http://forums.malwarebytes.org/index.php?showtopic=89172&st=0&p=451252&hl=kaspersky&fromsearch=1&#entry451252

Oh,the last KIS 2010... excellent release, one of my favourite. Btw, are you using default skin or an alternative one? As you probably know alternative skin gives acces to some prog features that are not accessible with default skin (for example Quick Rootkit Scan and Full Rootkit Scan...). If you are still using default skin let me know;  I will provide you link for download alternative skins; you will see a quite big change.

All skins, of course, are tested. 

Not sure I understood the second part. What price are you talking about? Comodo is freeware, both firewall and Internet Security 

I know that Gwenio1, I have no problem at all with KIS and MBAM (I got also Emsisoft Emergency Kit and Hitman Pro). I keep the real time pritection disabled because it's unusefull with running KIS, and it's better to save resources...

I know, never officially released into the wild, more of a proof of concept.  In that one, a jpeg can carry a trigger for a virus, but the virus has to already be on the system (at least a stub).  It was discovered in 2002, but since then I have not heard any more about jpegs infecting systems.  That is why i was concerned about the hiloti trojan when they mentioned jpeg infection.  But they never expanded on that to say how of really if it could.

I want to believe jpegs are safe, and so far I have yet to see how one can infect you - the only thing is the Perrun that can activate a resident virus.  If they already have the stub, they already have a problem.

When they work. I just cleaned a system that was infected with a trojan.  Their AV of choice?  Symantec.  So what use was Symantec?  It did not catch it, and the trojan hijacked the browser and basically shut them off the Internet.

Sorry, the Free ones are as good, and most do work in real time.  They have the advantage of not coming with bloatware.

Did you catch the exploding macs too?  yea, that conference is a gold mine of the stuff of nightmares!  I saw the plane as well.  What most people fail to realize is there is no expectation of privacy with cell phones.  it is not uncle sam that is listening, it is the Johna and Alice Martins.

No, I'm far from "proud" to only use free security software, but as long as a free piece of software is doing the job fine (for my use) then I really don't give a shaite that a pay-ware software is doing the same job better.

But I do recommend Avast Home to anyone who ask for my advise on this subject.

Well, that could be correct,,,I don't know the last versions of Avast; I used it till 4 years ago, and at that time it was a good prog, one of the best among freeware. Now times are changed..  

As you said "is doing a fine job FOR MY USE"; well, I don't want to go in technical details, but in my opinion you should use some caution..For example, how do you know what kind of use does the person you suggest Avast Home? Is it your intention to suggest some other additional freeware security progs? 

Well, as I told you before is your business, not mine. What I don't like is the diffusion of wrong, incorrect or partial info, that can cause trouble. But I think you are conscious about this.

Doubt it. I visit the same 10 websites a day and don't do any crazy searches. All of my bookmarks are trusted sites. Just sounds to me like you guys are paranoid and over protective.

Indeed I am, and I use the best possible security meassure money CAN'T buy: Common sense.
No piece of software can compete with that.

^ True, but infected websites can give you something without you doing more than clicking on a link...getting redirected/jacked to a phishing site...

never very simple, i'm afraid, unless you mouse over every link to examine it before clicking, etc.

...the very best protection against malware and the rest of unwanted software is to always use your computer using a limited account.  I know I've preached about this hundreds of times already but it's true.  If you browse the internet using a limited user account (and learn to use/admin your system local security policy) you are right there doing more to protect your system than any third-party software (free or not) can do.

Personally, I use limited accounts everywhere, cripple various functions in the browser (whatever flavour doesn't matter) and only rely on third-party software such as the ones I pointed out months ago in one of Doc's threads for a second opinion.  Leaving the "security / health" of your system up to software is foolish in my opinion.  "Best Practices" (the things I've mentioned) and a healthy dose of common sense will always beat relying on software hands-down.

EDIT:  I have and continue to perform testing with regard to these "theories" of mine and they still continue to hold true.  When systems are configured and used the way I tend to set them up even without any security software the malware either can't even begin to install/infect the system in the first place, or the infection is only a *partial* one and therfore easy to remove/clean. 

Very true - but almost everyone I have found infected that way was running a pay for product.  The line in Lost Boys: "Don't ever invite a vampire into your house, you silly boy. It renders you powerless."  When you invite them in, no amount of AV garlic is going to help you.

This is true:

"By running Windows the way Microsoft ships it -- using the all-powerful administrator account -- you expose yourself to huge security risks. If a Trojan horse or virus makes it onto your machine while you're using an administrator account, it can get its hooks deep into the operating system (often without your knowledge.) However, by regularly using Windows under a limited account, you can safely avoid the vast majority of malware out there today, simply because the limited-user account does not have the right to install programs or change system settings. As a result, when malicious Web sites try to use security weaknesses in the operating system or your Web browser to conduct "drive-by" spyware and malware installs, for example, that installation process fails." B. Krebs

Another interesting blog of his is here: http://blog.washingtonpost.com/securityfix/2006/04/windows_users_drop_your_rights.html

and MS puts out a small program DropMyRights to do just that:

http://download.microsoft.com/download/f/2/e/f2e49491-efde-4bca-9057-adc89c476ed4/DropMyRights.msi

Unfortunately, MS's instructions in using this have disappeared.

I'd enjoy it if you'd care to outline any other steps you take, the_Monk.

I've gone years without a virus attack using the regular admin mode while using free AV programs. Why are you guys so overly protective?

Obviously setting up a limited user account is the big one but there are (as mentioned) a few other things I like to do to "tighten" things up a bit more.

1.  As I mentioned above, I also cripple the browser for any "default browsing sessions" (when I just browse the internet for who knows what).  What I mean by that is.  Eventhough some websites might not display completely or correctly I keep most active X, and browser scripting controls set to DISABLED unless I know I will need them for a specific website.  Of course this may be a bit more complicated to explain to others since most people don't even know what most of those "settings" actually do.  I could (and maybe someday will) write a paper on why and how one can have a browser configured for different things. 

If I'm just "surfing" (ie. looking for info etc.) I browse with browser settings that have the bare minimum of settings enabled to still let me browse and look for what I need.  This of course turns many websites into text-only experiences since much of the content surrounding the "body" of websites is active and will (with my default settings) be ignored.

For websites (that I trust) and know I need to have certain things enabled I will have a different browser configuration which enables SOME not all of those active and scripting settings I was talking about.  I don't think I've used a browser with all settings default/enabled in years (no real need).

2.  The local security policy is a goldmine of system-wide security settings (too many to go through in just a forum post).  If I ever do write up something with regard to in-depth browser understanding/config I will include a seperate section on the local security policy.  Suffice it to say you can limit account actions even further in said policy, set many default OS behaviour settings and restrict priviledge access locally and remotely.  I think if more people had a good grasp on the things I've mentioned we would see a HUGE decline in malware being effective.

...all I have to say to you is you've been lucky.

EDIT: I'm the guy my clients come to to prevent problems.  Before I was that guy, I was the guy people came to to solve their problems.  Believe me, while I've seen a lot I'm not naive enough to think I've seen it all so that might contribute to my being thought of as you put it "overly protective". 

Well in my defense I'm really careful online. I don't chalk it up to luck.

You can't say that.  Using an admin account to browse the web is foolish, period.  All it takes is a website you trust to get infected one day (even just for a few minutes while you happen to be there) and a compromised java, activeX or other control can make malicious changes to your browser/OS.  AV programs are frighteningly fallible.  To me it absolutely sounds like you've had one hell of a lucky streak!  Since none of my posts seem to be making any sense to you I guess just keep hoping that lucky-streak doesn't ever end......

I got a virus on a limited account. It broke through the Java updater, and I typed in my admin password in order to update. I got a fake AV and everything.

I had to wipe my comp and reinstall the operating system, all because of something I trusted. Now I won't allow anything to auto-update and I go to the site to download a new update every time it matters.

Well this is why I backup my data every month. All I need to do is reinstall the OS if I suffered an attack. Yes i realize that nothing is 100 percent safe in this world and I thank you.

@KrdaxDrkrun,

....like I said above.  There are additional things I do besides just using a limited account.  Check out the many things you can do/restrict with your systems local security policy.

On professional versions of Microsoft's OS'es look for it under Control Panel > Settings > Security > Administrative Tools (there you can find other things as well like the ADVANCED windows firewall configuration etc.)

Or open the "run" window and type secpol.msc for the Local Security Policy alone.

the_Monk - figured as much.

I use Comodo Dragon Chrome, and browse through Comodo's proxy IP... I'm not trackable from the cookie point of view, and will set up a User Account. Ought to stand me in good stead.

I'll never use anything than Firefox. I got hooked on the extensions I use.

the_Monk,

While your method of surfing the net with a limited user account is safer than with an admin account, the safest way to surf is with a Virtual PC.

It's hard to be infected if you don't allow the changes to be saved to your session