Noob: Defense+,keep it or leave it

hi all (:WAV)
the title says it all.for noob/average joe (like me ;D ) is it really useful having Defense+?
so far i haven’t encountered any trouble using it, but i don’t know if i should keep it.
the question flashed on my mind this morning due to late breakfast & too much coffee 88)
here’s the err “thing”:

  1. running 100% known safe program
    well, this is the part when i hope i don’t have D+ at all so i don’t have to deal with the pop ups. yes, i know about the “installer/updater,trusted rule,training mode, etc”,but still the pop up warning is useless in this situation cos i know the program is 100% safe. of course i can disable D+ temporarily but still it’s an extra work.
    (for example: running newly installed AV/AS)

  2. running known malware
    no need explanation for this, who’s crazy enough to run a malware ;D , and of course if we know the program is unsafe/malware, then we won’t run it in the first need defense+ to warn us about known malware.

  3. running “grey” program (ehm, like cracked software 88) )
    Ok, so the D+ pop up shows up & warn us about “possible malware behavior”, and then what? ??? i often see D+ warning about “possible malware behavior” when i’m installing/running something safe.
    the only 2 things stop me from installing/running this “grey” program is my “self morality” (rarely ;D ), and when my AV caught something nasty from the program.

for someone with extra comp knowledge,comp savvy,geek expert, maybe they can understand what it means when D+ says “the program xxx is trying to access yyy”, but for average joe, you don’t have much choice except block it (and lose your chance to have paid software for free 88) ) or allow it (and having malware party) without knowing what the pop up means.
so what do you guys think? :stuck_out_tongue:
i’m planning to use firewall only & my AV unless somebody can give me a reason why should i keep it.
Tiffany ganda

I have luckily never had a virus/trojan run on my computer in 10 years AV did stop 4/5 in that time.

1/2 you have answered

3 you normally only have alerts when you running programs on your computer so you know they are safe if you are running a process you know is safe (Threatcast will help here when released).

You occasionally can be installing ActiveX files or codecs for Media player but on the whole there is no reason for alerts whilst on the internet even in Paranoid Mode this is when Defence+ will save you that is why I run Defence+
My thoughts

so you mean, a nasty from internet can install it self while i’m browsing a nasty site :stuck_out_tongue:
hmm, make sense, but i haven’t encountered something like that. :THNK

If using Internet Explorer, you may prevent many activex and other stuff from coming all the way down using tools such as SpywareBlaster, IE7Pro, Haute Secure and Spybot Search & Destroy preventive measures.

SpywareBlaster - works for IE and Firefox
Haute Secure - work for IE and Firefox and is a mix of sandbox, hips, behavioral blocker
Spybot Search & Destroy - can use it with all 3 browsers (IE, Firefox and Opera)

And of course, the best way to prevent such is to use Opera :wink:

But I bet you already knew all that. It’s just that sometimes I like to be seen as a (:NRD)


HMMMMMM… Ganda…Ganda Ganda…
This is a really hard question! and you make great points.

and the answer is… Go what ever makes you comfortable!.. So Defense+ isn’t your thing… What can you replace it with that is user friendly… HMMM. I guess you could use Sandboxie… Or maybe defense wall? Geswall?
Sandboxie is a little bit geeky… But it’s set and forget. Defensewall I’ve never tried… Geswall? That’s really user friendly. Have a try of the pro version which is 15 days. Then export your settings, and import them into the free version.

If your really easy going, avast and a firewall :slight_smile:

tch, that’s it? 88) no argument? 88) ;D
i’m gonna keep this topic open, so other ppl can give their comment about this.
i think there are many ppl who think the same way with me. :stuck_out_tongue:
they know how to use it, but that doesn’t mean they can use it

Yeah I can totally understand you, I too get annoyed having to click the pop-ups when I know it’s a safe application… they need to work on the whitelist! … :slight_smile:

comodo can develop a whitelist updates like virus definitions which will reduce the yes or no popups from defense + from users like me.

thes def. will alolow peoples to updates theier white list from time time like updating virus def



Lets imagine that there was a process named XYZ.exe and was known to be good and was on the whitelist. Now lets imagine that I create malware and name it that way to trick D+ (or any other tool). Will D+ know it is not the same process? I mean, lets suppose that that malware is programmed to act like the real process. Will it be able to trick D+ and that way infect our system/steal information?

it has to have a valid digital signature.

Not so long ago, I saw a post at Sunbelt’s blog mentioning a rogue antivirus that was using a valid digital signature by Verisign or Digital River, or something like that.

Ummm…well thats not very good

It was a digital signature by GlobalSign (