In this section we will go through some of the basic steps to take when checking a suspected Windows computer. Following are the tools (with links to their respective download pages) we are going to demonstrate here:
- Sysinternals Autoruns produced by Microsoft.
- Sysinternals Process Explorer produced by Microsoft.
- CrowdInspect produced by CrowdStrike.
- Sysinternals TCPView produced by Microsoft.
- Snoopdigg produced by Claudio Guarnieri.