Which on-demand scanners will I need with no realtime AV + SandboxIE

Discussion in 'other anti-virus software' started by Wildest, Jun 22, 2009.

Thread Status:
Not open for further replies.
  1. Wildest

    Wildest Registered Member

    Joined:
    Apr 28, 2009
    Posts:
    304
    After reading of the emasculation of Avira by Virut I decide to ditch realtime AV protection and use SandboxIE.

    I will keep stuff in sandbox for two weeks, and perform weekly on-demand scans; I am thinking this should give Avira better chance to detect these malware.

    I have a-squared, SAS, and MBAM on the on-demand scan team.
    Should I add more or is this team overweight?

    Thanks for advise.
     
  2. ypestis

    ypestis Guest

    Emasculation of Avira? Oh, I am afraid you just tugged the
    mask off the Old Lone Ranger!

    But really,the battery of scanners you have are pretty primo.
    I would empty the browser sandbox at the end of each day,
    and not worry about what the black-lister's missed.
    Weekly scans are added protection.

    But to be honest,the whole dump AV because of Virut,
    smack's a little of "cutting off ones nose,to spite ones face."
    I would just add Sandboxie as another line of protection.
     
  3. Wildest

    Wildest Registered Member

    Joined:
    Apr 28, 2009
    Posts:
    304
    At some point I would like to be able to trust some of the stuff in my sandbox; I assumed the protection from weekly scans would be required.

    I take it you are suggesting that a realtime scan will be able to detect something that an on-demand scan of two week old data will not?
    So if I scan a PC with all online scanners, I still cannot be assured of the integrity of the system without installing realtime scanner?
     
  4. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
  5. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    f-secure easy clean link in sig
     
  6. ypestis

    ypestis Guest

    OK,Wildtest I see what you mean,rather then recovering on the fly,you would prefer to wait,and scan the context of the Sandbox en-mass.
    Seems good to me.
    Online scans are fine,yet with the bulk that is downloaded for the first scan,
    I normally try another strategy.
    With Returnil,I just download the exes for Avira,Malwarebytes,SAS,Hit-
    man pro,etc,and keep them in a folder.
    When I want to do a scan,I just run them,update and scan.
    I then reboot, and they are gone.
    No maze of left over registry entries etc left on the drive.

    I know it is best to reboot, after install.but Avira 9 does not require it,
    at least, when only the scanner is loaded.(nor do Malwarebytes or Hitman)
    As far as real time detecting something,I thank its more of withdrawal
    symptom that makes me keep Prevx running,rather than a need.
     
  7. Wildest

    Wildest Registered Member

    Joined:
    Apr 28, 2009
    Posts:
    304
    OK, so just to be clear I will run anything risky in sandbox, and I will only move things from sandbox into reality after files are two weeks older than the latest updates of Avira, MBAM, SAS and a-squared.
    I will create a job to run these in on-demand mode with the scheduler, and this way I can ditch realtime AV.

    I think I am going to give this a shot; it's worth it to me to have one less process hooking into stuff and using cpu cycles.
     
  8. Wildest

    Wildest Registered Member

    Joined:
    Apr 28, 2009
    Posts:
    304
  9. Wildest

    Wildest Registered Member

    Joined:
    Apr 28, 2009
    Posts:
    304
    I am assuming this is, "in addition to".

    I always liked F-Secure too, although many times it was far from the top of results of tests such as those done by av-comparatives, or had performance issues when compared to some others.
    I have had good memories with F-Secure.

    Thanks, I will add him to the team.
     
Loading...
Thread Status:
Not open for further replies.