When a computer system becomes infested with malware, it can sometimes be frustrating to find where it is running on the system. While most of us will fire up task manager, you may be surprised that you cannot see the malware process running on your system. Malware authors are very clever at how they will infect your system and can hide their process from the eyes of many unknowing professionals. While antivirus companies work tirelessly to identify and eliminate new strands of malware, it is often that new strands can slip by your protection unnoticed. Today, I will introduce you to 5 free software utilities that can help you manage your systems and keep them virus free.
1. PC Hunter:
PC Hunter(once called XueTr) is a powerful anti-rootkit utility that gives an administrative user complete access to every process running on your machine. It uses a simple color coding scheme to tell you the potential threat that a given process has to your machine. System files that ship with microsoft are color coded in black, third party applications are colored blue, and suspicious or hidden processes are colored red. This application gives you uncontrolled power to kill any process and delete the file afterwards. It will also let you examine another process for suspicious hooks from other processes an even monitor network connections. It has a built in registry editor and file manager. If you are uncertain about a process, it gives you the ability to search the name in the right click menu. This tool is unparalleled in flexibility, but be careful. It can be quite disastrous and unforgiving if you delete a system file or startup entry.
Homepage:
http://www.bbs.epoolsoft.com/forum.php?mod=viewthread&tid=36&extra=page%3D1
Download:
http://down.epoolsoft.com/pchunter/PCHunter_free.zip
2. PowerTool
PowerTool is a tool very similar to PC Hunter. Aside from letting you see all of the processes on your computer, it will perform a scan to determine if any of your driver processes have been modified or infected or if any of your shortcuts are rogue. Unlike PC Hunter, this tool is completely open source.
Homepage:
https://code.google.com/p/powertool-google/
Downloads:
x86: https://powertool-google.googlecode.com/files/PowerTool%20V4.5%28en%29.zip
x64: https://powertool-google.googlecode.com/files/PowerTool%20x64%20V1.3%20%28en%29.zip
3: System Explorer
System Explorer is a powerful system analysis software that allows you to explore, examine, and modify the processes, services, drivers, connections, and autoruns on your system. You can use this to perform a complete system analysis using their massive online database to determine if there is anything suspicious is running on your system. This is practically an all in one tool for system administrators.
Homepage:
http://systemexplorer.net/
Download:
http://systemexplorer.net/download.php
4. Emisoft Hijackfree:
HijackFree is part of Emisoft's Free Emergency Kit. It allows you to examine processes and view autoruns which are not always listed in other programs.
Homepage:
http://www.emsisoft.org/en/software/eek/
Download:
http://dl.emsisoft.com/EmsisoftHiJackFreeSetup.exe
5. Autoruns:
Autoruns is a utility from Windows Sysinternals that allows you to see every autorun entry which starts with windows. If you have had problems finding a virus through these other tools, you may be able to eliminate it by finding the correct autorun. From scheduled events to programs which start up with windows, autoruns has it all.
Homepage:
https://technet.microsoft.com/en-us/sysinternals/bb963902
Download:
https://download.sysinternals.com/files/Autoruns.zip
1. PC Hunter:
PC Hunter(once called XueTr) is a powerful anti-rootkit utility that gives an administrative user complete access to every process running on your machine. It uses a simple color coding scheme to tell you the potential threat that a given process has to your machine. System files that ship with microsoft are color coded in black, third party applications are colored blue, and suspicious or hidden processes are colored red. This application gives you uncontrolled power to kill any process and delete the file afterwards. It will also let you examine another process for suspicious hooks from other processes an even monitor network connections. It has a built in registry editor and file manager. If you are uncertain about a process, it gives you the ability to search the name in the right click menu. This tool is unparalleled in flexibility, but be careful. It can be quite disastrous and unforgiving if you delete a system file or startup entry.
Homepage:
http://www.bbs.epoolsoft.com/forum.php?mod=viewthread&tid=36&extra=page%3D1
Download:
http://down.epoolsoft.com/pchunter/PCHunter_free.zip
2. PowerTool
PowerTool is a tool very similar to PC Hunter. Aside from letting you see all of the processes on your computer, it will perform a scan to determine if any of your driver processes have been modified or infected or if any of your shortcuts are rogue. Unlike PC Hunter, this tool is completely open source.
Homepage:
https://code.google.com/p/powertool-google/
Downloads:
x86: https://powertool-google.googlecode.com/files/PowerTool%20V4.5%28en%29.zip
x64: https://powertool-google.googlecode.com/files/PowerTool%20x64%20V1.3%20%28en%29.zip
3: System Explorer
System Explorer is a powerful system analysis software that allows you to explore, examine, and modify the processes, services, drivers, connections, and autoruns on your system. You can use this to perform a complete system analysis using their massive online database to determine if there is anything suspicious is running on your system. This is practically an all in one tool for system administrators.
Homepage:
http://systemexplorer.net/
Download:
http://systemexplorer.net/download.php
4. Emisoft Hijackfree:
HijackFree is part of Emisoft's Free Emergency Kit. It allows you to examine processes and view autoruns which are not always listed in other programs.
Homepage:
http://www.emsisoft.org/en/software/eek/
Download:
http://dl.emsisoft.com/EmsisoftHiJackFreeSetup.exe
5. Autoruns:
Autoruns is a utility from Windows Sysinternals that allows you to see every autorun entry which starts with windows. If you have had problems finding a virus through these other tools, you may be able to eliminate it by finding the correct autorun. From scheduled events to programs which start up with windows, autoruns has it all.
Homepage:
https://technet.microsoft.com/en-us/sysinternals/bb963902
Download:
https://download.sysinternals.com/files/Autoruns.zip
No comments:
Post a Comment