12-Engine Free Quartet: 10-Engine Triple Chinese Antivirus Combo with COMODO IS

[Amiga500]

I have never seen such a conglomeration of paranoid crap in all my life.
For goodness sake just use one or the other.

This is way overboard and new users will be left with the impression that piling security software on to their computer is standard practice.

It is ridiculous and the OP,s set-up is preposterous and futile.

I have seen some crazy set-ups but this one takes the gold medal.

 

[Deleted member 178]

If the HIPS module is set to Disabled this will suppress any HIPS popups as well as allowing any processes that the Alerts would inform one about. I suppose that I should have used the correct term of Disabled instead of Off.

more details in my thread: http://malwaretips.com/Thread-CIS-v6-BB-HIPS

 

[Jaspion]

I have never seen such a conglomeration of paranoid crap in all my life.
For goodness sake just use one or the other.

This is way overboard and new users will be left with the impression that piling security software on to their computer is standard practice.

It is ridiculous and the OP,s set-up is preposterous and futile.

I have seen some crazy set-ups but this one takes the gold medal.

Then let's stop the overboard and new users from having any wrong impressions, shall we? Because maybe they won't read what I actually wrote, and won't know that I'm not implying this setup as detailed here has anything to do with protection.

In fact, the only overboard reactions here are from people who misunderstood what I was getting at, and thought I was talking about protecting your computer in this thread — well, I'm obviously not. Yet, even though I have repeated this over and again, people keep calling me paranoid. LOL

Protection doesn't come from detection. I was a fool not to state the obvious from the beginning.

 

[Deleted member 178]

Protection doesn't come from detection.

so what is the point of doing this setup ? just show we can stack AVs, we all knew that and did already here.

don't misunderstand me, i understand what was the purpose of this config.

but sorry to be rude, it afford nothing to any users here, i still prefer my old "paranoid" layered config; at least it really protect you and doesn't force you to disable almost any real-time protection of those softs.

i can tell you are not an average user so i will prefer 10 times a demonstration of your skills to set a proper and efficient layered config that try to be light , safe and easy to use by the common user.

"it is not because you can, that you have to do"

Thanks, and no offense.

 

[tapoo]

Ad-aware also going to support other antivirus softwares with realtime protection......

this is from lavasoft beta testing forum....

Thank you for your report. It is possible to have active Ad-Aware Real-Time component on the computer, where you have other security suites like Norton, Bitdefender, McAfee, AVG, Malwarebytes, Superantispyware and Avast installed.

Initially you have only Compatible option for Ad-Aware installation on computer where other security suite is present. However, afterwards you can install Real-Time Protection drivers separately. Once program is installed, click Real-Time Protection slider within Home tab and confirm your decision within Warning pop up window. However, it is not recommended by Lavasoft, as presence of Real-Time Protection drivers of several security suites leads to conflict and may cause harm.

.

 

[Littlebits]

I really can not see the point of this either, if you want to know about detection only then you can always upload files to VirusTotal. Why install all of this to your system to not protect it?

I have read over this complete thread and I'm still completely puzzled to what kind of point you are trying to make.

Is this just an experiment to test the detection malware samples or are you just so bored you had nothing else to do?

If I wanted to, I could install just about any security product with others that are not compatible because I know how to manually edit incompatible security boot drivers to keep them from conflicting, but this takes a lot of work and it would serve no purpose other than the fact that I know how to do it. I rather spend my time doing something productive that might be helpful to users like writing guidelines how to avoid infections with common knowledge without the need for depending on security products.

Of coarse I don't want to sound rude but I don't see how a thread like this is helpful to users.

Thanks.

 

[Ink]

Does this help at all to others?

Jaspion, I am correct in the following?

This set-up provides higher combined detection, at the cost of lower protection.

Which is correct, because "Better Protection" comes from the layered approach of different security technologies combined, and not by stacking multiple AV's.

As explained below, please note I am using examples.

- Those looking for "Better than average Protection" for Free, can use a single Free AV (ie. Avast, Avira or AVG) with another security technology (ie. Sandboxie or Malware Defender) and combine the two.

- Those looking for "Better than average Protection" without stacking different software, can look at paid AV/Suites like Kaspersky or Bitdefender. Including Comodo suite as it's freeware.

So while I agree with others, I think Jaspion understands (right?) this does not provide better protection. As mentioned a few times already, see quotes below:

"if you like your detection rates high, this quartet is hard to beat"

"to achieve high detection rates, this setup is a possibility I have found"

"Protection doesn't come from detection."

Remember that it does not guarantee it's idiot-proof.

 

[Jaspion]

What? Oh my.

Jaspion, I am correct in the following?

This set-up provides higher combined detection, at the cost of lower protection.

Which is correct, because "Better Protection" comes from the layered approach of different security technologies combined, and not by stacking multiple AV's.

Of course not! How can higher detection lower your protection? The point is that it doesn't necessarily increase your protection, but it certainly won't lower it!

I have answered many times: why? Because I like high detection rates. I know and use various layers of protection, and the best one is information, as has always been. Detection fails more often than other protection layers, but detection is the first and most effective one — if detection fails, you still have HIPS/sandbox etc, but if the last layer fails, you're screwed. So I like high detection. Paranoia? Nope, if this setup slowed me down then I would agree, "yeah, it's a little too much." But given that compatibility nor performance have been a problem... don't have a cow man! Go concern yourself with constructive things. I have never implied this is a setup for everybody, nor that it's a great way to protect yourself, or anything like that. I'll make sure I state such premisses from the beginning next time, this has taught me a lesson. In fact, I approve of the protectiveness of more experienced members, trying to shield newcomers from thinking this is a good setup for anybody to use — the only problem is I never implied that. In fact, I brought this setup here because one user asked me about this specific config, and I decided to post it in this section in case it could help someone else.

But you guys are right, I should have stated that this setup isn't at all for everybody from the beginning.

 

[Ink]

Many replies don't understand the point of this config, so I thought I'd try and help by explaining what I understood -maybe help a bit? No.

But if that's the case with your response, I'll go with my original thought, and say this config is complete garbage. End of.

 

[Jaspion]

Many replies don't agree, that's different. This setup's usefulness is for those who need extra high detection rates. If you don't need that, you don't need anything close to this setup, end of. It's so simple. I doubt anybody here doesn't understand that.

Now if you "don't understand how this can be useful" then you really just don't agree it's useful, then it's not useful for you, and maybe you cannot imagine how this could be useful. I would so like to have a meaningful discussion here, discuss which AVs can be combined with no compatibility problems, discuss performance versus detection tradeoffs, etc. But I have to repeat myself again and again. I respect you and your opinion, but here's mine: your opinion is garbage because you have not analyzed this specific matter as well as I have. You asked me a question, I answered it, and you say my setup is garbage, based on my response. Well, then it's easy to spot: your opinion is garbage, because it's about the setup but based on my response, not on an analysis of this specific setup.

 

[madyrocksin]

The point is that it doesn't necessarily increase your protection

Then why use it !!!

 

[Littlebits]

The point is that it doesn't necessarily increase your protection

Then why use it !!!

Exactly, detection is not important. Protection is what is important.

Think to yourself would you rather have your security product(s) protect against infections with real-time features or would you rather have your security product(s) detect malware with on-demand scans after your system is already infected?

Protection rate = real-time scanners that block infections.
Detection rate = on-demand scans of your system or selected files.
On-demand scans (detection) is only needed after you system is already infected. Therefore is not as important as protection.

Who cares if this setup has better detection when it provides no better protection?

Thanks.

 

[MidniteRider]

You can also add Webroot SecureAnywhere and Emsisoft Anti-Malware.
P.S.: You mentioned performance was "average". Could you describe it in more detail? (such as: "The system takes way longer to boot, web pages take a bit more to load, file copy wasn't slowed down, etc.)

 

[Jaspion]

"Average" meaning reasonable delays for normal file operations (compared to no AV), "reasonable" meaning less than a second delay for most of the affected non-cached operations. I have discussed boot time before, and with this setup I was doing about 30 seconds (about 5 or 6 more than with just CIS).

 

[Moose]

Wonder! if, this http://www.cezurity.com/en/products/scanner
will work in place of the kingsoft antivirus in which,I could not
get to download? As a replacement keeping everything light.

 

[Jaspion]

Nice find Moose, I had never heard of it. I'll test it and let you know. So far, Kingsoft has been impressing me with its detection rates lately, so I don't know if this is a worthy replacement (although the first review I read is positive) or a good additional companion. Maybe Kingsoft + Cezurity instead of Baidu, which has been buggy and more FP-prone lately.

There's a download link for Kingsoft AV here http://www.neowin.net/news/kingsoft-antivirus-2012-sp57 and you can PM me for a backup I have if this doesn't work for you.

 

[Ink]

You said everything was running surprisingly well, and showed no issues. What went wrong?

Maybe Kingsoft + Cezurity instead of Baidu, which has been buggy and more FP-prone lately.

"The use of more than one antivirus programs together can lead to trouble and/or reduced performance. This combo has shown to me no such issues, but you should be careful nonetheless."

"I have tested this configuration during a few weeks and found it to work surprisingly well"

 

[Jaspion]

Nothing special went wrong, no compatibility issues. I just keep testing configs on my PCs (to get a firsthand experience of the programs).

Currently I've uninstalled Baidu's new v4 beta because it's not polished enough, too buggy, and more FP-prone than before — without an accompanying increase in detection rates. But v3 was working relatively well, although the FPs have always been a problem for Baidu (hence my recommendation to use it with Low heuristics or simply drop it).

Still, just with Qihu and Kingsoft (+ Comodo), you get exceptional detection rates.

 

[Moose]

Could you provide a link for Kingsoft Antivrus 2013? That will not fail downloading? Thanks!

 

[Jaspion]

Sure, I'll PM you. It's KAV 2012 SP5.7, the new version is Chinese-only.