License to Kill: Malware Hunting with the Sysinternals Tools

Thanks ronjor. Seems like a great video.

 

Thank you.

I have been looking for information like this for a long time.

 

Yeah I just went through the first 10 min. Never really gave it a thought to use Sysinternals before. Normally I use CCE or Emsisoft Emergency kit with hijackfree. Either or gets the job done.

 

Thanks for the link. LOL @ "I'll clean that off for you if you let us see your browser history".

 

Yeah that was one of the funny lines.

 

Very interesting! Thank you for the video ronjor

 

Good video...thanks ronjor.

 

Oooopss...

Thanks again Ronjor,

I may have misplaced the thank you note:
https://www.wilderssecurity.com/showpost.php?p=2239177&postcount=9

Cheers!

Guy

 

Boy, that guy ages well! He's been around for a while.

First 30 secs. of the video says it all. "Less than 40% of (new?)malware found by existing AVs ..........."

 

That's why I developed A.P.A.I.S. as a manual process analysis and identification system. It seems to me that what I do is a dying art. I mean who wants to manually analyze every part of the system just to clean it up these days?

It looks like everyone is so busy delegating to automated anti malware systems that they all miss all the malware actually on their own system...
Also the more we use or perhaps more accurately the more we become dependent on automation the more ignorant of how things work we become, further isolating us from being able to actually defending ourselves...

All it really takes is patience and a dedicated process by process visual inspection coupled with a serious attempt at identification...

Establish inception, actual location, then trace it's auto-startup invocation keys or link, and do some research to establish what is actually known from a broad spectrum perspective about the darn files, and voila!

I guess if most users actually made the effort to look they would find a lot of stuff they never even imagined was running there!

Guy

 

Prevention-detection-cure.