License to Kill: Malware Hunting with the Sysinternals Tools
This session provides an overview of several Sysinternals tools, including Process Monitor, Process Explorer, and Autoruns, focusing on the features useful for malware analysis and removal. These utilities enable deep inspection and control of processes, file system and registry activity, and autostart execution points. You will see demos for their malware-hunting capabilities through several real-world cases that used the tools to identify and clean malware, and conclude by performing a live analysis of a Stuxnet infection’s system impact.
Event HomepageTechEd North America 2013
This conversation has been locked by the site admins. No new comments can be made.