Is active antivirus becoming the weaker link in security?

[eyeb]

I feel like the traditional antivirus software is becoming the weak link in security setup. My setup is Avira antivirus, Sygate firewall, Sandboxie/Time Freeze, ComodoDNS and processhacker.

I rely on Avira to detect/stop viruses from running. If Avira doesn't catch a virus, I'll see some random process run from Process Hacker and know I have something questionable. At this point I can use my firewall to block access and use google/virustotal to look for possible virus. After this point, if I decide the file is risky, I can end it and delete the sandbox. After deletion, I don't have any more problems. If it occurred outside of sandboxie, I'd have installed it with Wondershare's Time freeze and a reboot takes care of it. Lastly I have a few back up images that I can use.

I've almost entirely given up on "cleaning" the virus because I find it quicker to just recover to a time before the infection. Any data that I'd have lost isn't too important or I'd have a backup of it lol. In total I don't lose much time from deleting a sandbox (few seconds) to a reboot (1-2 minutes) or using backup image (15-20 minutes). As opposed to doing a full system scan (5-10 minutes) as well as hunting around google to make sure it's all gone and seeing how other people cleaned it up.

Anyways while I still like Avira and won't give it up, I almost see no point in "needing" it. It's nice that it tells me something is a virus, but with software isolation/HIPS/backups to prevent system changes. I no longer care if I "have" a virus since it can no longer do much. Without access to the internet, it can only mess up the computer with no security/data leaks. With data backed up, I can recover from it quickly as well. The inactive virus file can just sit there till I do my weekly/monthly scans/cleanups and it'll be gone then.

Somewhat of a long post, but my point is does anyone else find themselves relying on other forms of technology to protect their computer instead of putting their AV at the front lines? I just feel like this is why linux was known to be "secure" but Windows can (or close to it) achieve that level of security without needing to "detect" anything.

[Av_Crazy]

eyeb why use sygate still when other great firewalls are there to use ?
i know imaging is the best option nowadays but u can try tools like hitmanpro to scan on demand weekly instead of looking in processhacker to look for something out of the order
i mean for a noob like me seeing anything in processhacker will not make sense

[bo.elam]

Quote:

Originally Posted by Av_Crazy

eyeb why use sygate still when other great firewalls are there to use ?
i know imaging is the best option nowadays but u can try tools like hitmanpro to scan on demand weekly instead of looking in processhacker to look for something out of the order
i mean for a noob like me seeing anything in processhacker will not make sense

I rarely use programs like that one but I know every process that runs
in my PC. When I open my task manager, I know right away whats in
there and what should be in there and I think you should do too. Its a
most, learn your processes, its not hard and its healthy. By the way, if
you were using Sandboxie, NOTHING out of order would show up in the
task manager. OK.

Bo

[Av_Crazy]

i know processes that run in my pc but still i feel secured when my tools come up clean
right now i am using ais's sandbox
i still have to learn a lot
i feel protected with applications but i think i will be able to feel secure with minimal applications once i have time to appreciate windows inbuilt protection

[bo.elam]

Quote:

Originally Posted by Av_Crazy

i know processes that run in my pc but still i feel secured when my tools come up clean
right now i am using ais's sandbox
i still have to learn a lot
i feel protected with applications but i think i will be able to feel secure with minimal applications once i have time to appreciate windows inbuilt protection

We all have to learn a lot. I learn from you and everybody else that comes here
often. We all learn from each other.
I have not used AIS but the Sandbox should be OK. The concept of the Sandbox
is pretty much always the same, the difference has to do how is achieved. I like
Sandboxie a lot but other programs are just as solid. I think the key is, learning
how to use the Sandbox program, you choose, well.

Bo

[Av_Crazy]

i have tried to use sandboxie in the past but always didnt like it
maybe will try again in future
even i have learned a lot from everyone here...
i feel naked if im not using any security application coz i have alot of data to protect and im scared if infection comes in from anywhere and infects my other drives im screwed

[bo.elam]

Quote:

Originally Posted by Av_Crazy

i have tried to use sandboxie in the past but always didnt like it
maybe will try again in future
even i have learned a lot from everyone here...
i feel naked if im not using any security application coz i have alot of data to protect and im scared if infection comes in from anywhere and infects my other drives im screwed

What is it that you did not like about SBIE? Sandboxie would protect your data
on a hardened sandbox. No doubt about it. Nothing will go out of your PC.
To me SBIE and NoScript are my pants and shirt.

Bo

[Av_Crazy]

ok i have installed sandboxie and uninstalled the virtualization feature of avast
i have 4 browsers on my pc
mozilla , chrome , opera and maxthon
i have chrome as my default browser
how do i make other browsers also run sandboxed when i click on dem ?

[bo.elam]

Quote:

Originally Posted by Av_Crazy

ok i have installed sandboxie and uninstalled the virtualization feature of avast
i have 4 browsers on my pc
mozilla , chrome , opera and maxthon
i have chrome as my default browser
how do i make other browsers also run sandboxed when i click on dem ?

Right click on the browser icon in your desktop and click on "run sandboxed".

Bo

[Av_Crazy]

and il have to do that everytime ?