{"id":655672,"date":"2013-05-02T00:19:54","date_gmt":"2013-05-02T04:19:54","guid":{"rendered":"http:\/\/betanews.com\/?p=147259"},"modified":"2013-05-02T00:19:54","modified_gmt":"2013-05-02T04:19:54","slug":"malware-scene-investigator-is-your-forensic-savior","status":"publish","type":"post","link":"https:\/\/mereja.media\/index\/655672","title":{"rendered":"Malware Scene Investigator is your forensic savior"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/betanews.com\/wp-content\/uploads\/2013\/05\/security-eye-fingerprint-forensics-600x403.jpg\" alt=\"\" title=\"security eye fingerprint forensics\" width=\"600\" height=\"403\" class=\"alignnone size-large wp-image-147260\" \/><\/p>\n<p>Your PC is behaving strangely. You think it might have been infected by something, but your regular antivirus tool hasn\u2019t raised an alert. And so you decide to try and investigate the problem yourself.<\/p>\n<p>Figuring out where to begin can be difficult, though. Which drivers should you investigate, which startup programs or processes? If you want to manually search for malware but aren\u2019t sure where to start, then the free\u00a0<a href=\"http:\/\/www.downloadcrew.com\/article\/30143-malware_scene_investigator\" >Malware Scene Investigator<\/a>\u00a0could prove very useful.<\/p>\n<p>The program is a tiny download (500KB), portable and extremely easy to use. Close any running programs, launch Malware Scene Investigator, click Start Scan, and a tabbed interface then displays the results in two forms. Clicking Report provides a quick summary, while the Detailed Log tab gives you a more in-depth view.<\/p>\n<p>The program may be small, but Malware Scene Investigator isn\u2019t short on ambition. The program aims to highlight HOSTS file manipulation, unknown drivers, and dubious proxy settings. It looks for unusual disk partitions, Registry modifications or startup programs. You\u2019ll be warned of executable files in your temporary folders (a common route for malware), and the report includes general information about your PC\u2019s state (open network connections, running processes, scheduled tasks, recently created \\Windows\\System32 files, and more).<\/p>\n<p>We tested this out on a test PC, and the program generally did very well. It highlighted some active third-party drivers, for instance; picked out an unusual Windows service setting; even warned us about a suspicious startup entry which we had already become concerned about separately. This turned out to be entirely innocent, but it was impressive that, while we had spent some time in identifying this file, Malware Scene Investigator managed to highlight the same executable in around two seconds.<\/p>\n<p>Checking for outdated software was less successful, though, at least in our case. The program claimed that we had an outdated version of Flash installed, but this wasn\u2019t true: it just hadn\u2019t identified our installed Flash version correctly.<\/p>\n<p><a href=\"http:\/\/www.downloadcrew.com\/article\/30143-malware_scene_investigator\" >Malware Scene Investigator<\/a>\u00a0isn\u2019t for novices, then. And you can\u2019t rely 100% on everything it says: the program can only give you pointers as to what you should investigate next.<\/p>\n<p>But, if you are worried a PC has been infected by malware, or just want a general security check, then the program is worth a try, and it certainly deserves a place in your security toolkit.<\/p>\n<p><strong>Photo Credit:<\/strong>\u00a0\u00a0<a id=\"portfolio_link\" href=\"http:\/\/www.shutterstock.com\/gallery-10991p1.html\" >Johan Swanepoel<\/a>\/<a href=\"http:\/\/www.shutterstock.com\/\" >Shutterstock<\/a><\/p>\n<div class=\"feedflare\">\n<a href=\"http:\/\/feeds.betanews.com\/~ff\/bn?a=hkpmtgWZ4Jw:ofwQnqi1Z-c:qj6IDK7rITs\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/bn?d=qj6IDK7rITs\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.betanews.com\/~ff\/bn?a=hkpmtgWZ4Jw:ofwQnqi1Z-c:yIl2AUoC8zA\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/bn?d=yIl2AUoC8zA\" border=\"0\"><\/img><\/a>\n<\/div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/bn\/~4\/hkpmtgWZ4Jw\" height=\"1\" width=\"1\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Your PC is behaving strangely. You think it might have been infected by something, but your regular antivirus tool hasn\u2019t raised an alert. And so you decide to try and investigate the problem yourself. Figuring out where to begin can be difficult, though. Which drivers should you investigate, which startup programs or processes? If you [&hellip;]<\/p>\n","protected":false},"author":7429,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-655672","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/655672","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/users\/7429"}],"replies":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/comments?post=655672"}],"version-history":[{"count":0,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/655672\/revisions"}],"wp:attachment":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/media?parent=655672"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/categories?post=655672"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/tags?post=655672"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}