Using Process Monitor Flashcards

1
Q

How to prevent/allow Process Monitor to automatically scroll down displaying the activity in real time?

A

activate/deactive Autoscroll with CTRL+A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How can you spot that a malware is trying to detect and terminate any possible antivirus software?

A

constant queries to AMSI providers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the key feature to use in Process Monitor in order to make sense of what’s going on?

A

use filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the 4 different activities that can be set to be displayed in Process Monitor?

A
  1. registry activity
  2. file system activity
  3. network activity
  4. process and thread activity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly