Keep in mind that this thread is pure hypothetical. I didn't do anything yet. I didn't decide anything yet. Consider it as a dream of a user or maybe a nightmare/daymare for security experts. I'm thinking of a new security set on my computer : ZoneAlarm Free + ShadowUser and that's it. I know, it sounds CRAZY, INSANE, UNACCEPTABLE etc. etc. etc., but remember it's my computer. On the other hand, it seems to me that not many members actually use ShadowUser (SU), which means there isn't much practical experience with SU either and those who use SU don't complain and are satisfied. As far as I know, these SU-users install SU as an additional software together with all their AV/AS/AT/AK-scanners and/or pro-active softwares and that's exactly what I don't like to do. So I'm going to TRUST ShadowUser for 100% and act like a newbie on the internet in ShadowMode and of course I will install/run/un-install scanners and run online-scanners occasionally, but only for one reason : to CHECK how good or bad ShadowUser really is. I will NOT use : - any definition/heuristic-based scanner (AV/AS/AT/AK) - IE-SPYAD (no restricted zones) or HOSTS File, which will be empty. - any shield - any proactive software - any other sandbox software, like AntiMalware, DefenseWall, Sandboxie, ... I keep on using : - win2000proSP4 (fully patched). - MS Internet Explorer with default settings. - Mozilla Firefox as browser, but without extensions and with default settings. - Mozilla Thunderbird as email-software. - ZoneAlarm Free as firewall and of course ShadowUser as sandbox software. I choosed SU, because SU puts my whole harddisk in a virtual environment. My choice is certainly not based on expertise, I always follow my intuition when I don't know anything about it. I also don't consider SU as THE solution, but I like the philosophy behind SU and I don't like the rest of the solutions. So there is nothing else for me, until somebody invents another solution better than a virtual environment and then I ditch SU. A virtual environment has several BIG and VERY WANTED advantages for users and certainly for less-knowledgeable users and I can't put these advantages aside, because they don't exist in the traditional solutions. Preventive Prevention is always better and smarter than curing and SU is a full prevention, until the opposite is proven in practice. 99% Foolproof Scanners collect malware in definition databases and when the malware isn't in the database, they try to find it with the heuristic method and when that doesn't help you are infected. SU puts your harddisk in a virtual environment and ANY infection will be removed after reboot, which means any existing type of malware and any new type of malware. In other words : a 99% foolproof protection in theory, until the opposite is proven in practice. I couldn't say 100% foolproof, because that will never exist, neither in computers, nor in real life. Also SU and other sandbox softwares will ever be a target of the bad guys. No Scan Time 1. Because scanners collect what the bad guys do, that collection will increase CONSTANTLY. Some scanners already have more than 200,000 definitions. There was a time Spybot had about 12,000 definitions and now it has more than 29,000 definitions. A2 was almost nothing in the beginning and has now more than 170,000 definitions. And that happened in just 14 months, when I joined SWI and later Wilders. 2. Although all good AV/AS/AT/AK scanners detect/remove grosso modo the SAME malwares, they are differences in quantity and identity and that's why you need more than one scanner of each kind, which results in an absolute minimum of 8 scanners (2 x 4) and each of these scanners have their own scan time and it doesn't matter if the malware is there or not, the scan time remains the same. 3. Due to competition, the scanner companies refuse to combine these definitions in one single database for each type of malware. So all these scanners together take alot of unnecessary time to do their job. In computer science they call this REDUNDANCY, which is a SIN, because you don't detect the same threat more than once, computers are made to avoid redundancy, unless the security companies don't want this. 4. All what users want is doing their job from 9 to 5 and anything that keeps them away from doing their job, irritates/angers them and malware + anti-malware is one of these irritating things. So these users hate security, unless it doesn't bother them and all traditional solutions are irritating. SU requires only a reboot of 5 minutes to remove everything and the reboot time remains the same, while the total scan time of scanners only will increase in the future until the users lose their patience. Quiet SU is also very quiet, because there is nothing to report, no updatings, no annoying questions, no YES or NO decisions to make. Freedom I want my freedom back on the internet, the same freedom I had in my newbie time, unaware of any threat, because I'm too curious and I like to try everything on internet, even when it's "dangerous". I also want to visit every websites, infected or not. My own discipline on the internet is killing me, because I don't like to be carefull and I don't want to become paranoid either. SU gives me that freedom back, because I can do whatever I want, without getting hurt and that's what alot of users want. They want to ENJOY the internet. Reassurance Scanners don't give me the feeling that my PC is clean and the fact that scanners report nothing doesn't mean anything to me, because I know how these scanners work. So these scanners give me constantly a false feeling of having a clean computer. SU gives me that reassurance, until the opposite is proven in practice. Simplicity SU has a philosophy that is easy to understand for everybody. After a simple reboot, any malware is gone and you can start all over again. Cheap ShadowUser costs $69.99 which looks expensive, but when you want the best scanners and other softwares, you have to pay alot more than $69.99. I have to go now, because my shrink and two male nurses want me back in my cell. Any thoughts are welcome of course.