Tuesday 23 October 2012

Some Malware Tools

Here is a short list of some malware tools:

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

Windows Live Writer

4 comments:

Chris said...

There's a good set of slides (PDF) from Mark Russinovich (SysInternals) on using AutoRuns, Process Explorer & Process Monitor to nail malware:

http://download.sysinternals.com/files/SysinternalsMalwareCleaning.pdf

Phil Wisch said...

I would only get combofix from bleepingcomputer.com. The author of combofix, sUBs, does not have a stand alone website. Here is a quote from a post on bleeping's forums:

"www.combofix. whatever are sham sites.
Subs does not host a stand-alone website for Combofix. Let alone an unsupervised one without the proper disclaimers and instructions."

Also, add unhide.exe to your list, also available from bleeping. If after you remove a virus, the virus has changed the permissions on and registry enties on your data so you can't see it, this will "unhide" it.

Phil Wisch said...

I would only get combofix from bleepingcomputer.com, there are a few other malware removal sites, but I always remember this one. The author of combofix, sUBs, does not have a stand alone website or domain. Here is a quote from post on bleeping:

"www.combofix. whatever are sham sites
Subs does not host a stand-alone website for Combofix. Let alone an unsupervised one without the proper disclaimers and instructions."

I would also add unhide.exe. Also available at bleeping. After you remove a virus, sometimes they hide your data via permissions and registry changes. This will fix that issue.

Anonymous said...

What Phil said about combofix, unhide..

Add -
MalwareBytes - MBAM
http://www.malwarebytes.org
SuperAntiSpy - SAS
http://www.superantispyware.com