- Aug 30, 2012
- 6,598
CrowdInspect - portable tool that uses VirusTotal, Web of Trust and registry hashes malware (Malware Hash Registry) by Team Cymru to check for activity of malicious software in the system.
The program is free, very compact (size of the boot archive - just 237 kilobytes) and extremely easy to use. Just download , unzip and run the utility CrowdInspect and instantly detects all processes with open network connection. The table shows the name of the process, the number ID, connection type (TCP / UDP), local and remote ports, IP-addresses, etc.
Individual columns show the results of analysis of each process in VirusTotal (VT) and hashes registry malware (MHR). Two more columns «WOT» and «Inject» show potentially dangerous domains to be connected and detected by injection of code in the process (which may include the following malware), respectively.
If you need to know more information about a particular file, then CrowdInspect can put all the details on the VirusTotal analysis and system properties dialog. And if you are sure that the process is dangerous, you can immediately complete it.
Switch «Live / History» is very useful. Mode «Live» shows only active at a given time processes, while the «History» shows all processes that have worked since the start CrowdInspect. Thus the user sees what processes the network connection used for a particular period of time.
The solution has several drawbacks. In particular, CrowdInspect can detect malicious program only when it is connected to the network. And even after finding out you will need to use third-party anti-virus solution to remove the threat.
Homepage
The program is free, very compact (size of the boot archive - just 237 kilobytes) and extremely easy to use. Just download , unzip and run the utility CrowdInspect and instantly detects all processes with open network connection. The table shows the name of the process, the number ID, connection type (TCP / UDP), local and remote ports, IP-addresses, etc.
Individual columns show the results of analysis of each process in VirusTotal (VT) and hashes registry malware (MHR). Two more columns «WOT» and «Inject» show potentially dangerous domains to be connected and detected by injection of code in the process (which may include the following malware), respectively.
If you need to know more information about a particular file, then CrowdInspect can put all the details on the VirusTotal analysis and system properties dialog. And if you are sure that the process is dangerous, you can immediately complete it.
Switch «Live / History» is very useful. Mode «Live» shows only active at a given time processes, while the «History» shows all processes that have worked since the start CrowdInspect. Thus the user sees what processes the network connection used for a particular period of time.
The solution has several drawbacks. In particular, CrowdInspect can detect malicious program only when it is connected to the network. And even after finding out you will need to use third-party anti-virus solution to remove the threat.
Homepage
