New thought for a/v choice

Ive decided to add mse to my layered protection plan, and this is why.
1 built to work best with win 7 64 , and ie9.
2 easy to update
3 i run sandboxie and returnil anyways, so who cares what a/v, firewall or browser is being used, since not much is going to get by.
So does anybody see any flaws in this logic?

 

1 AV
2 AV's
10 real-time anti-malware tools
no AV
Windows 95

w/e floats your boat.

 

I agree People have different ideas about what they think is safe and stable security setup for their particular situation.

 

I agree that MSE, Returnil, and Sandboxie, plus Windows 7 Firewall is a good strong setup.

Real-time AV protection can make a useful contribution as an additional security layer. Virtualisation on its own does not provide protection against the damage that malware can do while it is running within the virtual environment. Virtualisation alone cannot guard against identity theft, phishing websites, stealing of confidential data, etc. Any AV with decent detection rates such as MSE will suffice.

You may need to turn off Returnil's Virus Guard in order to avoid any potential conflicts from running two AV's in real-time but you will need to experiment to see what works.

Policy restriction is also important. To this end, Sandboxie can be used to control what programs can run or access the Internet within the sandbox, and to lock down access to your private data while browsing the web. Returnil also has a good anti-execute feature.

 

See my sig for details.

Id personally not even run an AV considering your OS is virtualized and your browser is sandboxed. Id be more concerned with a keylogger. Hence the reason I use Spyshelter Premium. As soon as you empty the Sandbox your clear, what protects you if there is a keylogger running in the sandbox and MSE doesnt detect it? Your still screwed for lack of a better term.

 

+1.

Infection is inconvenient. Keylogger is disasterous.

 

If I'm not mistaken, SBIE can protect against a keylogger if you have the Drop Rights option checked. However, this is not on by default.
Ice

 

http://www.sandboxie.com/index.php?DetectingKeyLoggers

So you can infact get infected and if you dont empty the contents your done for.

 

Yes, I forgot to mention I delete the contents when I close the browser. But usually a keylogger would want to install itself inside a sandboxed browser. I thought the Drop rights would prevent this.

Ice

 

I agree that protection against keylogging is important, which is why it's a good idea to use Sandboxie's policy restriction features to control what gets to run in the sandbox and access the Internet, and to lock down access to personal data, etc.

Personal firewall (with outbound application filtering enabled), anti-malware, anti-executable software, etc, can all have a complementary role to play in situations where a keylogger or other malware may already be installed and running outside of the sandbox.

Light virtualisation software such as Returnil may contain the infection (if virtual mode is enabled) but it won't prevent all of the damage the malware may do while it is running. There are also a very few classes of malware that are capable of bypassing Returnil, which is partly why Virus Guard was added but I imagine that a good third-party AV such as MSE would do just as well.

My own personal preference is for a multi-layered approach but, as always, each person has to decide what suits their situation best, based their own individual assessment of need and risk.