Layering Question

I've been a fan of Spyware Terminator for awhile. Do you guys think it's safe to run both Mcafee Antispyware Enterprise and Spyware Terminator in real time on the same computer?

 

It possible they wont conflict, but I would stick to running only one.

 

Hello,
Two AS programs is not layering.
Layering means covering different vectors of attack. In your case, the two progams cover only one.
Mrk

 

I know what layering is, I was just trying to think of a title that wasn't long. That aside, being how AS programs are generally just blacklist applications. Running two could potentially offer more protection than just one, assuming that they don't interfere with each other. I'm actually curious, in what way would these two mentioned programs actually interfere with each other? Not just the general "running two is bad" answer, but an actual specific reason. Thanks.

 

Can't offer a detailed or technical explanation- just don't know enough- but in general terms, running two of the same type of application is only (possibly) going to offer better protection if (1) the databases of the two applications don't share most of the items (unlikely) and (2) they won't interfere with each other should something nasty be found. This is fairly likely. Scenario: nastymalware.exe is detectable by both applications. It tries to run. Application A and B both detect it, almost simultaneously, in that order. Application A locks the malware's process at the same time as application B also tries to delete it, but can't, because it is locked. Worst case scenario, computer freezes, only way out is to reboot, nastymalware.exe installs and runs it's payload before your security programs can act during startup.
I believe this is (at least in part) what is meant when more knowledgeable folk say things like "ironically, running two may leave you less protected". (No doubt there are permutations, and the example might not be accurate, but I think the general idea is about right.)
Given that it's far too labour intensive to manually edit each database for overlaps following each definition update, you're far better off choosing one and sticking with it.
That one might be one that has the more complete defs, and/or has a better cleaning ability, and/or has better features or support, etc. (ST has a form of behaviour blocker, for example.)
You choose.

 

targ57 That was a excellent answer and advice, sounds like you do know enough.

 

Thank you for a detailed answer. I'll use ST as an on-demand scanner only.

 

Which might lead to your next question: What application would you choose for a demand anti malware scanner?
(I used to be quite a fan of SpywareTerminator, too.)

djohn, thanks for the kind words.

 

If your using Sandboxie with your internet facing applications, then you shouldn't have to worry about spyware/adwares unless you download something and recover it from the sandbox. Then you could scan the download on-demand/manually before executing the download. Also, always download from a reputable source.

It isn't about the amount of layers you have that protects you, it's more about understanding your programs and the protections they provide as well as the 'realistic threats' that are out there. It also important to take into consideration your daily habits as well as those that use your machine/s. Also, keep your important programs (Java, Flash, Windows, media players etc.) up to date. See the link in my sig. to see if your up to date. A Java spyware exploit can't install while browsing if Java is up to date and has the exploit patched .

Theoretically, you would be fine with Comodo, a free AV and Sandboxie depending on your knowledge and habits. If you do dangerous things, then a light virtualization application could help. For scanning downloads, your AV and 2 anti-spyware/malwares would be more than enough. You could also upload the file to Virustotal or Jotti to scan things you are unsure of.

I hope this helps and I hope I was accurate.