[memory] Memoryze と Audit Viewer

Memoryze
http://www.mandiant.com/products/free_software/memoryze/

Audit Viewer
http://www.mandiant.com/products/free_software/mandiant_audit_viewer/

>Process.bat -input memory_dump.raw -handles true -sections true -ports true -injected true

Audit Viewerで結果を閲覧