Presentation is loading. Please wait.

Presentation is loading. Please wait.

Malware Hunting with the Sysinternals Tools Mark Russinovich Technical Fellow Windows Azure SIA302.

Similar presentations


Presentation on theme: "Malware Hunting with the Sysinternals Tools Mark Russinovich Technical Fellow Windows Azure SIA302."— Presentation transcript:

1 Malware Hunting with the Sysinternals Tools Mark Russinovich Technical Fellow Windows Azure SIA302

2 During 4Q11, 33 percent of Web malware encountered was zero-day malware not detectable by traditional signature- based methodologies at the time of encounter Cisco 4Q11 Global Threat Report

3

4

5

6 Identifying Malware Processes

7

8

9

10

11

12

13

14

15

16

17 sigcheck -e -u -s c:\ listdlls -u

18 strings

19

20

21 Cleaning Autostarts

22

23

24

25

26 Tracing Malware Activity

27

28

29

30

31

32

33

34 Real World Analysis and Cleaning

35

36

37

38

39 Cleaning FakeSysDef Scareware Give a man a stolen credit card & he'll eat like a king for a day. Teach a man to phish and he'll be set for life. -- Ancient Nigerian proverb

40

41

42

43

44

45

46 Cleaning Cycbot

47 Analyzing and Cleaning Stuxnet and Flame

48

49 tech-summit-flame-idUSBRE85A0TN

50 Summary

51 Prevent and Detect

52

53 Book signings with Mark and Aaron Wed. and Thurs., 11:30am TechEd bookstore Mark will also be signing Zero Day and Windows Internals 6 th Ed Pt. 1

54

55

56 Connect. Share. Discuss. Learning Microsoft Certification & Training Resources TechNet Resources for IT Professionals Resources for Developers

57 Evaluations Submit your evals online

58

59


Download ppt "Malware Hunting with the Sysinternals Tools Mark Russinovich Technical Fellow Windows Azure SIA302."

Similar presentations


Ads by Google