|I agree with ijack. Understandably, some users need elevated privileges to install software to enable them to do their jobs. However, they should also be accountable for any software they install. An acceptable use policy could at the very least state that specified types of programs are not permitted. That of course is a management issue....|
If you're looking for free monitoring software, I don't have any recommendations. But, a good Enterprise solution is Fireeye.
However, what's the point of monitoring if there is no policy/accountability for downloading malicious code? Just something to think about.
Do you have any Enterprise anti-virus or anti-malware software running on your network? That would be a good place to start. At least known code would be blocked when users try to install malicious programs.