|
|
|
386
 
Group: Forum Members
Last Login: Today @ 20:25:59
Posts: 586,
Visits: 1,439
|
|
| The new Process Monitor 2 is available, and it is capable of producing reams of data! Does anyone have experience of using a Process Monitor to search for malware? If so, how would you use this tool?
|
|
|
|
|
Pentium
Group: Forum Members
Last Login: Today @ 19:05:36
Posts: 1,955,
Visits: 4,921
|
|
I haven't tried it. Reads like Process Explorer with more focus and detail on processes/services/startup/system events. Logs plenty as well.
Say you want to find out what particular files are calling a questionable process, or a general purpose system process like svchost.exe. You can search for info on what you find and follow on from that. At least makes it easier to go in and remove undesirable stuff manually if required.
I know the more involved info can be useful for similar reasons, but it gets beyond me from there.
There's a lot of rough guides on investigating a problem with Process Explorer or the File/RegMon tools knocking around.
'Come down from your swell co-ops, you general partners and merger lawyers! It's the Third World down there! Puerto Ricans, West Indians, Haitians, Dominicans, Cubans, Colombians, Hondurans, Koreans, Chinese, Thais, Vietnamese, Ecuadorians, Panamanians, Filipinos, Albanians, Senegalese and Afro-Americans! Go visit the frontiers, you gutless wonders!'
Tom Wolfe, Bonfire Of The Vanities
|
|
|
|