reg Defend, $29.95 for Ewido then you already have a lot of protection and perhaps OA is not good for you as there would be a lot of overlap in your case.

Do you think we should offer some sort of discount for users of "competitive" programs? What sort of deal do you think would be fair?


Mike

-{ Quote: "Do you think we should offer some sort of discount for users of "competitive" programs? What sort of deal do you think would be fair?" }-I'd suggest not bothering - your main target market is presumably going to be new users with little in the way of existing security products looking for a simple all-in-one solution rather than the "belt'n'bracers" crowd. Also if you do offer a discount, how would you check that purchasers qualified and how much extra effort would it involve?

Instead, you may find a bundling arrangement more useful (with one of the more popular AVs perhaps or a firewall) or a distribution deal with a PC supplier offering OA preinstalled - think of the savings the likes of Dell could make on support if they bundled a comprehensive security solution rather than just Norton...

-{ Quote: "Obviously, if you have laid out $50 for trojan hunter, $29.95 for processGuard, $29.95 for Reg Defend, $29.95 for Ewido then you already have a lot of protection and perhaps OA is not good for you as there would be a lot of overlap in your case.

Do you think we should offer some sort of discount for users of "competitive" programs? What sort of deal do you think would be fair?


Mike" }-

Hey if I can get a good deal to drop several apps from running and having one whole suite in just one software product, that would be great!

Being a Marketing Major Graduate here, I agree that a discount in most cases does work! :)

dja2k

-{ Quote: "...a discount in most cases does work! :) " }-Yes, charging a lower price will help sales numbers - but results in a lower margin also. For "competitive discounts" you also either have to verify ownership of other products (more effort = lower margin still) or rely on the honour system - in which case, why not charge a lower price across the board to avoid rewarding the dishonest?

For low-cost, high-volume products (which is presumably what OA is aiming for), a simple pricing model would be more appropriate. One thing that should be considered though, given the number of multiple-PC households, is offering a "family licence" (allowing for unlimited use on all PCs within a home - perhaps with some restriction on numbers) as well as multiple-seat business licences.

Another issue for European Union purchasers is Value Added Tax (rates varying from 15-20%) which has to be charged by vendors on software purchased online. Being Australian-based, this is a voluntary step for Tallemu but many shareware/download registration services add VAT automatically - if OA is to be sold in this fashion, offering a direct payment method (via credit card or Paypal) would allow EU residents to avoid this tax.

-{ Quote: "Yes, charging a lower price will help sales numbers - but results in a lower margin also. For "competitive discounts" you also either have to verify ownership of other products (more effort = lower margin still) or rely on the honour system - in which case, why not charge a lower price across the board to avoid rewarding the dishonest?
" }-

A very good point. I can confirm that we are definitely going to have some kind of family/Small biz packs, but the pricing hasn't been worked out just yet.

As for VAT - we have GST here (which is essentially the same thing) but because our sales are exports we don't need to charge it. There are no plans to charge any EU taxes either, especially if we don't have to.

I have Process Guard but I think I will go for KIS 2006 instead. I'm beta testing it currently and it has a ProActive defense module with Process Guard, Registry Guard, and Office Guard. It's QUITE buggy now but when this goes Gold, I think it will be outstanding. There is all this coverage (antispy, hacker and spam also) and yet the memory usage is less than 8,000K. KAV and KIS 2006 are TOTALLY different from 2005 and a VAST improvement.

-{ Quote: "Obviously, if you have laid out $50 for trojan hunter, $29.95 for processGuard, $29.95 for Reg Defend, $29.95 for Ewido then you already have a lot of protection and perhaps OA is not good for you as there would be a lot of overlap in your case.

Do you think we should offer some sort of discount for users of "competitive" programs? What sort of deal do you think would be fair?
" }-

Like many, I already few more than protected, and adding OA currently to the mix, has little benefit now.

There are a 2-3 features currently that OA has that I might think of acquiring though, I don't particularly feel like running a complete new package on top of what I have just to get them

perhaps you might release a special smaller product that included only some unique OA features that arent available in PG,Regdefend.

Like your banktrust program you were thinking of releasing , dns spoofing protecting via a trusted third dns server is pretty unique in my experience, and worth paying for.

Ditto for the idea to link execution protection to rollbacks.

On the other hand, it would probably cost quite a bit to maintain a second line of products, just to pander to a very small group ,so forget what i said.







Mike" }-

-{ Quote: "
perhaps you might release a special smaller product that included only some unique OA features that arent available in PG,Regdefend.

Like your banktrust program you were thinking of releasing , dns spoofing protecting via a trusted third dns server is pretty unique in my experience, and worth paying for.

Ditto for the idea to link execution protection to rollbacks.

On the other hand, it would probably cost quite a bit to maintain a second line of products, just to pander to a very small group ,so forget what i said.

" }-
Yeah, it would increase the costs a little. You can de-activate various features though, so perhaps it may be better to give users additional control (in advanced mode) of which facilities of OA run. So, if you want regdefend to look after your registry, just turn that off in OA.