Analyzing tools

Discussion in 'Malware Analysis Archive' started by Valentin N, Feb 25, 2011.

  1. jim lin

    jim lin Level 8

    Aug 6, 2012
    488
    376
    Oregon
    RegShot

    monitor for registry changes RegShot is a small utility that allows you to quickly take a snapshot
    of your registry and then compare it with a later one - done after doing system changes or installing
    a new software product. The changes report can be produced in text or HTML format and contains a list
    of all modifications that have taken place between Snapshot1 and Snapshot2. In addition to registry changes,
    RegShot can also scan a folder on your hard drive and check for file changes.

    http://www.snapfiles.com/get/regshot.html

    :)

    James
     
    donetao and Gnosis like this.
  2. adyblueboy

    adyblueboy Level 2

    Feb 15, 2014
    70
    107
    Windows 10
    G-Data
  3. looda

    looda New Member

    Mar 11, 2014
    225
    571
    egypt
    thx so much
     
  4. Oxygen

    Oxygen Level 42

    Feb 23, 2014
    3,135
    6,058
    United States
    Windows 10
    Emsisoft
    Thanks for this post!
     
  5. Neno

    Neno Level 5

    Jan 4, 2012
    230
    359
    Windows 10
    Malwarebytes
  6. donetao

    donetao New Member

    Sep 7, 2014
    911
    1,270
    A rootkit is a stealthy type of software, typically malicious, designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.
    https://www.malwarebytes.org/antirootkit/
     
  7. frogboy

    frogboy Level 61
    Trusted

    Jun 9, 2013
    6,232
    64,821
    Heavy Duty Mechanic.
    Western Australia
    Windows 10
    Emsisoft
  8. NekoJonez

    NekoJonez New Member

    Jun 3, 2015
    191
    811
    IT-support - Planner at Flemish Exam Jury
    Maybe already said: Fiddlr, for sure. Also Depency Walker.
     
  9. GinGin

    GinGin New Member

    Jul 9, 2015
    5
    7
    thanx! Well done!
     
  10. Quassar

    Quassar Level 7

    Feb 10, 2012
    326
    726
    Poland, Bielsko - Biała
    #51 Quassar, Dec 4, 2015
    Last edited: Dec 4, 2015
    DiskPulse Free/Payment - Analize folders/files changes in real time
    SysTracer "payment" Files/Registry change snapshot analize
    MultiMon "payment" Analize File Registry and other such things in real time
    VMware Wokrstation + ThinApp = Virtualization + modify Repository, but you can use it to analize malware changes sometinhg like Sandboxie with BSA Antivirus Scanning in a VMware View Virtual Desktop Environment That Includes ThinApp Virtualized Applications - VMware ThinApp Blog

    Phrozen Windows File Monitor - "free" monitor changes in real time
    NtRegEdit - Native Registry Editor - Free and probably most advanced register editor which i could use :)

    ArtMoney - i know its software to hacking games like CE but this tool have extended HEX editor and complex lua injector when i have to bypass wirus and such others tools like SpyWare Proces detector.. VIP Edition can change name of process program to any wish you, help hide proces for other programs/viruses.

    other tool i prefer is IDA and Hiew but for sure you know it :p
     
Loading...
Similar Threads Forum Date
Malware Analysis Need help on analyzing this suspicious .doc file Malware Analysis May 29, 2017
Need help analyzing possible ransomware Malware Analysis May 29, 2017
Analyzing the latest wave of mega attacks General Security Discussions Nov 16, 2016