License to Kill: Malware Hunting with the Sysinternals Tools

Sign in to queue

Description

This session provides an overview of several Sysinternals tools, including Process Monitor, Process Explorer, and Autoruns, focusing on the features useful for malware analysis and removal. These utilities enable deep inspection and control of processes, file system and registry activity, and autostart execution points. You will see demos for their malware-hunting capabilities through several real-world cases that used the tools to identify and clean malware, and conclude by performing a live analysis of a Stuxnet infection’s system impact.

For more information, check out this course on Microsoft Virtual Academy:

Tags:

Windows, Breakout

Day:

4

Session Type:

Breakout

Code:

ATC-B308

Room:

La Nouvelle Ballroom B

Embed

Download

Download this episode

For more information, check out this course on Microsoft Virtual Academy:

The Discussion

Add Your 2 Cents