How many's too many?

Discussion in 'other anti-malware software' started by crapbag, Mar 16, 2011.

Thread Status:
Not open for further replies.
  1. crapbag

    crapbag Registered Member

    Joined:
    Mar 14, 2011
    Posts:
    144
    Hi everyone,

    I'll start with an apology if this has already been covered elsewhere :) I tried searching the forum.

    I'm using Sandboxie and Keyscrambler and am not too keen on running anything real-time. I'd go into my reasons for this but that's not the reason I'm posting.

    I've got a bunch of software that I'd like to install for on-demand use only. Things like MBAM, Twister, SAS, BugBopper and Hitman Pro. All the real-time stuff is disabled where applicable.

    I know that more than one real-time AV can muck things up, but what do you good folks think about on demand scanners? Can too many cause instability?

    Any advice is appreciated.

    Thanks!
     
  2. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    U can't have too many on demand, specially if u use portable version
    I use 5 on demand scanner without any problem
     
  3. crapbag

    crapbag Registered Member

    Joined:
    Mar 14, 2011
    Posts:
    144
    Cheers for the reply blasev,

    What do you mean by 'portable'? Things like Dr. Web Cureit? Are the 5 that you use portable or permanently installed on your machine?
     
  4. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    On-demand antimalware scanners are OK, specially if they're portable; but it's just a preference of my own, portable applications. But, the way I see on-demand VS on-access is as follows:

    Would you rather prevent yourself from becoming ill due to known illness, at the moment the attacker strikes? Or, would you rather fight the illness after it strikes?

    Please, note that I'm not advocating the need for an on-access antimalware, rather saying that if you need that much on-demand antimalware applications, none of them will cure you from all illness, and even when they manage to do it, they'll do it for the known illness; and, they'll do it after the consumation already took place.
     
  5. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    IMHO the best protable is Emsisoft Emergency Kit
    Second best : DE Cleaner Avira
    Both are able to update signature


    Its extremly nice, portable version didn't need to be installed so they didn't registered as services.


    Btw : welcome to wildersssss
    Have fun with as many av/am/as/fw/ae etc as u want :D
     
    Last edited: Mar 16, 2011
  6. Kyle1420

    Kyle1420 Registered Member

    Joined:
    May 27, 2008
    Posts:
    479
    I agree with Blasev..
    Emsisoft emergency kit is a really good on demand scanner\cleaner

    I use that, and MBAM for on demand.

    I don't use any more specifically because I can't be bothered.
     
  7. redgrum

    redgrum Registered Member

    Joined:
    Nov 16, 2010
    Posts:
    50
    Nothing in life is for free, apparently:

    didierstevens: it-does-no-harm-or-does-it

    I think it just boils down to a bit of prudence and personal risk assessment. I only use one or two on demand scanners on any machine, but that's mainly due to me not liking clutter rather than any knowledge I have managed to accidentally emulate.
     
  8. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    i use the following on demand scanners:
    hitman pro
    mbam
    superantispyware portable
    I find EmsisoftEmergencyKit good but slow.

    I wish mbam would release a portable version then all my on demand scanners would be portable.
     
  9. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,220
    On demand scanners are fine, but when they are too many perhaps restoring an image of your system might be quicker and more conclusive in terms of having a clean system. There are so many excellent free imaging applications which only need a bit of common sense to learn how to use them.
     
  10. PJC

    PJC Very Frequent Poster

    Joined:
    Feb 17, 2010
    Posts:
    2,959
    Location:
    Internet
    -Emsisoft Emergency Kit
    -DE Cleaner Avira
    -Hitman Pro
    -Malwarebytes' Anti-Malware

    -
    GMER
     
  11. yongsua

    yongsua Registered Member

    Joined:
    Feb 9, 2011
    Posts:
    474
    Location:
    Malaysia
    Second opinion on demand scanner: MBAM and Hitman Pro

    Third opinion on demand scanner: Dr Web Cure IT,Emsisoft Emergency Kit and
    eScan antivirus toolkit(Too many false postives?)

    Fourth opinion on demand scanner:Bitdefender and Avira rescue disk.
     
    Last edited: Mar 16, 2011
  12. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    MBAM, SAS:)
     
  13. crapbag

    crapbag Registered Member

    Joined:
    Mar 14, 2011
    Posts:
    144
    Wow, thanks all! Lots to think about.

    I've used things like Returnil and love the idea of Deep Freeze. I'd also probably drop one or two scanners for something like AppGuard or Defensewall.

    You've all probably heard this a zillion times :p but I'm trying to keep my setup as simple as possible without compromising too much. My main concern is browser security, which is why I love SBoxie. Perhaps I'm being impatient, but real-time monitoring just puts a drag on everything. Should something get by SBoxie I want something that's going to clean up the mess quickly and efficiently.

    Funny thing is that some scanners picked up certain things that others didn't, which makes choosing that much harder!

    I'll also add that I love this forum :D always gives me food for thought. Figured I'd join in the fun.
     
  14. 0strodamus

    0strodamus Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    1,047
    Location:
    United Surveillance States
    You might want to take a system snapshot before using the "portable" scanners. I've found that they still leave registry entries and in some cases files behind after running.
     
  15. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    There's no need for Keyscrambler if you add Internet or Start/Run Access Restrictions on Sandboxie.
     
  16. crapbag

    crapbag Registered Member

    Joined:
    Mar 14, 2011
    Posts:
    144
    That's intriguing. I've found the menu in the sandbox settings window. Is it just a case of adding only the browser to these options?
     
  17. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    I've added plugin-container.exe (Firefox only), jp2launcher.exe, java.exe, javaw.exe, and javaws.exe (Java only) as well.
     
  18. crapbag

    crapbag Registered Member

    Joined:
    Mar 14, 2011
    Posts:
    144
    Thanks J_L. I'll give that a shot.

    Would I really need Keyscrambler anyway regardless of tightening up the sandbox settings? If any keylogger-or malware for that matter-I encounter is isolated within the sandbox and discarded upon exit, am I correct in assuming that because it hasn't been able to tunnel its way into Windows and phone home that it would be rendered useless to begin with?
     
  19. sbseven

    sbseven Registered Member

    Joined:
    Jan 30, 2011
    Posts:
    140
    Yes. Then if anything else attempts to run in the sandbox (E.g. drive-by download or keylogger), Sandboxie will not allow it to execute, showing an error message. As J_L indicates, you may have legitimate programs running alongside your browser (Java, PDF plugin, etc.) that you'll need to add as well. (Sometimes, if you're using Firefox, you may have to add dllhost.exe and/or verclsid.exe to get downloads to work properly). Remember also that the two lists are independent, so you can allow something to run in a sandbox but deny it access to the internet.
     
  20. monkeybutt

    monkeybutt Registered Member

    Joined:
    May 18, 2009
    Posts:
    126
    Sweet! More scanners.

    ~ Off Topic Comments Removed ~
     
    Last edited by a moderator: Mar 16, 2011
  21. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    As people said, nothing is too many BUT i would make sure just to choose the best few ones or else your scanning On Demand scan would start to take a looooooong time.

    Hitman Pro, EAM, MBAM would probably be enough for me as On Demand :rolleyes:
     
  22. DVD+R

    DVD+R Registered Member

    Joined:
    Aug 2, 2006
    Posts:
    1,979
    Location:
    The Antipodes
    Serious Overkill, and not doing anything except the fact you have them all. Pick one you know to have been reliable and get rid of the rest. Unless you are doing something really bizaar like downloading cracked software everyday or porn and things like that, It's highly unlikely that you will ever even encounter a virus or anything else for that matter. Basic day to day activities on a computer that uses the Internet has a ratio of 1/5 chance of picking up a virus/trojan/worm/ etc.. If you existin Antivirus reports that it has stopped an intrusion, and aborted the connection/ or quarentined the file, rest assured thats exactly what its done, running several other programs just to varify the fact is beyond explanation.
     
  23. sbseven

    sbseven Registered Member

    Joined:
    Jan 30, 2011
    Posts:
    140
    You assume that any one AV product will detect 100% of malware...

    I do agree with you, though, that most people are unlikely to come across malware with safe browsing/downloading habits.
     
  24. crapbag

    crapbag Registered Member

    Joined:
    Mar 14, 2011
    Posts:
    144
    The only lag in scanning I've found thus far is when I'm running real-time alongside any on-demand scanner. But I agree that too many would be overkill.

    Aside from streaming the odd bit of filth I very rarely download anything besides program updates. Something like SBoxie with Deep Freeze would-probably lol-give me peace of mind.

    I'll probably look at ditching one or two scanners, tightening up the sandbox and throwing DF into the mix. In theory I'd only need the scanners every now and then and to see if anything nasty's got in whilst installing updates.

    Appreciate the input guys. Thanks.
     
  25. carat

    carat Guest

    I think you need at least 12-15 on demand scanner :D
     
Loading...
Thread Status:
Not open for further replies.