AVs that can be used as on-demand scanners only ?

Discussion in 'other anti-virus software' started by Sadeghi85, Jan 29, 2010.

Thread Status:
Not open for further replies.
  1. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    Hi all

    Because I only visit safe websites I decided I don't need a resident AV. But for those occasions that I download a file that I'm not sure it's clean I need an on-demand scanner. Now I'm looking for a list of AVs which offer an on-demand version or can be configured as on-demand only, i.e. no process/service in the background.
     
  2. Wan

    Wan Guest

  3. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe

    Safe websites can be infected, and the on demand scan may be too late.
     
  4. dcrowe0050

    dcrowe0050 Registered Member

    Joined:
    Sep 1, 2009
    Posts:
    378
    Location:
    NC
    A lot of safe websites are getting compromised now days. I think you need some kind of real time protection. But one of my favorite on demand AV's is Dr Web Cure It and A2 Free.

    I think I would at least get the free version of Prevx so you will at least know if you get infected. Its extremely light if thats what you are worried about.
     
  5. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,588
    Location:
    Mumbai
    Yeah blacknight is right I can show you many links that are flagged by norton as safe and still I can download infected files:ouch:
     
  6. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    You may want to take a look at Hitman Pro to see if it can scan as you want. I believe if Avira's guard is not enabled it can be used on demand only as well.
     
  7. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    1. During installation of Avira, choose custom installation and uncheck the guard component.

    2. During installation of avast!, choose custom installation and uncheck 'Standard Shield' and any other shields you please.

    3. Installation of AVG too provides some such option during custom install, dont exactly remember which name it goes by, since I have stayed away from AVG since V9.

    4. In MSE, uncheck 'Use Realtime Protection' in settings.
     
  8. risl

    risl Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    581
    The paid version of Dr.Web can do this, simply by doing a custom install and selecting only scanner component.
     
  9. Wan

    Wan Guest

    If so you should just download the free version if you only want the scanner
     
  10. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    Thanks guys :)

    I think I should have said it in the first post that I already use MBAM and Prevx free and am considering to get WinPatrol too.


    Just a quick question about A2, its shell integration breaks jumplist functionality, anyone knows a fix?
     
  11. zfactor

    zfactor Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    6,012
    Location:
    on my zx10-r
    dr web cureit and hitman pro are my fav's for free standalones
     
  12. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Hitman Pro and A-Squared :D
    My choices
     
  13. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,222
    True. But one can also run virtual or sandboxed, and the on demand scanner would be used to check downloads which might be written to disk. This is basically my modus operandi using Shadow Defender and Avira Premium on demand.

    Both the Personal and Premium versions of Avira can be configured to scan on demand. My main machine which is quite powerful for a laptop, was definitely faster after disabling the web guard, mail guard, and the main guard (even booting time improves, basically when I see the desktop, I can start multitasking without any delay).
     
  14. captainron

    captainron Registered Member

    Joined:
    Oct 22, 2009
    Posts:
    77
    Hi Sade,

    Most viruses actually come through legit websites these days. I can find some links if you want, or you can google for some stats on this and I bet you will find evidence that most malware comes from legit sites that are hacked.

    My favorite mma and UFC web forum was hacked. As people logged in an ad is displayed, according to those infected the ad would open a .pdf in adobe and deeply infect the pc either causing hours, and hours of effort to clean the pc or a reformat was needed. This affected a ton of people.

    Folks who did not get infected was due to:
    - not having adobe installed
    - not running browser as admin
    - ad blocker/no script prevented the exploit
    - some real-time scanners caught it and stopped it, some didn't (avast and MSE users reported that those programs caught this exploit at mma.tv)

    So make sure you have a few other safeguards other than visiting safe websites if you don't run an AV, like a limited account at the least. That said, I haven't ran a real time AV in years.

    Your main options will be A Squared and MSE, or online scanners.

    A Squared - install, disable the a2 service, make sure A2 entries in autoruns are unchecked and it is a 100% on demand scanner using 0 memory.

    Regarding shell integration in A2, click on 'configuration' on the menu on the left hand side of A2. Uncheck the 'activate explorer integration' box. If this doesn't work, you can uncheck the A2 entries in autoruns and this does the exact same thing.

    Similar process as above for MSE applies. Only difference is MSE needs the MSE service running to work. A2 does not. You would have to manually start and stop the MSE service before & after use.

    Avast is supposed to be very optimized out of the box, Kee's posted some tweaks to make it still functional for scanning dl's as well as on demand, and makes Avast even lighter. https://www.wilderssecurity.com/showthread.php?t=263940

    It can be done with AVG, but takes more effort than any of the methods above.
     
  15. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    Hi captainron, thanks :)



    I use adblock plus, but in case that isn't enough what I do is this: I always use Firefox portable with pdf plugin while I don't have adobe installed. So in case a website wants to open a pdf in my browser all I get is this error:

    adobe.PNG

    Then I can find the website that hosts the pdf file by using live http headers and report it to malwarebytes to include that site to their ip protection filter. :)


    Regarding A2, I asked about it in Emsi support forum and they said it's already fixed in v5 beta. For now I disabled shell integration.

    But if A2 doesn't need its service in free version, why it does install it? What does that service do?
     
  16. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    I myself don't have a resident realtime AV - just use Sandboxie instead to protect the browser & all internet facing applications from nasties - I'd say it's far too risky to have the attitude you won't get hijacked at least once by something malicious. With Sandboxie (and the other virtualization tools) you are sailing close to the wind - you might be clever/lucky enough to avoid getting busted by malware. But without any ability to roll back changes (if you were to come up against something crappy) ... you will be stranded up the river without a paddle. I presume you have some backup plans?

    I only ever feel confident with my setup because I have attempted to get my applications/browser as tight as possible using hard firewall rules.

    Customizing Firewall Rules - Application Rules

    Customizing Firewall Rules - Final Block Rules

    Email and RSS feed applications are very tricky to use without a resident AV - I have found. If you use either - without protection - I wouldn't bother running the risk.

    Safe sailing, arrrrrgh
     
  17. captainron

    captainron Registered Member

    Joined:
    Oct 22, 2009
    Posts:
    77
    A2 service gives A2 admin privileges automatically. So if your running Vista or Windows 7 expect a UAC prompt if you have A2 service disabled. Otherwise, A2 functions exactly the same with or without the service disabled.
     
  18. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    I recently installed NoScript, I think that's enough?

    As for backup plans, I use Macrium Reflect free for weekly imaging but it doesn't do incrementals so I think I should look for the paid ones.


    Thanks.
     
  19. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    So you are going to be using Firefox + Non Adobe PDF + NoScript + (maybe WinPatrol) ... and no realtime antivirus protection. Winpatrol monitors the basic registry startup areas and would alert you to, and enable you to disable, anything unwanted from running at bootup. But does it offer serious prevention? I don't know ... I doubt that is enough.

    BTW, do you use a firewall ... with HIPS protection? If yes, then I'm tempted to say that is a safe line up - the software bare minimum + Common sense - a decent comprehension of the threats out there.

    Maybe Rmus will post and give some advice. He browses the web on the minimum and gets by ok. Legit sites get whacked. Occasionally NoScript has flagged me that the site I am browsing has suspicious stuff going on. I really wouldn't just go with NoScript and Winpatrol to keep malware off my computer, but eh.

    My minimum browsing protection is: Online Armor (HIPS enabled) + NoScript + Sandboxie + Foxit PDF.

    ***​

    BTW, if you disable A-Squared service - if after a time (I think it's 5 days) you haven't updated the AV definition list it will download the whole 60mb+ list. With the service enabled you get incremental daily updates.
     
  20. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    Not true, even with service enabled you have to download the whole database again if you fail to perform an update for a few days.
     
  21. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    Yes, OA free.


    In addition to those, I have MBAM and Prevx free working in realtime.
     
Loading...
Thread Status:
Not open for further replies.