Is a dedicated anti-trojan program really needed?

I see your point, but.............................. they still need to EXECUTE their time-bombs before they can run at a specific time or event.

So installation and (a part of) execution happens at the same time.

Anyway, it doesn't matter since we essentially know this at heart.

And you may wish to use behaviour blockers or the like to control how they execute (perform their actions).

Good choice again - two are better than one unless they conflict with each other.

By the way, do you use limited account? Limited account is one of the best HIPS in the world, not to say it's free of charge.

PS: I miss your signature.

 

Behaviour Blockers and a Limited Account are also good ideas, I have to meditate in trance about this.

My signature contained an unfinished security setup, so it wasn't really usefull.
I found the expression "Rollback Intrusion Prevention System" funny, because
- it also means "Rest In Peace System", in case it was a total failure.
- it doesn't even exist in the security world.
- it sounds so serious and it isn't.
- I like to play with words and expressions, although it is much more difficult in English (short vocabulary).
I removed it, because the fun was over at least for me.

 

Yes, your RIP is funny.

RIP may also mean:
# rake: a dissolute man in fashionable society
# rend: tear or be torn violently; "The curtain ripped from top to bottom"; "pull the cooked chicken into strips"
# an opening made forcibly as by pulling apart; "there was a rip in his pants"; "she had snags in her stockings"
# move precipitously or violently; "The tornado ripped along the coast"
# cut (wood) along the grain
# a stretch of turbulent water in a river or the sea caused by one current flowing into or across another current
# rent: the act of rending or ripping or splitting something; "he gave the envelope a vigorous rip"
# criticize or abuse strongly and violently; "The candidate ripped into his opponent mercilessly"

I have a similar security setup like you. The idea is as follows:
- you have 2 divisions - yellow and green. Both divisions are separate.
- you carry out any normal things you may do in your life on your first (yellow) division
- you strictly do only very safe, or completely trusted things on your second (green) division
- while your yellow division may get infected unknowingly, it doesn't hurt you much since all important, sensitive or money-wise things (eg online banking, shopping) are done in the green division.
- About the 2 divisions, it could be any two separate entities which is completely isolated from one another (so cross-infection is impossible). It could be 2 separate computers, 2 separate operating systems, and so on.
- I would still try to ensure the cleanness of my first division as hard as I can.

After all, good job. Your security setup is interesting and creative. While others are still striving to protect their PCs with more and more security programs (1AV, 1AT, 1AK, 1AH, 1AR, 1AS, 1Firewall, 1HIPS...), you come up with another perspective - no change is the best change! It offers the best protection!

 

You need to set up security measures that provide layers of defense against risks. Generally when you use a computer you should not wonder if you will experience security breaches instead, you should assume that you will experience a security problem.
A layered approach when you plan your security ensures that an attacker who penetrates one layer of defense will be stopped by a subsequent layer.
Most of us follow this.
The Internet is home to a variety of threats, an attacker can monitor traffic passively replacing a component with a Trojan horse program, or theres exploits, crypto (password), spoof etc etc. Recently I have been working on killing antivirus components replacing with dummies even down to the notification area, where a repair will not work or reinstalling doesnt work either.
So its really all down to your decision and experience where your at in your experience.