Vikram's Web Archive

ProcX shows you which Windows services can be safely terminated – Download Squad

For information and usefulness – yes, Process Explorer has been, and still is the king. But since it is fairly popular now – and considered a windows api, smart rootkit writers can hide processes, dlls, etc from Process Explorer. Don’t believe me? You can go to www.rootkit.com and dl a sample of “vanquish” or “hacker defender”. Both can hide from Process Explorer – and Autoruns. A decent addition is: gmer.exe It is buggy, and your computer might crash using it – but it can see processes that Process Explorer can’t see (and kill them), remove drivers/services that Autoruns can’t. Plus it has a really nice logging function to see what goes on during bootup – what parent processes are creating child threads, etc. And if you boot up in “gmer safe mode” – it really is safe mode. Which then allows you to find, delete, remove, etc drivers/services/files that Unlocker and other utilities fail at.

Yes – the gui for it sucks, and the information you get on processes sucks compared to Process Explorer. But like I said, it is a worth addition to your tool kit.