Thinking of going naked

I agree, one does not need an AV to stay clean. My opinion programs such as sandboxie,returnil,defensewall-behavior blocker surpass any AV,but would not hurt to a scan every so often and of course backing up a clean image.

 

Good luck!

 

Please be considerate to others...

...and cover up your dangly bits.

More seriously, anyone looking at the no-AV approach should ensure that they have some means of controlling what gets run on their systems. In the DOS days, nothing would happen without some typing on your part but with Windows, there are an ever-increasing number of services that can run things behind your back and make system changes without your consent.

BlueZannetti touches on this with his mention of OS configuration - I would go a step further and recommend running process control software that intercepts (and prompts you whether to allow or not) the running of any new program. System Safety Monitor is one good example (which has been around for a few years now) but an increasing number of Windows firewalls are also offering similar features. They can add a performance overhead, but it should be a fraction of that from a typical AV background scanner.

 

I'm also totally naked (all off) and I don't use any AV/AS/AT/AK/AR/... scanner anymore for more than a half year.
My computer cleans and repairs itself automatically instead of giving me all the work.

I've tested this of course and I ran every top-notch and mediocre scanner, I could get in the last two months, using the same procedure : install - update - full scan - uninstall.
They didn't detect anything, not even a MRU or tracking cookie, except f/p's like ShadowProtect, Anti-Executable, IZArc, ...
In theory, I knew in advance, it would be like this, but I had to prove it in practice also.

This is my daily weapon, I keep my real weapon in the background.
No bad guy is going to get me, because this good guy is running faster than them, while using scanners is running after the bad guys, picking up their droppings, a no-win situation.

 

Haha I don't really think you are naked ErikAlbert. In fact, you have quite a number of software that you use for security purposes. Just because you don't have an on demand scanner doesn't count

 

Only 4 security softwares ? Do you call that much ? I've seen setups of 30+ security softwares. I only need these softwares to stop the execution of malware and save the period between two reboots, they all fail sometimes, but I remove their mistakes anyway. Security softwares fail too much, my recovery never failed.
I don't even know what these 4 security softwares are doing, except Anti-Executable.

 

If you're going to install on-demand scanners, I'd recommend those that are fast, like Antivir, NOD32, Prevx CSI, F-Prot. For example, install Antivir free without the Guard and other modules, download Prevx CSI (very fast scanner for critical areas) and use ESET online scanner. You can't get much better than this.

 

I agree,not that much,surprised me you not included Dr Web Cureit !

 

CureIt is good, but it's painfully slow to do a full system scan. You can do full scans with Antivir and ESET in the time Dr.Web takes for scanning the complete system.
For fast scanning of memory and critical areas, Prevx CSI can't be beaten.

 

Yes this was also my finding,painfully slow,will give others a whirl.

 

cureit scans a hell of a lot more than both those mentioned.

Please name a fast scanner with good removal and ability to actually cure a threat.

quality over speed any day of the week.

do people disagree?

 

For a standalone CureIt is quite configurable if one would care to look.

 

Both NOD32 and AntiVir would meet those criteria.

 

antivir is very bad at removal. nod32 version 2.7 is bad at removal and i dont know how much version 3 of nod32 has improved with cleaning and removal.

 

Interesting, sorry, I mistook the meaning.

IMO though, once you're infected it's game over and a wipe and rebuild is the only way to be sure you get it all.

 

its not just removal, its how deep the scanners are and what they actually do scan.

sure, flat-file scanning will be fine for testing... but an actual infected machine, these fast scanners are a complete joke!

 

I don't value removal much myself... if something actually did get on here successfully, then it's either restore from image or reformat time for me. I don't really trust any program to remove a problem or mess...

 

Yup. Go for your backups and done.

They go deep enough to find vast amounts of malware. Deep scanning (of the files' content and of the raw drives) doesn't need to be slow. You can do rootkit scanning and/or integrity checking in few minutes.

 

The problem is you need to be able to detect the bad stuff first before you can clean it. Only after the scanner can find out that something is amiss, does the question of cleaning arise.

 

My experience with scanners is that restoring a clean image takes less time than running one scanner. So you better restore a clean image, than running one or more scanners.

 

yeah, deep enough to find those files in the folder labelled 'Malware' located on X:

so, you think these scanners are worth using to detect and cleanup a system?

people should really ask themselfs, "why are they sooo quick?"

 

Maybe because they have well-written, effective detection algorithms and efficient programming?

I don't know, you say it like being fast is a bad thing and being slow is good. Now if the slow scanners had better detection rates than the fast ones, you might have a case there. But as it is...

 

Yeah Erik, maybe so, but does that not completely depend on how the end user uses his/her system? If they are a downloader (not just P2P, but regularly tries new programs out), wouldn't trying to keep an updated clean image be more of a hassle than it's worth? You'll have to excuse me if I sound uneducated in image matters because I am, I haven't went that route before

Also, if they did just keep around on demand scanners, wouldn't every update also require a new image? This sounds like a pretty decent time consumer. Again I'm not sure how such things are actually done in practice. It's an interesting concept if 1. There is an easier way than constantly updating an image. 2. There is a freebie program that does this.

Edit: Nvm, images would be impossible in my current config as I have only 1 hard drive Provided my drive doesn't die, lol, I believe the best solution for me to get rid of any malware that makes it to me is to use Returnil.

 

Yes, although I don't rely on them for cleanup. I do the cleanup manually when I have to fix an infected system. I will restore a clean image when one of my systems is deemed infected by forensic analysis/integrity checking/AV scanning.

Symantec is a product recognized by its cleanup abilities (at least in tests) and it's a fast scanner with >95 % detection rates and very low FPs.
Neither I nor you have the required knowledge to discuss highly technical matters about scanning engines. But, one thing is clear, you don't need to be the King of unpacking to have decent detection rates (both reactive and proactive) and you don't need to scan slowly a disk volume to uncover hidden threats.
Moreover, some of the fastest scanners do advanced things (emulation, sandboxing, decent unpacking, etc) which should cause a massive slowdown. But they manage to do those advanced tricks while being fast.

 

well, regardless of what 'someone' may say.

Norton is another fast scanner, with terrible removal.

this is from personal experience, half the time it doesnt even attempt to remove anything "detected 1, removed 0" seems to be the norm.

----
as for good programming, maybe they think they have smarter more dedicated staff than the slower scanners.

lol

slower scanners tend to scan more, this is true for kaspersky and drweb at the very least.

companys who choose quality over speed, but it seems speed sells more.

at least drwebs cureit is free for all, i 'recommend' they charge you all for it, maybe only then... sense will be seen in the more through scans.