Process Explorer

This tool for Microsoft Windows gives the user some very important information regarding running processes. It displays a very detailed (and real-time) list of files/directories accessed by a running program. This includes loaded DLLs and file system handles opened or closed during execution.

The security benefits of this tool are based around detection and troubleshooting. It is common for malware to inject DLLs into running processes. With this tool, such a compromise could be easy to detect or track down.

In addition to individual process information, Process Explorer also reports overall system information– memory usage, processor usage, physical memory activity, etc. In many ways, it is like an improved version of Windows Task Manager. It’s relatively small in size, and is run as a stand-alone program (no installation necessary). This makes it ideal for including in one’s security tool set.

Direct Download: http://download.sysinternals.com/Files/ProcessExplorer.zip

Each Thursday, Security Musings features a security-related technology or tool. Featured items do not imply a recommendation by Gemini Security Solutions. For more information about how Gemini Security Solutions can help you solve your security issues, contact us!