Inspect cached DNS requests for any suspicious activity

You can dump the cached DNS requests and examine each entry for any strange or suspicious request. All you need is the cmd.exe and ipconfig.exe.

ipconfig /displaydns > output.txt
%d bloggers like this: