Advice Request Is there any product to monitor file changes for malware examination?

Please provide comments and solutions that are helpful to the author of this topic.

klepto

klepto

Level 2
Thread author
Jun 14, 2020
77
I thought that Shadow Defender had this feature but I was wrong. I was using this app that will 'remain nameless' for good reason.
It is labelled as a trojan/malware on many lists but I haven't seen any malicious actions. I would love to have some software to
monitor file/registry changes to examine suspect files in the future. The small company who makes this app swears up and down
that it isn't malware.
 
  • Like
Reactions: Protomartyr, [correlate], Cortex and 1 other person
R

roger_m

Level 42
Verified
Top Poster
Content Creator
Dec 4, 2014
3,136
klepto said:
I thought that Shadow Defender had this feature but I was wrong. I was using this app that will 'remain nameless' for good reason.
It is labelled as a trojan/malware on many lists but I haven't seen any malicious actions. I would love to have some software to
monitor file/registry changes to examine suspect files in the future. The small company who makes this app swears up and down
that it isn't malware.
Click to expand...
It would help if you would name the software. There is a lot of software that is not malicious that is wrongly detected as malware.
 
  • Like
Reactions: Protomartyr, plat, CyberTech and 6 others
ichito

ichito

Level 11
Verified
Top Poster
Content Creator
Well-known
Dec 12, 2013
542
No, SD hasn't a feature to monitor/analyse changes in virtualised disk - that's the role of apps that can do this by ways like this:
- HIPS that monitor core system files, settings and areas...they are the answer to question "what and how changes are made"
- apps like FileChange Alarm that monitor in real time changes in chosen location (files, folders, disk)
- apps that can compare two states of system and/or disk (files and registry entries) e.g. befor and after installation...this is feature of e.g. System Explorer
Both two last kind of apps answer the question "what was changeded.
- and apps that monitor currently worked apps/processes that answer question "what new is appeared in my system".
Of course there are apps that offer mixed featured and can be more helpful.
 
  • Like
  • +Reputation
Reactions: Protomartyr, roger_m, klepto and 1 other person
klepto

klepto

Level 2
Thread author
Jun 14, 2020
77
I sent the software through some online analysis sites and there wasn't anything concrete that would prove it is malware. Just some methods they used to keep their software from being pirated. @Cortex I'd never use Office 365 btw :p
 
  • Like
Reactions: roger_m
Divine_Barakah

Divine_Barakah

Level 33
Verified
Top Poster
Well-known
May 10, 2019
2,289
I am not sure if what I am going to say helps or just pure nonsense but what if you install Ashampoo Uninstaller or any other uninstaller that allows you to take snaps of the system (created files and registry entries)?
 
  • Like
Reactions: klepto

Similar threads

R
  • Locked
Unable to remove 'search-great' browser hijacker; I feel like I tried everything - please help
Replies
3
Views
265
Windows Malware Removal Help & Support
Rman
R
S
Serious Discussion How safe is the malware scan of NexusMods
Replies
9
Views
480
General Security Discussions
Studynxx
S
Fumerol_X
    • Like
Question Analyzing SCR file
Replies
37
Views
3,093
Malware Analysis
simmerskool
simmerskool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top