Is it paranoid to run two resident AT programs ?

Discussion in 'other anti-trojan software' started by brjoon1021, Dec 2, 2005.

Thread Status:
Not open for further replies.
  1. brjoon1021

    brjoon1021 Registered Member

    Joined:
    Aug 10, 2005
    Posts:
    143
    I don't want to go overboard. My latest fixation is security software and tightening up my Computer. I bet you know what I mean.

    I have XP Home SP2
    Firefox, Opera, Avant
    Spyware Guard
    Spyware Blaster
    BOClean
    avast! with: Network, web, P2P, Standard, E-mail shields running
    Microsoft Antispyware real-time
    Spybot Immunize real-time
    Kerio 4.2 with BZ ruleset
    A2 free for on demand
    Spybot free
    Ad Aware free

    I may install Ewido or Trojan Hunter real-time to run with BOClean if it is of any real benefit. I don't surf porn. I am pretty safe, I think.

    It might be smart to install Ewido and Trojan Hunter to have a couple more on-demand scanners. Does Trojan Hunter allow you to keep it for free (but not real-time) after the trial period ends ?

    What do you think ? I went with BOClean mostly because of free updating / upgrading and no annual expense like ewido has.
     
  2. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Two AT scanners in real-time would be overboard.
    No real benefit, IMO, particularly if you are a safe surfer.
    No you have to buy or uninstall TH after the trial period. No FREE version here.
    Just run BOClean and Avast in real time and then use the free A2 and Ewido for regular on-demand trojan scanning.
     
  3. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    I agree with Blackcat, no real benefit, even if BOClean and Ewido actually will run in real-time without issue's, at least they have when i have tried this just for the hell of it. Perhaps you should consider a HIPS of some sort instead.:)
     
  4. interesting

    interesting Guest

    interesting question, given that in the past you have asked about running two resident AVs and before that two resident firewalls. :)
     
  5. brjoon1021

    brjoon1021 Registered Member

    Joined:
    Aug 10, 2005
    Posts:
    143
    actually, I never asked about or considered running two firewalls, but two AV seemed like a bright idea until was told about the havoc that could be caused by doing so.

    I just installed ewido to run on-demand. That pretty much sums it up.
     
  6. interesting

    interesting Guest

    My bad, you didn't ask because you already run two firewalls (smart guy). A hardware router and a software one.

    Are you intending to ask the questions, is it paranoid to run two resident AS (antispyware) programs? is it paranoid to run two resident registry monitors, two
    HIPS, etc.

    I think it's interesting that while most people are against running two antivirus resident memory,they do not blink an eye if you run several overlapping so called HIPS.
     
  7. brjoon1021

    brjoon1021 Registered Member

    Joined:
    Aug 10, 2005
    Posts:
    143
    I was just wondering because I run avast! real-time which I believe has not been one of the stronger AV solutions against Trojans. I also run BOClean which according to this site-

    http://www.anti-trojan-software-reviews.com/index.htm

    -is only "OK". I don't know how to take reviews, sometimes they are worthless.
    Anyways... I was wondering if I was open to Trojan infestation at present so I considering adding another real-time AT. That is why I posted. Similarly, I wondered if two free AV like avast! and Antivir or AVG would be a good idea. You guys shot that one down pretty fast.

    I don't know enough to properly run a Process Guard, antihook or that type of thing in my estimation so I need to be pretty strong about keeping infestations from occuring through AT, AV, firewall, etc...
     
  8. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    BOClean is one of the top AT's together with TrojanHunter and Ewido. Together with a properly configured firewall and a fully patched OS, this should be a good layered defense against trojans.

    The site you listed used a very small sample for testing and therefore its results should be viewed with caution.

    If you are a newbie to security the temptation is to overload your defenses which may lead to conflicts and therefore slowdowns on your system. In particular you need to be careful in what you use in real-time.

    Take a look at these posts which may be of help;

    Blue's excellent posts here and here. Also take a look here and here.
     
  9. Wolfe

    Wolfe Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    160
    Ditching avast! and replacing it with either NOD32 or KAV (apart from well configured firewall plus router) besides having BOClean running would be sufficient for an average user in my humble opinion.
     
  10. santaclaws

    santaclaws Guest


    You could run more than one AV, but you just can't run them resident. You should run only one AV resident and only run manual scans with any other AVs. But shut down the realtime protection on your main resident AV first before you run any manual scans with the others.

    It is probably not a good idea for a newbie to have more than one AV installed on their computer though because it can take some configuring to make sure only one of your AVs is actually running resident and the others are completely disabled from doing so.

    So the same thing goes for ATs. Just run one resident and the others for manual backup scans only.

    Of course this does not mean you can have more than one software firewall installed. Only one software firewall should be installed at any time on your computer.
     
  11. I simulaneously run the following AT's:

    Ewido (active protection)
    Ad-Aware Plus
    Pest Patrol
    SpywareGuard
    Microsoft AS
    WinPatrol Plus

    in addition to my AV and some other passive measures. I notice no slow down or conflicts.

    But with all of that running (with McAffee and passive measures), I still get crap on my computer......but I'm a high risk surfer.

    The only measure I've found that totally protects me during high risk surfing is an individual copy of GreenBorder. It stops everything dead. But there is a downside to GreenBorder too...
     
  12. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Well the only one out of that lot that is an AT(Anti-trojan) is Ewido. The rest are Anti-spyware application's. I think if you hardened your browser and used a HIPS application then you would pretty much stop getting "crap on your computer", to use your phrase.

    muf
     
  13. Mike_2005-WSF

    Mike_2005-WSF Registered Member

    Joined:
    Dec 10, 2005
    Posts:
    2
    I myself use more than 1 AT.

    2 AV's KAV2006v241/NOD32 (Heuristics & Signatures) along with the following AT's BoClean420/TrojanHunter42/Ewido35/*TDS-3 (*"Worth every penny for the tools included in the package") exec protection as background service.

    I also keep various other non resident programs.

    Running these various scanners all at once, never has given me a problem of any kind. The compatibility of all these apps together works without flaws, except for a few very minor inconveniences.

    Problems you may experience:

    The only thing I have noticed in the new version is BoClean420 scans are longer than v412.002 was. When listening to music or watching a DVD on the PC. It appears to take longer to open apps and files than v412 did.

    Tested also with BoClean 420 as only HKLM run app - no difference

    I'm just putting this here incase people were curious about AV compatibility and peformance hits.

    KAV2006 doesn't like NOD32 so when you update the version you have to first uninstall NOD, Install KAV, Reinstall NOD. I hope it isn't this way in the official release. Their is actually no conflicts between the two whatsoever.I don't know if is done on purpose, but it makes me seriously question my decision about "EVER" purchasing the official release. (3 reboots vs what should be 1 and reconfiguration of 2 products)

    KAV is slow at starting up , but once its going the resources used are unnoticeable. After the desktop loads my system runs great... with 2 AV's and 4 AT's running at the same time. Even online gaming with all these apps has no performance hit.

    Tested as the only HKLM run app - Same loading speed problem
    ------------------------------------------------------------------------------------------------------------
    If they all work great and your system runs at an acceptable level whats the harm in having more protection and backup programs.
    I would say no because, one of those programs just might catch what another one missed.

    This just my thoughts about XP security when doing some purchases from TigerDirect/NewEgg/Amazon/Ebay along with various other merchants online...
     
  14. Frank the Perv

    Frank the Perv Banned

    Joined:
    Dec 16, 2005
    Posts:
    882
    Location:
    Virginia, USA
    I guess I'm not that clear on the difference between AS and AT's.

    PestPatrol says this: Is it not an AT?

    Extensive Pest Database - Our industry-leading spyware research team monitors global Internet traffic to identify and protect you from all of the major spyware threats:

    Spyware – discloses your personal information to third parties

    Adware – displays unwanted advertising and slows your PC to a crawl

    Keyloggers – steal your passwords and other confidential data by recording your keystrokes

    Browser Hijackers – change your homepage and search results to lead you toward certain websites and deny you access to others

    Remote Access Trojans (RATs) – enable attackers to control your PC from a remote location​
     
  15. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    And the original poster thought he was paranoid running 2 AT's in real-time!!!!

    4 is definitely overkill. Try disabling some of the running Guards and see how much faster your computer becomes, even with a very powerful system.

    The fun will start when the different AV's/AT's fight over malware.

    Not recommended for newbies and you could have a much better layered defence as outlined by muf.
     
  16. interesting

    interesting Guest

    Well, if people can run multiple HIPS programs, I don't see why they can't run multiple AT/AV guards. :)

    Okay I'm joking. That's a completely different thing.
     
  17. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    One resident real-time Trojan monitor is enough...;) some even don't use any resident Trojan monitor in their pc. Avast WebScanner and NetWork Shield I think also can detects some Trojans. BoClean was very effective in doing its job as a resident Trojan monitor.

    Better have an additional on-demand only Trojan scanners rather than adding more real-time monitors that can only slows down the system. :)
     
  18. brjoon1021

    brjoon1021 Registered Member

    Joined:
    Aug 10, 2005
    Posts:
    143
    http://www.theinquirer.net/?article=28590
    http://www.f-secure.com/weblog/

    Are these threats likely to be a real problem ? If so, and with such exploits readily available to the reprobates that write this stuff, are two real-time AT scanners such a bad idea ? I wish that there were good independent reviews on the web trying the scanners. I use BOClean because of this forum, and this formums advice only. I don't see much mention of it anywhere else on the web or other forums. I am just hoping that it was the right choice. I am still tempted to install Trojan Hunter or another scanner for real-time.

    I also run avast home and the Microsoft antispyware live.
     
  19. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    brjoon1021,

    AT's are like AV's - lots of options and lots of variability among the options. BOClean and Trojan Hunter are both excellent options, both have satisfied users, both have advocates. As with AV's, you could probably juggle these two for the next few months and be in the same place as today.

    From a protection point of view, I'd guess (I say guess since I don't have numbers to back it up) that a decision between these two products is a case of minor differences. So, in my own case, it would be due to secondary features -system impact on my PC (resource drain), are there conflicts with other products, frequency false positives, how the user interface connects to me, license structure, and so on. For me, being able to install BOClean on mutliple computers on a typical (under 5) home network using a single consumer license was the clincher. I have 5 home PC's and, to be strictly within the license, I do have two licenses. If you are looking for covering a single PC, what clinched it for me is certainly not germane to you at this time, it may be in the future, or perhaps it never will be. And so it is with many points on which we all make our purchase decisions.

    I'd say - if in doubt, try to either remove the doubt or to provide the push to go with the better solution for you.

    Blue
     
Thread Status:
Not open for further replies.