Tag Archives: sysinternals

Using procmon.exe from Sysinternals to examine for malware, Trojans and bots.

Security Engineers often do not have the time to perform the in depth study of a system in order to determine if malware, Trojans and bot software has been installed on a PC. Given the limited amount of time we all have, we must find creative ways to determine if a breach of security on our systems have occurred. I suggest that one way to quickly determine if a system is actively compromised is through the use of the procmon.exe package included in Sysinternals.

Continue reading Using procmon.exe from Sysinternals to examine for malware, Trojans and bots.




Facebooktwittergoogle_plusredditpinterestlinkedinmail

Using Sysinternals autoruns.exe for System Startup Analysis

Many security professionals have the need to perform analysis when Malware, Trojans or strange behavior is reported on a system. Lets take a look at the Sysinternals autorun.exe for performing this analysis. The goal of this blog posting is to try demonstrate the benefits of the application. Today, I’ll install Sysinternals onto my system in order to properly execute my startup analysis.

Continue reading Using Sysinternals autoruns.exe for System Startup Analysis


Facebooktwittergoogle_plusredditpinterestlinkedinmail