I used to be almost religious about PC online security. Probably to the point of being very annoying, such a proselytizer I was. I always had what I researched to be the best AV, AS, and FW available installed and setup carefully. Built a regular cocoon around my PC, I thought! But my stance on this has definitely weakened considerably over the past year, year and a half. And I'm still not certain if I am OK with this, or if I am just being overly sloppy about it.
Currently I am using NOD32 V2.7, though I might upgrade to 3 shortly. (V 3 was released to much woe over at Wilders Security forums; seems it was fairly buggy and also quite a bit more restrictive than 2.7 - which I find to be too restrictive myself at times. I cannot keep most Nirsoft applications on my machine because, even with them listed under "Exclusions", NOD32 eats them up. Three years I have been imploring them to stop quarantining Nir's programs to no avail.
)
My most recent Anti-Spyware and Firewall respectively were Sunbelt's Counterspy 2 and their update of the Kerio Personal Firewall. Counterspy, while receiving rave reviews, can act up annoyingly much too often. I corresponded with Eric Howe many times about this, and he even agreed with some of my points, but alas it remains that way! It often goes "red" in my systray, meaning that it is no longer actively scanning in the background. Not supposed to do that, of course, and it was an early issue with C-Spy 2, but they claim to have that fixed - for the most part! Still does it with me. I had three paid licenses for it, and I let all lapse. Other bugs that drove me crazy - and it eats programs without me setting it up to so so. This is my main problem with many security apps today: Even if not configured to be overly aggressive, they have code in them which seems to be designed to secure my PC against all potential items the developers deem to be dangerous - even against my own wishes. It is "hurting me for my own good"!! Or at least that is how the developers seem to see it. If I cannot configure annoying behavior - protection I feel is too extreme - to not occur, then I do not want it on my machine. Simple as that!
The Sunbelt Personal Firewall - which still carried the "Kerio" name at first; I purchased three licenses for that, also - was a real mess when they first acquired it and performed their first "upgrade". It completely hosed my Hosts file, would change settings affecting my home network on its own, and would occasionally seem to not be there at all, and then suddenly wake up and start grabbing files all over my PC, labeling them potentially dangerous. Me? I just want a firewall to prevent port traffic and alert me so I can make a decision as to whether or not I wish to allow the program or process to have access to that port. I do not want it to start grabbing files and playing keep-away with them!!
When that first upgrade was admitted (by Sunbelt Support) to be thoroughly borked, they allowed me to place my licenses in "suspension" until they released their much-ballyhooed V. 2 of the firewall. This was going to happen "soon", and would be a true Sunbelt design, rather than a worked-over "amateurish program" that they inherited from Kerio. (Their words, not mine!). Turned out to be eight months!! When released I said I would give it a good ride and see how I liked it. My licenses were finally activated again. Lo and behold, this version was buggier than any PC security product I had ever tried! Caused full BSOD crashes regularly - and I had never seen a firewall do that!! After quite a bit of testing and corresponding - with log files mostly - with Sunbelt engineers, I gave up. After a good old, Howard Dean-ish primal scream, I told Sunbelt that a year and four months was too much time for me to agonize over a firewall. I removed all from my PC's. And I have not replaced it - nor C-Spy 2 - yet.
I do have SpywareBlaster setup on my PCs, and I run good old Spybot S&D, but not actively scanning. I just run scans weekly with it. no firewall at all; I am running behind a Linksys router, though, with SPI, so I am using a firewall of sorts. And I am running NOD32, which updates definitions hourly, believe it or not.
As for how I have fared, security/malware-wise, I had what I suspect was an infection - regular virus - in 1998 or 1999. I was (blush) running AOL for a very short time - I was really low on funds and I used one of the 800 bazillion free disks that gave me - I think - two or three months of free AOL! And I had a sudden slowdown that eventually was reported to all AOL users - it was actually introduced to users, accidentally, by AOL themselves. Norton did find it and after much angst, removed it. (Remember way back then when NAV was actually a highly respected AV product?!) And last year Counterspy insisted I was infected with the Grozodon trojan. After three days of pure hell trying to catch and remove it, it was finally announced as a big "Oops" by Sunbelt - false positive which they denied vehemently at first. Other than that one AOL job and a Couterspy false positive, I have never been infected with any malware. Part caution, part luck I'm sure.
But until I see a more pressing need, I will stay as I am and not install anymore AS or FW products. (BTW, I DO run a rootkit detector every two weeks as a precaution, because they can infect like no other malware - and come from a seemingly reputable company - and not give any indication of infection till waaay after the fact!).
Jim
