June 16, 2013 | post a comment | Mark Russinovich
You’re probably the IT help desk for your family and friends, and might even have an IT role at your company. Malware is a fact of life and learning how to identify it, neutralize and clean it off infected systems can save the time and money of reimaging systems, reinstalling software and restoring data. Even if you decide to reimage a system, having some understanding of malware’s operation can give you confidence that it hasn’t spread to other systems in your network.
In this top-rated session from Microsoft’s TechEd US conference last week, I teach how to use my Sysinternals tools, including Process Explorer, Autoruns and Process Monitor, as well as some tips and techniques targeted at malware, to analyze and eradicate today’s common strains. You’ll see me use the tools to identify and remove ransomware, fake security software, and even look under the hood at Flame, the cyberweapon that was found last year in Iran and believed to be part of the Stuxnet program of cyberwarfare. With what you learn, you’ll be on the way to becoming a malware cleaning hero.