Your PC has been behaving strangely for the past few days. You’re wondering if it’s been infected by malware, but your antivirus package hasn’t raised any alerts. And so it could be time to call in herdProtect, which checks your PC with 68 anti-malware engines and warns you of any threats.
The program is extremely straightforward to use. There’s no awkward interface no navigate, no complex options to consider: just manually launch it and click "Scan".
When a scan begins, herdProtect examines all the running processes on your PC, their DLLs, and any startup programs. It checks with its server to see whether these are known to be dangerous, and any unrecognized files are uploaded for closer examination (unlike some similar tools, there’s no way to turn that off).
Naturally, this reliance on the cloud means herdProtect can take longer to run than a regular antivirus "Quick Scan". Scan times on our test systems were very acceptable, though, typically completing in somewhere between two and five minutes. (This can be cut further by closing known safe programs before you begin.)
Once the scan has finished, herdProtect lists any threats it’s found: the file name, path and detection ratio (how many anti-malware engines flagged it as dangerous). Clicking the threat name displays a list of those engines and their verdict, and a "Details" button opens a web page where you can read more about the malware in question.
What you don’t get here is any means to remove the threat, unfortunately. That’s expected in the near future, but right now the best you can do is check which engines have flagged a particular file, pick one you trust -- Emsisoft, say -- then download and try one of its packages.
It’s also a pity that the program isn’t portable. You can’t use it on any nearby system, as and when required; it has to be installed, first.
Still, if you think your PC has been infected by something dubious, then herdProtect provides an easy way to find out. It looks like it’ll be gaining significant new features, very soon. And if you’re interested in the low-level details of how the program works, there are some interesting clues available. Launch the herdProtect command line scanner – herdProtectScanCmd.exe, found in its program folder -- to find out more.
via BetaNews http://feeds.betanews.com/~r/bn/~3/IFElXJGYu3A/
Aucun commentaire:
Enregistrer un commentaire