Using Process Monitor Flashcards
1
Q
How to prevent/allow Process Monitor to automatically scroll down displaying the activity in real time?
A
activate/deactive Autoscroll with CTRL+A
2
Q
How can you spot that a malware is trying to detect and terminate any possible antivirus software?
A
constant queries to AMSI providers
3
Q
What is the key feature to use in Process Monitor in order to make sense of what’s going on?
A
use filtering
4
Q
What are the 4 different activities that can be set to be displayed in Process Monitor?
A
- registry activity
- file system activity
- network activity
- process and thread activity