|
The hyena might find success in Washington D.C.
|
|
|
|
|
The hyena has a remarkable resemblance to Trump!
Marc
|
|
|
|
|
In The Zone[^], by Richard Elliott
Yeah, it's elevator music. So?
Software Zen: delete this;
|
|
|
|
|
Quote: This video is not available.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Hmm. Not to quote a line, but it works at my desk. Try this[^] instead.
Software Zen: delete this;
|
|
|
|
|
Richard Deeming wrote: This video is not available. Consider yourself lucky.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
Gary Wheeler wrote: So?
So, I don't live, work, or otherwise exist in an elevator? I go out of my way to avoid elevators at least in part because of elevator music (plus the stairs are always healthier and usually quicker anyway!) There are clubs for people who like muzak. Please take it there!
I am not a number. I am a ... no, wait!
|
|
|
|
|
I just found out about this and thought it was very cool.
Edit: fixed link
If you get the latest version of the free SysInternals tool Process Explorer[^], you can easily scan your running processes using VirusTotal.com (which checks against 57 different virus scanner's definitions).
It's super fast and very cool.
Unfortunately, I can't paste images in here to show you but here are steps to using it shown in the following linked images.
1. Start up ProcessExplorer
2. Start the virustotal.com scan of running processes:
http://raddev.us/images/sysinternals/procexp3.png[^]
You'll see ProcExp examining all the hashes of the running procs:
http://raddev.us/images/sysinternals/procexp1.png[^]
Finally, you'll see the results.
0/57 means none of the 57 virus checkers saw any problem.
You can see that one virus scanner thought my notepad++ was possibly malicious.
If you click the link it'll take you to virustotal.com so you can examine more info.
http://raddev.us/images/sysinternals/procexp2.png[^]
Check it out, I think you'll like it.
Disclaimer: I am not affiliated with sysinternals at all. I wish I was.
modified 26-Feb-16 11:18am.
|
|
|
|
|
|
|
When something is reported it is too late because the malicious code is already running and the system is compromised.
So it is a good feature for a quick check but you would know that a lot of work is ahead when something is reported.
But more important, there is malicious code meanwhile that can detect the virustotal requests.
|
|
|
|
|
Jochen Arndt wrote: When something is reported it is too late
You are right about that.
I just know that at times my various machines (laptops, desktops, etc) become extremely slow due to I/O and I wonder what it is. I was using this for that and to determine that something malicious isn't running at present time.
Of course, the answer to the killer I/O is always due to Microsoft updates.
Jochen Arndt wrote: there is malicious code meanwhile that can detect the virustotal requests
That is extremely interesting and terrible!!!
|
|
|
|
|
raddevus wrote: extremely interesting and terrible
What's really interesting and terrible is the quality of the coders that produce this crap. They are extremely good, some of them - it takes real work to avoid or bypass some of the security. If they put their effort into "legitimate" activities, they'd probably make more money, and the whole world would be a happier place.
I don't understand the mindset that writes this stuff, really I don't.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
|
OriginalGriff wrote: I don't understand the mindset that writes this stuff, really I don't
Code that can successfully exploit previously unknown/undisclosed flaws can sell for serious money. I'm sure you can understand that mindset.
|
|
|
|
|
Thanks for sharing! I used ProcMon just the other day to find missing dlls in a new installer. What a great and useful tool! I'm sure this one is awesome too.
"Go forth into the source" - Neal Morse
|
|
|
|
|
kmoorevs wrote: What a great and useful tool
The same can be said about pretty much anything from Sysinternals and Mark Russinovich in general.
|
|
|
|
|
I have been using the virus-scanner part of process explorer for awhile. I troubleshoot PCs at my work and this has been a valuable tool... one of my favorites.
It's interesting how some virus scanners detect things differently. Just because one or two detect it as a hit does not mean its infected but does give an idea of how suspect the file is.
Nice idea to share this on codeproject!
|
|
|
|
|
That's good additional information.
Thanks for chiming in.
|
|
|
|
|
Is elevator sex wrong on so many levels?
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
Only if you push all of her buttons!
Hogan
|
|
|
|
|
Going down...
“That which can be asserted without evidence, can be dismissed without evidence.”
― Christopher Hitchens
|
|
|
|
|
Nope, it would lift my spirits!
"the debugger doesn't tell me anything because this code compiles just fine" - random QA comment
"Facebook is where you tell lies to your friends. Twitter is where you tell the truth to strangers." - chriselst
"I don't drink any more... then again, I don't drink any less." - Mike Mullikins uncle
|
|
|
|
|
Aye. And it would push my buttons.
/ravi
|
|
|
|
|
Gives new meaning to 'getting the shaft'.
"the debugger doesn't tell me anything because this code compiles just fine" - random QA comment
"Facebook is where you tell lies to your friends. Twitter is where you tell the truth to strangers." - chriselst
"I don't drink any more... then again, I don't drink any less." - Mike Mullikins uncle
|
|
|
|