Posts Tagged ‘Malicous processes’

RpcView – Tool to explore RPC functionality

RpcView is a free tool that can be used to monitor and decompile all registered interfaces on windows operating system. Information provided by this tool include the following: the Pid of the process hosting this endpoint; the used protocol among which the main ones are ncacn_ip_tcp, ncacn_np and ncalrpc; the endpoint name depending of the [...]

Share

Ransomware locks up Computers in Europe

Moneypack malware ransomware variants have been observed by Trendmicro security researchers. The malware encrypt files and asks victim to pay online for having their files recovered. The attack is targeting users in Turkey and Hungary. Cybercriminals spread their malwares by sending an email prompts to download an executable file the file is a Trojan that [...]

Share

Image Hosted on Web Server Serving Malware

Security researchers at TrenMicro have identified a new type of malware that update their configuration in a very interesting way. This means that compromised machines are configured to download JPEG files that contain encrypted configuration files/binaries without victim’s knowledge. The image is hosted on web server located in Asia-Pacific region and contains three types of [...]

Share

Process Hacker 2.32 – Utility to manage Windows process and services

Process hacker is one of the leading tool for manipulating processes and services, this is important for monitoring the changes when you are investigating a malicious code. you will need this tool in your sandbox to identify any new process created during executing the malicious code. Utility provides detailed debugging information for the selected process, [...]

Share

CrowdInspect Malware Forensic Program

Forensic  tools are important to help in analyzing DLLs and processes running on operating system, here you can consider some free programs such as CrowdInspect.  CrowdInspect is a free  tool for Microsoft Windows systems that helps to detect any suspicious connection created with external network. the tool helps investigator to list processes and what is [...]

Share

Process Hacker Tool for Manipulating System Services and Processes

Windows operating system contain services and processes, some of them are required for certain tasks or operations other consume the memory without any usage and some are on the system with a malicious intent. To detect and resolve what you are running on your system you can consider Process Hacker very useful tool that will [...]

Share

Svchost Process Analyzer Tool to Fix Infected Svchost.exe

Windows operating system runs many processes that may include unknown services or viruses, one of the strange processes is svchost.exe, sometimes you find several processes under this name and you need to understand what they are doing. They consume a lot of memory footprint and if you kill them all it will not solve the [...]

Share