License to Kill: Malware Hunting with the Sysinternals Tools
This session provides an overview of several Sysinternals tools, including Process Monitor, Process Explorer, and Autoruns, focusing on the features useful for malware analysis and removal. These utilities enable deep inspection and control of processes, file system and registry activity, and autostart execution points. You will see demos for their malware-hunting capabilities through several real-world cases that used the tools to identify and clean malware, and conclude by performing a live analysis of a Stuxnet infection’s system impact.
Event HomepageTechEd North America 2013
More episodes in this series
Comments have been closed since this content was published more than 30 days ago, but if you'd like to send us feedback you can Contact Us.