In this episode of "How to Tell If Your PC is Hacked," we're diving into one of the most advanced forensic tools available. Similar to Process Explorer and Autoruns, this tool is part of the Microsoft Sysinternals Suite, which you can download from learn.microsoft.com. It's completely portable, requiring no installation. Once opened, you'll see a filter window—just hit "OK" for now. Immediately, you'll notice a flood of information on the screen. This tool shows real-time system activity, including every registry query, file change, and more. To stop the flow, turn off auto-scroll, which pauses the live updates while still collecting events. This feature is crucial for creating a detailed forensic log. Our current system is infected, compromised by multiple crypto miners. It's so hijacked that even downloading antivirus software results in a fake antivirus taking control. I'll demonstrate how to identify such behavior using Proces
In this episode of "How to Tell If Your PC is Hacked," we're diving into one of the most advanced forensic tools available. Similar to Process Explorer and Autoruns, this tool is part of the Microsoft Sysinternals Suite, which you can download from learn.microsoft.com. It's completely portable, requiring no installation. Once opened, you'll see a filter window—just hit "OK" for now. Immediately, you'll notice a flood of information on the screen. This tool shows real-time system activity, including every registry query, file change, and more. To stop the flow, turn off auto-scroll, which pauses the live updates while still collecting events. This feature is crucial for creating a detailed forensic log. Our current system is infected, compromised by multiple crypto miners. It's so hijacked that even downloading antivirus software results in a fake antivirus taking control. I'll demonstrate how to identify such behavior using Proces
No comments