[clug] Simple computer forensics?

[Joel Plane]

Hunting down viruses etc would have to be one of the things I miss most 
about Windows. It was great fun.

My father uses AVG. I pretty sure it's the free one, and it does do auto 
update, scheduled scans, and scan incoming (and probably outgoing) 
email. I know this because an ugly dialog pops up when it does these 
things, which can be annoying.

Joel.



Ben wrote:

>>A friend just called, they need a (windows) PC
>>vetted for keyloggers and other malware.
>>Anyone out there do simple forensics commercially?
>>    
>>
>
>Spybot S&D works wonders, I use it regularly.
>Ad-Aware SE is great, but it hasn't found anything for me that Spybot
>didn't pick up.
>
>I use (and resell) Grisoft's AVG. It's the best (and cheapest) I've
>ever found. RRP ~$35USD for 2 years. There's a free 30 day trial, and
>a straight up free version, except it won't auto update, auto check,
>or scan incoming and outgoing email.
>
>  
>
>>Know a good dd command to clone a disk?
>>(Don't know if it's FAT or NTFS)
>>    
>>
>
>www.ultimatebootcd.com is free and full of tools you may find useful,
>the full version (also free) comes with INSERT linux.
>
>  
>
>>Can a suspect windows PC
>> be comprehensively checked for malware,
>> or is re-building the only sure path?
>>    
>>
>
>Malware from the ground up, unfortunately :P
>
>Spybot S&D, AVG usually do alright.
>
>I've had a client using that , but something slipped through. The
>nasty part got squashed by AVG on every reboot, but it kept
>respawning. I needed a combination of tweaking with "regedit" and
>"msconfig" to kill it for good.
>
>Ben
>  
>