Title says it all, my current setup is in my signature.

Let me hear your opinions.

Looking at your setup I'd say it's well balanced personally.

-{ Quote: "There's always room for Sandboxie...if you were on 32-bit system. Otherwise looks like a decent setup to me." }-

SandboxIE :thumb:

IMHO you don't need Comodo.

I'd run Avira and Prevx, or Prevx and Comodo (with AV). Not all three.

Depends if you've paid for prevx full version. If just trial, keep all three.

I just dumped Comodo, it was slowing down my internet browsing and causing necessary issues. I'm not running Avira Premium, and Prevx Edge 3.0(Paid) even though I got a 1 year license for free. ;D

-{ Quote: "I just dumped Comodo, it was slowing down my internet browsing and causing necessary issues. I'm not running Avira Premium, and Prevx Edge 3.0(Paid) even though I got a 1 year license for free. ;D" }-

Sounds like you may have had some kind of conflict. Comodo shouldn't give you noticeable internet browsing slowdown.

That's my current setup (AntiVir, Prevx, Comodo.) I think Comodo complements Prevx because it's a different kind of HIPS. If Comodo's AV gets better, I might drop AntiVir.

-{ Quote: "I'm the other way round to you haha - if Avira's AV gets as light as Comodo's, then I might drop Comodo AV." }-

Either way, I'll have a low cost setup with lots of security. :)

-{ Quote: "Sounds good mate!" }-

One more thing: do you recommend AntiVir without the web scanner? I have two other security programs that could catch things. I think Defense+'s heuristic is underrated - often it will pick out malware when executed.

-{ Quote: "You don't need the web scanner. Antivir will pick it up when the "virus" enters your system anyway. It doesn't matter when exactly the virus is picked up, as long as it is picked up before doing any harm to your system. But that's my opinion.

And yes, Defense+ will pick up a lot of the malware out there anyway. You have to know what to block and what to allow sometimes though, thus the advantage of also having a black-listing component." }-

stopping it before it touches my system is preferred to me instead of giving it the time to get onto my comp THEN get deleted.

Aslong as an AV is watching RAM (Memory) & Hard Drive, you do not need the extra burden of a "web shield" or other components.

Cheers,
Josh

-{ Quote: "Aslong as an AV is watching RAM (Memory) & Hard Drive, you do not need the extra burden of a "web shield" or other components.

Cheers,
Josh" }-
Could you provide more information on malware that only resides on the memory?

Thanks

Some malware is not caught when downloaded. But when it's executed, It will be caught in memory!

I'm giving CIS as an example for the AV Part: Currently, v3.9 has on-access (That is quite fast and efficient) that watches both Hard Drive, And thanks to the integration of the Memory Scanner (BOClean in it), That watches the MEMORY side of things and off course BOClean Memory Scanner and CAV work together in harmony. You download a file, not detected, But once you execute it (run it), Memory Scanner will be there to zap it instantly.

So Theoretically, Memory Scanner is the LAST line of defense.

Cheers,
Josh

-{ Quote: "Some malware is not caught when downloaded. But when it's executed, It will be caught in memory!

I'm giving CIS as an example for the AV Part: Currently, v3.9 has on-access (That is quite fast and efficient) that watches both Hard Drive, And thanks to the integration of the Memory Scanner (BOClean in it), That watches the MEMORY side of things and off course BOClean Memory Scanner and CAV work together in harmony. You download a file, not detected, But once you execute it (run it), Memory Scanner will be there to zap it instantly.

So Theoretically, Memory Scanner is the LAST line of defense.

Cheers,
Josh" }-
I mean info of specific malware which only resides on the memory.

-{ Quote: "Aslong as an AV is watching RAM (Memory) & Hard Drive, you do not need the extra burden of a "web shield" or other components.

Cheers,
Josh" }-

u may consider it a burden until u get a piece of malware that the AV is having issues removing once its on the system which could have been stopped altogether by just using a webscanner to stop it from touching ur system in the first place...

-{ Quote: "u may consider it a burden until u get a piece of malware that the AV is having issues removing once its on the system which could have been stopped altogether by just using a webscanner to stop it from touching ur system in the first place..." }-

Yup life is a whole lot easier to stop malware before it actually gets onto the hardrive.

CIS needs some work the way it sounds.

-{ Quote: "I mean info of specific malware which only resides on the memory." }-

Polymorphic ones the current CAV engine might miss or any packed ones that any av engine misses will be caught in memory. Packed ones are hard to catch, once downloaded, but once executed it goes naked and memory scanner will detect it...

So Memory Scanner (Memory Protection) and watching Hard Drive are sufficient enough.

Cheers,
Josh

-{ Quote: "Polymorphic ones the current CAV engine might miss or any packed ones that any av engine misses will be caught in memory. Packed ones are hard to catch, once downloaded, but once executed it goes naked and memory scanner will detect it...

So Memory Scanner (Memory Protection) and watching Hard Drive are sufficient enough.

Cheers,
Josh" }-
Do you have any names?
Thanks

-{ Quote: "Polymorphic ones the current CAV engine might miss or any packed ones that any av engine misses will be caught in memory. Packed ones are hard to catch, once downloaded, but once executed it goes naked and memory scanner will detect it...

So Memory Scanner (Memory Protection) and watching Hard Drive are sufficient enough.

Cheers,
Josh" }-

im pretty sure most AV's will catch something once its executed and in memory as well...

Personally I think you would be fine as you are.

-{ Quote: "im pretty sure most AV's will catch something once its executed and in memory as well..." }-


It is much safer to have a HIPS to prevent it from being executed in the first place.

relying on AV's to catch something after its been executed and running in memory is a bad strategy.