I was reading this article DFIR-SVChost on computer forensics..
Do you have any go-to techniques for quickly verifying the legitimacy of svchost instances, such as checking file locations or employing additional tools?
I was reading this article DFIR-SVChost on computer forensics..
Do you have any go-to techniques for quickly verifying the legitimacy of svchost instances, such as checking file locations or employing additional tools?