Intel Name: File deleted via sysinternals sdelete
Date of Scan: March 3, 2025
Impact: Medium
Summary: “File Deleted via Sysinternals SDelete” refers to the process of detecting file deletions made by the Sysinternals SDelete utility. SDelete securely deletes files by overwriting them, often renaming files with a common pattern before deletion. Detection methods monitor for this renaming pattern to identify when a file is securely deleted using SDelete.
