PeStudio – A Utility That Checks On Various Applications Running
There are various tools available online that helps to identify and understand what malware is. The compatibility and portability of PeStudio do help to know the programs within seconds. Any application that seems suspicious could be avoided as they could be a great threat to your system.
The user interface available is very simple and the functions are properly displayed. Even in the absence of help menu available, you can still know the working of the application. The program can be used for verifying any type of application as it can support various formats such as exe, ax, sys, ocx, dll and others.
Information related to directories, symbols, libraries, DOS, debug or other information, strings, UPX information, resources etc are provided. Also, you could select the items that are displayed. You could even save into XML format, the reports given. Scanning of programs for any malware can be done too.
To make the process faster and easier, drag and drop option is added by the developer so that the programs can be added to the window and important information can be obtained. It is said that PeStudio does change the registry. It does create and change the files. It does start with child processes and does create interaction with Windows services. There is nothing suspicious about any of such things. You need to think if these are really required or not. If a program is regarded to be portable, but PeStudio does make the change to the registry. Then it such case, you might think why it is required. By clicking on Strings, various texts are displayed that are executable. Malware does hide these, but they are a lot of binary junk involved. But PeStudio does highlight the strings that are blacklisted, words that are common for malware.
To shorten up, PeStudio gives information that EasyDiskDriveRepair.exe could modify the registry, create and modify files, start other processes, run the scripts, work on Windows startup programs and even changes to the database is possible. To conclude, PeSTudio is regarded as one of the best tools that is used to inspect various programs on a go. It is very easy to work and is light on the resources available.