We're looking for sponsors, read more»

WriteProcessMemory Monitor v1.5

Windows OS utility designed solely to monitor processes in the system that write to other process’ virtual address spaces. Malware often uses such techniques in order to write payload stubs to a foreign process to hook an API, load a malware DLL etc. ntdll!NtWriteVirtualMemory is hooked in order to achieve the desired logging functionality in usermode. We have created WPMSvc, a service-only version.

For Windows XP, Vista, 7, 8, 10 (32\64-bit)

app screenshot

GUI Application

This is a software application with a simple graphical user interface (GUI).

WriteProcessMemory

Effectively monitor all WriteProcessMemory API operations in the system.

Ignore System Processes

Ignore logging of WriteProcessMemory API calls from system processes.

Export Logs Data

You can easily export the logged data to a text file via the Export button.

Very Lightweight

The service-application uses only a few MBs of memory, you will not even notice it.

No Spyware\Adware

The program is free from spyware, adware or other pests, nothing extra is installed.


Application Screenshots

Here there are some screenshots of the application.

app screen
arrow
arrow

Product Details

Version 1.5
Last Updated December 23, 2015
Operating System For Windows XP, Vista, 7, 8, 10 (32\64-bit)
Category Malware Analysis Tools
License Type Freeware
File Size 1.4 MB