RunScanner 0.9.5

system · 2007-07-19T00:05:15.000Z

http://www.runscanner.net/

RunScanner is a completely free windows system utility which scans your system for all configured running programs. You can use runscanner to detect autostart programs, spyware, adware, homepage hijackers, unverified drivers and other problems. You can import and export your results and let other people help you to solve your problems.

Very comprehensive autostart list

*Scanning of 80+ hijack locations ,Host file editor

Covers everything from autoruns, HJT, silentrunners and more. Malware will find it harder than ever to hide.

Easier to use

*Online malware analysis of results

*Verification of file signatures (Microsoft signed, Other Signed, Whitelisted by online database )

*MD5 hash calculation of files + online file rating

*Online lookup of scanned entries. (Runscanner database + Google)

RunScanner makes it easier to determine which entries are likely to be malicious.

Log analysis made easy

*Saving and importing of text files (all information available)

*A user with problems can save the .run file, an expert can mark the items that need fixing and send the .run file back to the user

If you are really worried, RunScanner also exports a easily readable textfile of all finding that can be sent to an expert for checking.

Malware removal abilities and misc

*Powerful process killer
-Kill multiple processes at once
-Kill and rename
-Kill and delete
-Delete at next reboot
*Regedit jump
*Explorer jump
*Extended filters
*Marking of items.

Many other features that experts have come to expect on malware inspection and killing tools.

But then again, this is one of a very few forums where there is a “tech” (literally), who is actually using it, so I guess this isn’t a new utility to some of you!

bob3160 · 2007-07-19T00:24:27.000Z

Lusher,
What’s the difference between this program and HijackThis?

Welcome to the forum.

system · 2007-07-19T00:51:48.000Z

bob3160 post:2:

Lusher,
What’s the difference between this program and HijackThis?

Welcome to the forum.

Thank you for the welcome.

What’s the difference? Didn’t you read my post?? ;D

Well to repeat it’s more comprehensive than HJT (even if you include the StartupList addon in HJT) and scans more locations.

It also makes it slightly easier to make decisions on what is malicious or not, because it allows you to filter out MS signed files (which is definitely safe, unless someone managed to steal their keys!), and programs that are signed (fairly safe since malware almost always isn’t signed) and finally it can also filter out files that are marked safe on the RunScanner database of known safe files (whitelist).

If you are a guy who just sits there and let a tech check it out for you, it probably makes no difference at all if you use one or the other of course. But for more advanced users who know a thing or two, runnerscanner is much less troublesome to use.

Note, the restore function still doesn’t work, so don’t try anything if you are unsure. Wait until 1.0 which will include it.

In any case, RunScanner has plenty of potential because the author is working actively on it, and has very ambitious plans, I sugguested a couple of functions a while ago, and they are almost all in them now.

Hijackthis is a good solid tool that people latched onto when there was nothing better. It’s very servicable, but recently the author sold it to TrendMicro and while the company has recently released 2.0 free (and from past experience, they are unlikely to charge for newer versions) there are some in the community who are wondering aloud if they should start looking for a replacement (though 1.99.1 is still very usable).

There are other alternatives like autoruns, asquared Hijackfree, Runazlyer and formerly sysinternals autoruns that show promise as well and are still being actively developed. But my money’s on RunScanner.

Lisandro · 2007-07-19T02:33:38.000Z

I’m (literally) using RunScanner:

Standalone.
Very good application database.
Very good on line analysis.

Worth a try.

szc · 2007-07-19T02:38:13.000Z

Lusher - Welcome to forums !

Note: Your link from the first post in this thread doesn’t work. It points to the wrong path. This is the code you used in your post:

[url=http://"http://www.runscanner.net/"]http://www.runscanner.net/[/url]

This is correct path:

http://www.runscanner.net

Code:

[url]http://www.runscanner.net[/url]

system · 2007-07-19T02:54:08.000Z

duh! I’m getting confused playing with html and mediwiki markup and BBCode…among other things…

Can’t you geeks and nerds decide on one standard!!! ;D ;D ;D

system · 2007-07-19T02:54:55.000Z

Tech post:4:

I’m (literally) using RunScanner:

Well you are a tech who has the alias “tech”…

system · 2007-07-19T03:47:32.000Z

Welcome to the forums, Lusher.

This might become a very good program. I think I will wait until it comes out of beta, though.

system · 2007-07-19T17:08:49.000Z

Oh yeah, thanks for all the warm welcome, guys. This must be one of the most friendly places around.

I might consider sticking around if not for the fact that I’m not an AVAST! man. ;D

system · 2007-07-20T03:35:20.000Z

Tech post:4:

I’m (literally) using RunScanner:

Standalone.

Very good application database.

Very good on line analysis.

Worth a try.

Hi Tech, can I contact you privately ? You seem to be blocking my PMs.

system · 2007-07-20T05:44:21.000Z

Lusher post:10:

Hi Tech, can I contact you privately ? You seem to be blocking my PMs.

It seems poor Tech is getting so much pm’s he had to turn them off …
He explained it here … http://forum.avast.com/index.php?topic=29455.0

BTW this really seems a great program i think i’ll give it a try myself . Thanks for the heads up !

system · 2007-07-20T06:19:12.000Z

Tech if you are reading this, I need to discuss iwithyou a matter regarding RunScanner, don’t worry I’m not seeking help from you. Is there anyway you can email me or viceversa?

Lisandro · 2007-07-20T12:20:09.000Z

Lusher post:12:

Tech if you are reading this, I need to discuss iwithyou a matter regarding RunScanner, don’t worry I’m not seeking help from you. Is there anyway you can email me or viceversa?

You need to have 20 posts in forum to send IM now.
Can’t we discuss it here? If there is something wrong with that software, I’ll be the first to recognize and won’t suggest it again to anybody.

system · 2007-07-20T13:35:15.000Z

Well it’s nothing really private, but i thought one to one conversations should be done in private to avoid clogging the forums. But if you say it is okay…

Basically what RunScanner.net is doing is that we are thinking of creating a list of “Techs” who use and recommend RunScanner for their normal routine work. It seems you might fit the bill. Would it be okay if we added you to that list?

Lisandro · 2007-07-20T13:45:07.000Z

Lusher post:14:

Basically what RunScanner.net is doing is that we are thinking of creating a list of “Techs” who use and recommend RunScanner for their normal routine work. It seems you might fit the bill. Would it be okay if we added you to that list?

I can do it (I mean, suggest and recommend RunScanner) without been added to a list. But, I’ll think about it. What are the demands to be added to this list? What I should do or how much time will it take to be there?

system · 2007-07-20T14:11:01.000Z

Tech post:15:

Lusher post:14:

Basically what RunScanner.net is doing is that we are thinking of creating a list of “Techs” who use and recommend RunScanner for their normal routine work. It seems you might fit the bill. Would it be okay if we added you to that list?

I can do it (I mean, suggest and recommend RunScanner) without been added to a list. But, I’ll think about it. What are the demands to be added to this list? What I should do or how much time will it take to be there?

No demands. It’s just your name (or the internet alias you go by if you prefer) on a list pinned in a forum. Maybe a short description of your technical experience.

E.g Lusher, , MSMVP, A+ certification, 5 years experience as comp tech, moderator of blah blah, malware removal specialist, COU etc.

No, you don’t need to support people using runscanner.

No, you don’t need to appear on tv to endorse the product. You reserve the right to trash it if it turns out to be evil sucking spawn of you know who. ;D

Nor is the list going to be used to put a gun to your head to blackmail you into sell your soul to runscanner.net. ;D

It’s just a list of people who use it. That’s all.

No pressure man, if you are don’t want to be listed on a tiny pinned up list in the forums of RunScanner, that probably nobody will read anyway then okay.

It’s not a big deal, it’s not like you are to be put on trial for your testimony or something.

Lisandro · 2007-07-20T14:15:43.000Z

Lusher post:16:

No pressure man, if you are don’t want to be listed on a tiny pinned up list in the forums of RunScanner, that probably nobody will read anyway then okay.
It’s not a big deal, it’s not like you are to be put on trial for your testimony or something.

Ok. Good to know. I’ll be on a trip next five days. Maybe you could remember me to be listed after that… Thanks 8)

system · 2007-08-14T07:01:23.000Z

Runscanner 0.9.6.0 released (almost final version)
http://www.runscanner.net
New feature : “Beginner mode” is targetted at “novice” forum users.

Let me know your thoughts/remarks

I’m looking for some people to test this on “real” infected machines.

Changelog 0.9.6.0

Fixed bug with links to folders in global startup.
Fixed description bug with internet explorer buttons (added buttontext)
Fixed bug with incorrect host file path
Fixed bug with importing of existing .run file (history)
Fixed bug 063 fix not working
Fixed bug difference string / expandstring in registry
Signed executable with authenticode certificate
Changed icons for signatures (green, blue)
Changed textlog for tasks items (added description)

Added : Beginner, expert mode (wizard)
Added : Backup & restore function
Added : Scheduled jobs now show the application started by the job
Added : free filter/search (you can now search on part of words ex: “f-secure” show all items with the phrase “f-secure”)
You can search in path,executable,company,md5
Added : filesize to .run file
Added : extra info window (easy for debugging and to copy/paste)
Added : basic tutorial to the site
Added : extra backup info window in the history tab
Added extra vista UAC support
Added vista support : now program asks to run as administrator by default

Added item : 001 : hosts file location
Added item : 001 : hosts file entries <> 127.0.0.1 (count)
Added item : 047 IE trusted zones
Added item : 048 IE ESC trusted zones
Added item : 008 Autorun registry entries .default user
Added item : 009 Autorun registry entries System user

system · 2007-08-15T07:13:40.000Z

Build 0.9.6.1 uploaded (minor release)

Changed : restricted sites/zones are now ignored
Redesigned the beginner screen
Fixed performance issues with uploading

Announcements