Free AV Scanners
Many times during an examination, you may want to do a little data reduction, by scanning your image for the presence of malware. While this should not be considered a 100% guarantee that there is no malware if there are no hits, this may lead you to something and narrow your search a bit. Again, this is just a tool, something that as a forensic analyst you can use.
Start by mounting the image as a read-only drive letter using Mount Image Pro or VDKWin. Then scan the drive letter with your AV scanner of choice. Some free AV scanner options include:
GriSoft AVG Free Edition
avast! Home Edition (free for home/non-commercial use)
ClamWin
Avir AntiVirus PersonalEdition
Comodo AV
Windows Defender (spyware)
Some rankings reports (includes free and for-pay):
PCWorld
Top10 Reviews
GCN Lab
Top Windows AV
Note that some of the available AV products may include a command line interface (F-Prot, for example) which means that you can run the scanner after hours using a Scheduled Task.
So, what's in your wallet? What is your AV scanner of choice (free or otherwise)?
Start by mounting the image as a read-only drive letter using Mount Image Pro or VDKWin. Then scan the drive letter with your AV scanner of choice. Some free AV scanner options include:
GriSoft AVG Free Edition
avast! Home Edition (free for home/non-commercial use)
ClamWin
Avir AntiVirus PersonalEdition
Comodo AV
Windows Defender (spyware)
Some rankings reports (includes free and for-pay):
PCWorld
Top10 Reviews
GCN Lab
Top Windows AV
Note that some of the available AV products may include a command line interface (F-Prot, for example) which means that you can run the scanner after hours using a Scheduled Task.
So, what's in your wallet? What is your AV scanner of choice (free or otherwise)?