At-Risk Burrito's Config - Experimental 3 Full AVs

[Burrito]

Experimentally, I now have three AVs on one of my laptops. I canked a few things I had on this laptop... and then loaded the following:

Yes, Norton Premium, Cylance, and MBAM Pro.

Yep, they are all running together.

And this is the thing.... this laptop is now faster than what it was with a different more traditional* setup.

So far, no conflicts, no slowdowns, and all modules are running on all three.

Yeah, MBAM is designed to play nice with others. But all three label themselves as full AVs.

What started out as an experiment... might just stay this way.

Full Disclosure: I'm predisposed to run MBAM as I have 5-lifetime licenses. And I'm predisposed to run Cylance, as I get it free based on my employer. And I'm predisposed to run Norton, as I think it's one of the top three AVs -- without the issues of the other two.

That is all.

-Big Honkin' Burrito

 

[Deleted member 178]

The one with the higher better Allocated Altitude (which is probably Norton) will probably catch all malware first, shutting down the 2 others unless it misses threats.

 

[SumTingWong]

No need Malwarebytes real time.

 

[DeepWeb]

2 memes (Cylance, Malwarebytes) and 1 borderline virus (Norton). Like Umbra has said, it's probably working because one of them gets to detect malware faster than the others which are just sitting there killing your hard drive. But keep us up to date. Maybe it works.

I would be interested in someone managing to run Kaspersky and another AV that uses Bitdefender's engine. That set up would be a safe bet. But Kaspersky won't tolerate anything from my experience (bootloops).

 

[Deleted Member 3a5v73x]

I would just keep Cylance realtime, add Norton Power Ereaser as on-demmand, and Malwarebytes as browser extension to slim down security setup. What are you using on your production machine since this is just "experimental one"? Thanks for sharing.

 

[oldschool]

I think it a great experiment. Too bad you don't test because that would be fun!

 

[harlan4096]

Although it is "Experimental"... I think I was a bit benevolent tagging it only as Risk Moderate

We all know what implies 3 avs at the same time...

 

[Burrito]

The one with the higher better-Allocated Altitude (which is probably Norton) will probably catch all malware first, shutting down the 2 others unless it misses threats.

Yes. And we all know that MBAM is designed to work with others. But throwing Cylance into the mix made it interesting.

No need Malwarebytes real time.

Probably true.

But keep us up to date. Maybe it works.

Strangely, this particular laptop often had the fan running. And with this seemingly larger workload to carry, the fan has not run yet. Will do

 

[Burrito]

What are you using on your production machine since this is just "experimental one"? Thanks for sharing.

My main rig runs Norton Premium, VooDoo Sheild, OSA, Cybersight Ransomstopper... and Neustar Recursive, uBO with the Squids, WDBP, Netcraft, MBEB, and Norton Safe Web. I guess I'm playing around with filtering on that system.

I think it a great experiment. Too bad you don't test because that would be fun!

Thanks... it's kind of fun to play around with this stuff. And yeah, testing this combo could be fascinating.

Although it is "Experimental"... I think I was a bit benevolent tagging it only as Risk Moderate We all know what implies 3 avs at the same time...

 

[RoboMan]

Hey, thanks for sharing the config with us! I must suggest, aforementioned by others, to only keep one. At the moment they seem to work together, and have no issues. But remember, they all monitor the same files, and you now have 3x false positives. Wait for a serious Windows Update or a special database definition that triggers one BB and everything will fall apart, taking not only the antiviruses but your complete system

If Avast was smart enough once to detect its own definition as malware and quarantine itself, then imagine what 3 full suites may do lol

Recommendation: keep Norton enabled, disable/uninstall the rest, which are currently redundant at their best.

 

[Kubla]

Yes. And we all know that MBAM is designed to work with others. But throwing Cylance into the mix made it interesting.

It is true that the others will probably catch known malware before Cylance but by design Cylance should catch the unknown that the others would miss making it a valuable layer in a multi-layer configuration, particularly with the advent of fast mutating AI base malware. Who knows perhaps Cylance will never catch anything on your system, then again if it catches just one it will have been worth the CPU usage I am sure.

 

[Deleted Member 3a5v73x]

Will Cylance Smart Antivirus be able to run in parallel with another AV that may already be installed?

Cylance Smart Antivirus runs alongside many antivirus products without issue. The product is tested against McAfee, Symantec, and MalwareBytes prior to release, but it’s difficult to anticipate all issues that may arise. We cannot guarantee that our product will always run without issue with other existing antivirus software. Additionally, many traditional AV products consume large amounts of CPU and memory, slowing down overall system performance. Cylance Smart Antivirus was designed to have a very low impact on computer performance. At the start of the Cylance Smart Antivirus installation, there is a disclaimer/warning about compatibility issues, and we advise the user to uninstall previous AVs.

 

[Burrito]

Hey, thanks for sharing the config with us! I must suggest, aforementioned by others, to only keep one. At the moment they seem to work together, and have no issues. But remember, they all monitor the same files, and you now have 3x false positives. Wait for a serious Windows Update or a special database definition....

Thanks for the words of caution Robo. Of course, you are right. And that's why harlan4096 (mod) wisely chose to tag this thread with "Risk" -- to caution others about potentially risky computer behavior..

But... I have good rollback, and I enjoy this type of testing. And I'm surprised at how well it's working. And with what davisd posted above -- which I did not know -- it's even more interesting to me.

It is true that the others will probably catch known malware before Cylance but by design Cylance should catch the unknown that the others would miss making it a valuable layer in a multi-layer configuration, particularly with the advent of fast mutating AI base malware.

Exactly. Strange thing is.... I was a Cylance hater. And... to some degree, I still have reservations about that company... some from semi-insider knowlege of a part of that industry. But the multiple locked threads here made me look at Cylance again... and Cylance does seem to have something. I think what they have is a capability that would better fit as a module in a larger AV. Them advertising themselves as a replacement for a full AV -- I think that is garbage.

Ransomware, advanced threats, fileless malware and malicious documents are no match for the power of artificial intelligence. Replace your antivirus with the smartest endpoint security on the planet. -Cylance ​

​

This is a seemingly balanced review of Cylance:
Cylance Smart Antivirus

Will Cylance Smart Antivirus be able to run in parallel with another AV that may already be installed?

Great info that made this even more interesting. I even looked for that kind of info, but didn't find it. Apparantly I didn't look hard enough. How coincidental that "The product is tested against.. Symantec, and MalwareBytes prior to release" -- both capabilities I paired with it were tested for conflicts. But... not tested together.

Thanks davisd


:emoji_fist:

 

[Deleted member 178]

The problem with cylance was never the soft, it has, like every soft, it's strength and weaknesses. The problem was the shady marketing behavior of the company.

 

[oldschool]

I contacted Cylance, asking precisely about the difference in Protect v. Smart Antivirus (just to hear it from the horse's mouth!) and the response I got was: "No Script Control or Memory Protection" and they referred me to this: What type and how many files are scanned? When I asked if they recommended pairing it with another security product they offered this lame jive: "It depends on what you are doing." Like what? Sounds like a pile of horse ####, but it was from the horse, of course. LOL. I have to say they replied very quickly though. Excellent customer service!

 

[Nightwalker]

Personally I would remove Norton Premium and not Malwarebytes; the reason for this is that the latter isnt an antivirus but an antivirus replacement, so potential incompatibilities and system impact hit should be lower.​

​

Malwarebytes anti exploit and web protection complements Cylance very well, considering that Cylance is "just" a powerful PE scanner.​

​

Not shilling for Malwarebytes, but its real world protection is great, it is actually much better than some tests paint it.​

The reason for this is the nature of modern threats (PUPs, malvertising, cryptojacking, exploits and ransomwares); in my experience MBAM does a great job against those.​

 

[DeepWeb]

Will Cylance Smart Antivirus be able to run in parallel with another AV that may already be installed?

Hmmm might install it next to Emsisoft.

 

[Deleted Member 3a5v73x]

Hmmm might install it next to Emsisoft.

Let's not hyjack Burrito's config, but personally throughout years I think Emsisoft on it's own handles PE's very well. Even tho C can be a complementary for other AVs, you must pay for it and it's very new (about a month) old product stepping into home user market, I would still take caution about it. It's really upon user what he wants to accomplish with running 2 or more AV's realtime, for experimental purposes it's fine, but upon detecting threats they might conflict, as an example would be other AV vendors detecting alredy quarantined threats by C. What would happen realtime with serious malware? There's is more chanse for malwre to slip by 2+ AV's than 1. For production machine I wouldn't recommend adding other AV to either C or Emsisoft, just chose wich one you preffer. Also the fact that Emsisoft could be run naked, but C cannot.

 

[tonibalas]

It's interesting that the laptop with the 3 av's now installed runs lighter.
@Burrito can i give you some more work?
Instead of removing a product i would add Zemana since it has very good detection of worms.
Can you check this out and tell us the results?

 

[Kubla]

Hmmm might install it next to Emsisoft.

I tried four different AVs to run with Cylance, Kaspersky, ESET, Sophos, and Emsisoft only Kaspersky and and ESET worked for me, Sophos and Emsisoft had incompatibilities, I don't remember exactly what they were but I would test it with a trial version first.