Professional Documents
Culture Documents
10 More Ways To Detect Computer Malware
10 More Ways To Detect Computer Malware
Kassner
If an error shows up, double click the error and look at event
properties to see what happened. If that’s not enough of an
answer, check Randy Franklin Smith’s
Ultimate Windows Security Web site for more detailed
explanations.
X-RayPC is a diagnostic tool similar to HijackThis. X-RayPC’s
developers admit they like HijackThis , incorporating many of
the same features.
Upload the file to the VirusTotal Web site. After a few seconds,
a detailed report will display. If one or more of the 32 anti-
malware companies has an issue with the file, their comments
will show up in red.
I mentioned earlier that Windows Firewall was a welcome
addition. Still it’s limited in its functionality. That’s why I
consider third-party software firewalls necessary, especially if
the computer travels.
Most firewall applications offer additional services. They act as
program guards; determining what software exists on a
computer, learning what the software is doing, and preventing
malware from altering application code.
There are many free firewall applications. I hope members will
mention their favorites and why. I currently use Online Armor.
When other options aren’t working, using a network protocol
analyzer like Wireshark may be the only way to recognize the
existence of malware. Wireshark allows the user to determine if
any unexplained data traffic is being received or sent by the
computer.
The best way to use Wireshark is to run a baseline scan,
trapping all traffic to and from the computer. Later on, if
something appears suspicious, run another scan, comparing
the results.
Combofix is an efficient scanner capable of removing files
designated as malware. The ability to create situation reports
that can be used when seeking additional help is another feature
of Combofix.
Combofix is one of those programs where you have to be careful
about removing files. I suggest using Combofix to create a
baseline report when the computer is operating properly. That
way anything out of the ordinary will be obvious.