![]() Question: Is this machine in a business-network or home-network type setting? The "intrusion prevention" csv file seems to list events of Monero mining activities. I have a hard time enlarging / try to read the image you provided above. This may help us further down the line if another occurrence re-occurs in future. "hklm\software\microsoft\windows\currentversion\policies\system\audit" You can verify that by checking whether this reg Key I am understanding that the audit policy is set to include "process command line".
0 Comments
Leave a Reply. |