Portable Scanner Automation Tool

Discussion in 'Application Software' started by generalmx, Jul 25, 2015.

  1. generalmx

    generalmx MDL Novice

    Apr 15, 2014
    34
    20
    0
    #1 generalmx, Jul 25, 2015
    Last edited: Jul 25, 2015
    I'm working on a portable tool for automating AV/Malware scanning and cleaning using AutoIT and all the free AV/Malware scanners out there. Here's my current results from the research & testing I've done:

    • ClamWin
      • Can be fully automated using CLI options
      • Type: CLI
    • Emsisoft a2cmd
      • Can be fully automated using CLI options
      • Initial download is large (>150MB)
      • Type: CLI
    • VIPRE Rescue Scanner
      • Can be fully automated EXCEPT for 'detect only' which it doesn't support
      • Initial download is very large (>200MB)
      • Type: CLI
    • Spybot 1.6.2
      • Can be fully automated EXCEPT location of log files
      • Type: GUI
    • Trendmicro Sysclean
      • Can be fully automated but must tweak batch file for correct download locations
      • Type: CLI/GUI
    • Norman Malware Cleaner
      • Can be fully automated using CLI options
      • Initial download is very large (>300MB)
      • Type: GUI
    • McAfee Stinger32
      • Can be fully automated using CLI options EXCEPT writing to a specific log file
      • Type: GUI
    • Comodo Cleaning Essentials
      • Can be fully automated EXCEPT location of log files
      • Type: GUI
    Note: "Full automation" requires the ability to redirect log files to a location the automation tool can parse, as well as being able to automatically update the program.

    And here are the scanners that require Wrappers written in something like AutoIT:

    • Super Anti-Spyware Portable (mostly complete)
    • Spybot Portable 2.x (mostly complete)
    • Kaspersky Virus Removal Tool
      • Initial download is large (>100MB)
    • Malwarebytes Anti-Malware Portable (mostly complete)
    • Microsoft Safety Scanner
      • Initial download is large (>150MB)
    • Norton Power Eraser
    • Norton Security Scan
      • Full definition files are ridiculously large (>1GB!)
    • Sysinternals AutoRuns*
      • It does have a CLI version but I'm having trouble figuring it out...
    • GMER
    • Trendmicro Housecall
    • Dr. Web CureIT!
      • Initial download is large (>100MB)

    Once the Wrappers are complete they will be standalone products, meaning you can use them by themselves with parameters you pass them (such as '/QUICK', '/CLEAN', etc.).

    Finally, here are some portable scanners I can't figure out how to use for scanning Windows offline (IE they don't accept a custom path to scan):

    • Sophos Virus Removal Tool
      • Initial download is large (>100MB)
    • Junkware Removal Tool
    • Hitman Pro
      • Can't do removals without a license anyway
    • ComboFix
    • herdProtectPortable
    • AdwCleaner
      • CAN be redirected using "RunScanner" tool
    • TDSSKiller

    The lack of redirection with herdProtectPortable is especially unfortunate, since that's a multi-AV cloud scanner which seems to work decently.