Discussion in 'other anti-malware software' started by Metal425, May 2, 2009.
Title says it all, my current setup is in my signature.
Let me hear your opinions.
Looking at your setup I'd say it's well balanced personally.
IMHO you don't need Comodo.
I'd run Avira and Prevx, or Prevx and Comodo (with AV). Not all three.
Depends if you've paid for prevx full version. If just trial, keep all three.
I just dumped Comodo, it was slowing down my internet browsing and causing necessary issues. I'm not running Avira Premium, and Prevx Edge 3.0(Paid) even though I got a 1 year license for free.
Sounds like you may have had some kind of conflict. Comodo shouldn't give you noticeable internet browsing slowdown.
That's my current setup (AntiVir, Prevx, Comodo.) I think Comodo complements Prevx because it's a different kind of HIPS. If Comodo's AV gets better, I might drop AntiVir.
Either way, I'll have a low cost setup with lots of security.
One more thing: do you recommend AntiVir without the web scanner? I have two other security programs that could catch things. I think Defense+'s heuristic is underrated - often it will pick out malware when executed.
stopping it before it touches my system is preferred to me instead of giving it the time to get onto my comp THEN get deleted.
Aslong as an AV is watching RAM (Memory) & Hard Drive, you do not need the extra burden of a "web shield" or other components.
Could you provide more information on malware that only resides on the memory?
Some malware is not caught when downloaded. But when it's executed, It will be caught in memory!
I'm giving CIS as an example for the AV Part: Currently, v3.9 has on-access (That is quite fast and efficient) that watches both Hard Drive, And thanks to the integration of the Memory Scanner (BOClean in it), That watches the MEMORY side of things and off course BOClean Memory Scanner and CAV work together in harmony. You download a file, not detected, But once you execute it (run it), Memory Scanner will be there to zap it instantly.
So Theoretically, Memory Scanner is the LAST line of defense.
I mean info of specific malware which only resides on the memory.
u may consider it a burden until u get a piece of malware that the AV is having issues removing once its on the system which could have been stopped altogether by just using a webscanner to stop it from touching ur system in the first place...
Yup life is a whole lot easier to stop malware before it actually gets onto the hardrive.
CIS needs some work the way it sounds.
Polymorphic ones the current CAV engine might miss or any packed ones that any av engine misses will be caught in memory. Packed ones are hard to catch, once downloaded, but once executed it goes naked and memory scanner will detect it...
So Memory Scanner (Memory Protection) and watching Hard Drive are sufficient enough.
Do you have any names?
im pretty sure most AV's will catch something once its executed and in memory as well...
Personally I think you would be fine as you are.
It is much safer to have a HIPS to prevent it from being executed in the first place.
relying on AV's to catch something after its been executed and running in memory is a bad strategy.
Separate names with a comma.