How do you boil a frog ?

Common sense may give 90 % of the total security. The remaining 9.9999999 % (the "what if" and shoot in the foot scenarios) is covered by the security setup and backup strategy.

The solution for this usage pattern is:
- Good mail provider.
- Up-to-date system.
- LUA (they don't need to install new applications)
- SpywareBlaster.
- Smart HIPS (Prevx, Threatfire, etc)
- Boot-to-restore app.
- Browser with ad and pop-up blocking.
- A little education about mail attachments (ecards), phishing, fake codecs (they should have all the needed codecs in the fresh install), fake security alerts, etc.

 

Greetings up above there Climenole

Your preferred choice for an AV in Avast wouldn't possibly have any bearing on your geographical location now could it?

Former AVAST user here myself for sometime beginning at version 4 i believe on Windows 98 into XP and forum regular the whole time, LoL

Really like what they done with it over it's run and see it's still well regarded by many just like yourself.

Very good point on mentioning BALANCE. The Layered approach is certainly widened it's range though with the introduction of HIPS, Behavior Blockers, and such though wouldn't you agree?

Unfortunately though for some users common sense is in rather short supply where haste is more preferred than protection.
But lucky for all of us that the security industry as a whole makes provisions also especially for them which trickle on over to the rest of us in even more improved and automated versions.

 

Common sense is good, human mistakes is less good.

 

As a non-technical person, I can't evaluate how serious this backdoor is.

I'm in contact with TropSoft regarding the absurdity of the locktype "Hide Contents and Lock" and to replace it with or add the more usefull locktype "Hide and Lock" or "Lock and Hide", which sounds better.

My next question might be about the backdoor.

 

That statement counts for anything made by mankind. That doesn't keep me away from using PC Security, otherwise I have to ditch all my softwares.

 

I think that "The general theory of second best" Lipsey & Lancaster 1956/57
might be applied here. My simplified interpretation is that with a given set of parameters the best solution may often involve a series of second best solutions for a number of the individual parameters. Meaning that a less than perfect solution is in fact the best solution attainable.

 

Over the years NOD32 has popped several times on inbound trojans, etc. One time a nasty non-viral ad popper got through, so I added SUPERAntiSpyware Pro.

SAS has popped a few times, so I know it's working.

ProSecurity beta 2 pops quite a bit while learning the system, but afterward the pops are appreciated. It does have a learning mode I use at first install. If a nasty got through NOD32 and SAS, I feel ProSecurity would do the warning; but, this is where you have to know what you are blocking or allowing. Unlike an anti-whatever, it's a HIPS and sees all types of activity. BTW, beta 3 is out, but I haven't tried it yet.

If I'm going on an adventure into unknown territory, I may fire up Sandboxie for virtual browsing. I do find it slows my broadband browsing down a bit.

Taking more care? Well, I went to a page one time that seemed harmless, walked away from the computer for a couple of minutes leaving IE open on the page and came back to find the ad popper mentioned above solidly installed. You just never know, no matter how much care you think you're using.

Cookies not included. Darn, and I like cookies too. Especially old fashioned chocolate chip. Joking aside, I use IE Privacy Keeper to keep select cookies. All others get deleted when the browser closes. It also deletes the cache each time the browser is closed; nothing more, just those two things. Of course, it has many more features. I just don't use them.

 

That's what's bothering me.
They say "use common sense", what is "common sense" worth, if you don't have knowledge enough to see what is going on.
System objects and malware objects look the same to me and malware objects don't call themselves "malware.dll".
If a HIPS asks me "Allow" or "Deny" OR "Yes" or "No" I will most probably give the wrong answer.

That's the main reason, why I have a boot-to-restore, which removes any change in my system partition, that is for me the only way to be sure that everything is removed, because I can't depend on myself and there is always some malware that passes through my firewall or my other security softwares.
My security softwares might even bad configured by me.
My boot-to-restore removes at least the mistakes of my security softwares and my mistakes.

That's why I also LOCK my data partition, when I start surfing, to make any reading, writing or stealing in my data partition impossible. One wrong click on a website and a virus might infect my data files and most probably I won't even notice it.

How many users do really know how their security softwares exactly work and
1. against WHAT they are protected and above all
2. against WHAT they are NOT protected ?

A real-time shield of a scanner blocks a virus and shows a popup "I blocked this virus". The same real-time shield won't show a popup, "Hey I missed that one.", but my computer IS infected.

Well, in that case I prefer my approach, which offers at least more certainty.

 

A man with a very high IQ can spend years studying about Lions and their behaviors. He then might decide that he has enough knowledge to approach the Lions. End result, the 'intelligent' man is now cat food.

However, a man with common sense, wouldn't go near the Lions to begin with. At least not without a gun .

By now most of us use common sense with our emails. We are also vigilant in keeping our programs up to date. We also download from known sources and scan them with multiple scanners or upload them to VT or Jotti. We also know that if we visit the dark side that our chances of infection are greatly multiplied.

If we use common sense then the chances of getting eaten by a 'Lion' are slim. I also think there is nothing wrong with carrying a 'gun' when amongst the 'Lions'. Some our 'guns' may vary in caliber, length and the amount of barrels, but they all protect us against the same things.

peace out

 

Hello,

Actually, lions will not attack a man unless threatened.

They also eat once every two weeks or so and spend 16-20 hours sleeping and only hunt at dawn or dusk. They will not care for human interlopers if they are fed and have no cubs nearby ...

How does this analogy compare to computers? I don't know.

Mrk

 

Are lions related to frogs in any way

 

Ancestry.com

 

If you are installing a trusted software you'd know to allow....

That's why you don't need HIPS....

Your approach is necessary as you have a data-partition that has value. In my case, I have nothing that can't be easily replaced (including the OS) so HIPS and AV are the only thing that are needed.

 

Sorry E_Albert for my late responds...

My 'real-time' = VBA; 'safemode-on-demand' & an alternate = Norman MC (latest) & AVERT (obsolete but a fav); 'scheduled' mWare-cleaner = SpyBot.

Of course, my home system was behind a Wifi/NAT.

My VBA got the major task of pre-emptive realtime actions & when i browse its report with indications, i do the routine VBA run again. Then reboot on safeMode for a check with Norman or AVERT. Lastly... a spyBot scan after another reboot.

On average, the VBA gave me about 2 pre-emptive strikes per month; spyBot gaves me a minimum of 3warnings (that's due to my intentional XP-SC settings & a couple of unusual 'bypass') every time its run... if S&D gaves me more than 3... then i sense trouble lurking! That's the time i switched to possible 'Yellow' terror-sweeping.

 

If you're using additional programs, whether they be security software or not, and it runs in the systray, it's bound to be using memory. Remove those programs, and the system runs faster. I thought everybody knew this?

I'm only using KIS, but it doesn't seem to impact the running of my computer too greatly. I agree that I notice a speed improvement when KIS isn't installed, but that's to be expected.

I have to admit I don't run several applications at once. Right now I just have the browser window open.