Process Explorer, a part of the Microsoft’s Sysinternals suite of applications is an alternate task manager for Windows, which offers far more features than 'on-board'.
Microsoft’s Windows Sysinternal Suite has released the latest version of Process Explorer v16.0 that has an awesome feature which allows a user to scan any running program files with a web-based multi-antivirus scanner VirusTotal.
Process Explorer sends the hashes of images and files shown in the process and DLL views toVirusTotal, and if they have been previously scanned, it reports how many antivirus engines identified them as possibly malicious.
This new version of 'Process Explorer' is better than ever before, and is quite fast that allows you to find unwanted malware immediately and respective hyper-linked result takes you to VirusTotal.com's detailed report page and there you can even submit more files for scanning.
Whenever your system starts doing sluggish behavior, you try to find out what all the processes are running and what their state is, or any deadlock has occurred?
Process Explorer shows information about handles and DLLs of running processes. This tool has a powerful search capability that quickly shows you which processes have particular handles opened or DLLs loaded.
The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.
Now you can use VirusTotal to scan the file of a running process on your computer, and to do that you can right-click on the file and select ‘Check VirusTotal’.
With increase in cyber-attacks, job of keeping the antivirus database updated with malicious signature has become very cumbersome. VirusTotal was acquired by Google, provides unbiased service and has real time updates of virus signatures and blacklists.
Both VirusTotal and the Sysinternals tools are great examples of the wealth of first-rate free tools available to IT and developers. Microsoft's collaboration with VirusTotal service is a great initiative to increase the security of windows users. You can download Process Explorer v16.0 here.
0 comments: