Process Explorer – Useful options while searching for virus samples.

Process Explorer highlights packed processes with purple (violet) color. Note: very often the packed processes are malicious. Check for file/process signature. Process Explorer has an option called “Verify Image Signatures“. This option automatically checks the CRL (Certificate Revocation List) of the file’s signature. It allows verifying whether that file is valid and if it has […]