The Internet is one of the best places when it comes to looking up file or process information. It does not necessarily have to be malware, but if you spot a new process running on your system and cannot identify it based on local information, it is usually the Internet that can help you out.
While you may find information on the Internet, you may also stumble upon generic sites that try to grab part of the search traffic. Unless you have your favorite go-to site for these kind of searches, you may spend some time going through the results before you stumble upon a result that helps you out.
The Firefox add-on Malware Search makes things a little bit easier for you, as it provides you with direct search links to several respected websites right from the browser's right-click context menu.
Malware Search for Firefox
Here is how it works. You simply select text on any website that you want to find out more about, right-click the selection afterwards and select one of the Malware Search options displayed in the context menu. Results are opened in a new tab in the browser window.
You have probably noticed that the extension has its limitations. You cannot really search for information that are not displayed on a website. While you can overcome this usually with a search for a file name, as you can highlight it then on the results page, it is not that comfortable.
The extension supports the following services:
- System Lookup: search by file name, name or CLSID.
- Bleeping Computer: search file database, startup list or uninstall list.
- Threat Expert
- Process Library
- TuxMaster's Malware Search
- Ms Malware Protection Center
- Web of Trust
It is obvious that the choice of service depends on the highlighted text on the website you are on. Whois for instance only accepts domain names, while most of the other services only file names. It is not really that difficult to figure out though.
You can open the preferences of the extension to remove services from the context menu that you do not want to use.
The extension was initially designed to check entries in Hijack This logs that have been posted on the Internet. While it can be used for that, it is not limited to that either.
The extension has not been updated since 2011 which indicates that it has been abandoned or at least put on ice by its developer. It is working fine for the most part though. The extension could use a couple of features, like the ability to search in multiple databases at once, or an option to accept search terms that are stored in the clipboard of the computer.