Log files

Discussion in 'Windows Security' started by Peterr, Jun 3, 2014.

  1. Peterr

    Peterr Honorable Member

    Joined:
    Mar 31, 2011
    Messages:
    887
    Likes Received:
    13
    Hello
    Does anyone know where I can have a log file created and analyzed trying to remove malware?
     
  2. Fixer1234

    Fixer1234 Senior Member

    Joined:
    Aug 3, 2012
    Messages:
    481
    Likes Received:
    37
    Can you elaborate on what you want to document? Are you referring to trying to capture malware in the act of installing, or documenting detail of what is currently installed and/or running that can be compared to a standard to identify anomalies, or recording what the AV software is looked at and what it's found? Or is the answer, "yes, any/all"?
     
  3. Peterr

    Peterr Honorable Member

    Joined:
    Mar 31, 2011
    Messages:
    887
    Likes Received:
    13
    I recently had a bug I could remove but it would come back. I did find a way to remove it for good. I have MBAM so found that they will go over a log file to see how or if one should remove a file, without removing a good file with it.
    Also, and in my search for such a service, MG's replied that they also do this.
    So I have 2 services I can send a log file to be analyzed if I am unsure what to do with an infection.
    If you know of any site I would like to know about it as these things can take time and can overwhelm a site.
    Thank you
    Peter
     
  4. Fixer1234

    Fixer1234 Senior Member

    Joined:
    Aug 3, 2012
    Messages:
    481
    Likes Received:
    37
    What you're looking for is other services that do this? I think many of the AV companies do this, although I have never used that service. There are many places you can go online to get information on specific malware files that might be disguised as a legit program. If you do a Google search on the suspect filename, you can find information on the profile. The disguised programs are almost never the exact size as the legit file and often reside in a different directory.

    Another giveaway is associated files. If it isn't masquerading as a Windows file, you can look at what program the legit file would be associated with and see if you even have that program installed. Also, malware often has several component files that aren't disguised as something else and you can see if any of the component files are on your computer.

    If you are in doubt about deleting a file, move it to a temporary directory and change its filename extension. If it was a legit file and important, its absence should be noted. You can also run sfc /scannow if it was a Windows file or reinstall or repair non-Windows software to replace the file with a known good one.
     
  5. Peterr

    Peterr Honorable Member

    Joined:
    Mar 31, 2011
    Messages:
    887
    Likes Received:
    13
    Your information has been enlightening and I thank you for it.
     

Share This Page

Loading...