Best Second opinion scanners

What is the best Second opinion scanner that you have used?

  • HitmanPro

    Votes: 30 28.3%
  • Norton Power Eraser

    Votes: 35 33.0%
  • Malwarebytes

    Votes: 22 20.8%
  • Emsisoft Emergency Kit

    Votes: 34 32.1%
  • Eset Online Scanner

    Votes: 18 17.0%
  • Kaspersky Virus Removal Tool

    Votes: 36 34.0%

  • Total voters
    106

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,447
I don't care about removal of malware only detection. When a scanner would find something I would treat the pc as infected and roll it back from an offline backup or install from scratch.
Atm using EEK and Hitman Pro which afaik runs forever free (when you only scan stuff with it and never try to delete something).
Problem is that HitmanPro doesn’t detect any malicious scripts. It also uses Bitdefender engine like EEK, so I would pick only one of the two and use another scanner like Eset or KVRT with another engine.
 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,126
As Scripts have been mentioned above I thought it would be nice to get an idea of the relative efficacy of these (from the poll) scanners versus some old wormy standards. In order to do so I infected a Windows 11 x64 system with 7 worms, one of which will spawn a malicious executable, whereas the others just hang out in Local or Roaming with simple registry startup entries to propagate themselves on reboot.

So the point of this (very, very simple) 2nd opinion scanner test would be to determine if any detections are made on initial scan, then analyze the system on reboot to see if any worms are still extent, followed by a 2nd scan, reboot, then final manual analysis.

Results- of these scanners, all detected and eradicated the malicious exe file. All but HMP/Sophos Scan&Clean (yes, I actually tested both) found some of the persistence entries.

So, out of 7 infections:

1). HMP/Sophos): 1/7
2). MB- 2/7
3). ESET- 1/7
4). EEK- 3/7
5). NPE- 7/7
6). KVRT- 7/7

For the persistence registry entries, only NPE (1 detection and deletion) and KVRT had any effect on these. KVRT actually detected and deleted all, so was the only one that left the system pristine.

Note that using other Scriptors with different mechanisms would no doubt give somewhat different results, but I am hoping that one will get a feel for how these guys work.
 
Last edited:

devjit2020

Level 2
Thread author
Apr 7, 2022
87
As Scripts have been mentioned above I thought it would be nice to get an idea of the relative efficacy of these (from the poll) scanners versus some old wormy standards. In order to do so I infected a Windows 11 x64 system with 7 worms, one of which will spawn a malicious executable, whereas the others just hang out in Local or Roaming with simple registry startup entries to propagate themselves on reboot.

So the point of this (very, very simple) 2nd opinion scanner test would be to determine if any detections are made on initial scan, then analyze the system on reboot to see if any worms are still extent, followed by a 2nd scan, reboot, then final manual analysis.

Results- of these scanners, all detected and eradicated the malicious exe file. All but HMP/Sophos Scan&Clean (yes, I actually tested both) found some of the persistence entries.

So, out of 7 infections:

1). HMP/Sophos): 1/7
2). MB- 2/7
3). ESET- 1/7
4). EEK- 3/7
5). NPE- 7/7
6). KVRT- 7/7

For the persistence registry entries, only NPE (1 detection and deletion) and KVRT had any effect on these. KVRT actually detected and deleted all, so was the only one that left the system pristine.

Note that using other Scriptors with different mechanisms would no doubt give somewhat different results, but I am hoping that one will get a feel for how these guys work.
I'm surprised by the results of ESET. It should have detected all the scripts since ESET does detect malicious scripts unlike MBAM and HMP. Does this mean that ESET does not scan the registry for malware? It only scans files? KVRT rocks as usual while NPE also left me impressed.
 

devjit2020

Level 2
Thread author
Apr 7, 2022
87
I don't care about removal of malware only detection. When a scanner would find something I would treat the pc as infected and roll it back from an offline backup or install from scratch.
Atm using EEK and Hitman Pro which afaik runs forever free (when you only scan stuff with it and never try to delete something).
Yeah same here. Unless it's some PUP or PUM, I generally revert back from a clean system image but then again I've only been infected by malware once since the last 10 years.
 

CyberDevil

Level 6
Verified
Well-known
Apr 4, 2021
245
1. Eset
+ No need to download every time, it updates itself automatically.
+ Almost no false positives
+ Well-known engine with good detection
+ Also looks for potentially unwanted applications
+ You can set up automatic scanning
+/- Eset detects many malicious scripts, although the online scanner probably does not have the machine learning and heuristics to find something new and unknown
- Average scanning speed
- Interface is too simplistic

2. Emsisoft
+ Updates without the need for a new re-download(like Eset)
+ Works perfectly off-line, suitable for scanning from a flash drive
+ Very fast scanning speed.
+ Very nice and clear interface
+ Bitdefender and Emsisoft engines give good results
+ Very few false positives
- I tried to find some minus and couldn't :D

3. Malwarebytes
+ Machine learning
+ Detects many bad things that other AV's don't pay attention to (unwanted applications, registry changes, etc.)
-/+ Average false positives
- Requires installation
- Slow and long scanning
- No quick scan in the free version

4. HitmanPro
+ Very fast scanning
+ Detects and removes spy cookies
- Doesn't work at all without internet
- Does not remove threats after free period
- Does not detect scripts

My rating looks something like this. :) I mostly use HitmanPro and Eset from time to time when I go to brush my teeth, once a month or two I check PC with Emsisoft, Malwarebytes I use very rarely.

By the way, I also have Glarysoft Malware Hunter. It has terrible detection, as I understand it, but what it finds it explains very thoroughly what it is and why it should be removed. ))

изображение_2022-04-26_110242988.png
 
Last edited:

plat

Level 29
Top Poster
Sep 13, 2018
1,799
You can run Malicious Software Removal Tool also on demand. No need to wait until Windows Updates brings you this scanner and then you never know the results because they're buried somewhere where you'll never find them NEVER! hahahaha! 👹

Anyway, you can open Start Menu and type in: mrt and then right-click to run as Admin. On here it was about a 10-15 sec scan but this is a clean device.

If you're not sure what it actually checks for, click the link "View a list of malicious software that the tool detects and removes." on the UI. A lot of nasties in that list.

MRT was discussed in greater detail a while back on Wilders but you sort of forget about it. It's another on-demand but hopefully, you'll never need it. 🥶
 

Kongo

Level 35
Verified
Top Poster
Well-known
Feb 25, 2017
2,447
You can run Malicious Software Removal Tool also on demand. No need to wait until Windows Updates brings you this scanner and then you never know the results because they're buried somewhere where you'll never find them NEVER! hahahaha! 👹

Anyway, you can open Start Menu and type in: mrt and then right-click to run as Admin. On here it was about a 10-15 sec scan but this is a clean device.

If you're not sure what it actually checks for, click the link "View a list of malicious software that the tool detects and removes." on the UI. A lot of nasties in that list.

MRT was discussed in greater detail a while back on Wilders but you sort of forget about it. It's another on-demand but hopefully, you'll never need it. 🥶
You nowadays can just set shedule scans for Microsoft Defender while using a third-party AV. I guess that would be a better option. :unsure:
 
G

Guilhermesene

I am kind of out of the loop, do you guys recommend to buy HitmanPro anymore?

Which one do you recommend that I can use alongside F-Secure, just as a second option?

Example scenario: I received a file from a friend at the university and I want to scan it 1st with F-Secure and just in case with this other software you can recommend.

Thank you 🙂👏🏻
 
  • Like
Reactions: Nevi
F

ForgottenSeer 77194

According to tests from forum members and cruelsister the best are those:
1. Kaspersky Virus Removal Tool (Best Overall)
2. Norton Power Eraser (Aggressive - Many False Positive - Very Fast Scan)
3. AdwCleaner (Specialized and Best for Adware)

The others either are not good enough or not good against a range of threats. (Example: They are Good against Executables but terrible against scripts)
 
F

ForgottenSeer 77194

I am kind of out of the loop, do you guys recommend to buy HitmanPro anymore?

Which one do you recommend that I can use alongside F-Secure, just as a second option?

Example scenario: I received a file from a friend at the university and I want to scan it 1st with F-Secure and just in case with this other software you can recommend.

Thank you 🙂👏🏻
If it does not contain personal information, you could upload it to VirusTotal.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top