[clug] Simple computer forensics?
shadroth at gmail.com
Thu Oct 13 15:14:18 GMT 2005
>A friend just called, they need a (windows) PC
>vetted for keyloggers and other malware.
>Anyone out there do simple forensics commercially?
Spybot S&D works wonders, I use it regularly.
Ad-Aware SE is great, but it hasn't found anything for me that Spybot
didn't pick up.
I use (and resell) Grisoft's AVG. It's the best (and cheapest) I've
ever found. RRP ~$35USD for 2 years. There's a free 30 day trial, and
a straight up free version, except it won't auto update, auto check,
or scan incoming and outgoing email.
> Know a good dd command to clone a disk?
> (Don't know if it's FAT or NTFS)
www.ultimatebootcd.com is free and full of tools you may find useful,
the full version (also free) comes with INSERT linux.
> Can a suspect windows PC
> be comprehensively checked for malware,
> or is re-building the only sure path?
Malware from the ground up, unfortunately :P
Spybot S&D, AVG usually do alright.
I've had a client using that , but something slipped through. The
nasty part got squashed by AVG on every reboot, but it kept
respawning. I needed a combination of tweaking with "regedit" and
"msconfig" to kill it for good.
More information about the linux