You're probably right - but any security measure that overly-complex and irritating will eventually get turned off.

How many Vista users turned of UAC - or wished they could if they knew how?

How many people with a registry protection utility such as Tea Time managed to break half their applications by not allowing all the right things while allowing all the wrong things because it's all meaningless mumbo-jumbo to your average person?

We need two settings. Nanny and Expert. Expert should come with a health warning, and so should Nanny... for different reasons.

I especially like its ability to block parts of a page...

For example, PC Pro's site runs scripts from around 16 different domains, not just pcpro.co.uk. With NoScript, I only enable the sites I need / trust:

pcpro.co.uk (enabled)
doubleclick.net (disabled)
revsci.net (enabled - multimedia content)
googleapis.com (enabled, needed for some interactivity on the site)
scorecardreseach.com (disabled)
dl-rms.com (disabled)
dennis.co.uk (disabled)
icbdr.com (disabled)
creativemark.co.uk (disabled)
googlesyndication.com (disabled)
chartbeat.com (disabled)
tynt.com (disabled)
sharethis.com (disabled)
google-analytics.com (disabled)
google.com (enabled)

That is a lot of "hidden" scripts, which get executed, every time you call up the PC Pro home page!

Bingo!

What I'm after is an anti-script extension that runs like Ghostery - it blocks the crap without needing to be babysat and also without ruining your experience.

When you find it tell me I'd love to invest in it.

Some people will have diffrent definitions of "crap" e.g. on my NoScript on the PC Pro page, I only allow pcpro.co.uk from the list of Big_D.

I'd link to the PC Pro forum if it was still there. I forget who asked the question, but I correctly guessed that the reason they couldn't find the "positions vacant" link that used to be on the top left was because they had ad-block.

They did not think that a job prospect was "crap" while ad-block thought otherwise...

It's like spam filters. To me, the possibility of one single false positive makes them useless. What's the point if you have to check your spam every day "just in case" ?

Wow, how very embarrassing. For the first time in probably 10 years, one got me!

It was an infected mp4 file which I played in Media Player Home Cinema. It was not from a trusted source (far from it!) but I thought that the format was safe enough, and I trusted the player which I updated only a couple of days ago. It turns out, looking at the file header it is actually an FLV flash file. I don't know how MPC handles this, but clearly not in a safe way!

Rather than looping at the end of the video, the PC froze for a second and I was then bombarded with about a dozen very convincing Windows message boxes saying "Windows has detected a problem with your hard disk. Scan now or reboot". I closed these via the task bar rather than clicking on them.

It then opened another app which was obviously fake, purporting to be "System Scan".

I rebooted into safe mode without networking, and deleted a couple of executable files from the temp folder. These had random names, and one of them had been given a shortcut on Quicklaunch called System Scan.

However, it was far too late. I had a Trojan which had trashed my profile, deleted my startup menu, prevented task manager from opening and most important of all:

Installed a fake DNS resolver into the Winsock stack.

This was redirecting all internet traffic to money-making spam sites. It was probably stealing bank logins and who knows what.

Long story short, I'll be backing up a few files and then wiping the disk. It's taken me two hours just to get rid of the thing and back on line. The main step was to run netsh winsock reset to get rid of the DNS problem.

I run the latest Adaware which failed to find it. The on-line virus scanners from 3 different providers failed to find it. Microsoft Malicious Thingy Scanner succeeded. Says a lot for paid for virus protection...