Is Comodo Firewall with Defense+ HIPS overkill for my current setup?

Title says it all, my current setup is in my signature.

Let me hear your opinions.

 

Looking at your setup I'd say it's well balanced personally.

 

SandboxIE

 

IMHO you don't need Comodo.

 

I'd run Avira and Prevx, or Prevx and Comodo (with AV). Not all three.

Depends if you've paid for prevx full version. If just trial, keep all three.

 

I just dumped Comodo, it was slowing down my internet browsing and causing necessary issues. I'm not running Avira Premium, and Prevx Edge 3.0(Paid) even though I got a 1 year license for free.

 

Sounds like you may have had some kind of conflict. Comodo shouldn't give you noticeable internet browsing slowdown.

 

That's my current setup (AntiVir, Prevx, Comodo.) I think Comodo complements Prevx because it's a different kind of HIPS. If Comodo's AV gets better, I might drop AntiVir.

 

Either way, I'll have a low cost setup with lots of security.

 

One more thing: do you recommend AntiVir without the web scanner? I have two other security programs that could catch things. I think Defense+'s heuristic is underrated - often it will pick out malware when executed.

 

stopping it before it touches my system is preferred to me instead of giving it the time to get onto my comp THEN get deleted.

 

Aslong as an AV is watching RAM (Memory) & Hard Drive, you do not need the extra burden of a "web shield" or other components.

Cheers,
Josh

 

Could you provide more information on malware that only resides on the memory?

Thanks

 

Some malware is not caught when downloaded. But when it's executed, It will be caught in memory!

I'm giving CIS as an example for the AV Part: Currently, v3.9 has on-access (That is quite fast and efficient) that watches both Hard Drive, And thanks to the integration of the Memory Scanner (BOClean in it), That watches the MEMORY side of things and off course BOClean Memory Scanner and CAV work together in harmony. You download a file, not detected, But once you execute it (run it), Memory Scanner will be there to zap it instantly.

So Theoretically, Memory Scanner is the LAST line of defense.

Cheers,
Josh

 

I mean info of specific malware which only resides on the memory.

 

u may consider it a burden until u get a piece of malware that the AV is having issues removing once its on the system which could have been stopped altogether by just using a webscanner to stop it from touching ur system in the first place...

 

Yup life is a whole lot easier to stop malware before it actually gets onto the hardrive.

CIS needs some work the way it sounds.

 

Polymorphic ones the current CAV engine might miss or any packed ones that any av engine misses will be caught in memory. Packed ones are hard to catch, once downloaded, but once executed it goes naked and memory scanner will detect it...

So Memory Scanner (Memory Protection) and watching Hard Drive are sufficient enough.

Cheers,
Josh

 

Do you have any names?
Thanks

 

im pretty sure most AV's will catch something once its executed and in memory as well...

 

Personally I think you would be fine as you are.

 

It is much safer to have a HIPS to prevent it from being executed in the first place.

relying on AV's to catch something after its been executed and running in memory is a bad strategy.