PE Dropper Monitor
NoVirusThanks PE Dropper Monitor is a useful Windows OS utility designed to monitor and log files of executable nature (PE files) which are “dropped” onto the hard disk. When a PE file is dropped in the system, the application logs the following details: date/time, the process filename which is responsible for dropping the PE file, the filename of the dropped file and the type of dropped file (EXE, SYS, DLL etc).
PE files are detected by validating the PE structure of the file dropped in the system and not by simply checking the file extension. This assures a better result in detecting real PE files of type library (DLL), executable (EXE) and driver (SYS). The program hooks some Windows APIs in user-mode to catch the files created in the system.
NoVirusThanks PE Dropper Monitor is fully compatible with the following 32-bit and 64-bit Microsoft Windows Operating Systems: Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows Server 2012, Windows 7, Windows 8, Windows 8.1
|Category||Malware Analysis, System Utility|
|License Type||Commercial, Trial|
|Operating System||Windows All (32-bit / 64-bit)|