TWC: Malware Hunting with Mark Russinovich and the Sysinternals Tools
Play TWC: Malware Hunting with Mark Russinovich and the Sysinternals Tools
Mark provides an overview of several Sysinternals tools, including Process Monitor, Process Explorer, and Autoruns, focusing on the features useful for malware analysis and removal. These utilities enable deep inspection and control of processes, file system and registry activity, and autostart execution points. He demonstrates their malware-hunting capabilities by presenting several current, real-world malware samples and using the tools to identify and clean malware.