Our site remains ad-free thanks to Linode. See if Linode works for you with $100 in credit. Accelerate innovation with simple, affordable, and accessible Linux cloud solutions and services. See why developers around the world trust Linode.
The post is not sponsored by the above affiliate and the content here is not representative of their company.
Process Monitor (TechNet ProcMon) is a great tool for figuring out what exactly a program is doing. Either it be seeing what files it’s writing, network activity, registry, or what have you. You can quickly look through the activity and know what’s doing.
Now, using this to determine if software is safe to run on a computer is risky. Process Monitor does not run the programs in a “Sand Box”, so if you do execute the possibly unsafe program, it can cause harm to your computer. But if you are doing research on specific malware or virus’s (risky), you can use Process Monitor to learn more about it, but don’t run it on your computer. At least run it in a virtual machine that you can easily wipe clean.