3 Replies - 5679 Views - Last Post: 01 June 2011 - 12:42 AM

#1 andy_pleasants  Icon User is offline

  • D.I.C Head

Reputation: 41
  • View blog
  • Posts: 122
  • Joined: 08-July 10

Security / Forensic Tools

Posted 31 May 2011 - 01:11 PM

Hi guys

Being in the field of computing, I'm sure we all get the "I have a virus on my computer, it's stolen my credit card details" phone call from a friend of a friend you've never heard from before. I was just wondering what tools people use for these types of cases?

I know of a few in the Windows Sysinternals particularlyProcess Explorer which is pretty good for detecting viruses, you just have to know how to interpret the data, and I'm not sure it's completely reliable (i.e. how deep it looking into the processes etc).

I also know of some decent forensic tools, for "post-mortem" analysis, like volatility, has anybody used any others?

Is This A Good Question/Topic? 0
  • +

Replies To: Security / Forensic Tools

#2 Curtis Rutland  Icon User is online

  • (╯□)╯︵ (~ .o.)~
  • member icon


Reputation: 4454
  • View blog
  • Posts: 7,759
  • Joined: 08-June 10

Re: Security / Forensic Tools

Posted 31 May 2011 - 02:29 PM

I usually don't bother. To expand on that phrase, I usually don't bother doing this kind of work at all, but when I do, I usually don't bother trying to do any forensic analysis at all. First thing I try is MalwareBytes AntiMalware. It's surprisingly good. Then I'll install one of the free antiviruses. MS Security Essentials is pretty good at what it does. Then I'm usually done. If not, I'll google for more specific information and see if there's a targeted fix for the specific virus or whatever I'm dealing with.
Was This Post Helpful? 0
  • +
  • -

#3 RandomlyKnighted  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 117
  • View blog
  • Posts: 1,362
  • Joined: 14-January 10

Re: Security / Forensic Tools

Posted 31 May 2011 - 08:10 PM

I'm with Curtis Rutland, I don't bother which the analysis part of things. Only thing I look at is what virus I'm trying to remove so I can get an idea of how many programs I might need to download to get rid of the sucker. Below is the list of programs that I use in the order that I use them.

Note: When reading this list, remember the lower you get into the list the worse the computer infection.


  • Combofix
  • Malwarebytes Anti-Malware
  • SuperAntiSpyware
  • Spybot Search and Destroy
  • Microsoft Security Essentials - If the user does not have an antivirus installed then I keep this one (and Malwarebytes) installed on the machine.

Was This Post Helpful? 0
  • +
  • -

#4 andy_pleasants  Icon User is offline

  • D.I.C Head

Reputation: 41
  • View blog
  • Posts: 122
  • Joined: 08-July 10

Re: Security / Forensic Tools

Posted 01 June 2011 - 12:42 AM

I find it quite interesting myself, finding out what the Malware does, what got hooked etc.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1