Security Task Manager

Security Task Manager is a desktop application, produced by Neuber Software GmbH, based in Halle, Germany. It detects all tasks/processes running on the computer and displays their ranking according to their security risk rating. The user will at a glance see detailed report on each task/process and quarantine or remove spyware, malware, keyloggers, and Trojans. Along with the rating, the program shows other details including file path, file description, CPU usage graph, hidden functions, process type and more. Once a highly rated process is detected, the user can quarantine it by moving it to the isolated folder and deleting corresponding Autostart keys in the Windows Registry. The full version of Security Task Manager also features SpyProtector add-on tool that will help the user delete traces of Internet and computer activity and disable keyboard/mouse surveillance software. The program warns the user when the Autostart key in the Windows Registry is modified.

Security Task Manager was selected as Top Download Picks of 2005 by the Washington Post and PC World.

Security Task Manager is also mentioned in a book: "Malware Forensics: Investigating and Analyzing Malicious Code" and several security related sites


Download Security Task Manager

Read more »

Process Monitor

Process Monitor is a free tool from Windows Sysinternals, part of the Microsoft TechNet website. The tool, as an alternative to Windows Task Manager, monitors and displays in real-time all file system activity on a Microsoft Windows operating system. It combines two older tools, FileMon and RegMon and is used in system administration, computer forensics, and application debugging.

Process Monitor monitors and records all actions attempted against the Microsoft Windows Registry. Process Monitor can be used to detect failed attempts to read and write registry keys. It also allows for filtering on specific keys, processes, process IDs, and values. In addition it shows how applications use files and DLLs, detects some critical errors in system files and more.


Download Process Monitor

Read more »

ProcessKO

Creating "Dearest-KO's" for fast killing processes or programs and save time.

ProcessKO is for professionals and experienced users, with very good PC know-how (knowledge) ! ProcessKO is a small useful tool to quickly kill a running or hanging process / program. It is not uncommon among developers or program-testers that the programs do not function properly or that you can not even close the programs (using the Taskmanager) usually its always the same candidates.

Creating "Dearest-KO's" for fast killing processes or programs! One knows this problem, especilly as developers / betatester: When a program freezes,than you call the task manager CTRL+ALT+DEL , and find that frozen program then you have to find and select the option "End Process", and finally you have to confirm the message, "Are you sure you want to terminate the process" with "yes". One can save many hand moves and also time ! Now it's easier then ever!...

Using this application, you will be able to manage all the running processes faster than ever! ProcessKO does not have to be installed and can be executed easily from the desktop. It's one smal / portable utility for Windows PC-s and is a small usb-stick friend.


Download ProcessKO

Read more »

Process Explorer

Displays information regarding handles and DLLs processes that have opened or loaded

The Process Explorer application was developed to be an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more.

When you zoom in on a particular process you can list the DLLs it has loaded or the operating system resource handles it has open. A search capability enables you to track down a process that has a resource opened, such as a file, directory or Registry key, or to view the list of processes that have a DLL loaded.

The Process Explorer display consists of two sub-windows. The top always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window, which you can close, depends on the mode that Process Explorer is in: if it is in handle mode you will see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you will see the DLLs and memory-mapped files that the process has loaded.

Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded. The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.

Command-Line Usage:
Process Explorer takes two options that modify its behavior:

/e
Prompt for UAC elevation to restart with administrative rights if launched without administrative rights.

/s:
Select the process having the specified process ID after starting.

/t
Start Process Explorer minimized in the tray.

/p:[r|h|n|l]
Set Process Explorer's priority to realtime (r), high (h), normal (n), or low (l).

Download Process Explorer

Read more »

HijackThis

HijackThis (HJT) is a freeware enumerating tool for Microsoft Windows originally created by Merijn Bellekom, and later sold to Trend Micro. The program is notable for targeting browser-hijacking methods, rather than relying on a database of known spyware. It scans a user's computer quickly, and displays browser hijacking locations, showing what entries are there. HijackThis is used primarily for diagnosis of browser hijacking, as uninformed use of its removal facilities can cause significant software damage to a computer. HijackThis does not remove or detect spyware; it lists most common locations where browser hijacking activity can occur. Browser hijacking can cause malware to be installed on a computer.


Download HijackThis

Read more »

Killbox

Use Pocket Killbox to erase programs that Windows Explorer doesn't allow you to remove

Pocket Killbox deletes files that cannot be erased from Windows Explorer.
Get rid of files that stubbornly refuse to allow you to delete them.

Usage Information:

Download this file, extract it, and run the killbox.exe file. When it loads type the full path to the file you would like to delete in the field and press the Delete File button (looks like a red circle with a white X).

It will prompt you to reboot, allow it to do so, and hopefully your file will now be deleted.

Download Killbox

Read more »

IceSword (Rootkit Indentification Software)

IceSword - A very useful rootkit scanner and system information utility

IceSword is a very powerful software application that will scan your computer for rootkits.

IceSword also displays all the hidden processes and resources of your system that you would never find in any other Windows Explorer like program.

IceSword will protect your computer against rootkits and won't allow them to infect your system.

Due to the great amount of information presented in the application, you can easily realize that IceSword was designed for more advanced users and advanced rootkit removal.


Download IceSword

Read more »