CrowdInspect: second-opinion malware scanner with Virustotal integration

0
293

CrowdInspect is a free portable program for Microsoft Windows devices that enables you to give your system a thorough second opinion malware scan.

While you may have all the confidence in the world in resident security software, it may be a good security precaution to run second opinion scans regularly on machines just to confirm that confidence.

The reason for scanning the system with other security software is simple: no solution is perfect. What one product may detect, may be totally unknown to another.

There are numerous tools that you can use to run second opinion scans, for instance Malwarebytes 3.0, Dr. Web CureIt, or Microsoft Security Scanner.

CrowdInspect review

crowdstrike

CrowdInspect is an on-demand scanner for Windows. You can download the program from the developer website, and run it from any location on supported Windows machines.

The program displays an EULA on start, an an option to switch from the integrated Virustotal API key to a custom one. The main benefit doing so is that CrowdInspect displays only total scores and not individual scores if the built-in key is used.

The program lists all running processes on start, and begins to scan them right away. Each process is listed with its name, and a variety of useful information.

The four columns that begin right after process name and ID highlight code injection status, the Virustotal score, the Team Cymru malware hash registry result, and Web of Trust for remote connections.

These scores are color coded, and indicate right away if the file checked out fine, or if it requires further attention.

CrowdInspect checks the network status of each process as well, displays the type and state, and local and remote IP addresses.

The scans happen in real-time while CrowdInspect is up and running. If a new program is launched for instance, it is scanned by the program eventually.

You may pause the scanning at any time with a click on the pause button. You may also add or hide information from the interface. A click on full path replaces the file name with the full path and file name for instance.

Buttons are provided to kill selected processes or close network connections. You may right-click on processes instead to run the termination or close commands using the context menu.

A click on VT results opens score details and a link to the Virustotal website to look it up online. This is useful if at least one of the antivirus engines that Virustotal supports reports a hit.

CrowdInspect supports a history feature that you can switch to from the live view. History lists processes, scans and all of that sorted by date and time.

Closing Words

CrowdInspect is a handy second opinion scanner for Microsoft Windows that scans running processes and network connections using a variety of services. You may still need other software if hits are reported, as CrowdInspect does not offer much in terms of handling threats other than killing processes and cutting network connections.

Now You: Do you use second opinion scanners?