摘要 |
<p>A system, method and program product for detecting presence of malicious software running on a computer system. The method includes locally querying the system to generate a local invento-ry of tasks and network services running on the system for detecting presence of malicious software running on the system and remotely querying the system from a remote system via a network to generate a remote inventory of tasks and network services running on the system for detecting presence of malicious software running on the system, where the local inventory enumerates ports in use on the system and where the remote inventory enumerates ports in use on the system. Fur-ther, the method includes collecting the local inventory and the remote inventory and comparing the local inventory with the remote inventory to identify any discrepancies between the local and the remote invento-ries for detecting presence of malicious software running on the system.</p> |