On Returnil and Virus scanners, their definition files and updates

Discussion in 'General Returnil discussions' started by Red_F, Nov 1, 2009.

Thread Status:
Not open for further replies.
  1. Red_F

    Red_F Registered Member

    Joined:
    Oct 22, 2009
    Posts:
    5
    Well, a long title at least.

    I would like to invite your opinions about 'the best' way to combine returnil and a virus scanner.

    Starting from RVS2010 it looks like we have the following options:
    1. Install RVS2010, stay with the integrated virus scanner and don't install any other virus product;
    2. Install RVS2010, disable the integrated virus scanner and install a 3rd party virus product;
    3. Install RVS2010, disable the integrated virus scanner and don't install any other virus product o_O
    Well, option 3 doesn't look like much of an option to me.

    So the question is whether options 1 is a good enough solution? With System Safe always enabled I'm tempted to say yes. However since I don't know anything about the quality of the integration scanner I'm just uncertain.

    A nice alternative would be option 2, RVS2010 in combination with -let's say- MS Security Essentials.

    My question to the community then would be how to go about that? Install the virusscanner on the protected partition and disable System Safe on a regular basis to update the virus definitions? Or install the virusscanner on an unprotected partition? Or a compromise, install the scanner on the protected partition and move (somehow) the definitions files to an unprotected partition? Do we know how to move the definitions files of common antivirus products?

    Since almost all of you around here have way more experience with RVS than me, I'm interested in your solutions to attacking this problem.

    Regards,
    Fred
     
  2. philby

    philby Registered Member

    Joined:
    Jan 10, 2008
    Posts:
    940
    Hello Fred

    FWIW, I have gone for option 2 but with Prevx so that I don't have to mess around with trying to rehouse AV sigs.

    System Safe is always on and system drive gets exposed only briefly once a fortnight for selected Windows patches.

    philby
     
Loading...
Thread Status:
Not open for further replies.