10 ways to detecting malware

1. Avira AntiVir

Avira Antivir is the antivirus program I use for my computer. With regular updates viruses and malware will be a thing of the past on your machines. Antivir scores highly on virus/malware-location tests and prompt release of their VDF signature files. Moreover the ability to to manually updating the virus definition files gives it points when it comes to virus fighting.

2. Avast Antivirus

The Avast Professional Edition Antivirus is an equally good system protection product. You can download Avast for a trial period of 60 days. Avast Antivirus offers strong capabilities of direct repair on macro viruses. The file repair is through the automatically generated Virus Recovery Database (VRDB).

Apart from its virus encyclopedia, Avast also offer start up memory scans and with outstanding performance and reasonable memory usage.

3. Microsoft Security Essentials

Being a prominent Microsoft products user. I feel I must touch on Security Essentials, even though it hasn’t been released yet. Unfortunately I didn’t lie in a region where the beta version is available so I haven’t tested it yet, but from other sources I can say it offers pretty good protection, however the slow scan speeds are a killer. With the high number of viruses built to compromise Microsoft Operating Systems, it is high time a Microsoft designed antivirus application is released to the market.

An in built security system like the Windows Firewall will easily eliminate penetration problems. In addition to the Microsoft Event Viewer that follows in my list this combination will make a good team in combating malware.

A full version is now available and as I write this I am downloading a copy for testing purposes. Stay snesttblog as I will be airing my opinions on Microsoft Security Essentials soon.

4. Microsoft Event Viewer

The Event Viewer this is a handy tool available by default on all Microsoft Operating System installations, except maybe Windows 3.1. The Event Viewer is a good place to start when trying to find out what happened to your system. Using it in togetherness with Security Essentials will help you sort out your malware problems fast. For help on how to diagnose problems with the Event Viewer you can check out Microsoft Tech Net.

5. X-RayPC

X-RayPC is a freeware spyware remover and process analyzer from XBlock Systems. It is a fully win32 compiled executable and will probably not run on Vista and 64bit systems. It lists active processes, autostarting programs and will reveal those annoying malware that embed themselves to start up at system log on. Better still, with one Triage click it can display which programs are good, bad or outright evil. It has integrated support for removal of suspicious files and delete locked files after reboot. The Triage works with support from online operators who check your submitted data and categorize threat, whether bad or good. The user can then make a better decision to delete the item or keep it in their systems.

6. SystemLookup.com

Further information on suspicious processes and files can be found at SystemLookup.com. All you have to do is access the site and enter the file name or CLSID in the search input and you should have your answer in couple of seconds. Currently the sites database contains almost 90,000 items, all verified by a community of anti-malware experts.

7. VirusTotal

You might have had a problem or just want to question specific file or program.VirusTotal is the stop, just upload the file and if one or more of the 32 anti-malware companies has an issue with the file, their comments will show up in red.

8. Firewalls

If you have been reading this post or just browsing through this blog you might have noticed the words Windows Firewall earlier. Even though Windows Firewall is good for basic security, it is often good practice to consider third-party firewalls, more so of your portable moves through networks.

Firewalls act as system guards, they monitor software applications installed and in doing so prevent malware from editing system code.

Most Antivirus applications come bundled with firewalls, for instance Norton Internet Security 2009 is rated 5 out of 5 at PC world with almost 240,000 reviews. For stand alone firewall applications Online Armor stands out at 4 out of 5 with 15, 370 reviews.

9. Wireshark

Another option is using a network protocol analyzer like Wireshark to check for malware problems. To use Wireshark run a baseline scan, trapping all traffic to and from the computer. You can later scan the network traffic on suspicious activity and compare the results.

10. Bleeping Computer’s Combofix

Combofix is an efficient scanner capable of removing malware. It creates situation reports that can be used when seeking additional help. However you have to be careful when removing files. My recommendation is in using it to create a baseline report when the computer is operating normally. In case, anything out of the ordinary occurs it will be easier to find out.

If at all I haven’t included your favorite anti-malware application, please let me know. You can do one better by posting about it on the comments of this post.

SNETTSCOM is an IT company. We excel at providing solutions in systems integration, consultancy, outsourcing, applications development, networking and security. Aside from this, SNETTSCOM also specializes in creative design and marketing.

Recommended Posts