Sysinternals

Description: suite of tools for analyzing Windows systems

Installation: download from https://learn.microsoft.com/en-us/sysinternals/downloads/

• Also an online version available: https://live.sysinternals.com/

Usage

• Process Monitor: check for suspicious or unknown processes, can be usaed with netstat to track malware

• Rootkit Revealer: detect rootkits or malware

Resources

• Microsoft Sysinternals site

• Process Monitor for Identifying Malware

• RootkitRevealer