Scanning Windows for Malware
Posted by Jack H. Ward, Last modified by on 02 February 2018 08:25 AM

Electronic Evidence Examiner allows you to scan portable executable files for the signs of being malware.

To perform malware scan on executable files, do the following:

1. Add evidence or acquire/import mobile data to a new or existing case.
2. The structure of the evidence/mobile data is displayed in the Case Content pane (to the left), the contents of the selected folder/file are displayed in the Data View pane (to the right).
3. Select a folder or file that you want to scan for signs of being malware.
4. Right-click and select Scan for Malware from the Content Analysis sub-menu, or on the Evidence tab, in the Content Analysis group, click Content Analysis and then click Scan for Malware.
5. The Content Analysis wizard opens.

6. The process of scanning for malware is displayed in the Tasks pane where it can be stopped, paused, and started from there (through the right-click menu or using the Stop, Pause, or Start/Resume buttons).
7. To view the results of the malware scan, do one of the following:

  • Select a scanned file and select the Properties viewer. The signs of a file being malware are displayed on the Content Analysis tab of the Properties viewer.
  • Generate a malware scan report.

 Scanning Windows for Malware.png (26.71 KB)
(0 vote(s))
Not helpful

Comments (0)