What on-demand scanners do you use (please list your votes)?

Discussion in 'polls' started by Tyrizian, Sep 16, 2015.

?

What on-demand scanners do you use

  1. Emsisoft Emergency Kit

    44 vote(s)
    31.2%
  2. Malwarebytes Anti-Malware

    81 vote(s)
    57.4%
  3. SUPERAntiSpyware

    17 vote(s)
    12.1%
  4. Rogue Killer

    6 vote(s)
    4.3%
  5. ESET Online Scanner

    10 vote(s)
    7.1%
  6. AVIRA PC Cleaner

    7 vote(s)
    5.0%
  7. Panda Cloud Cleaner

    5 vote(s)
    3.5%
  8. Comodo Cleaning Essentials

    7 vote(s)
    5.0%
  9. McAfee Stinger

    0 vote(s)
    0.0%
  10. ClamWin Free Antivirus

    1 vote(s)
    0.7%
  11. Dr. Web CureIt!

    3 vote(s)
    2.1%
  12. Microsoft Safety Scanner

    2 vote(s)
    1.4%
  13. Norton Power Eraser

    4 vote(s)
    2.8%
  14. Sophos Virus Removal Tool

    3 vote(s)
    2.1%
  15. Trend Micro HouseCall

    2 vote(s)
    1.4%
  16. Norman Malware Cleaner

    0 vote(s)
    0.0%
  17. Kaspersky TDSSKiller

    12 vote(s)
    8.5%
  18. Kaspersky Virus Removal Tool

    6 vote(s)
    4.3%
  19. F-Secure Online Scanner

    0 vote(s)
    0.0%
  20. Emco Malware Scanner

    0 vote(s)
    0.0%
  21. VT Hash Check

    6 vote(s)
    4.3%
  22. Hitman Pro

    75 vote(s)
    53.2%
  23. Zemana Anti-Malware

    37 vote(s)
    26.2%
  24. VirusTotal Uploader

    21 vote(s)
    14.9%
  25. Other (Not listed in this poll)...

    18 vote(s)
    12.8%
  26. I don't use on-demand scanners

    13 vote(s)
    9.2%
Multiple votes are allowed.
  1. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    I'm surprised more people don't mention PEStudio - such a useful tool for identifying mysterious files! If a security tool finds a strange driver or .dll, this makes it much easier to track down where it came from.

    In addition to sending hashes to VT, it has useful categories of information including Strings, debug info, etc which can give lots of clues. This program would have made my life easier a few years ago.

    It can be integrated into the context menu, although the .reg files need to be manually edited.

    https://www.winitor.com/
     
  2. c2d

    c2d Registered Member

    Joined:
    Sep 26, 2007
    Posts:
    571
    Location:
    Bosnia
    Hitman Pro
     
  3. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,942
    Location:
    USA still the best. But getting worse!
    Any Free updateable not redownloadable on-demand scanner with KAV engine & updates?
     
  4. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,563
    Location:
    Slovenia
    Yes, I would like to know that too.
     
  5. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,981
    Location:
    California
    Hi RJK3,

    I'm curious what uses people have for an on-demand scanner (I had to look up that term; then I voted for "I don't use on-demand scanners.)
    So, what types of "mysterious files" would get onto your computer?
    How would a strange driver or DLL get onto your computer?

    thanks,

    ----
    rich
     
  6. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    Hi @Rmus - on mine? I suppose you've already identified the main method a strange file could get on on one of my machines: by the very act of running on-demand scanners ;)

    They often install temporary drivers to facilitate their functioning, and these drivers often share many characteristics of malware (e.g.: unsigned drivers, random filenames, no identifying information in properties or when googling the hashes, no clear purpose, etc). These show up on Autoruns, and other scanners will in turn diligently flag these suspicious drivers - so the paranoid triangle goes. I've seen threads on security forums where MVPs and helpers provide scripts and support to clean up "infections", yet based on the hashes I knew were actually just randomly named files for stand-alone security tools. Through insecurity, it's possible to chase one's own tail.

    Alternatively, many legitimate drivers and services aren't properly signed, so I prefer to investigate the first time so I know what's normal later.

    But on other people's computers - which is the main context for the quoted post - then it's normally from malware/PUPs. I prefer to make sure that it's not a file from some program that I've never even heard of, since people often install things that I would never consider to be a good idea. A VT page with all clean doesn't really tell me anything useful or actionable.

    Possibilities:
    - Second opinion on a machine with an AV, since each on-demand scanner may vary on engines, definitions, and methods of detection;
    - Sanity check for people not using real-time AV/AM software;
    - For cleaning up 3rd party machines.
     
    Last edited: Oct 3, 2015
  7. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,981
    Location:
    California
    No, I know nothing about them and how they work.
    OK, I missed that. I assumed the topic was asking about people using scanners on their own systems.

    ----
    rich
     
    Last edited: Oct 3, 2015
  8. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    862
    No worries. Yes, looking at my first reply in this thread I must have taken the OP that way too, but my answer around PEStudio was considering both my PCs as well as others. On my own machines, PEStudio is mainly something I'll put out if for some reason I want to look more closely at a file I've chosen to download - but it does help break that paranoid triangle too.

    Out of curiosity, how is it you've never had experience with these kind of tools?
     
  9. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,678
    Location:
    Philippines, the Political Dynasty Capital of the
    If threats are not detected by my active Eset NOD32 Anti-Virus then I trust MalwareBytes Anti-Malware to scan the rests.
     
  10. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,981
    Location:
    California
    What type of file? How will that program help you look more closely at a file? More closely in what way?
    I'm not sure what you mean.
    I've never felt the need to use them.

    ----
    rich
     
  11. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    VT Hash Check (surprised by the lack of love for the wonderful app)
    MBAM
    Hitman Pro
    Kaspersky TDSS Killer
    GMER (other)
     
  12. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,725
    Well, there are actually quite a number of tools with VirusTotal integration these days. I personally use PeStudio.
     
  13. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    I use Hitman Pro
     
  14. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    432
    +1
    Have been using this combo for many years.
     
  15. Dazzler

    Dazzler Registered Member

    Joined:
    Oct 16, 2015
    Posts:
    14
    I use Emsisoft kit + Malwarebytes + Zemana;)
     
  16. haakon

    haakon Guest

    EEK
    HMP
    Herd Protect
    Ikarus T3 Command Line Scanner
     
  17. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,563
    Location:
    Slovenia
    It looks like Avira has to update their licence for PC Clener. I get this today (even with new "installation"):

    upload_2016-1-29_20-35-33.png
     
  18. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    Looks pretty heavy by comparison. I like how light VTHC is. It confirms whether a file is clean using VT's database, and that's it. Taking a glance at PEStudio it looks like it does a bunch of other stuff I have other layers in place to do.

    I also like how you can use a Download Manager to make get it to automatically scan new downloads. As a Sandboxie user that's not necessary but for those that don't use SBIE that feature is very useful.
     
    Last edited: Jan 31, 2016
  19. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    7,563
    Location:
    Slovenia
    Update: Avira fixed expired licence problem, so their OD scanner runs again with no problem.
     
  20. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,436
    I use these:

    MBAM
    SuperAntiSpyware
    Kaspersky TDSSKiller
    HitmanPro
    Zemana Anti-Malware
     
  21. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,322
    Location:
    Lloegyr
    I don't have MBAM installed anymore.
     
  22. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    764
    I just use Hitman Pro and Eset Online scanner.
     
  23. Aura

    Aura Registered Member

    Joined:
    Mar 19, 2015
    Posts:
    107
    Location:
    Québec, Canada
    I do not use on-demand scanners on my own system. However, these are the ones I use when I do malware removal.

    Emsisoft Emergency Kit
    Malwarebytes Anti-Malware
    RogueKiller
    TDSSKiller

    To this you could add JRT, AdwCleaner, ESET Online Scanner, etc. but they aren't listed in this poll.
     
  24. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,777
    I don't have any on-demand scanners installed. I use Hitman Pro (one-time scan) when I feel the need to do so. On other PCs, Hitman Pro and MBAM.
     
  25. ace2564

    ace2564 Registered Member

    Joined:
    Mar 26, 2016
    Posts:
    22
    Location:
    NYC
    Malware bytes. None other support OS10
     
Loading...