
Ask HN: Which tools and methods do you use to check for malware on your machine? - mikemajzoub
See title :)
======
rococode
I have all the Windows security features off usually (defender, firewall) b/c
it's a huge pain when they interfere with something I'm working on.

When I think something's already wrong, I use Malwarebytes (free version) to
scan my computer. If I suspect something I've downloaded, I use VirusTotal to
check it out.

[https://www.malwarebytes.com/pricing/](https://www.malwarebytes.com/pricing/)

[https://www.virustotal.com/](https://www.virustotal.com/)

------
snazz
No malware-checking system is going to be anywhere near 100% effective.
Although you should use antimalware on Windows, your strongest defense is
preventative. Aside from being careful with what you download, using a modern
(sandboxed) web browser, and using the full set of mandatory access control
features built into Windows, I’d recommend using an adblocker to prevent
malvertising and better control the code that your web browser executes.

On Linux, there’s no good way to scan for malware because that’s not the focus
of most work done on Linux security. Use SELinux (or AppArmor, if that’s your
thing), a firewall, and only get software from trusted repositories. Verify
the checksums of ISOs for live USBs and use the same sort of common-sense that
you would on Windows. Furthermore, you might want to consider moving from Xorg
to Wayland since any process running as your user on your display in Xorg can
act as a keylogger[0].

[0]: [https://security.stackexchange.com/questions/170596/is-it-
po...](https://security.stackexchange.com/questions/170596/is-it-possible-to-
do-exploit-free-linux-keylogging-with-non-root-client-only-x-w)

------
cypherg
Terrible security advice in this thread, not surprising. What OS are you
using? If you're using a Mac, try out Patrick Wardle's suite of free security
software [https://objective-see.com/products.html](https://objective-
see.com/products.html)

------
SamReidHughes
Nice try, FBI. I use none. I am paranoid about what software I download, and I
generally don't feel like I'm exposing an attack surface. To be fair, I think
Windows Defender is running and Edge has incoming stuff scanned for malware,
because I never turned that off.

And, um, on Ubuntu, apt packages are signed, right?

~~~
jacoblambda
Well unless you or any software you use pulls packages from secondary sources
like unverified git repos, npm, or pypi.

------
oyebenny
I stick with the default Windows Defender feature because it's actually pretty
comprehensive. If you have Avast or McAfee on your computer, I'm going to
judge you.

If I know I have something, usually it's because I permit it through Windows
Defender and experimenting with problematic file types, then I use
Malwarebytes. I also take a good hard look at my programs lists and remove
ones I don't need, review my start up programs, and etc.

------
Down_n_Out
I use Qubes OS [0] and keep things strictly separated to minimize damage as
much as possible. Besides that be careful what I download or visit online and
use the standard tools if by chance I would think the system is compromised.

[0] [https://www.qubes-os.org/](https://www.qubes-os.org/)

------
antoineMoPa
Debian with no malware tool, except ad blocking extensions for firefox. For
windows friends, I recommend tools included in Windows + ad blockers + basic
education about .exe files that are not the same as mp3s. I think that most
problems come from ads and from trying to download movies/songs but
downloading viruses instead.

------
juangacovas
On windows I've had nice results cleaning other people PCs (mine too) using
those three:

\- Malwarebytes \- Superantispyware \- Spybot Search & Destroy

------
gpm
ps -ef.

I'm more concerned about something like chrome/steam deciding that it's
appropriate to start itself on startup and look for updates than malware that
labels itself malware and tries to avoid things like ps. If the sort of
malware that avoids ps gets on your system you've already lost.

------
extremum134
Common Sense and Open Source software.

