In February, Crowdstrike released a really cool, free tool for Windows that combines the efforts of multiple malware feeds into a single tool. The interface gives you a live view of what is running on the system, where it is connecting, and if it matches malware that is know to aggregation sites, including VirusTotal, Web of Trust (WOT), and Team Cymru's Malware Hash Registry.
This tool specifically looks at processes communicating on the network in realtime, so it is a great tool to keep handy for inspecting possibly infected machines.
"CrowdInspect can be used during Incident Response process to rapidly identify potential malicious running processes on a machine.
The tool runs on both 32 bit and 64 bit versions of Windows from XP and above.
Beyond simple network connections, CrowdInspect associates the connection entry with the process that is responsible for that activity. It can display the process name as a simple file name or as as an optional full file path."
One of its coolest features is the ability to detect code injection. It is free to download and use, definite worth a look!
Download here: http://www.crowdstrike.com/community-tools/index.html