Answer the question
In order to leave comments, you need to log in
Will spyware help identify suspicious events?
Are there any programs that will monitor everything that happens on the PC for the possibility of virus detection and remote access? Is there something similar?
Answer the question
In order to leave comments, you need to log in
yes, it's called an antivirus,
but unfortunately, for the most part it's a placebo, and they discover new malware belatedly
. you need to immediately understand that they are not capable of catching everything and often give a false positive
ps for a controlled environment, often for a corporate one, when the software and capabilities are limited, control is possible, incl. behind the flow of data, to track leaks, in this case, any data that the system cannot recognize is considered malicious and blocked
Yes, they will help.
Yes, I have. For example , A.V.Z.
PS "Spyware" is something that spies, not the other way around. So the question sounds strange.
Open source firewall - simplewall https://github.com/henrypp/simplewall
Proprietary firewall + proactive defense - Outpost Firewall Pro - the company no longer exists, the site too. But on the Internet you can find a program,
md5: 7d71afad4f690839840122fab5288d5c - https://www.virustotal.com/gui/file/fe14af00387527...
There are many other executables, but they have different hashes, with later checks for virustotal and possibly with gluing.
The advantage of proactive defense is that it intercepts all windows events/calls. For example, a program tries to write a file to disk, access the registry, inject itself into another process, etc. - a warning will be issued or blocked, as you configure.
For trusted programs, you allow the necessary actions, for all others you block. Lots of settings.
That is, you can even block the actions of not only a malicious program, but even a good program, simply because you want to.
There is, but usually it is more serious software than is installed on one specific computer, the type is called IDS / IPS or Intrusion Detection / Prevention systems. For an ordinary computer, an antivirus with additional functions, such as internet security, is enough.
There is.
Clouds, neural networks, etc.
For example, a variant from MS - https://habr.com/ru/company/microsoft/blog/321698/
It does not work on specific signatures, but analyzes suspicious behavior.
Their usual Windows Defender, which is included in Windows 10, also has a cloud detection module.
thanks everyone for the answer, I learned about the windows event log
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question