Wednesday 12 October 2016

Can Process Explorer stop malware infections -- not just detect them?

Sysinternals’ Process Explorer has always been used to detect malware infections, but that’s just the start of its advantages. Just running the program in the background might stop some threats installing in the first place. This works because some malware tries to detect when it’s being watched. If it spots common monitoring tools running in the background it won’t drop the payload, making you think there’s nothing to worry about, and keeping the main package hidden just a little longer. PaFish for Office Macro is an Office document which collects together some of these anti-forensic tricks. Your antivirus software might… [Continue Reading]

Read the full article here by Betanews

No comments: