![]() ![]() Otherwise that malware might download more malware, or transmit more of your information. Note: if you really think there might be malware, it’s often helpful to unplug or disable internet access on that machine while troubleshooting, although you might want to do VirusTotal lookups first. This process is actually a SysInternals utility, but if it wasn’t, we’d be checking it. Once you’ve identified the process, you should use the built-in tools in Process Explorer to verify what the process actually is, make sure it’s legitimate, and optionally scan that process for viruses using the built-in VirusTotal integration. The first thing you should do is open up Process Explorer and see what processes are using up resources on the system. Scenario: System is Running Slow, Suspected Malware This is just a quick example to help illustrate, and is by no means an exact list of steps to follow. Here’s an example scenario to give you an idea of how you might tackle the investigation, although it’s worth noting that there are any number of ways to figure out what’s going on. There isn’t always just one tool for the job - it’s much better to use them all together. Today we’re going to cover the remaining utilities in the kit, which can be used for all sorts of purposes, ranging from viewing network connections to seeing effective permissions on file system objects.īut first, we’ll walk through a hypothetical example scenario to see how you might use a number of the tools together to solve a problem and do some research on what is going on. We’ve learned about Autoruns, one of the most powerful tools to deal with malware infections, and PsTools to control other PCs from the command line. We’ve learned how to use Process Explorer to troubleshoot unruly processes on the system, and Process Monitor to see what they are doing under the hood. Wrapping Up and Using the Tools Together.Analyzing and Managing Your Files, Folders, and Drives. ![]() Using PsTools to Control Other PCs from the Command Line.Using BgInfo to Display System Information on the Desktop.Using Autoruns to Deal with Startup Processes and Malware.Using Process Monitor to Troubleshoot and Find Registry Hacks.Using Process Explorer to Troubleshoot and Diagnose.What Are the SysInternals Tools and How Do You Use Them?. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |