Is This Too Much Security?

Well if you really want to find out just run them both but dont be suprised when your browsing comes to crawl.IMHO its doesn't mean better protection either.I have tried both together in the past and was not a enjoyable browsing experience.

 

From that list Sandboxie would be the only thing I'd keep. Security suites are too bulky for my taste.

Comodo FW/D+ - If you want HIPS
LooknStop - If you don't want HIPS
Panda Cloud - If you want a real-time AV
Macrium Reflect Free - Imaging
MBAM - The free version, on demand only
Hitman Pro - On Demand

... you're good to go, and your puter can breathe again.

 

Dont you feel it.If he removed 1 or more he just may qualify for a part in finally fast.com

 

Your probably right.

 

For my money (literally) MBAM pays its own way, and then some.
It is among the elite 3 or 4 programs in the MRG Flash tests.
Some Wilders members choose to run it alone with the likes of Sandboxie.
I certainly wouldn't be too quick to dismiss it.

The OP definitely has too many security apps.
He could pare it way down with just SBIE and a good AV like VIPRE.
Some would even argue against the need for an AV alongside SBIE
but for the traditionalists among us, AVs always seem to serve a valid purpose.

 

Absolutley agree.

 

I wouldn't use all that. I would remove Prevx and DefenseWall and use MBAM as on demand only.

 

I've heard several accounts of MBAM Pro causing conflicts with other real-time apps. That's what scares me off about it. I've never actually used it myself though.

My setup is so much snappier now without a resident AV. After 6 years uninfected, it'd be hard to justify going back now. No "listening" ports. No connections hanging after closing my browser. I actually feel safer now without one, like my attack surface has decreased.

But I'm still waiting for Sandboxie & Hitman Pro to combine forces and make the ultimate security app: a Sandboxie that automatically connects to that extensive cloud database to scan files when you go to unbox them. It would be the biggest security app to hit the market... ever, IMO. The 2 sides need to collaborate and get this thing going.

 

Pretty much sums up AVs IMO.

FWIW I have worked on dozens and dozens of computers with Norton or McAffee installed, and up to date, but that were seriously borked. Same would be true of any AV really, except those two have been in bed with the likes of Dell and HP for a long time, you see them more often.

AV is junk alone, simply junk. Thier intended purpose is long since gone. They try to catch up by creating "suites" with lots of features. The downfall to that scenario is quite simple - if you can exploit one product, game is over.

Using AV in conjunction with other tools (that means not using the AV "suite", but rather just the AV portion) gives you a tool that still serves one purpose, but you don't put all your eggs in one basket, instead using a couple other tools with it.

Just my outlook on things, and not right or wrong. I have had my fill with "fixing" computers that had AVs on them. The few people who actually take my advice and use SBIE, fixing those is simple - just delete the sandbox. Actually, truth be told, almost any user I have helped that has not relied on AV as thier protection has been better off. These experiences have more than convinced me that an AV is just not the answer. It is also why I haven't used one for a long time now.

For those who just like AV or don't want to learn a lot to stop using them, then at least use the AV as only one part of the security, not the whole thing.

Sul.

 

If you add a few more you can completely fill your HD:-that way you'll have no room for any malware to install!

 

@Sul,

And yet so many users, even sandboxie/dw users, use an on demand scanner.

AV's are the only products that can give you a definitive "YEah, this is a known malicious file" answer. There's a much smaller grey area with them than, say,DW, which sandboxes indiscriminately.

 

exactly

 

I hope that will never happen.
Those are my last resource programs, I don't want them together.

Stop being silly.

 

Well, IMO there is nothing really wrong with using scanner or AV, as long as one realizes that they are dependent upon a "list" of things to watch for. It isn't that they don't do what they are designed to do, it is just that many use them as thier only means of security, and they are using something that is "reactive" to the issues rather than "proactive".

If people I help are not up to going without an AV, by using other methods, then I tell them they should use an AV, however, I try to explain to them that they WILL have problems if that is all they are going to use. In some cases it is better than nothing, but the AV itself is broke because if you don't get the definition for the latest virii/etc soon enough, then you have no protection at all.

It is confusing to me why they still push a lie. Security does not lie in scanning every file any longer, not since the internet became prolific. You can never keep up with that. Instead, security comes in a few other avenues IMO, some being virtualization, some being user restrictions, some other means as well, or a combo of them. It seems though that the average user has finally gotten the picture from 10 years ago, they need an AV. But, we are past that now, but much of what I hear is still AV, at least in averge joes vocabulary.

I guess if you don't know much, you better use an AV. Too bad it could cost you so much these days, in terms of $$ spent to remove problems AV cannot fully stop, or $$ for upgrades even that crooks try to sell you or software too. Cost factors such as loss of productivity not withstanding, let alone theft of data or worse, identity theft, a very real threat for those who know nothing.

I guess I preach a lot of NO AV stuff, although I realize not everyone is ready for that. Still, can't hurt to try I guess

Sul.

 

I think the vast majority of people "don't know much." They want a definitive answer.

IMO sandboxing itself is not enough. Try installing Sandboxie and then running every single application you install within sandbox. It won't work well. Same goes with DW.

You need some discrimination between files and that's really what an AV tries to do.

 

This is my approach: containment > permissions > white listing > blacklisting (by allowing only what's white listed and antimalware scanning)

Containment alone won't work. Permissions alone won't work. White listing alone won't work. Blacklisting alone won't work. Imaging alone won't work either.

All that together will work 99%. The other 1%? Drink a bear and if you do no home banking, no worries.

 

I would call containment and permissions the same thing.

I hate both whitelists and blacklists. Whitelists rely on trusting someone or trusting your self to decide when an application is good. Blacklists rely on someone else's ability to find all of the malware out there.

 

That depends on how one sees it. Sandboxie is all about containment, but one can also tighten it by taken away permissions, allowed by default (within the sandboxes). Which is why I like to see it as containment > permissions.

Moments ago you said...

and...

This is blacklisting, isn't it? You're hard to please, dude.

 

Let's not forget while we're talking about containment and whitelisting and blacklisting, etc, that whatever malware manages to slip through those cracks still has to find YOU... or to put it another way, you still have to find IT.

On top of that, timing is involved, like with zero-day stuff. Or even when you decide to visit a particular site.

If you're not on your computer when the malware is being served up, or you're not going to the particular hacked site, you're none the worse off.

Point I'm trying to make is that when identifying security lapses, it's still not a given that you are gonna get infected. Other things also have to line up, or take place, for it to occur.

 

All containment is a matter of permissions. Read access to one area but only write access to the virtualized area. No internet access - permissions/ containment. That's all I mean.

Not quite blacklisting. When I think of blacklisting I think of a list of files to be considered "bad." You don't need a list to make distinctions between good and bad.

@PPage

Definitely.

 

Thank you all for your suggestions. I will follow up by removing:

1. Prevx, and
2. Sandboxie

Thank you again.

 

You have so much that it's running you.

 

I think, you just need NIS 2012.Nothing more than that.

 

Is going without an AV riding "bareback" or is only using an AV riding "bareback"? So hard to tell

Sul.