THE MONITORING OF OPERATING SYSTEM AS THE MEANS OF THE INFORMATION PROTECTION

The article considers one of the methods of information protection on the computer – monitoring of the operating system. Malicious software for computers are numerous, they are constantly updated and new programs with new principles of malicious work appear. Therefore, the use of antivirus and anti-spyware is often ineffective, as they work on the principle of signature search (sample search) and therefore cannot detect new varieties of malware. The solution to this problem is the use of various utilities (service programs) for monitoring (research) of the operating system installed on the computer. The article describes in detail the utilities for monitoring the operating system installed on the PC. This is a monitoring utility of the operating system: File Monitor (monitoring file operations), which allows you to monitor all file operations in real time; Registry Monitor (monitoring registry operations); TCP View (monitoring network activity)a feature of which is the binding of the listening port or open connection to the process that uses it; the auto run application control utility Auto Runs, which analyzes dozens of different autorun methods, including classic autorun methods, extensions of different types of explorer, scheduler jobs, services and drivers, print library and providers; Process Explorer utility, which allows you to change the priority of the process, stop the process and all its threads, force the process to end.