Adlice PEViewer is an analysis tool for portable executable files, displaying the internal structure of the adjacent process or the file itself, as stored on the hard disk. In other words, it provides users with a powerful parsing tool for executable files, in an attempt to help them detect potentially dangerous activity on the system.

Used together with RogueKiller, Adlice PEViewer can become a redoubtable weapon in the fight against malicious processes and files that can end up harming the host system. Unlike RogueKiller, Adlice PEViewer is not designed to automatically target and terminate suspicious processes, but it succeeds in providing a complete overview on any running application.

Adlice PEViewer can automatically load the list of running processes, but it can also be used to inspect the structure of a file located anywhere on the hard drive. Be it a process or an EXE file, the input is parsed in seconds.

As for the actual information that Adlice PEViewer retrieves, the list comprises general details regarding the process (PID, creation time, architecture), hash codes, the file location and its digital signature, file properties and the compiler that was used to create it, alongside the latest known VirusTotal scanning results and statistics.

Additionally, it shows addresses in the memory of the selected process and analyzes its hex code, PE headers, sections, imports, and exports, while also offering an insight of the disassembly data. Furthermore, it extracts the PE resources, parsing images, icons, bitmaps, dialogs, strings, versions, and manifest data, and displays it all in a user-friendly manner.

Adlice PEViewer offers a simple means of finding out what is running on the local computer and detecting malicious processes. It is capable of analyzing processes in detail, showing you the internal structure of a PE file and allowing the user to decide whether it is safe or it should be terminated immediately.