Malware Scene Investigator scans your PC for security issues
Most Windows users make use of various security related programs on their system to protect it from malware infections and other malicious attacks against their computer system. While there are certainly some that do not use protection at all, it is likely that the majority makes use of a firewall and an antivirus solution at the very least. Experienced users may implement additional programs, like the excellent EMET or on-demand scanners like Dr.Web CureIt or the highly popular Malwarebytes Anti-Malware.
That's still not all that you can do to make sure that your PC is not compromised. Tools like Secunia PSI can scan the system for vulnerabilities, and programs like SUMO or Slim Cleaner make sure all of the software installed on it is up to date.
Malware Scene Investigator falls into the second group of applications. It is an on-demand scanner that tries to detect malware by scanning the system for traces that are often indicative of malicious software. You can use it as a second-opinion scanner.
Requirements: The program runs on all versions of Windows from Windows XP to the very latest version. It does require the Microsoft .Net Framework 4.0 but does not need to be installed on the system before you can run it.
Hit the start scan button after the interface shows up on first start to run a scan of the system. It should not take longer than a minute and often even less than that. Note that the program window becomes unresponsive during the scan but does not crash. It will recover once the scan completes and display the results on the report tab that you see on the screenshot above.
You should see the alerts as hints and not as proof that someone or something manipulated your system. It is important to go through each alert to find out more about it. I was able to check several of the items on my system as false positives as soon as the report window was displayed in the program.
A click on the help me with the results link opens a local help file that explains what each alert type means and what you need to do to check it out manually. You can also switch to the detailed log tab for in depth information about each item, including full paths and such, which the main report tab does not always display.
The program scans the following areas:
- Hosts file modifications
- Suspicious file detection
- Enabled proxy server
- Network access to security websites
- List of active TCP connections
- Suspicious disk partition
- Service state
- Registry modifications
- Suspicious startup entries
- Security risks (e.g. outdated plugins)
Malware Scene Investigator may point you to areas of your system that may have been altered or modified. It requires that you have at least a basic understanding of the Windows operating system so that you can verify the alerts manually on it. It would have been nice if the program would link to the relevant areas directly, e.g. the folder the hosts file is located in so that you can save time going through the list of alerts.Advertisement