# discussion on computer security



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Your method seems only realistic if you only surf the net and little else.....for me and likely others, your method would be excruciating pain and without av and anti-malware scanners and apps....not exactly secure between bootup and turn off of the computer....while using the Internet..
> 
> I'm not trying to change your mind, Erik......but I have very good reasons not to use your 'method' and since you project it as a recommendation, it needs to be discussed, imo
> 
> I suggest you start a new thread where you present your 'method', detail it....and the forum discusses it ?


I'm not going to do this anymore. I've done this already in a dutch forum, they did nothing but trying to kill me. I didn't even had the chance to explain things. I even challenged them to find any malware in my logs, no response. I was alone fighting against all the moderators.
I was the idiot, because my system was clean and malware-free, while all these malware-victims with their logs were the smart ones. They were the good guys, because they needed help and I didn't ask for help. What a comedy.

The same will happen here, nothing but sarcastic one-liners without investigation, proof and no experience at all.
It's NEW, so it can't be good, we are afraid of new things, because we don't understand them and you are not like us, because you refuse to use scanners, you confuse the other users, you are a troll, you need to be banned. Did I forgot something ?

Another thread to become a mocking bird again, like in the other thread, no thank you.
This time you will verify my logs and nothing else and we both keep it honest.
No blablabla anymore, nothing but hard facts and proof, I want the same treatment as any other malware-victim. If not we quit this subject forever.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I'm not going to do this anymore. I've done this already in a dutch forum, they did nothing but trying to kill me. I didn't even had the chance to explain things. I even challenged them to find any malware in my logs, no response. I was alone fighting against all the moderators.
> I was the idiot, because my system was clean and malware-free, while all these malware-victims with their logs were the smart ones. They were the good guys, because they needed help and I didn't ask for help. What a comedy.
> 
> The same will happen here, nothing but sarcastic one-liners without investigation, proof and no experience at all.
> ...


Do you intend to continue recommending your 'method' through out most of this site with out expecting responses to it?



> No blablabla anymore, nothing but hard facts and proof, I want the same treatment as any other malware-victim. If not we quit this subject forever


I suggest if you aren't going to address the questions and issues with your 'method', you consider not bringing it up as a solution in future threads.
I really don't see how you can avoid controversy if you keep posting about your 'method' and refuse to discuss the issues with it.

Members that recommend registry cleaners are treated the same. They need to prove their recommendations.
Why should you be treated any differently?

Why shouldn't I ask when you are recommending something?

Take this statement by you:



> If I run CCleaner nowadays, it still finds 2, 3 or 4 objects,


That is a qualified statement and you don't acknowledge it to the forum.
It only finds that result on reboot of a new image of your system. After a day of activity, CCleaner would find deletable files relating to your activity through out the day, even if it is only one day.
Use Nero, and that activity is in records until you reboot.
Use IE to visit a web site and that activity is recorded if only for one day.
'Cleaning' by your special 'method' did nothing while your computer was turned on.
The same with security.
You start clean with a fresh image with each reboot, but your security seems lacking for the period your computer is online, even if it is only for a day.

I really don't think you should be recommending your 'method' to the forum. And I do ask you for clarification.
I'm not an expert. If someone knows better, please explain to me why Erik's 'method' is preferred.


----------



## ErikAlbert (Oct 14, 2010)

@Stoner,

I only answered "joe2cool"'s question and recommended him to keep on using CCleaner.

I didn't recommend my method to "joe2cool", because my method is based on FirstDefense and nobody can buy it anymore.
You are always the one, who is starting a discussion about my method.
Each time I post, you are there to discuss my method, why I don't know ?
Does it bother you so much, I'm using this method ? I don't have a problem with your method, I used your method five years ago. I only had a different AV-scanner and we both use Sandboxie. Is your Sandboxie better than mine ?


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> @Stoner,
> 
> I only answered "joe2cool"'s question and recommended him to keep on using CCleaner.
> 
> ...





> You are always the one, who is starting a discussion about my method.


Nope....each time I've discussed your 'method'...... it's after you mention your 'method' as a solution.



> Does it bother you so much, I'm using this method ?


I don't think you should be promoting it as you have configured a lack of security measures.



> I only had a different AV-scanner


You brag on not needing an AV scanner and run with out an active scanner.
This is the issue I don't see as reasonable.
You only know your system is 'clean' when you reboot it, not after you've been using it a short while.
You don't even have a means of scanning malware in a jpg that you might save to your 'My Documents' folder.
Your documents could even become infected and you wouldn't know until you install a scanner.
Does your system defend it's MBR from Bootkits?
If your bios or hardware was rootkitted, how would you know?

Maybe none of that affects you, but some members at TSG do online banking and purchasing using account numbers and your method of running with out a spectrum of protection seems risky.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Nope....each time I've discussed your 'method'...... it's after you mention your 'method' as a solution.
> 
> I don't think you should be promoting it as you have configured a lack of security measures.
> 
> ...


Promoting what ? FirstDefense isn't available anymore. There is nothing to promote.
Using "one" AV-scanner to detect boot-virussen, rootkits, malware ? You call that safe, because one AV-scanner didn't detect anything ? What if it is an undiscovered new boot-virus, new rootkit, new malware or it isn't blacklisted, your AV-scanner will tell you "No malware found", but you are infected anyway.
Your approach isn't any better, it's based on one AV-scanner and no scanner is able to detect all existing and new malware. You just assume that your scanner does its job, without knowing for sure.
I assume I'm malware-free, because so many scanners didn't detect anything and my system never changes except updatings. Your assumption is as good as mine and vice versa.
Even malware-victims run one AV-scanner, but they still get infected and that's why they are posting their logs in this forum, because none of their scanners didn't detect anything.
Downloading jpg-files from an unreliable source isn't smart either. Why all that risk for just one miserable picture ?
Sorry man, you need better arguments to convince me.


----------



## valis (Sep 24, 2004)

nothing personal, but I don't really subscribe to your school of thought either.....it seems rather dated and as malware is constantly evolving, relying on one app that isn't even available anymore seems to me to optimistic at best.


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> Sorry man, you need better arguments to convince me.


oh boy, now you've done it.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> Promoting what ? FirstDefense isn't available anymore. There is nothing to promote.
> Using "one" AV-scanner to detect boot-virussen, rootkits, jpg-files ? You call that safe, because one AV-scanner didn't detect anything ? What if it is an undiscovered new boot-virus, new rootkit, new malware, your AV-scanner will tell you "No malware found", but you are infected anyway.
> Your approach isn't any better, it's based on one AV-scanner and no scanner is able to detect all existing and new malware. You just assume that your scanner does its job, without knowing for sure.
> I assume I'm malware-free, because so many scanners didn't detect anything and my system never changes except updatings. Your assumption is as good as mine and vice versa.
> ...





> There is nothing to promote.


And yet you keep promoting your 'method'.



> Using "one" AV-scanner to detect boot-virussen, rootkits, jpg-files ?


No...I use a compliment of security application that are focused in intent.
You use few. And have bragged about running with out an AV scanner.
That's my point.
I think available apps like Returnil and Deepfreeze have value, but in association with a compliment of security apps.



> You call that safe, because one AV-scanner didn't detect anything ?


I have security apps that detect malware from time to time.
I've had Avast stop software downloads and web page loads.
I've had Firefox warn of a malicious site and stop a page load.
I've instituted FF addons to stop flash cookies and stop malicious script from being written to my hard drive.
I use a firewall, Online Armor, that challenges application from being loaded that I don't approve
And more.

Is it 100% perfect?....No....but as you don't actively defend your system, I see mine as a better defense.
You don't seem to put up much defense, just renew your system at the reboot, not knowing what malicious activity occurred previously.



> What if it is an undiscovered new boot-virus, new rootkit, new malware, your AV-scanner will tell you "No malware found", but you are infected anyway.


Good question.
I realize my setup isn't perfect and the best I can do is stay alert, update my software and look for better solutions.
Something you don't seem to do because you appear to reject the concept of realtime defense.
As you don't provide for much of an online defense other than a sandbox, I see your position as not only inferior, but a false sense of security on top of it.
I do have my fall back position, but I only reimage when I deem it necessary and then it's with the full compliment of the software I use daily, not the need to reimage and reinstall each and every day in order to achieve a state of 'cleanliness' that is dubious from a security pov.



> Your approach isn't any better, it's based on one AV-scanner and no scanner is able to detect all existing and new malware. You just assume that your scanner does its job, without knowing for sure.


You assume too much.
I only run one installed AV scanner, but I also run overlapping security apps. And I have downloaded and run other AV scanners for comparison....even using online scanners from several different venders to double check my system.
And an anti-keylogger, and several rootkit apps and even passworded my bios to prevent it being flashed with a rootkit.
The difference between us is that I actively defend my system.......so of course, while I'm online, when I defend against malicious script and web sites, malicious software downloads, and even e-mail......I see myself as more secure than yourself. I do the best I know how and am willing to discover better methods and software.
True, you 'can' start the day fresh....but it's what's online that's going to be a problem for you during your uptime.
One rootkit, one bootkit installed.......and you are guaranteed toast, day after day.
Me.....I hope to discover that intrusion and correct it.

I think a computer that's only used for a very narrow purpose and can be easily updated, could benefit from an app like Deepfreeze......but only retaining the best of security software at the same time.



> I assume I'm malware-free, because so many scanners didn't detect anything and my system never changes except updatings. Your assumption is as good as mine and vice versa.


No...your assumption is only valid upon booting up your system and then as I mentioned, since you don't defend your system actively, not only do you not know what's there at the end of the day. With a bootkit or rootkit....you won't know without running an app like Rootrepeal or Rootkitrevealer( which doesn't work with Win7 or a 64 bit OS)
I don't start with an assumption my system is 100% safe.
But I do actively defend it the best I can.....while you don't the best you could. That's one obvious difference.



> Even malware-victims run one AV-scanner, but they still get infected and that's why they are posting their logs in this forum, because none of their scanners didn't detect anything


I don't speak for situations I have no specific knowledge of....and you likely can't either.
The 'whys' are usually exposed in the HighJackThis logs.....and I'm not an expert in reading them.



> Downloading jpg-files from an unreliable source isn't smart either.


Downloading anything with out scanning it is risky.......that my point....you don't. You save to a partition that your FirstDefense doesn't influence....unscanned.

Software, photos, text documents, pdfs ....and even the web pages you read in your browser.....
The AV I use scans them all. Since you use no AV scanner, you rely on Sandboxie. Well crash Sandboxie and what you have is an unprotected folder with the content of your internet surfing in it.
Highlight 'unprotected'.
Now consider some one considering they're 'safe' using your method ....restarting SB and opening up their online banking account. Since you don't know what was in that unprotected folder, you really can't say that continuing on to open a secure link is the wisest of choices.
And I have seen Sandboxie crash.....and I have scanned the folder......but you can't if you have no scanner. What if elements of that file are malicious and reside in memory, too?
You might just be making some 13 year old hacker wealthy 



> Why all that risk for just one miserable picture ?


Depends on the picture 
Doesn't anyone in your family send you family photos?
Anyway.....Most AV scans downloads automatically, so there is no effort on the operator's part.

All said and done......it's still the operator and common sense that probably makes the biggest impact on security.
But why take chances?


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> ............................
> Sorry man, you need better arguments to convince me.


I don't think anyone can convince you.
I hope the readers are convinced that good security practices are more than just rebooting a 'clean' system each morning.


----------



## ErikAlbert (Oct 14, 2010)

valis said:


> nothing personal, but I don't really subscribe to your school of thought either.....it seems rather dated and as malware is constantly evolving, relying on one app that isn't even available anymore seems to me to optimistic at best.


FirstDefense isn't my only weapon, it isn't even considered as a security software, it's an Immediate System Recovery software that restores my system partition-C during reboot.
Any security setup is open to criticism and every user thinks he has the best. I'm not impressed by any security setup, they all suck sooner or later. You only have to look at this forum full of malware-problems to prove how good security really is.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> .................................... You only have to look at this forum full of malware-problems to prove how good security really is.


This isn't the malware forum.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> This isn't the malware forum.


So what ? Does that make any difference ? Certainly not to me, it rains logs in all forums worldwide, except in forums that refuse logs like Wilders. You are changing the subject ?
Here are 30+ Anti-Rootkit software, to verify your partition-C, it will keep you busy for awhile 
http://www.antirootkit.com/software/index.htm


----------



## Stoner (Oct 26, 2002)

valis said:


> nothing personal, but I don't really subscribe to your school of thought either.....it seems rather dated and as malware is constantly evolving, relying on one app that isn't even available anymore seems to me to optimistic at best.


I suspect the move to virtual systems has crowded out the recovery apps like Deepfreeze in the general population.

I was doing a little reading up on Deepfreeze. Looks like it's still popular in school systems....but I also noticed at a site discussing Deepfreeze in particular...a lot of those kids were hacking into computers with DF and setting it up so it could be turned off and on again at will.. Of course, it took physical possession to pull it off.
Unless it's been recently addressed, Deepfreeze does not seem to defend or replicate the MBR exposing it to being hacked.
Returnil, however, does replicate the MBR from what I read.

I might go with a virtual system in the future. More memory and a faster CPU than I have might be in order.
Good excuse to build a new computer _


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> So what ? Does that make any difference ? Certainly not to me, it rains logs in all forums worldwide, except in forums that refuse logs like Wilders. You are changing the subject ?




This still isn't the malware forum


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> ....................
> Here are 30+ Anti-Rootkit software, to verify your partition-C, it will keep you busy for awhile
> http://www.antirootkit.com/software/index.htm


Thanks for the link.
Hope you put it to good use, too


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> FirstDefense isn't my only weapon, it isn't even considered as a security software, it's an Immediate System Recovery software that restores my system partition-C during reboot.
> Any security setup is open to criticism and every user thinks he has the best. I'm not impressed by any security setup, they all suck sooner or later. You only have to look at this forum full of malware-problems to prove how good security really is.


I've said it before, and I'll say it again; there just is no better fix than plain common sense. I have not been hijacked in 6 years or so, not one instance of malware, and I'll all over the web. I just make sure not to download anything I don't desire in my rig.

I run weekly scans at some unholy hour during the week, don't even bother checking the logs. I've got an image of my rig that I update a couple times a year, but that's it.

If your setup works for you, grand. Glad it works for you. Mine works for me.

Cheers.


----------



## valis (Sep 24, 2004)

Stoner said:


> I might go with a virtual system in the future. More memory and a faster CPU than I have might be in order.
> Good excuse to build a new computer _


may want to take a gander at puppy linux. Pretty small footprint, exceedingly easy to use, never leaves ram.


----------



## Stoner (Oct 26, 2002)

valis said:


> may want to take a gander at puppy linux. Pretty small footprint, exceedingly easy to use, never leaves ram.


No....Tried that out of interest on another computer, didn't like it.
Tried the Live CD and the installed version.
Slax is pretty good as a Live CD....haven't heard of it running as a virtual OS, but I'll look around and see if anyone has had any experience with it.
Thing is, I have no experience in hardening Linux.

Just found an IMB article on hardening a Linux desktop that might be helpful
http://www.ibm.com/developerworks/linux/tutorials/l-harden-desktop/


----------



## ErikAlbert (Oct 14, 2010)

Virtual software aren't safe either. There is already malware, that keep themselves quiet in a virtual environment. Nothing is safe. A virtual environment needs the same security protection as a real environment.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Thanks for the link.
> Hope you put it to good use, too


I'm not planning to run 30+ AR-scanners.
In stead of running all these AR-scanners I restore a clean image from my external harddisk, alot faster than running all these AR-scanners and a restore will kill ALL rootkits, while these AR-scanners are unpredictable.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> Virtual software aren't safe either. There is already malware, that keep themselves quiet in a virtual environment. Nothing is safe. A virtual environment needs the same security protection as a real environment.


Looks like that's being addressed:

http://www.zdnet.co.uk/news/securit...al-malware-faces-hypersafe-lockdown-40088899/

A good article worth reading.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I'm not planning to run 30+ AR-scanners.
> In stead of running all these AR-scanners I restore a clean image from my external harddisk, alot faster than running all these AR-scanners and a restore will kill ALL rootkits, while these AR-scanners are unpredictable.





> I'm not planning to run 30+ AR-scanners.


I'm not either, but thanks for the link.
Now readers of this thread have a convenient source to check out.



> n stead of running all these AR-scanners I restore a clean image from my external harddisk,


No, you can't always. A bios resident rootkit that operates as a shadow OS will continue to be replicated each and every time you, Erik, reboot.
The only way to prevent the bios from being rootkitted is to set a bios supervisor password.
And your hardware, like a video card is also vulnerable.
Nothing your FirstDefense can do in reimaging your system....or mine .....can stop this kind of rootkit....they have to be removed to stop their influence.

An AR scanner will only remove the code in the system, not the bios or hardware.
Some can locate it, however.
But you can't because you won't run a scanner for that purpose.......hello toast


----------



## ErikAlbert (Oct 14, 2010)

valis said:


> I've said it before, and I'll say it again; there just is no better fix than plain common sense. I have not been hijacked in 6 years or so, not one instance of malware, and I'll all over the web. I just make sure not to download anything I don't desire in my rig.
> 
> I run weekly scans at some unholy hour during the week, don't even bother checking the logs. I've got an image of my rig that I update a couple times a year, but that's it.
> 
> ...


I also have common sense, but that doesn't keep my computer superclean and malware-free.
I have a computer that has to work for me and if it can do a routine job faster and better than me, I will give it to my computer in stead of doing it myself. 
I hate it when I have to waste my time on cleaning + malware removal + solving software-problems, I consider them as negative activities, that's why my reboot does the job. 
I do the brainwork. All I do is reboot, work and having fun.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I also have common sense, but that doesn't keep my computer superclean and malware-free.
> I have a computer that has to work for me and if it can do a routine job faster and better than me, I will give it to my computer in stead of doing it myself.
> I hate it when I have to waste my time on cleaning + malware removal + solving software-problems, I consider them as negative activities, that's why my reboot does the job. I do the brainwork.


Wait a minute.....you told me in another thread all you used your computer for was to traverse the internet reading things of interest and in another post, possibly illegally copy commercial copyrighted movies.
Now you are telling the forum you use your computer as a workstation?

Wow......you need to remember what you've posted in the past, Erik.

How can you efficiently use a workstation if you have to reinstall software each and every time you boot a 'clean' desktop?


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> I'm not either, but thanks for the link.
> 
> No, you can't always. A bios resident rootkit that operates as a shadow OS will continue to be replicated each and every time you, Erik, reboot.
> The only way to prevent the bios from being rootkitted is to set a bios supervisor password.
> ...


That's what users always do, when I talk about my approach, scare me to death with all kinds of malware, that can't be removed and suddenly the internet is full of hardware-virussen for each hardware component. I'm used to this.
When I ask them about their security, they run AVG Free.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> That's what users always do, when I talk about my approach, scare me to death with all kinds of malware, that can't be removed and suddenly the internet is full of hardware-virussen for each hardware component. I'm used to this.


But it is something to address in discussions about security.
You merely ignore the downsides that go along with not running a compliment of security apps.
I realize you have no intention of adding scanners to your everyday system.
I think you have no fear about it at all.

But there are problems with your logic.
Like the cleaning issue.
You have argued better security by removing files generated ( objects) by installed applications....so that they can't be infected....but most of the Windows operating system is capable of being infected and it's a much larger and well known source to infect.
Your logic is a fallacy.
You don't significantly/statistically improve security with your logic on 'cleaning'. 
To do so probably requires deleting most if not all of Windows 
What you clean is insignificant in size to Windows.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> ..............................
> When I ask them about their security, they run AVG Free.


Just saw your edit.
Well.....I'm not them


----------



## valis (Sep 24, 2004)

Stoner said:


> No....Tried that out of interest on another computer, didn't like it.
> Tried the Live CD and the installed version.
> Slax is pretty good as a Live CD....haven't heard of it running as a virtual OS, but I'll look around and see if anyone has had any experience with it.
> Thing is, I have no experience in hardening Linux.
> ...


Yeah, but the bottom line; it's safe......no way to infect the rig if you are only running via ram..........I've saved a few boxes using puppy linux to get to the internet to get the tools necessary to fix the rig.......that also said, puppy linux is a great way to just surf, if that's all you want to do.......plus you learn a bit about drivers along the way.


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> Virtual software aren't safe either. There is already malware, that keep themselves quiet in a virtual environment. Nothing is safe. A virtual environment needs the same security protection as a real environment.


Actually, no it doesn't.

Can you name one malware app that can move via ram to the HD? In a virtual environment such as puppy linux?

You can't as there are none. In the computer architecture, it's physically impossible to move from one to the other, if the other is not running.


----------



## Stoner (Oct 26, 2002)

valis said:


> Yeah, but the bottom line; it's safe......no way to infect the rig if you are only running via ram..........I've saved a few boxes using puppy linux to get to the internet to get the tools necessary to fix the rig.......that also said, puppy linux is a great way to just surf, if that's all you want to do.......plus you learn a bit about drivers along the way.


So long as there is all the needed software, Live CDs are an excellent way to go.
Tom's been using a Live CD setup for a while and I've never heard him post a negative comment about it.

I used Slax years ago to solve a problem with a conflict between a Windows ethernet card driver and the chipset on an AMD motherboard.
Slax would go online, Windows wouldn't.....solution....change the brand of ethernet card.

I keep the latest version of Slax handy.
http://www.slax.org/


----------



## Stoner (Oct 26, 2002)

valis said:


> Actually, no it doesn't.
> 
> Can you name one malware app that can move via ram to the HD? In a virtual environment such as puppy linux?
> 
> You can't as there are none. In the computer architecture, it's physically impossible to move from one to the other, if the other is not running.


A virtual OS and a live CD running in memory are different, aren't they?
A virtual OS runs inside a host OS.....and the mechanism that provides the ability is the virtual machine.
It is possible to infect the VM from malware running in the virtual OS, but it's a rare situation and not used often from what I remember reading. And it is being addressed. Just posted a link to that effect, earlier
http://www.zdnet.co.uk/news/securit...al-malware-faces-hypersafe-lockdown-40088899/

And for Live CDs........the hard drive can't be infected if it's not mounted, but the code in memory can be infected but as it's generated from a write once CD, turning off the computer kills the malware.........except if it's already flashed your bios or injected itself into the firmware of your video card .....whoops.......


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> But it is something to address in discussions about security.
> You merely ignore the downsides that go along with not running a compliment of security apps.
> I realize you have no intention of adding scanners to your everyday system.
> I think you have no fear about it at all.
> ...


I never considered cleaning as a security measurement, it was just a part of all the rest.

What happens during ONE reboot ?
- any change in Windows and each software is removed
- any superfluous object is removed
- any temporarily installed software is removed completely
- any malware is removed, including the changes caused by the malware.
- any problem with software is solved
- any of my mistakes is removed.
All this happens at the same time during the same reboot.
Everything is back to normal, like it never happened.
FirstDefense is an expert in removing changes.

You are confusing everything. Your installation can't do this, your partition-C changes constantly, that's why you need an AV-scanner to remove the bad changes.
An AV-scanner can't find anything on my partition-C, because there is nothing to find in a clean system.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I never considered cleaning as a security measurement, it was just a part of all the rest.
> 
> What happens during ONE reboot ?
> - any change in Windows and each software is removed
> ...





> I never considered cleaning as a security measurement, it was just a part of all the rest.


You did...infectable 'objects'



> FirstDefense is an expert in removing changes.


I believe you on that issue.............the point is..... because you reject conventional scanning, you aren't defending your system as aggressively as you could. This is where your recommendations keep breaking down.
You don't know the integrity of your system after it's been in use.......because you refuse to use a scan tool.
I hope the forum members realize what's going on........yes, you appear to boot clean, but you don't scan for changes while in use. And if that use involves bank account numbers or online purchases, you are inviting more risk because you aren't scanning for change.( malware in this case)
I really don't care how you handle your security....that's your responsibility, not mine. But to recommend it to others seems irresponsible to me.



> You are confusing everything.


You could always start a poll and find out what others think


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> .......................
> 
> You are confusing everything. Your installation can't do this, your partition-C changes constantly, that's why you need an AV-scanner to remove the bad changes.
> An AV-scanner can't find anything on my partition-C, because there is nothing to find in a clean system.


I notice you seem to have a habit of waiting for a response from me and then changing your post.



> You are confusing everything. Your installation can't do this, your partition-C changes constantly, that's why you need an AV-scanner to remove the bad changes.


So far, my security hasn't found any 'bad changes'. 
But I don't see that as a reason to stop monitoring it,



> An AV-scanner can't find anything on my partition-C, because there is nothing to find in a clean system.


Until you use it..... and then you have no idea what 'changes' may have occurred or are occurring.......that's the point....you don't know what's happening as you refuse to monitor your system.


----------



## ErikAlbert (Oct 14, 2010)

I also do online-banking, but I always have a different password, during each login.
I need my bankcard, a special calculator and my pin-code of my bankcard to calculate my password and then I can use it. Each transaction inside the bank requires another password. Very cumbersome but safe.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I also do online-banking, but I always have a different password, during each login.
> I need my bankcard, a special calculator and my pin-code of my bankcard to calculate my password and then I can use it. Each transaction inside the bank requires another password. Very cumbersome but safe.



You've gone from just looking around on the net to running a workstation to doing online financial transactions 



> Very cumbersome....


I imagine so


----------



## ErikAlbert (Oct 14, 2010)

The problem is not my online-banking, using my VISA-card, which is stored in a database somewhere in the world is the problem.
Such a database can be compromised and then they can use my VISA-card-number to fool me.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> The problem is not my online-banking, using my VISA-card, which is stored in a database somewhere in the world is the problem.
> Such a database can be compromised and then they can use my VISA-card-number to fool me.


That's right....it's all their fault


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> That's right....it's all their fault


No it's my fault, but it's the only way for me to buy software in America.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Wait a minute.....you told me in another thread all you used your computer for was to traverse the internet reading things of interest and in another post, possibly illegally copy commercial copyrighted movies.
> Now you are telling the forum you use your computer as a workstation?
> 
> Wow......you need to remember what you've posted in the past, Erik.
> ...


Yes my approach also gets childish remarks. I forgot to mention this.


----------



## ErikAlbert (Oct 14, 2010)

valis said:


> Actually, no it doesn't.
> 
> Can you name one malware app that can move via ram to the HD? In a virtual environment such as puppy linux?
> 
> You can't as there are none. In the computer architecture, it's physically impossible to move from one to the other, if the other is not running.


No, I can't. I'm not malware expert, I don't know puppy linux.
I know one thing : every software can be compromised when it becomes an interesting target. It happened in the past and it will happen again. History always repeats itself, but people never seem to learn from the past.

Firefox was once the safest browser, but Firefox became too popular and an interesting target for malware-writers. Nowadays FF needs to be patched regularly to keep it safe.
Opera is now the safest browser as long it lasts.

Linux is also becoming too popular and many malware is already written for Linux and the number of malware increases every year.
Linux has also AV-scanners and Faronics developped "DeepFreeze Linux", because Linux became Winux and needs to be protected. 

One day Linux Puppy will become also a target, it's inevitable.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Returnil, however, does replicate the MBR from what I read.
> 
> I might go with a virtual system in the future. More memory and a faster CPU than I have might be in order.


Returnil ? Another ISR-software similar to FirstDefense-ISR ? Are you going my way, after all your negative remarks ?
Returnil in frozen mode is the same thing as a frozen snapshot of FirstDefense, it will remove any change on partition-C. Virtual or not, it's the same principle. I hope the members of this forum won't read this.
You might even find out that your AV-scanner doesn't detect any malware anymore in Returnil and then you will understand me alot better.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> Yes my approach also gets childish remarks. I forgot to mention this.


You seem to forget a lot.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> Returnil ? Another ISR-software similar to FirstDefense-ISR ? Are you going my way, after all your negative remarks ?
> Returnil in frozen mode is the same thing as a frozen snapshot of FirstDefense, it will remove any change on partition-C. Virtual or not, it's the same principle. I hope the members of this forum won't read this.
> You might even find out that your AV-scanner doesn't detect any malware anymore in Returnil and then you will understand me alot better.


You've been made aware several times the issue isn't ISR software.
The issue is..... you recommend not monitoring an operating system because you use an ISR.



> Are you going my way


No 



> I hope the members of this forum won't read this.


That really sends a message 



> You might even find out that your AV-scanner doesn't detect any malware anymore in Returnil and then you will understand me alot better.


That's been discussed and shown that an ISR system can become infected during the uptime. It's only immediately after rebooting the computer that you likely have a clean system, likely but not 100% guaranteed because you also refuse to defend from rootkits that can evade reimaging.

All this has been presented before.
If you think semantics is a security feature, you have more issues than I thought


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> .......... I'm not malware expert ........................


I know.


----------



## ErikAlbert (Oct 14, 2010)

Well, a security based on one AV-scanner isn't impressive either : 
1. you don't remove unknown/new malware, like I do
2. you don't remove known malware, that isn't on its blacklist/heuristics, like I do
3. you only remove known malware that is on its blacklist/heuristics, which I also do.
That's 1/3 for you and 3/3 for me. Sounds like you have a swiss cheese with too many holes.
That's the reason why scanners don't detect anything on my system, the malware is already removed.
That's why I can run any scanner at any moment, I know in advance it won't find anything, while you aren't sure about anything until your scanner reports 1/3 of malware + false positives.
I couldn't live like this, that's why I increased my security to the next level.
Your daily cleaning is moderate, while my cleaning is maximized.
You can't go higher because your software themselves are the problem.
The only thing you can do : more on demand AV-scanners and more cleaning software.
My recommendation : don't ignore your problems, do something about it. 
I only have to install an AV-scanner and I do much better than you, but that's too much work and not really necessary, because I remove 3/3 of malware anyway.


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> No, I can't. I'm not malware expert, I don't know puppy linux.
> I know one thing : every software can be compromised when it becomes an interesting target. It happened in the past and it will happen again. History always repeats itself, but people never seem to learn from the past.
> 
> Firefox was once the safest browser, but Firefox became too popular and an interesting target for malware-writers. Nowadays FF needs to be patched regularly to keep it safe.
> ...


puppy linux isn't a browser. It's an OS that boots from CD, operates entirely in RAM. Once you turn of the pc, all data, including the OS, is erased.


----------



## valis (Sep 24, 2004)

I also think that this has gotten slightly hijacked from the OP's original request. If you guys want, I'll split it off into a separate discussion, or you guys can start one on your own. 

But let's try to get this back on track.

thanks, 

v


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> Well, a security based on one AV-scanner isn't impressive either :
> 1. you don't remove unknown/new malware, like I do
> 2. you don't remove known malware, that isn't on its blacklist/heuristics, like I do
> 3. you only remove known malware that is on its blacklist/heuristics, which I also do.
> ...





> Well, a security based on one AV-scanner isn't impressive either :


That's why the recommendation for layered security exists.
You fail at this concept.



> 1. you don't remove unknown/new malware, like I do


Of course not. You don't monitor your system while it's in operation so you can't know what malware exists in your system.
You don't know if your 'My Documents' is infected and you don't know if your system becomes infected.....you only know a reboot likely will come up 'clean', maybe.



> 2. you don't remove known malware, that isn't on its blacklist/heuristics, like I do


Actually, I do 
I white list in Sandboxie.
I white list in my firewall.
My keylogger whitelists.
And that's just my XP computer 

And while they whitelist, my other security apps double check to make sure nothing slips through.

Again....you don't monitor and that's the flaw in your security.
You have no ability to know when you are saving something infected.



> That's 1/3 for you and 3/3 for me. Sounds like you have a swiss cheese with too many holes.


Nothing has changed, Erik.
You really shouldn't be recommending that a system be run unmonitored.



> That's the reason why scanners don't detect anything on my system, the malware is already removed.


Only on reboot. 
Nothing has changed....it's still possible to infect your computer, your data.

Even Returnil runs with it's own antivirus scanner....on.



> I couldn't live like this, that's why I increased my security to the next level.


How you live is irrelevant to the issue, Erik.
The issue is security and your system would be more secure with a good AV scanner and an accompaniment of malware apps in addition.
You just aren't practicing safe computing....but the issue is that you present it as a recommendation and it's obviously flawed.



> Your daily cleaning is moderate, while my cleaning is maximized.


No, I actually seldom clean my computer. I use Ccleaner after a software install which isn't often, but other than that, probably only once every other week. I don't see it as a security function.
You do no 'cleaning' , as you call it, while your system is in operation because you don't monitor it.



> You can't go higher because your software themselves are the problem.


I can go higher 
I use Acronis if needed.
I just haven't had the need for a long time.......About 2 years and two months....while you have to reimage every day!!! 



> The only thing you can do : more on demand AV-scanners and more cleaning software.


No...I am thinking of going with a virtual machine like VMware player.
I do see a value to it.

BTW....in reading up on Returnil.....I find it's actually a virtual machine. And it's subject to most of the issues of VMware player.
And it does run it's own antivirus scanner now.
However, PCMag rates their AV scanner poorly and recommends AV like Panda Cloud. I'm more inclined to go with Avast or MSE.



> I only have to install an AV-scanner and I do much better than you


But you argue not to and that's a weakness on your part.
I'm not arguing to not use an app like Returnil or a virtual machine.
I'm pointing out that your recommendation is a projection of a false sense of security.
I know my system isn't perfect.
But as you now post after all your banter........you would be safer with an AV scanner......thank you for finally admitting to that 

Your current setup you originally claimed was perfect.........can be improved 
And all you need to install is an antivirus scanner and some malware apps 

By your last words....
I win __



> My recommendation : don't ignore your problems, do something about it.


Backpedal much?


----------



## Stoner (Oct 26, 2002)

valis said:


> I also think that this has gotten slightly hijacked from the OP's original request. If you guys want, I'll split it off into a separate discussion, or you guys can start one on your own.
> 
> But let's try to get this back on track.
> 
> ...


Sorry, just saw your post.


----------



## Stoner (Oct 26, 2002)

valis said:


> I also think that this has gotten slightly hijacked from the OP's original request. If you guys want, I'll split it off into a separate discussion, or you guys can start one on your own.
> 
> But let's try to get this back on track.
> 
> ...


How about splitting the thread and putting this discussion in a new thread?
It is about security software and the topic would benefit readers.


----------



## valis (Sep 24, 2004)

certainly.......how about 'discussion on computer security' for a title?


----------



## Stoner (Oct 26, 2002)

valis said:


> certainly.......how about 'discussion on computer security' for a title?


Sounds good to me.....no reason to limit it to just the specifics of this discussion.
I'm sure there are those that have a lot of interesting takes on the subject.
Be interesting to see what 'is out there' for better security.


----------



## valis (Sep 24, 2004)

we'll keep it in general software for now.....may move it to the malware arena later, we'll see how it develops. Curious to see how others chime in on this as well........


----------



## valis (Sep 24, 2004)

Stoner said:


> Sounds good to me.....no reason to limit it to just the specifics of this discussion.
> I'm sure there are those that have a lot of interesting takes on the subject.
> *Be interesting to see what 'is out there' for better security.*


Indeed. At work we use Symantec, but that's the corporate edition, so don't really have a choice on that one. Ever since I moved to W7, I just use MSE, and I've been very happy with it. I run AVG on my linux box, been happy with that as well.

Stoner, you ever try the Eicar test on your rig? Dunno how current that is, but it used to be a good test for your AV systems.


----------



## Stoner (Oct 26, 2002)

valis said:


> Indeed. At work we use Symantec, but that's the corporate edition, so don't really have a choice on that one. Ever since I moved to W7, I just use MSE, and I've been very happy with it. I run AVG on my linux box, been happy with that as well.
> 
> Stoner, you ever try the Eicar test on your rig? Dunno how current that is, but it used to be a good test for your AV systems.


The link you posted is really nice.
The only test that didn't set off Avast was this https://secure.eicar.org/eicar.com.txt
The string opened as text in Firefox and nothing happened.
The zipped links set off Avast when I opened the saved zipped folder.


----------



## valis (Sep 24, 2004)

Yup........the second I save it MSE and AVG kick off.......it's a fun little joke to play on the wife on occasion.......keeps her on her toes.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> I'll note that and check it out.
> Thanks for the heads up.


What is the advantage of removing "Most Recently Used" list, I have 3 lists + 5 items, according MRU Blaster.
Windows re-creates these 3 lists and 5 items anyway after removal ? 
So what's the point ? Are they life threatening or just a needless cleaning ?

CCleaner has also a few items, that are always re-created by Windows, cleaning them makes no sense and is needless. You even proved it by showing a screenshot of CCleaner, I have the same items.
I'm really scared now.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> What is the advantage of removing "Most Recently Used" list, I have 3 lists + 5 items, according MRU Blaster.
> Windows re-creates these 3 lists and 5 items anyway after removal ?
> So what's the point ? Are they life-threatening or just an additional cleaning.


I only see it as clutter.

It's not a daily chore......more like emptying the recycling bin from time to time , only much smaller files.

If I didn't use it, it wouldn't affect me in any negative way. My hard drives are big enough it wouldn't matter.

Same with Ccleaner.

But I did help a member years ago that was running out of hard drive space on an old computer by recommending Ccleaner. He'd built up so many undeleted temp files that CC cleaned out a little over a gb on a small drive. It helped him a lot.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> .................
> 
> CCleaner has also a few items, that are always re-created by Windows, cleaning them makes no sense and is needless. You even proved it by showing a screenshot of CCleaner, I have the same items.
> I'm really scared now.


I see you are modifying posts again....after I respond to your original.



> CCleaner has also a few items, that are always re-created by Windows, cleaning them makes no sense and is needless.


Well, don't clean them off it bothers you.
Don't even use Ccleaner if you don't want to.



> You even proved it by showing a screenshot of CCleaner,


All I demonstrated was that the new version was no better than my old version ....for my purposes.



> I have the same items.


That's nice 



> I'm really scared now.


Something seems to be bothering you


----------



## ErikAlbert (Oct 14, 2010)

@Stoner,
Thanks for the explanation.
No it didn't bother me, I always like to exaggerate.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> @Stoner,
> Thanks for the explanation.
> No it didn't bother me, I always like to exaggerate.





> Thanks for the explanation.


You're welcome 



> I always like to exaggerate.



I figured that out long ago


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> I only see it as clutter.
> It's not a daily chore......more like emptying the recycling bin from time to time , only much smaller files.


Regarding Recycle Bin, I turned it OFF many years ago. 
The MBAM-log is always complaining about it, along with 4 other issues. MBAM reports them as malware in Windows Registry. LOL.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> Regarding Recycle Bin, I turned it OFF many years ago.
> The MBAM-log is always complaining about it, along with 4 other issues. MBAM reports them as malware. LOL.





> Regarding Recycle Bin, I turned it OFF many years ago.



Are you saying you never delete anything you've saved it the past?.....



> The MBAM-log is always complaining about it, along with 4 other issues. MBAM reports them as malware




I wouldn't boot a system like that day after day 
That's the funniest situation I've ever heard of __


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> .............................MBAM reports them as malware in Windows Registry. LOL.


I see you did an edit again 

You've got malware in your registry that you reboot each and every day and you're laughing about it __

Come on....you're making this up


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Are you saying you never delete anything you've saved it the past?.....
> 
> 
> 
> ...


Recycle Bin has no purpose in my setup. Waste of space anyway.
It's funny indeed, MBAM thinks I have a classical security setup and acts according it.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> Recycle Bin has no purpose in my setup.
> It's funny indeed, MBAM thinks I have a classical security setup and acts according it.


s


----------



## Squashman (Apr 4, 2003)

valis said:


> I've said it before, and I'll say it again; there just is no better fix than plain common sense. .


I totally agree with that. I still run AntiVirus though. Do the occasional malware scan to be on the safe side.


----------



## valis (Sep 24, 2004)

Squashman said:


> I totally agree with that. I still run AntiVirus though. Do the occasional malware scan to be on the safe side.


Yup. Got mine set to scan weekly, just when I'm not there. I try to check the logs monthly, but it usually works out to the 'when I remember' schedule.

Regardless, it'll let me know if it finds something.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> ......................That's why I had to replace CCleaner with something else, not with another software, but with another cleaning method, better and safer than the method of CCleaner.


But as you and I have discussed....there was a big downside to your 'method'.
Re-imaging a computer each reboot isn't practical for everyone.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> But as you and I have discussed....there was a big downside to your 'method'.
> Re-imaging a computer each reboot isn't practical for everyone.


I was waiting for your comments. The method wasn't based on re-imaging, I had to add something else to make a better cleaning possible, which had nothing to do with re-imaging. I'm tired of explaining myself because it's useless.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I was waiting for your comments. The method wasn't based on re-imaging, I had to add something else to make a better cleaning possible, which had nothing to do with re-imaging. I'm tired of explaining myself because it's useless.


So, you've changed your old 'method ' of rebooting a new image each time and you have incorporated a new application over the last few days?
I'll bite ...what is it?


----------



## blues_harp28 (Jan 9, 2005)

No Please No - not a new 'Method' - I can't take anymore.
 -


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> So, you've changed your old 'method ' of rebooting a new image each time and you have incorporated a new application over the last few days?
> I'll bite ...what is it?


Let's keep it a mystery how I clean my computer, than we don't have to waste our time on endless discussions. As long users stick to popular software, CCleaner will be enough. 
Tip : it's simple, you only have to think of doing it this way.


----------



## stantley (May 22, 2005)

ErikAlbert said:


> Let's keep it a mystery how I clean my computer, than we don't have to waste our time on endless discussions.


We would all love to keep your "method" a mystery, but you are constantly talking about it. In the past week you've discussed your "method" in these threads:

http://forums.techguy.org/all-other-software/959976-how-hard-tech-wuss-fresh.html
http://forums.techguy.org/general-security/959709-passwords.html
http://forums.techguy.org/general-security/959741-how-safe-without-windows-update.html
http://forums.techguy.org/all-other-software/959103-computer-cleaning.html
http://forums.techguy.org/general-security/957463-solved-registry-clean.html
http://forums.techguy.org/general-security/953864-avg-2011-now-out.html
http://forums.techguy.org/general-security/958097-web-browser-security-vs-ease.html 
http://forums.techguy.org/general-security/959068-possible-kill-evercookie.html 
http://forums.techguy.org/general-security/959145-trying-out-anti-virus.html

Give it a rest already, so we don't have to waste our time on endless discussions.


----------



## ErikAlbert (Oct 14, 2010)

stantley said:


> We would all love to keep your "method" a mystery, but you are constantly talking about it. In the past week you've discussed your "method" in these threads:
> 
> http://forums.techguy.org/all-other-software/959976-how-hard-tech-wuss-fresh.html
> http://forums.techguy.org/general-security/959709-passwords.html
> ...


The first link was about Image Backup/Restore, this had nothing to do with my method.
Do I have to do a search on CCleaner ? How many posts about CCleaner will I find ?
How many times I read the same stuff about AVs and the same recommendations ?
I'm repeating myself, just like anybody else.
Do I have to check your posts ? Are they all different ?
Never get personal, talk about software, not me.
If you call CCleaner good, I will say it's not good enough.
I also explained my method of cleaning in one of my posts at TSG and they called CCleaner a 99% cleaner and my method was too much.
Of course CCleaner cleans 99%, but then you can only use software that are listed in CCleaner, which is quite a limitation. The list is very short, there must be thousands of software. Do you really think that no other software requires cleaning ? Are you so narrow minded to believe this ?
If you think a little bit longer, you might come to the same conclusion.
If you recommend CCleaner tell them the full truth. If you can't handle the truth attack me.


----------



## Stoner (Oct 26, 2002)

It's called 'begging the question' and you perform it frequently. Erik.
The alternative you present in this manner is your 'method'....now called/replaced by your 'secret method'.

Why not start a thread in the debate forum ( Civilized Debate ) on your 'method' and get the details out in the open all in one place?


----------



## ErikAlbert (Oct 14, 2010)

stantley said:


> I'd like to try it out, where can I download the software you use?


You can't buy FirstDefense (FD) anymore, because it wasn't a commercial success. FD is still maintained and supported by the owner, but the development has been stopped.
There are similar software, but they work differently, they need to be supported by Image Backup software to get the same result as FD and Image Backup/Restore is too cumbersome, not practical enough for daily usage.
Examples are DeepFreeze, Returnil Virtual System, ShadowDefender, ShadowUser, ...


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> It's called 'begging the question' and you perform it frequently. Erik.
> The alternative you present in this manner is your 'method'....now called/replaced by your 'secret method'.
> 
> Why not start a thread in the debate forum ( Civilized Debate ) on your 'method' and get the details out in the open all in one place?


It's not about ME. It's about another method, you are not able to understand.
We are not discussing ErikAlbert, we are discussing another method to remove superfluous objects of ALL software, not just the popular ones.


----------



## Stoner (Oct 26, 2002)

stantley said:


> I'd like to try it out, where can I download the software you use?


Good morning stantley ......
The main app of Erik's 'method' is no longer available and seems to have been completely pulled from the market.
A number of companies seem to be/have been financially involved and it's confusing who now owns the rights to the discontinued software.

The info I've read positioned it more as recovery software to be used in the event of problems rather than a daily proactive stance.....but I've found it difficult in finding a lot of info on it's recommended usage.
It didn't become popular.

Returnal and Deep Freeze are similar in usage as Erik's method. If you do a TSG search, you should find several discussions on them. I've read them in the past. Interesting. 
I'd rather be using a VM, though. It seems less complicated for an average user like myself.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> It's not about ME. It's about another method, you are not able to understand.
> We are not discussing ErikAlbert, we are discussing another method to remove superfluous objects of ALL software, not just the popular ones.


As you have kept returning to the subject of your method and positioning it lately as a secret....how can it not be about you?
You are trying to tell us something. And it doesn't seem very forward, imo.

The discussion on Ccleaner seems over.

How about taking your method to the debate forum.....please


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> As you have kept returning to the subject of your method and positioning it lately as a secret....how can it not be about you?
> You are trying to tell us something. And it doesn't seem very forward, imo.
> 
> The discussion on Ccleaner seems over.
> ...


So we are not allowed to discuss anything, unless Stoner agrees ? Let people think for themselves without recommendations. 
The fact remains that CCleaner and all other cleaniing software have serious shortcomings and will never be good enough because their philosophy was wrong from the beginning. CCleaner-fans are not able to understand this, because they are FAN(atics) and can't stand a bad word about CCleaner.
I'm not a fan of any software, because all software suck. I'm just trying to find a solution to solve the shortcomings of CCleaner. Stop all this rant about me, you are missing the main point.
Can CCleaner be improved ? Yes, if it uses the right philosophy and the owner has to change alot to make that possible : a total new redesign and new program.


----------



## stantley (May 22, 2005)

ErikAlbert said:


> You can't buy FirstDefense (FD) anymore, because it wasn't a commercial success. FD is still maintained and supported by the owner, but the development has been stopped.


Then why do you recommend unavailable software?


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> So we are not allowed to discuss anything, unless Stoner agrees ? Let people think for themselves without recommendations.
> The fact remains that CCleaner and all other cleaniing software have serious shortcomings and will never be good enough because their philosophy was wrong from the beginning. CCleaner-fans are not able to understand is, because they are FAN(atics) and can't stand a bad word about CCleaner.
> I'm not a fan of any software, because all software suck. I'm just trying to find a solution to solve the shortcomings of CCleaner. Stop all this rant about me, you are missing the main point.





> So we are not allowed to discuss anything, unless Stoner agrees ? Let people think for themselves without recommendations.


I'm not stopping you from anything, Erik....I'm not a moderator.
But I can suggest and request.



> The fact remains that CCleaner and all other cleaniing software have serious shortcomings and will never be good enough because their philosophy was wrong from the beginning.


What philosophy is that?



> CCleaner-fans are not able to understand is, because they are FAN(atics) and can't stand a bad word about CCleaner.


You are presenting absolutes that are logically fallacious, Erik.
Not everyone that recommends Ccleaner as a file cleaner is resentful of the reality of it's registry options.
I've been open to trying out other file cleaners.....ATF being one recently.
And I also don't think the new erasure feature is wise to use.
I would even prefer Ccleaner being released with out the registry option.



> I'm not a fan of any software, because all software suck


You do get very defensive about the discontinued First Defense software.



> I'm just trying to find a solution to solve the shortcomings of CCleaner.


I know....your 'secret method'.



> Stop all this rant about me, you are missing the main point


Well....what is this secret method you are now using?


----------



## ErikAlbert (Oct 14, 2010)

I'm not going to discuss this with a person like you and I already explained it in one thread, so it isn't a secret anymore. You were participating in this thread also (like always), so you know my secret already, but you ddn't understand it, you were too focussed on me.
Again stop the rant about me and become open-minded.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I'm not going to discuss this with a person like you and I already explained it in one thread, so it isn't a secret anymore. Again stop the rant about me and become open-minded.


I've been respectful.

As your 'method' is distinctly different to conventional usage of a computer, I think questions about it are very pertinent when it's presented as a better alternative.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I'm not going to do this anymore. I've done this already in a dutch forum, they did nothing but trying to kill me. I didn't even had the chance to explain things................................


And yet.....here you are again after presenting your method as a better alternative to Ccleaner in the Security forum..

How about this, Erik?
Take some time to diagram how your method works, the software involved....... so that a reasonable discussion can resume from reading this method as a whole scene rather than just parts spread out over this web site,


----------



## valis (Sep 24, 2004)

I think this is an excellent topic, and very pertinent to the state of security of the internet, especially as we are moving forward daily into the realm of cloud computing. THAT is where there is going to be a huge issue with security, IMO.

Regardless, let me know if you guys think that this should be moved to another forum where it may or may not get more attention. We could move it to CD, but I think we would lose a lot of technical aspects in that arena. I think a better option would be to move it to the General Security forum, as this thread is discussing a wide and vast range of personal security options.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> I've been respectful.
> 
> As your 'method' is distinctly different to conventional usage of a computer, I think questions about it are very pertinent when it's presented as a better alternative.


I already tried to explain it in full detail and this is not about FirstDefense, I only use FD to solve the shortcomings of CCleaner. Give me a total different CCleaner and I will use that one, when I can't use FD anymore.
The programmer of CCleaner has to write a total new CCleaner with a new philosophy, he is not going to do this, because it's freeware without any financial benefits. So nothing will change.
The payware R-Wipe&Clean has the same wrong philosophy as CCleaner and has the same shortcomings.


----------



## Stoner (Oct 26, 2002)

valis said:


> I think this is an excellent topic, and very pertinent to the state of security of the internet, especially as we are moving forward daily into the realm of cloud computing. THAT is where there is going to be a huge issue with security, IMO.
> 
> Regardless, let me know if you guys think that this should be moved to another forum where it may or may not get more attention. We could move it to CD, but I think we would lose a lot of technical aspects in that arena. I think a better option would be to move it to the General Security forum, as this thread is discussing a wide and vast range of personal security options.


I guess it really depends on how the thread flows and the purpose of the forums.
Debate is usually discouraged outside of Civ Debate, but this is tech oriented.
In CD there is more freedom to maneuver around issues but at the same time fewer participants that are interested.

It's really more of a debate than a discussion, though.
If in the General Security forum, or even here in All other Software.......how do you mods feel about what is likely to be actual debate?

I'll go where ever you choose, no argument there.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I already tried to explain it in full detail and this is not about FirstDefense, I only use FD to solve the shortcomings of CCleaner. Give me a total different CCleaner and I will use that one, when I can't use FD anymore.
> The programmer of CCleaner has to write a total new CCleaner with a new philosophy, he is not going to do this, because it's freeware without any financial benefits. So nothing will change.


No...I mean full detail in one spot all at once as a system..... to view as such rather than segments.
How different apps you've chosen react/inter-react to provide the result you call your 'method'.



> The programmer of CCleaner has to write a total new CCleaner with a new philosophy


What is that philosophy and why is it a disadvantage?
What would the 'new philosophy' look like?



> because it's freeware without any financial benefits. So nothing will change


Fallacy there. As it's still being developed and supports new operating systems, their goal is obviously to build brand identity and present commercial products as have much of the commercial software industry .
As they have added an erasure feature, that's poof of the intent to change.
But change is at their discretion and I certainly don't know that path.


----------



## valis (Sep 24, 2004)

Stoner said:


> I guess it really depends on how the thread flows and the purpose of the forums.
> Debate is usually discouraged outside of Civ Debate, but this is tech oriented.
> In CD there is more freedom to maneuver around issues but at the same time fewer participants that are interested.
> 
> ...


I'm kind of torn on this, and for a couple reasons:

1, a debate about CS is, in my opinion, a good thing. This way one can see other's POV's and hopefully get more input on other products out there.

2, the reason you stated; there are more restrictions on the tech side than on the CD side.

Let me move it to GenSec, and we'll see where it goes from there. I personally believe that it will garner a large amount of interest, and hopefully we can all learn something from it.


----------



## Stoner (Oct 26, 2002)

valis said:


> I'm kind of torn on this, and for a couple reasons:
> 
> 1, a debate about CS is, in my opinion, a good thing. This way one can see other's POV's and hopefully get more input on other products out there.
> 
> ...


I'm here


----------



## ErikAlbert (Oct 14, 2010)

valis said:


> I'm kind of torn on this, and for a couple reasons:
> 
> 1, a debate about CS is, in my opinion, a good thing. This way one can see other's POV's and hopefully get more input on other products out there.
> 
> 2, the reason you stated; there are more restrictions on the tech side than on the CD side.


What is CS and CD ?


----------



## Stoner (Oct 26, 2002)

Tim probably mistyped.....CS being GS for General Security.

CD is Civilized Debate, often called Civ Debate.


----------



## valis (Sep 24, 2004)

CS is computer security, as in 'a debate about computer security is, in my opinion, a good thing.'


----------



## valis (Sep 24, 2004)

for once, it wasn't a typo.


----------



## Stoner (Oct 26, 2002)

I see typos..... everywhere


----------



## valis (Sep 24, 2004)

's.........m. night stonermalan.........


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Tim probably mistyped.....CS being GS for General Security.
> 
> CD is Civilized Debate, often called Civ Debate.


The subforum or location doesn't matter to me. 
What has removing of superfluous objects in computer to do with GS or CD, I don't see the connection. Most superfluous objects are good objects, it's not even about security. It's about cleaning.


----------



## valis (Sep 24, 2004)

It depends; which objects are you talking about?


----------



## Stoner (Oct 26, 2002)

Erik has positioned these 'superfluous objects' as potential security risks by being targets of malware and removed for that reason.
I pointed out that if all elements of a MS operating system that were infectable were removed, the system probably wouldn't boot ....and probably not function properly if it did boot.


----------



## valis (Sep 24, 2004)

Well, technically, an OS is a potential security risk; even something bootable like Puppy Linux. In essence you are taking the mfg's word that this is a viable boot OS and not some rampaging data destroying virus.

When one stops to think about just how many files go into a modern OS, it becomes fairly obvious rather quickly how much we are trusting these manufacturers. 

Anyone here remember the Sony DRM fiasco?


----------



## ErikAlbert (Oct 14, 2010)

valis said:


> It depends; which objects are you talking about?


Extra objects that are created by software in order to do their job. Once the job is done, these objects become superfluous and need to be removed.
These objects should be removed by the software itself, but it doesn't always happen and CCleaner won't remove them either, because the software is not on the small list of CCleaner.


----------



## valis (Sep 24, 2004)

Gotcha. Temp files that are a bit more than temp, then.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> Extra objects that are created by software in order to do their job. Once the job is done, these objects become superfluous and need to be removed.
> These objects should be removed by the software itself, but it doesn't always happen and CCleaner won't remove them either, because the software is not on the small list of CCleaner.


If you mean during the installation of software, aren't most temp folders where these install folders and files are generated......emptied during the Ccleaner process?

After doing an install like Dragon.....I've found anywhere from 50 to 100 mb of temporary files that Ccleaner deletes.
The only need to remove that I'm aware of concerns freeing up hard drive space and potentially reducing the size of drive images....and as drives are becoming as large as I see .....it's no longer a critical issue.


----------



## Stoner (Oct 26, 2002)

valis said:


> Gotcha. Temp files that are a bit more than temp, then.


Indeed.
I've read of people using Ccleaner to function on a shutdown, not realizing that some freshly installed software sometimes needs those temp files to finish the install on the next boot.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Erik has positioned these 'superfluous objects' as potential security risks by being targets of malware and removed for that reason.


Not true. I remove these superfluous objects for one reason only : they don't belong in my system. Why would I collect and waste space on them ?
My system has always the same volume, except when I update it permanently.
I consider objects of temporarily installed software also as superfluous objects, because they don't belong in my system, I didn't like them.
The difference with other users is, that I remove these software 100%.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> Not true. I remove these superfluous objects for one reason only : they don't belong in my system. Why would I collect and waste space on them ?


You did state otherwise in relation to infectability in another thread.
I'll accept that you are withdrawing/restating that past claim.


----------



## Jack Hackett (Nov 19, 2006)

Erik, do you not know about CCleaner's *winapp2.ini* file?
I would have thought some one who comes across as such a know it all as you would now how to use such a file to tweak the cleaning to your own requirements 
perhaps you should have a read of the Advanced Usage documentation
http://www.piriform.com/docs/ccleaner/advanced-usage

happy reading.


----------



## Stoner (Oct 26, 2002)

valis said:


> Well, technically, an OS is a potential security risk; even something bootable like Puppy Linux. In essence you are taking the mfg's word that this is a viable boot OS and not some rampaging data destroying virus.
> 
> When one stops to think about just how many files go into a modern OS, it becomes fairly obvious rather quickly how much we are trusting these manufacturers.
> 
> Anyone here remember the Sony DRM fiasco?


I remember. I wasn't involved in that situation, fortunately.
That's where I learned of Rootkitrevealer.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> ............................
> I consider objects of temporarily installed software also as superfluous objects, because they don't belong in my system, I didn't like them.
> The difference with other users is, that I remove these software 100%.





> The difference with other users is, that I remove these software 100%


ehhh....not really. You don't remove, you automatically reimage each time you reboot and the result is an older image that exists with out the changes you made since the image was last updated.

Might sound like semantics, but the process is significantly different from actual 'cleaning'.


----------



## ErikAlbert (Oct 14, 2010)

Jack Hackett said:


> Erik, do you not know about CCleaner's *winapp2.ini* file?
> I would have thought some one who comes across as such a know it all as you would now how to use such a file to tweak the cleaning to your own requirements
> perhaps you should have a read of the Advanced Usage documentation
> http://www.piriform.com/docs/ccleaner/advanced-usage
> ...


The list of winapp2.ini is longer, but it doesn't contain thousands of software, so it is still not good enough.
Another disadvantage is that I have to maintain this list myself. How do I know WHERE and WHAT to remove of any software ? Isn't that dangerous for a less-knowledgeable user like me ?
My own method doesn't require any maintenance or knowledge of possible superfluous objects, I only have to install the new software and that's it.
That is also the reason why CCleaner doesn't detect any superfluous object on my system, except for objects that are re-created by Windows during reboot. Try it yourself. CCleaner will report these few objects after your reboot.
P.S.: I'm not a know-it-all. I just follow my logical reasonings.


----------



## valis (Sep 24, 2004)

Stoner said:


> I remember. I wasn't involved in that situation, fortunately.
> *That's where I learned of Rootkitrevealer.*


ditto. And that's also where I learned that a little paranoia isn't necessarily a bad thing.


----------



## Jack Hackett (Nov 19, 2006)

ErikAlbert said:


> Another disadvantage is that I have to maintain this list myself. How do I know WHERE and WHAT to remove of any software ?


From reading your posts, on numerous occasions you seem to make the point that you know 'Where and What' to remove for _your_ manual removal methods. 
You also appear to contradict yourself too.
My take on you and your methods is, your a bumbling fool  but hey, each to their own.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> The list of winapp2.ini is longer, but it doesn't contain thousands of software, so it is still not good enough.
> Another disadvantage is that I have to maintain this list myself. How do I know WHERE and WHAT to remove of any software ?
> My own method doesn't require any maintenance or knowledge of possible superfluous objects, I only have to install the new software and that's it.


Then please post the details of your method, the software used and how you have configured them to act/react in the manner you call your 'method'.

edit....within one post


----------



## Stoner (Oct 26, 2002)

Jack Hackett said:


> From reading your posts, on numerous occasions you seem to make the point that you know 'Where and What' to remove for _your_ manual removal methods.
> You also appear to contradict yourself too.
> ..................................................


Indeed.......I keep wondering how Erik knows where some of this superfluous stuff is ..... after he has to reboot normally to finish an install. I have seen instances where the files necessary to finish an install are in the program folder and marked deletable.

Erik.......do you manually search these out also?
Sounds time consuming.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Indeed.......I keep wondering how Erik knows where some of this superfluous stuff is ..... after he has to reboot normally to finish an install. I have seen instances where the files necessary to finish an install are in the program folder and marked deletable.
> 
> Erik.......do you manually search these out also?
> Sounds time consuming.


That is easy to answer. I discovered these objects accidental.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Then please post the details of your method, the software used and how you have configured them to act/react in the manner you call your 'method'.
> 
> edit....within one post


To become a mocking bird again and to read all your rant at my expense after explaining my method ? I already explained my method to you.


----------



## ErikAlbert (Oct 14, 2010)

Jack Hackett said:


> My take on you and your methods is, your a bumbling fool  but hey, each to their own.


That is the kind of comments, I always receive. Thanks anyway.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> That is easy to answer. I discovered these objects accidental.




(sigh! )


----------



## ErikAlbert (Oct 14, 2010)

We better close this thread. It's still about me and not about cleaning superfluous objects.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> To become a mocking bird again and to read all your rant at my expense after explaining my method ? I already explained my method to you.


Here's what I've read from you.......FD is security software, FD is not security software. You delete objects that can become infected, because they can be infected, then post you don't delete object for security reasons.
You post you let your computer do all the work and then post you come upon these objects accidentally.
And other stuff.

Surly even you see the confusion.

Why are you denigrating Ccleaner in preference to promoting a 'method' you won't describe in detail?
Erik....that's illogical.

Think it over....you won't convince anyone if you won't accurately describe this 'method'.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> We better close this thread. It's still about me and not about cleaning superfluous objects.


You make it about yourself, Erik.

Define your 'method' and that will focus the discussion on it.


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> We better close this thread. It's still about me and not about cleaning superfluous objects.


Well, it is actually a discussion on computer security, not about you. It's just that you've made some, IMO, contradictory statements with regards to computer security.

Obviously that's neither here nor there. But one question that does beg to be asked is that if you stumbled over these objects accidentally, why wouldn't you trust scanners that are written by professionals and designed specifically to weed out these so-called 'superfluous' objects?

I know I am very far from perfect; pretty sure we are not in the same galaxy. But I do know that if something goes wrong with, say, the plumbing in my house, I'm not going to call an expert in the field of calligraphy to come and fix it.

The same goes for these objects you are talking about. You trip over them, but don't you wonder where more of them would be hiding? Especially the malicious ones?

Again in my opinion, your view on security is out-dated and as such, dangerously lax.

That said, it's merely my opinion. To each their own. If it works for you, then that is all that matters. I know that it wouldn't work for me, and all I ask is that you return the respect given.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> That is the kind of comments, I always receive. Thanks anyway.


Not from me, you haven't.......... and I haven't returned the few insults you pointed at me.


----------



## Jack Hackett (Nov 19, 2006)

ErikAlbert said:


> That is easy to answer. I discovered these objects accidental.


Ah.. by bumbling your way around folders and files as is 'your method'



ErikAlbert said:


> That is the kind of comments, I always receive. Thanks anyway.


The cap obviously fits then, and many other people take you for the bumbling fool that you clearly are.
Do you ever take your blinkers off?


----------



## ErikAlbert (Oct 14, 2010)

valis said:


> The same goes for these objects you are talking about. You trip over them, but don't you wonder where more of them would be hiding? Especially the malicious ones?
> 
> Again in my opinion, your view on security is out-dated and as such, dangerously lax.


I don't have to wonder about malicious ones. I remove them the same way as any other superfluous objects. Any good or bad object is removed for only one reason : it changed my system and it doesn't belong there. 
I'm 100% sure about removing good objects, much better than any existing cleaning software.
I'm not 100% sure about removing bad objects, but I can't find a scanner that proves I'm infected.
Maybe I need one of these MBAM/HJT/OTL/GMER/DDS/...-logs, but I can't read them (except MBAM).

The funny thing is that I only have to install an AV/AS-scanner and that will be the end of any discussion, but I'm not going to do this unless I find a scanner that detects malware.
I depend on Sandboxie and even more on Anti-Executable (AE) to kill the worst infections immediately.

If you run an AV/AS-scanner at the end of the day and it reports one or more bad objects.
Aren't you worried that these bad objects had enough time to do their evil job ?
How many bad objects execute themselves immediately without any action of the user ?
Keyloggers do, what else ?

FirstDefense has enemies, but they were all executables which are killed immediately by AE.
AE protects the most important files of my system, but I hardly see it in action.
I visited a few websites were AE killed an executable, but nothing more than that.
Sandboxie is more active than AE, because Sandboxie is very close to internet and that's were the evil begins.
If SB and AE fail, the malware is gone after reboot, just like scanners do at the end of the day, including unknown malware and not-blacklisted known malware, which are not removed by scanners.
IMO the combination of SB + AE + FD is enough to replace scanners until I have hard proof, I'm wrong. Meanwhile I have a good life without these annoying and incomplete scanners.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I don't have to wonder about malicious ones. I remove them the same way as any other superfluous objects. Any good or bad object is removed for only one reason : it changed my system and it doesn't belong there.
> I'm 100% sure about removing good objects, much better than any existing cleaning software.
> I'm not 100% sure about removing bad objects, but I can't find a scanner that proves I'm infected.
> Maybe I need one of these MBAM/HJT/OTL/GMER/DDS/...-logs, but I can't read them (except MBAM).
> ...





> I don't have to wonder about malicious ones. I remove them the same way as any other superfluous objects.


Just pointing out that you aren't removing anything....you are reimaging to a configuration of the past that hasn't experienced malicious content ( hopefully).



> I'm not 100% sure about removing bad objects, but I can't find a scanner that proves I'm infected.


As you refuse to run a full time scanner from day to day, you can't make that claim because you only know the short time period during which you had a scanner installed and active.
You might scan today and be infected in tomorrow's session, never knowing because you constantly reimage.



> The funny thing is that I only have to install an AV/AS-scanner and that will be the end of any discussion, but I'm not going to do this unless I find a scanner that detects malware.


I suggest you run a scanner for a year and see what happens. One session out of a year isn't sufficient, IMO.



> I depend on Sandboxie and even more on Anti-Executable (AE) to kill the worst infections immediately.


Sandboxie is a good app to use in controlling what is written to a hard drive....but it's not 100% perfect.



> Anti-Executable (AE) to kill the worst infections immediately.


You described AE in past posts as a whitelist that only allowed chosen apps and executables to run.
How does it kill infections?
I too have several apps that whitelist apps and executables.
An antikeylogger, a firewall and noscript and flashblock.... for javascript and flash running in my browser.....this is for XP.
With win 7 there is also UAC and I have mine turned up high.

But I still run an av scanner and malware scanners. because the above isn't 100% perfect.

I also have a fallback plan with a drive image should something go wrong.



> If you run an AV/AS-scanner at the end of the day and it reports one or more bad objects.
> Aren't you worried that these bad objects had enough time to do their evil job ?


First, they wouldn't be objects, they'd be malware infections and yes, I would be concerned.
My own preference is to reimage at that point.
( and note that I don't go around promoting my preference)
But that's not a rationale reason to run with out a layered defense.
And my AV scanner's footprint is insignificant on the resources of my 4 year old computer.
I can think of no reason to not fully defend my system with a layered approach.



> How many bad objects execute themselves immediately without any action of the user ?


This should worry you a lot as you don't scan what you download and save to a different partition ....than your OS.
All those many hundreds of commercial movies you've ripped to your hard drive are just sitting there, unknown as to their integrity....plus whatever else is saved to those partitions.



> I visited a few websites were AE killed an executable, but nothing more than that.


And how did you verify that AE 'killed' all malicious executables if you refuse to scan?



> Sandboxie is more active than AE


There is a whitelist in Sandboxie that only allows what you list to run in the sandbox...... and connect to a network.
But I have read it's theoretically possible for a rootkit to get through the SB software in certain circumstances.


----------



## Stoner (Oct 26, 2002)

Missed your edit....so here it is:



ErikAlbert said:


> ...................................
> If SB and AE fail, the malware is gone after reboot, just like scanners do at the end of the day, including unknown malware and not-blacklisted known malware, which are not removed by scanners.
> IMO the combination of SB + AE + FD is enough to replace scanners until I have hard proof, I'm wrong. Meanwhile I have a good life without these annoying and incomplete scanners.





> If SB and AE fail,


You are toast with out an AV app. Sure...you can reboot if you know you are infected from them failing......but if you don't, the rest of that session is run infected and this is where I point out that some 13 year old kid that just bought a tool for hacking might just capture an account # and identity you might inadvertently use during that infected period........and be shopping for a new vette on your 'dime' 

Layered security just makes sense.


----------



## ErikAlbert (Oct 14, 2010)

I used WinPatrol for two weeks as a 4th security software, because it also uses some kind of snapshot technology like FD and it also protects crucial areas of my system.
After two weeks, I uninstalled WinPatrol, its only action was to annoy me when I was installing a temporary software.
I'm still looking for IMMEDIATE security software, but they are hard to find.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I used WinPatrol for two weeks as a 4th security software, because it also uses some kind of snapshot technology like FD and it also protects crucial areas of my system.
> After two weeks, I uninstalled WinPatrol, it's only action was to annoy me when I was installing a temporary software.


So?

What's that got to do with running an AV app long term?


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Missed your edit....so here it is:
> 
> You are toast with out an AV app. Sure...you can reboot if you know you are infected from them failing......but if you don't, the rest of that session is run infected and this is where I point out that some 13 year old kid that just bought a tool for hacking might just capture an account # and identity you might inadvertently use during that infected period........and be shopping for a new vette on your 'dime'
> 
> Layered security just makes sense.


But you didn't answer my questions and I don't need your smileys.
My bank is probably more secured than yours. How do you login ?


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> I don't have to wonder about malicious ones. I remove them the same way as any other superfluous objects. Any good or bad object is removed for only one reason : it changed my system and it doesn't belong there.
> I'm 100% sure about removing good objects, much better than any existing cleaning software.
> I'm not 100% sure about removing bad objects, but I can't find a scanner that proves I'm infected.
> Maybe I need one of these MBAM/HJT/OTL/GMER/DDS/...-logs, but I can't read them (except MBAM).


This is where I will say that education about a topic is a good thing. I am not trained in malware removal, but I most certainly can spot it in the wild; as always this is in my opinion, but I reckon the best way to defeat your enemy is to at least be able to spot them.


> The funny thing is that I only have to install an AV/AS-scanner and that will be the end of any discussion, but I'm not going to do this unless I find a scanner that detects malware.
> I depend on Sandboxie and even more on Anti-Executable (AE) to kill the worst infections immediately.


You are getting egotistical on me.  This convo is NOT about you; trust me, you could drop out and this thread will continue. It's a free exchange of ideas and currently the situation is that the majority believes that your methodology is dated and dangerous to the extreme.

That said, as I stated before, if it works for you, hey, it works for you. 


> If you run an AV/AS-scanner at the end of the day and it reports one or more bad objects.
> Aren't you worried that these bad objects had enough time to do their evil job ?


It depends on the object. As I said, I make it a point to educate myself on what a particular item will be doing.



> How many bad objects execute themselves immediately without any action of the user ?
> Keyloggers do, what else ?


Enough do so that it's a problem. And again, something I've said before and doubtless will say a few more million times, 95% of malware education is flat-out common sense. I've been on the internet loooooong before Berners-Lee made it commercially viable, and *I've* never been attacked. My rig was infected once, but that was not by me, and that is what got me into both malware removal and TSG at the same time. So I consider it a boon. 



> FirstDefense has enemies, but they were all executables which are killed immediately by AE.
> AE protects the most important files of my system, but I hardly see it in action.
> I visited a few websites were AE killed an executable, but nothing more than that.
> Sandboxie is more active than AE, because Sandboxie is very close to internet and that's were the evil begins.
> ...


A good test which I don't know if you've heard of is the Eicar test; that's pretty much the base litmus test for scanners. At least it was, would imagine that there is something else out there now.

Again, it's my view that your methodology is dated in the extreme. That said, hey, it's your rig. Do whatever you see fit and if it works for you, cool by me.


----------



## ErikAlbert (Oct 14, 2010)

I've done the Eicar test long ago. It didn't make me any wiser. The problem is I can't get malware myself to test my approach under my control.
Yes my security is dated, that's why scanners can't find anything.
Many malware-victims are also dated with their logs in forums, I'm not one of them.

That's the conversation in many malware forums.
Did you run your AV-scanner ? Yes it didn't help.
Did you run your AS-scanners ? Yes it didn't help.
Did you run CCleaner ? Yes it didn't help.
OK. Give me your LOGS.
Scanners were a big help for these malware-victims. Pffft.
But my setup is dangerous.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> But you didn't answer my questions and I don't need your smileys.
> My bank is probably more secured than yours. How do you login ?





> But you didn't answer my questions


I don't see any questions addressed to me and I don't see any I avoided.
You were addressing Tim.



> and I don't need your smileys.


Sure you do 



> My bank is probably more secured than yours.


I don't know about my banks, but if your accounts are accessible online or by telephone, your accounts are not as secure as mine 



> How do you login


I don't 
I don't bank online or have accounts open to internet access.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> I've done the Eicar test long ago. It didn't make me any wiser. The problem is I can't get malware myself to test my approach under my control.
> Yes my security is dated, that's why scanners can't find anything.
> Many malware-victims are also dated with their logs in forums, I'm not one of them.





> The problem is I can't get malware myself to test my approach under my control.


No...the situation is each time you reboot, you are supposedly clean again......heavy on the 'again' as with out scanning, you have no means to check on the integrity of the session you just closed. You might indeed be infected when you close a session.
You don't know and are unwilling to run a full time scanner.

As the say, ignorance is bliss _


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> But my setup is dangerous.


In my opinion, yes it is. But this isn't about 'your' setup. It works for you, cool. The kicker here, and I hope I'm being clear, is that it will not work for everyone. It simply will not.

It has enough flaws in it to make it dangerous. That said, you are aware of the flaws and easily navigate around them. Even better, this is a setup you are comfortable with. Given those two issues I'd recommend that you stick with it.

THAT said, one thing I would also recommend is that you realize that every single methodology against malware is flawed if the person utilizing said methodology believes theirs to be impenetrable. Peace of mind is one thing; secure in the fact that nobody can hack your system is a pipe dream.


----------



## Stoner (Oct 26, 2002)

valis said:


> In my opinion, yes it is. But this isn't about 'your' setup. It works for you, cool. The kicker here, and I hope I'm being clear, is that it will not work for everyone. It simply will not.
> 
> It has enough flaws in it to make it dangerous. That said, you are aware of the flaws and easily navigate around them. Even better, this is a setup you are comfortable with. Given those two issues I'd recommend that you stick with it.
> 
> THAT said, one thing I would also recommend is that you realize that every single methodology against malware is flawed if the person utilizing said methodology believes theirs to be impenetrable. Peace of mind is one thing; secure in the fact that nobody can hack your system is a pipe dream.


Good post, Tim.

My issue is with the implied recommendation of his 'method' to others.
That one point.......the argument to not use av/malsware scanners is the issue I just can not see as being responsible in terms of security for everyday use.


----------



## ErikAlbert (Oct 14, 2010)

valis said:


> In my opinion, yes it is. But this isn't about 'your' setup. It works for you, cool. The kicker here, and I hope I'm being clear, is that it will not work for everyone. It simply will not.


So if I use an AV/AS/AT/AR-scanner, I'm alot safer ?


----------



## Stoner (Oct 26, 2002)

Any reduction in risk is 'safer' than before, Erik.


----------



## ErikAlbert (Oct 14, 2010)

Stoner said:


> Good post, Tim.
> 
> My issue is with the implied recommendation of his 'method' to others.
> That one point.......the argument to not use av/malsware scanners is the issue I just can not see as being responsible in terms of security for everyday use.


Of course you agree. I would be surprised if you didn't.
No flaws at all in your setup right ?


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> So if I use an AV/AS/AT/AR-scanner, I'm alot safer ?


I didn't say that, Erik. What I said was that, in your case, I'd recommend your methodology _to you_ for the reasons I stated. However, you are very much in the minority; I've been playing the malware game for about a half-dozen years now, and you are the only person I've ever come across with this particular set up who prefers it.

Note that I did not say that you are right or wrong; there is no right or wrong, there is only that which keeps crap out of your rig. I could make your methodology work quite easily on my rig, but I choose not to, primarily because it's too much of a hassle. Some of my co-workers, however, could not, as they are not as technically oriented.

This is why I also state that it's not a good idea to state that yours is the end-all, be-all of malware prevention. Using your methodology could get some mundane users in very deep trouble in no time flat.

But again, it works for you, and that, my friend, is all that matters.


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> Of course you agree. I would be surprised if you didn't.


Then you don't know Stoner very well.  I could count on one hand the times he's agreed with me and still have enough fingers left over to cut a deck of cards.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> Of course you agree. I would be surprised if you didn't.


Tim and I have had differences of opinion in the past 
But we both acknowledge each other in agreement, also. 
Tim has a lot more experience with computing than myself and I do listen to what he posts seriously..... on computer security.


----------



## ErikAlbert (Oct 14, 2010)

@Valis,
Understood. If my setup ever fails I will tell TSG about it. I have no problems with that.


----------



## Stoner (Oct 26, 2002)

valis said:


> Then you don't know Stoner very well.  I could count on one hand the times he's agreed with me and still have enough fingers left over to cut a deck of cards.


s


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> @Valis,
> Understood. If my setup ever fails I will tell TSG about it. I have no problems with that.


Cool......I wouldn't expect you to have any problems with it, for several reasons; 1, we got a great track record in dealing with malware, 2, no system is inherently foolproof, and 3, while being closed-minded, you still strike me as the type of person who will at least _evaluate_ failings in their own system.

Even if it takes a breach to evaluate it. 

Like I said, the main thing to remember here is that no system is perfect; too much depends on user common sense. One thing that could be a boon or a bane in your methodology is the dated-ness of it. It's old enough so that most of the new threats just pass it by, but it's not new enough to deal with the more sophisticated attacks. Sort of a 50/50 type deal.

I've got a 98 box that I just took down this year, and I remember with clarity how frequently I'd have to clean that out in the early 2000's. By about 2005 or '06, however, the system was just too old to attract any bees to it's particular honey-pot.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> @Valis,
> Understood. If my setup ever fails I will tell TSG about it. I have no problems with that.


Good luck with that Erik.

Red Corvettes are quite popular in the US this time of the year


----------



## valis (Sep 24, 2004)

Stoner said:


> Tim and I have had differences of opinion in the past
> But we both acknowledge each other in agreement, also.
> Tim has a lot more experience with computing than myself and I do listen to what he posts seriously..... on computer security.


Thanks, SJ.....means a lot coming from you. :up:

I wouldn't say 'a lot'; we each have our areas of specialty. I just happen to work in the IT arena.


----------



## ErikAlbert (Oct 14, 2010)

How do you explain, all these malware-victims in forums worldwide, in spite of their security ? Even this forum is full of malware-victims. I hardly can find a post without malware-problems.


----------



## valis (Sep 24, 2004)

Simple; lack of common sense. VERY infrequently do I see repeat visitors here for malware, and of those repeat visitors, at least 95% of them are doing some stupid thing like torrent sharing. 

For the vast majority of folks on the web, they get an email that contains a hyperlink that says wellsfargo.com, they simply never think to actually see where that link goes to. Something that simple. Or opening a .jpg from someone you don't know.

I mean, it's exactly like letting Charles Manson in your house, except you can see that Charles Manson is the one knocking. When people hit the internet, the 'i can't see you, so you must not be able to see me' mentality kicks in.

Leastwise, that's my take on it. And again, I base that primarily on the fact that there are very, very few repeat customers.


----------



## lotuseclat79 (Sep 12, 2003)

Hi ErikAlbert,

I seem to remember your name from Wilders Security Forums - are you the one and same?

Welcome to TSG!

Please refresh my memory of your method. I seem to recall it had to do with backup and restore - is that correct?

-- Tom


----------



## valis (Sep 24, 2004)

heyya Tom.....how's life in the great NE?


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> ...............................
> No flaws at all in your setup right ?


As you have posted, no software is 100% perfect.
At the same time, if you refuse to install a beneficial layer of defense.....there is absolutely no reduction in risk.
By not running AV/malware scanners, you assume more risk than if you had them installed.


----------



## Stoner (Oct 26, 2002)

ErikAlbert said:


> How do you explain, all these malware-victims in forums worldwide, in spite of their security ? Even this forum is full of malware-victims. I hardly can find a post without malware-problems.


Google is your friend 

http://www.google.com/search?sclien...ce=hp&q=how+computers+get+malware&btnG=Search

http://www.google.com/search?sclient=psy&hl=en&source=hp&q=how+computers+get+infected&btnG=Search

http://www.google.com/search?sclient=psy&hl=en&source=hp&q=how+computers+get+virus&btnG=Search

http://www.google.com/search?sclient=psy&hl=en&source=hp&q=how+computers+get+spyware&btnG=Search


----------



## valis (Sep 24, 2004)

Stoner said:


> As you have posted, no software is 100% perfect.
> At the same time, if you refuse to install a beneficial layer of defense.....there is absolutely no reduction in risk.
> *By not running AV/malware scanners, you assume more risk than if you had them installed.*


Indeed. There is also the risk of complacency; one more thing, along with death and taxes, that can be regarded as a certainty is the evolution of malware. The bottom line is that it is big business, life in the digital fast lane as it were.


----------



## valis (Sep 24, 2004)

One thing that hasn't been mentioned that definitely _should_ be, is the ugly fact that there are quite a few rogue a/v apps that make nice promises to clean up and speed up your pc, and instead, infest it.

I read a report recently that stated that the actual malware companies frequently have better customer service than the big hitters in the a/v industry, such as norton or mcaffee. Multilingual support, less hold times, and actual coding tips, all from your friendly neighborhood malware call center.


----------



## ErikAlbert (Oct 14, 2010)

lotuseclat79 said:


> Hi ErikAlbert,
> 
> I seem to remember your name from Wilders Security Forums - are you the one and same?
> 
> ...


Yes that's me. I was an active member at Wilders during 3 years I think. After my setup was finished, I left Wilders.
Yes I have been talking about backup and restore.
I have two kinds of backup and restore :
1. Image Backup = Slow System Recovery, not practical for daily use.
2. FirstDefense = Immediate System Recovery which is practical for daily use, it only requires a reboot.

FirstDefense is the only ISR-software that works with snapshots and archived snapshots, it's the fastest backup software (archived snapshots) I've ever seen, a matter of seconds, one minut or a few minuts.
All other ISR-software don't have this.


----------



## ErikAlbert (Oct 14, 2010)

valis said:


> One thing that hasn't been mentioned that definitely _should_ be, is the ugly fact that there are quite a few rogue a/v apps that make nice promises to clean up and speed up your pc, and instead, infest it.
> 
> I read a report recently that stated that the actual malware companies frequently have better customer service than the big hitters in the a/v industry, such as norton or mcaffee. Multilingual support, less hold times, and actual coding tips, all from your friendly neighborhood malware call center.


Yes I know about these rogue scanners. I'm not a newbie, I just don't like scanners.
I make a clear distinction between temporarily and permanent installed software.
I hardly install new software permanently, because I'm satisfied with the software I already have.
I'm only interested in sensational improvements and they are very rare.
FirstDefense was the most sensational improvement, the only one.


----------



## valis (Sep 24, 2004)

ErikAlbert said:


> Yes I know about these rogue scanners. I'm not a newbie, I just don't like scanners.
> I make a clear distinction between temporarily and permanent installed software.
> I hardly install new software permanently, because I'm satisfied with the software I already have.
> I'm only interested in sensational improvements and they are very rare.


Dude, chill. 

I wasn't addressing you; I was addressing the topic at hand, which, last I checked, was 'discussion on computer security'. The fact remains that this (rogue apps) is a huge issue, and a cash cow at that. I dunno about you, but I can't sleep worth a damn, and as a result, usually end up seeing far too many commercials for apps that are 'guaranteed to speed up your pc', and that is just a flat out scam. Bottom line, nothing can speed up your rig other than a few freeware apps and regular maintenance, and I suspect you know that.


----------



## ErikAlbert (Oct 14, 2010)

valis said:


> Dude, chill.
> 
> I wasn't addressing you; I was addressing the topic at hand, which, last I checked, was 'discussion on computer security'. The fact remains that this (rogue apps) is a huge issue, and a cash cow at that. I dunno about you, but I can't sleep worth a damn, and as a result, usually end up seeing far too many commercials for apps that are 'guaranteed to speed up your pc', and that is just a flat out scam. Bottom line, nothing can speed up your rig other than a few freeware apps and regular maintenance, and I suspect you know that.


Yes, I know about them too. Registry Booster always makes silly promises on many websites, even in computer forums, like "Do you have "this problem" Registry Booster will fix it for you" = any problem is good.
I need only 4-5 hours sleep, so I have alot of time. LOL


----------



## valis (Sep 24, 2004)

four to five would be nirvana for me.........

I need about 12 to 14, but generally get 2 to 4.........hence my plethora of past-times.........


----------

