Sunday, February 04, 2007

Online System Security Scanners

I've provided several lists of home/personal PC security software resources users may find helpful in scanning, securing, and cleaning their Windows based computers of rootkits, malware and spyware, viruses and trojans, and rouge processes:

I almost always have a copy of most of my tools and the setup and installation files for my most preferred utilities and applications in these categories on an ever-present USB stick. That's important, because if I am asked to look at a user's pc, and it has been compromised, I may want to disconnect it from the network to do my work, severing any malicious activity from the network. Or maybe the network connection has been damaged or destroyed by the malicious file. In these cases, I might not be able to otherwise download one or some of these programs from the Net to the local pc.

Having a copy on my USB stick (set to read-only to avoid cross-contamination of my USB volume) is very useful.

Because of this, I don't usually see a daily need to run an on-line scan of a system to look for the presence of malicious software. No Net access means these options don't work. Also, dial-up users may find the time required to run these may be prohibitive. Broadband access users wouldn't likely see that issue.

However, there are times when the the option of running an online scan of a Windows system might be better than nothing.

Or in the case of a few online scanning services...they are dead-useful resources when working with a potentially compromised file that may not be registering with your installed anti-virus application, and you want peace-of-mind before opening it.

Or you might be getting what you think is a false-positive return of a file you a very sure is legitimate...but want a second opinion before progressing.

There are a number of lists out there like this one. I've tried to collect them together and group them by subject in an informative way.

Services and providers presented in alphabetical order.

Note: Some services use ActiveX controls to work, therefore can only be run from Microsoft Internet Explorer. I've tried to indicate these where possible.

Others are more Firefox/Opera friendly.

Some services will scan your entire system while others require the upload of a suspicious file to their service to scan. Reports may be provided via the web or via return email.

Primarily virus/trojan related online scanners

Single-File Upload Scanners

Malware (spyware/adware/etc.) Online Scanners

Online "single-file" Multi-Scan Test Websites

  • Jotti's Malware Scan - Utilizing 15 different scan engines: AntiVir, ArcaVir, Avast, AVG Antivirus, BitDefender, ClamAV, Dr.Web, F-Prot Antivirus, F-Secure Anti-Virus, Fortinet, Kaspersky Anti-Virus, NOD32, Norman Virus Control, VirusBuster, VBA32.

  • Virus Total Scan - Utilizing 28 different scan engines: Aladdin (eSafe), ALWIL (Avast! Antivirus), Authentium (Command Antivirus), Avira (AntiVir), Cat Computer Services (Quick Heal), ClamAV (ClamWin), Computer Associates (Iris, Vet), Doctor Web, Ltd. (DrWeb), Eset Software (NOD32), ewido networks (ewido anti-malware), Fortinet (Fortinet), FRISK Software (F-Prot), Grisoft (AVG), Hacksoft (The Hacker), Ikarus Software (Ikarus), Kaspersky Lab (AVP), McAfee (VirusScan), Microsoft (Malware Protection), Norman (Norman Antivirus), Panda Software (Panda Platinum), Prevx (Prevx1), Softwin (BitDefender), Sophos (SAV), Sunbelt Software (Antivirus), Symantec (Norton Antivirus), UNA Corp (UNA), VirusBlokAda (VBA32), VirusBuster (VirusBuster)

Software or System Security Vulnerability Scanners

  • Dr. Web Link checkers service - plugin for Opera/Firefox/Internet Explorer. Scans file or web-page prior to opening to verify it is not malicious.

  • McAfee WiFiScan - "McAfee Wi-FiScan surveys your current Wi-Fi® connection, your wireless equipment, and local environment to assess security risks introduced by your wireless network." - from McAfee's service description.

  • Secunia's Software Inspector - "Detects insecure versions of applications installed, verifies that all Microsoft patches are applied, assists you in updating your system and applications, runs through your browser. No installation or download is required." - from Secunia's service description.

  • Symantec Security Check: Security Scan - (ActiveX required) - "Hacker Exposure Check - Checks whether your computer allows unknown or unauthorized Internet communications; Windows Vulnerability Check - Checks whether basic information about your computer, including your PC's network identity, is exposed to hackers; Trojan Horse Check - Checks whether your computer is safe from Trojan horses; Antivirus Product Check - Checks whether you're protected by a commonly-used virus protection product; Virus Protection Update Check - Checks whether you're safe from the latest viruses. Applicable if you have a virus protection product." -- from Symantec's service description.

Not Quite "Fully-Online" Based Software or System Security Vulnerability Scanners

A few of the products/services noted on other lists are included in their online scanner lists, but actually require download and execution of a exe (executable) based file on the local pc or download and running of exe (executable) based file from memory. While technically these might be considered "on-line" scanners, they are not so in the manner of the ones listed above.

I have chosen to include some of these products in this post, as they may be otherwise beneficial for interested parties to explore further;

Primary Sources:

I did quite a bit of work hunting these tools down, and then checking the links to get more information about the conditions they ran under and what category they would best be placed under. However, these links were the most helpful in providing me the services noted.

Just another class of security tools to keep you safe!

--Claus

Post updated on 02/07/2007 where noted. Big Thanks to Computer Defense blog for pointing out the additional scanner links!

10 comments:

Securityphreak said...

A few more online scanners offered by GFI Software

Email security test - Email anti virus and security test. Provides a custom scan of your email system to detect vulnerabilities

Security event log scanner - Check for high security events happening on your machine, such as users logging on to your machine, accesses to important files on your machine, failed logon attempts, security policy changes to your machine, etc.

Claus said...

Thanks!

I'll check 'em out and update the list (again!)

;-)

myself said...

Hi.
I was looking for an e.mail adress to contact you directly but couldn't find any.

I'm the author of a security blog called bolsanegra.blog in spanish.

I'm from Venezuela and I like to know if is it possible to translate part of your articles whose I'm sure will help many people.

Thanks for provide us with such good information.

Onavasr
myself [at] bolsanegra [dot] com

You can contact me at the adress above. I would like to discuss what may I translate with your permission. I'd really apreciate that. Thanks.

Anonymous said...

Nice list.

There's another list at castlecops
http://wiki.castlecops.com/Online_antivirus_scans

that is very similar, which has some entries you don't.

Security Control Systems said...

Very Good article , this article make some interesting points.

Security Control Systems And Monitoring dir

mikealao said...

nice list and thanks for the credit. I added a comment on my own blog referencing your blog entry.

Dr.Virus said...

hey good blog
i have blog arabic and i'm on my way to translate it to english
iwant u to watch it but it not good
so i want ur opinion on it
http://dr-virus.blogspot.com

Claus Valca said...

@ Dr. Virus - Thank you for stopping by. I'm glad you liked it.

I took a look at your blog as well (had to use Google Translate since my Arabic isn't very good). You have a good way of handling the subjects in a non-technical way.

Looks like you are making a good start and I hope you can help your readers understand the issues of PC security from a malware/virus standpoint.

You might be interested in these posts of mine as well:

Pre-Scanning of URL Links for Safe Web Surfing

Anti-Malware Tools

Anti-Virus Tools

Anti-Rootkit Tools

--Cheers!

Anonymous said...

I think that OPSWAT http://www.opswat.com
Metascan(tm) should be covered here a sample is available at www.filterbit.com

Forsikring said...

Thanks for nice information.
Forsikring