Free Microsoft utility reports signs of malware infections




Microsoft has launched a free tool that changes in the system reports that could indicate a malware infection. Notes the tool, Sysmon the executables when the processes are adjusted.

Microsoft The free download tool is part of the SysInternals suite from Microsoft. Sysmon start early in the boot process, so that the tool is most likely to detect. Malware infections Unlike antivirus Sysmon not looking for certain signs to notice infections but the tool reports the instance when the executable of a process is modified.

Sysmon also reports it when the creation date of a file is modified. According to Microsoft, this is a tactic that is commonly used to erase his tracks. Malware Optionally Sysmon can also track all network connections, but that option is disabled by default. Incidentally Sysmon can only bring to light infections that occur after the software is installed.

Sysmon runs as a Windows service and reports to the Windows event log. Windows Vista and later are supported by the tool. The SysInternals suite also contains other useful tools for sysadmins, such as a tool to capture all network traffic and analyzing tools to keep. All activity on the file system at


In: Technology & Gadgets Asked By: [15519 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »