Two antiviruses?

Discussion in 'other anti-virus software' started by the dummy, Nov 27, 2010.

Thread Status:
Not open for further replies.
  1. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    Running two (2) AVs (Real-Time) is not advisable due to System Resource and Compatibility issues.
    Running only one (1) Real-Time Application and as many Apps On-Demand is a fundamental principle.

    What experienced IT people do is a rare exception
    which should not be suggested to and followed by
    inexperienced Home PC users.
     
  2. IceCube1010

    IceCube1010 Registered Member

    Joined:
    Apr 26, 2008
    Posts:
    963
    Location:
    Earth
    You might be better with a layered approach than running 2 realtime AV's at the same time. Firewall/Sandbox/BB/Hips/AV.
    Ice
     
  3. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    226
    I think in 2010, the excuse of "lack of knowledge" is why you get infected is so 2005 thinking.

    With stealth download droppers, stealth i-Frame redirects with zero days coming from 1st tier websites, ANYONE even the "know it all Gods" of Wilders without virtualization or Returnil like programs that bring the OS back to known safe state will get pwned easily and it has nothing to do about safe browsing,

    It is now fact that it is safer to surf porn then world news and social news stories because of black-hat SEO. Who would of thunk.
     
  4. ALookingInView

    ALookingInView Registered Member

    Joined:
    Sep 14, 2009
    Posts:
    365
    Can't argue with the above post.

    Anyway, I think we've established that it's possible. And also not advisable.
     
  5. the dummy

    the dummy Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    71
    The dummy agrees.
     
  6. the dummy

    the dummy Registered Member

    Joined:
    Jun 6, 2010
    Posts:
    71
    The dummy agrees.
     
  7. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    -Edit-

    By the way, you could easily have MSE has the real-time AV and install avast! Free with only Behavior Shield (and Web Shield + Network Shield if you'd need it).
     
  8. culla

    culla Registered Member

    Joined:
    Aug 15, 2005
    Posts:
    504
    the problem with 2 av is if not properly tweaked is they both try to own the virus sending your cpu upto 110% crash loop for newbies :oops:

    i wouldn't use 2 if i used 1 :D
     
  9. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,642
    Location:
    Sneffels volcano
    PLEASE use just one AV.

    Please.
     
  10. atomomega

    atomomega Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    1,292
    I'm sorry but at least in my country:
    1) A high percentage of the population does not understand english. So you have average pc users randomly closing AV/FW warnings, either cause they consider them "annoying" (they don't even attempt to read what's it about) or they can't underdtand it (they at least attempt to understand but fail).
    2) There's a deep backlog regarding computer science in general, not to mention computer security specifically, therefore their knowledge about this matter reaches minus-zero levels.
    3) People are very used to get things without paying for them (cracks, keygens, leaked builds, stolen serials, etc...) so there's a large number of infections that come through malware-hosting websites.

    And all this still happens in 2010. So that "thinking" may be outdated in your country. But not in mine.
    Do YOU really feel like YOU can be easily infected? Neither do I.
    I think most of the wilders community have at least enough common sense.
     
    Last edited: Nov 30, 2010
  11. Blueshoes

    Blueshoes Registered Member

    Joined:
    Feb 13, 2010
    Posts:
    226
    Yes, I do think I could get infected easily. I have a job that lets me listen to podcasts almost all day long if I wanted. I get about 1- 2 hours a day of security podcasts. I listen to some gray hats, pentesters and security professors, the full range. Many shows have top experts in their field. The consensus is the AV industry is catching 70 to 75% of malware, with a one to two week time frame on getting new variants to sigs.

    At this point everyone is wide open for the zero days. I am on Macs most of the time with 3 other PC on my network. I have been pwned twice on the Mac and two other times I questioned behavior that I re-imaged twice. So for all intensive purpose, I would say I have been pwn 4 times just on a Mac that is suppose to be almost free of viruses but has very few trojans. All during this time I have had best of breed AV that warned me once. It is no longer script kiddies writing code. It is highly trained computer science major from the Ukraine and China that have the backing of multi million dollar organized crime syndicates with some have doctorates in computer science writing code. Most is automated. It is not 2005 anymore.
     
  12. Bambo

    Bambo Registered Member

    Joined:
    Dec 10, 2006
    Posts:
    194
    Dont believe all you hear or read. I have 100+ rss feeds from "security" world in Google Reader. Besides the real technical ones most is more infotainment than anything else. Remember most of those who produce such info make a living from it!

    Well, people are not wiser or more interested in basic security (besides turning off UAC) so why should risk lower? If it can go wrong it will go wrong still apply to millions of computers. Can´t really see much have changed, just new sources for distribution, more "web" and "social" angles to same old click, click, o_O? problem. When it comes to security industry there are always new buzzwords for whatever is hot this week. Industry has always been very keen on highlighting dangers, risk, the complicated world we live in, also dont you think of your children - theft of your money then! The more mysterious scenario is presented the better. Why do you think?

    I think you will find majority reasons for malware problems are trivial and to be expected. Take a look at those forums helping with removal. Have a tissue close by because it can be tough reading :) There are many more severe problems than dark invisible forces trying to infect computers. Basic ones too.

    That was opinion but what you said about MSE is not true. Microsoft most definitely do not say you can run 2 AVs. They are very specific about this. Not necessarily because it cant be done, or so I think. Their main user base will never ever be able or bothered to research setting up 2 AVs. Or much "additonal" stuff for that matter. Which is also why MSE is so simple. If they said hmmm, yes may be with X or Y IF you do this or that hell will break lose. I have not visited their forum for many months but when they released MSE this attitude was all over the place.
     
  13. delah

    delah Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    81
    Location:
    Ireland
    Two AV's realtime is asking for trouble but running any amount (I've done three and prevx) with only one file av realtime and proper exclusions is doable and safe.
    I have had Kaspersky, Avast and ESET at the same time (again, only 1 realtime av) and at one time with Out[post as firewall.
     
  14. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    Thats just a waste of disc space considering they all have extremely close detection rates. Do you have any data to back up that its safe or is that just an assumption because you didnt crash?
     
  15. delah

    delah Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    81
    Location:
    Ireland

    Hi whitedragon,

    Disk space isn't an issue really these days.

    I've ran a combo of the above for well on a year or so - I have images of my system with

    a) Kaspersky IS installed r/t
    b) above with ESET o/d
    c) both a & b above with Avast o/d
    d) a/b/c above with Outpost f/w

    and every combo imaginable of Kaspersky/Avast & Eset with Avast FW on or ESET FW on or Kspersky FW on and same with the r/t antiviruses on; either one of Avast, Kaspersky or ESET

    I've even ran the system like Kees' grandfather with ESET FW on without webscanning but with Kaspersky doing the web scanning.

    I've found that Kaspersky must be installed first, though with their tweak for skipping product checks you can install Kaspersky after the others.

    On my desktop I have found no slowdown or BSODS, maybe with the ESET FW on and r/t scanning on and Kaspersky web av on a tiny slowdown in opening webpages is all I've found.


    All the above was just to see if I could do it and I had licences for the above hanging around:)
    With precise exclusions in each application including system32/drivers for each app (klif.sys etc) I don't feel it is unsafe - you only ever have one r/t file av active.

    With all the above modular programs I can mix and match as much as possible including which I use as FW.
    I've only my own experience to say I have never had infection. It's basically having a r/t security program with two others as backup o/d.

    My next project is to go without any security apps and try Windows 7 bulit-in security features as per the excellent guides on this forum. Maybe supplement that with Avast as per Kees' posts making it the lowest overhead r/t av.
     
  16. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    Your beating around the bush. Disc space is and always will be an issue no matter how much you have.

    The top players share samples so their detection rates are within a few tenths of eachother percentage wise.

    Let's use peoples favorite argument against hem, resource usage. Half the people here complain about resource usage of one program let alone 3. Surely that increases the IO read and writes, CPU usage, and RAM usage to atleast 3x what it was with no gain what so ever.

    Now let me guess RAM usage doesn't matter either.

    I still havent seen any proof of 3 or (2 in the OP's case) actually increasing protection. Heck the claim your making and that Kees made about never getting infected has been done by people only running one av.
     
  17. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,770
    Location:
    New Mexico, USA
    I don't see the point of 2 antiviruses. If an av catches 92% of malware, why load up your PC to potentially catch 94% or 96%. I mean, we're talking theoretically of one finding 92 out of a 100 as opposed to 94 or 96 out of 100.

    Add Sandboxie and you've got them all. I can see using an on demand scanner, MBAM or Hitman Pro.

    This is the same mindset I've seen here and on other security sites over the years. Antivirus 'X' is the favored for months or a year. Then, antivirus 'Y' begins beating it and soon everyone is switching to AV 'Y.'

    Within a few more months, AV 'Z' aces out 'Y' and everyone moves to AV 'Z.'
    It's endless.

    I use AVAST free. If it doesn't score as high as Avira or couple of others, it's close. With Sandboxie and MBAM on demand, I've had nothing get by, the couple of times my computer has been infected in the last 19 yrs. I've had nothing get through since Sandboxie appeared a few years ago.
     
  18. delah

    delah Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    81
    Location:
    Ireland
    Disk space does not matter to me (it's negligible in this case)
    Nor does RAM - to me
    I have plenty of both.

    If I have one realtime av and two others as on demand what resources do you think that takes up?

    As for infections, I answered your question about 'how safe' it is to do what I do.

    I have multiple images of my desktop with various security apps loaded - it may be KIS I use alone or 10minutes re-imaging later it may be a combo of three. Or two.
     
  19. Bambo

    Bambo Registered Member

    Joined:
    Dec 10, 2006
    Posts:
    194
    I think it sounds interesting though I would not even try to match 2 suites or just 2 fat AVs. Requires too much fiddling about I think. Avast and MSE I would not have much trouble with, or did not have when I tried :)

    delah, one of the OH NO arguments is that regardless you have turned active protection off there are still drivers loaded which you have no idea how works. Neither has those who say 2 AV are disaster. So when you test a keygen.exe or whatever stuff will collide and computer blow up. That is what you must "prove" is BS. You do that on all the 1000s of different combinations which make up computers out there. Also 1000s of different infection types. Until then you are in violation with consensus.
     
  20. delah

    delah Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    81
    Location:
    Ireland

    Yes, I understand that Bambo. I'm saying what i have found with my setup.
    ekrn from ESET is loaded as is avastsvc when I have KIS as r/t and the other two as o/d.
    Not a bit of trouble..so far (I'll put that caveat in;)
    And yes, i've downloaded stuff that has infected exe's and no my computer hasn't blown up or as much as blinked - the threat is dealt with quietly and normally by my r/t. And if that doesn't catch it, my o/d scans with the other two have and again, no smoke from my machine.

    The key is thorough exclusions in all the security apps used down to system32/drivers such as klif.sys (Kasp), eamondrv.sys (ESET) etc

    I can only tell my own experiences.

    As I said previously, I am going to try barebones security as outlined on this forum by other members.
     
  21. Bambo

    Bambo Registered Member

    Joined:
    Dec 10, 2006
    Posts:
    194
    And as last test run without any protection, other than std. Windows :)

    Today you don´t hear that much about upgrading video drivers making computer go booom. Was certainly a higher risk in old days. Though more advanced may be AVs somehow are more lego software than several versions ago? They need to adjust to Vista and 7 so may be similar programs is piece of cake. Not sure that make sense, just something I thought about!

    Not really possible to follow the book if you buy license to for example Malwarebytes or PrevX. I bet you can find other 3rd party vendors who will highly recommend against such nonsense. I still think of MSE forum ;) Much has to do with marketing and being protective of course.
     
  22. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    I suppose your not aware or Windows Services. Just because they arent running doesnt mean they arent actually running. :rolleyes:
     
  23. delah

    delah Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    81
    Location:
    Ireland

    Yes . I am aware.

    What's the problem whitedragon?

    My system works perfectly well if I choose to have 1 r/t and 2 o/d running.
    Just what is the problem?? LOL

    The OP asked a question the answer to which is don't run more than 1 av in realtime - after that investigate away.
     
  24. delah

    delah Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    81
    Location:
    Ireland

    I enjoy messing about with security software when I have the time, so I'll take the chance.:) It's so easy to revert back within minutes if anything craps out.
    My proof is (as an ordinary enthusiast) proof enough for me.

    As for using various tricks with the built-in windows 7 security, I find that fascinating and will give it a go!

    Good luck!
     
  25. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,264
    Location:
    USA
    Ive already addressed this in my first post. Just because it works doesnt mean it should be done and that doesnt mean you know what its doing to your system behind the scenes.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.