Which AVs are you running together?

Perhaps I exaggerated for effect and was overly dramatic? Or just being silly about MBAM and Defender feeling heavy, since things didn't seem to be progressing in this thread. But to state it plainly, I agree with you, the less real-time AV running the better, so I don't really have much to contribute here about running two at the same time. I'm headed the other direction, trying to get it down to none. I'd have MBAM set to on-demand if I could figure out what to do about my one vulnerability with Sandboxie: downloaded files.

 

If you have sandboxie set up properly I really see no reason for MBAM.

As for downloaded files, why not simply create a generic sandbox that you run them in?

 

The problem is I download lots of files every day, of all sorts, just about always from sites that are trustworthy, but still something could slip by. Most of the files are add-ons for a flight simulator (new planes, airports, liveries for planes), or games, or security software or other Windows utilities I'm trying. To have to manually check each one would be a pain.

 

Have MBAM in realtime but exclude every folder except for downloads? =p

 

Good research!

 

I used to run Avira & BOClean together on 98SE. For those that don't know, BOClean started out as one, if not the first, Anti Trojan solution in 1999 http://knosproject.com/aboutuscge.html It evolved into more than just an AT, detecting/protecting against All manner of nasties.

It was Designed to run alongside AV's without conflict, which i can happily attest to, having purposefully allowed MANY nasties to run in order to test both This was years before i had ShadowDefender or anything similar More often than not but not always, especially with the early Rootkits & rare nasties, both would detect the same nasties, & i would let BOClean deal with them first as it had a better clean up algorithm, then use Avira for a second opinion etc after rebooting.

I NEVER experienced Any conflicts with this arrangement, as both complimented each other extremely well. BOClean unfortunately is no more so we can't use it now

Other Apps have since appeared that are also Designed to work together with our AV's, such as Prevx/WAS & MBAM, that have been mentioned already. Also other AT's & AntiSpyware are available that i "expect" should work together in Real time.

So in "theory" we could have for eg, All these running at once, AV/AT/MBAM/Prevx/WAS/Ad-Aware/Spybot-S&D, & maybe more Whether they would actually conflict ? Not to mention the Vastly increased resources.

But the thread is about being able to run more than one together, so if you can, then you can. Whether you would, is another matter But it's very interesting & quite an accomplishment, from a purely technical aspect, that we "could" run so MANY at the same time, without issues, if we chose to !

 

Don't go off thinking HIPS are heavier than AVs though, because they usually aren't. Definitely not more than 2, unless you have systems like Page42's.

 

And you got mine!

-Running one (1) AV is Understandable.

-Running two (2) or even more Real-Time AVs is...
(in terms of Resources and Incremental Security)

 

~~ snip quote of removed post and comment about it ~~

To contribute to the subject at hand: It doesn't upset me if people use some number of antiviruses other than 1, why should it? I don't feel the need to lecture them or call them names or try to be the Grand Poobah of Wilders.

 

I find myself often disagreeing and agreeing with JB at the same time. What I agree about is that running two AV's are a bit overkill and could be considered paranoid and unnecessary. What I don't agree about is the no AV part - Wilders members running with no AV setups tend to have the most secure setups, too. Windows 7 does things well on it's own without the need for an application to watch what you do every second.

But, about the offtopic, please, gentlemen.

 

Sorry about the off-topic, I felt called to right what I thought was an injustice. Reminds me of a cartoon of a guy at the computer telling his wife 'Just a minute, someone is wrong on the internet'.

I think you are right about 2 AVs being overkill, and about those who know what they are doing when running without an AV being the most secure. I've learned a lot reading how they do it, and am working my way in that direction.

 

Me too.

 

Even the world`s top companies and echelons of PC current knowledge admit that the most advanced AV counter-measures are inadequate and losing the battle against the Tsunami of threats constantly being introduced onto the web.

The AV companies spend an aggregated tens of millions of dollars trying to improve their products and keep up with the enemy, but are continually in a lag-behind position.

This is common knowledge throughout the industry, not a JB statement.

So whilst the most enthusiastic Geek can cobble up some personal concoction whereby he proudly announces that he has beaten all the Bogey Men and an AV is not needed, this miracle of security achievement cannot be taken as serious by the vast multitude of ordinary world users. Neither is it endorsed by any reputable experts or associated security organisations.
I wonder why the big boys have not made these "No AV" guys an offer they can`t refuse by now to play Possum.

So for the ordinary user reading this thread ONE good selected top tier AV and FW must be used at all times when connected to the Internet. For reasons well documented throughout the industry and stated many times in detail by experts, the use of multiple AV`s and FW`s is to be avoided due to possible incompatibility and conflict between these dual programs and with other programs etc. present in the system, or at the very least will most likely hog your system resources.

I post this to benefit those users who are not so familiar with these security programs and their individual characteristics.

The rest of the discussion is fine and very interesting to enthusiasts, but is grossly misleading to the average user, who may follow the examples given and remarks made. Millions of these users simply use the Internet for shopping and casual browsing and do not have the slightest knowledge of their programs or system anatomy. Kids and students go anywhere when they can.

A little knowledge is a dangerous thing ? Well that is what has been said for decades by the tribal elders and what is more - IT IS TRUE.

John

 

Ahem.

[Citation Needed]

 

Ordinary user is a wide term. It can refer to users who use the browser for all kinds of click-happy moments. No AV can protect against that, because the user wants that free smiley pack. It can also refer to a user who has gotten basic knowledge of what he/she can do without getting infected.

I proved this by setting up a simple configuration for my mother: a Windows XP SP3 laptop with Windows Firewall enabled. The main browser, Firefox with Adblock Plus, is restricted via Sandboxie. She pretty much knows only the basics of computing, but she still haven't gotten any viruses - because Sandboxie stops them. So with a little education, even an ordinary user doesn't need AV software.

 

That's because Sandboxie is a program that expects the malware to be installed and accounts for that. Antiviruses expect the user to see a warning and stop right there, that's not always the case even when there are warnings.

 

My Grand children were getting infected left and right even with an AV and SAS. The AV and SAS caught most between them, but when I installed Shadow Defender and told them to access it before they went on line, all problems ceased.

 

There's a free smiley pack?! Link me!

About all I can say about it is that after using Sandboxie for two years, whatever AV or anti-malware program I have running (or, when I'm feeling brave, just on-demand) has never found anything that's gotten by, so actually they have been redundant. Learning how to use the internet safely has probably also helped.

 

I run Norton Security Suite with Malwarebytes Pro.

 

Sandboxie can be a very secure piece of software if its configured properly. Is it 100% bullet proof? Nope. Nothing is really. Short of killing your internet connection and turning off your laptop.
Sandboxie has the fans it has because it is very effective if used properly.
Like a lot of folks here at wilders, including myself, at one point we realized that AV, AM and HIPS weren't keeping us secure. For myself I look at sandboxie as my barrier from the internet bad guys. They can screw around with my browser and try to drop things onto my laptop but its not going to happen.
I'm a fanboy of sandboxie? No but I am a satisfied and happier security enthusiast because I use it.

 

My own view is that if you feel your system is going to be so targeted by malware that one AV can't cope with the onslaught;then perhaps you need to look at:
1:Other forms of mitigation,
2:Your own user habits.

I honestly can't see any reason why anyone would want to run multiple AVs on a system,unless as a Wilder's experiment,conflicts or not.

 

Usually Sandboxie isn't enough, because it is only one layer in a complete setup. The example I gave earlier is only for demonstration that user doesn't need to run AV to be secure, if he/she has a proper education on what can be done on the internet and what not. I bet the Win XP + Sandboxie setup wouldn't last long if the user bypassed it with quick recovery and then installed the file outside of Sandboxie. For this kind of behaviour, only protection would be something like constant image restores or something.

It would be a good thing if basics of computer security were teached at school. This hasn't happened yet, not in Finland atleast.

I'm sorry, I seem to have contributed to off-topic discussion too.