PaulDotCom mailing list archives
Malware analyzing tools?
From: gbugbear at gmail.com (Tim Mugherini)
Date: Fri, 15 May 2009 09:20:58 -0400
HI There! All Great tools and advice thus far. I have a silly question, have you determined why system performance is slow (i.e. CPU cycles, RAM usage, Memory paging out, Disk Frag, Network connections - has previously suggested?). Once determined, what process(s) / services are chewing up resources? I have seen one incorrect mapped drive or badly written start-up script smoke a Windows box's performance because the My Docs directly was pointing to it and every app on Windows points to My Docs. Previous mentioned tools like Process Monitor, AutoRuns, and Process Explorer from sysinternals can help with this process (pay special attention to svchost.exe and what is running within it - google will be your best friend here). Also check out this one: http://www.eset.com/download/sysinspector.php @lennyzeltser posted that on twitter the other day. I briefly checked it out but seemed pretty solid. It will perform an analysis of processes, services, registry, startup items, etc.. on Windows system and try to identify probably risks. It generated a few false positives in my case but try and cross reference it with what is eating up your physical resources. Here is where the fun begins and you begin to google and learn what processes and servcies should and should no be running and what may be hiding in one of these legitamate processes. I hope this helps! Tim On Fri, May 15, 2009 at 8:30 AM, Raffi Jamgotchian <raffi at flossyourmind.com>wrote:
Combofix from bleeping computer is good to run after you run tools. ---- Raffi On May 14, 2009, at 9:55 PM, infolookup at gmail.com wrote:In the pass I have used hijackthis, malwarebytes, autorun, process explorer among others. ------Original Message------ From: Subba Rao Sender: pauldotcom-bounces at mail.pauldotcom.com To: Pauldotcom ReplyTo: PaulDotCom Security Weekly Mailing List Sent: May 14, 2009 9:22 PM Subject: [Pauldotcom] Malware analyzing tools? My computer has become really slow recently. I have been going to YouTube, Facebook sites a lot. What worries me is that some malware got on to my system and causing the slow performance. I have tried Mandiant's Red Curtain and it did not find anything. Are there any other tools that will look at my files to detect malware? Thank you in advance for any help. Subba Rao _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com Sent from my Verizon Wireless BlackBerry _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090515/371710b3/attachment.htm
Current thread:
- Malware analyzing tools? Subba Rao (May 14)
- <Possible follow-ups>
- Malware analyzing tools? infolookup at gmail.com (May 14)
- Malware analyzing tools? Xander Solis (May 14)
- Malware analyzing tools? Ali Emirlioglu (May 14)
- Malware analyzing tools? Pat (May 15)
- Malware analyzing tools? Raffi Jamgotchian (May 15)
- Malware analyzing tools? Tim Mugherini (May 15)
- Malware analyzing tools? Shaun Curry (May 15)
- Malware analyzing tools? Chris Hague (May 15)
- Malware analyzing tools? Daniel [Virturity.com] (May 15)
- Malware analyzing tools? Xander Solis (May 14)