常用安全工具聚合帖[iApple]

iproffice

AutoRuns for Windows v8.61是Sysinternals的产品
Published: January 22, 2007

This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys. You can configure Autoruns to show other locations, including Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more. Autoruns goes way beyond the MSConfig utility bundled with Windows Me and XP.

Download Autoruns and Autorunsc (490 KB)

iproffice

Process Explorer for Windows v10.21
Published: November 1, 2006

Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.

The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.

The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.

Download Process Explorer (1.5 MB)

iproffice

Trend Micro™ HijackThis™

Trend Micro™ HijackThis™is a free utility that generates an in depth report of registry and file settings from your computer. HijackThis makes no separation between safe and unsafe settings in its scan results giving you the ability to selectively remove items from your machine. In addition to this scan and remove capability HijackThis comes with several tools useful in manually removing malware from a computer.

Download HijackThis Zip
Download HijackThis Executable

[ 本帖最后由 iproffice 于 2007-4-3 08:54 编辑 ]

iproffice

System Repair Engineer 2.4.12.806
发布日期：2007/03/10

         System Repair Engineer (SREng) 是一款计算机安全辅助和系统维护辅助软件。主要用于发现、发掘潜在的系统故障和大多数由于计算机病毒造成的破坏，并提供一系列的修改建议和自动修复方法。 该软件是由 KZTechs.COM 网站站长 Smallfrogs 开发的，能够运行在所有主流的 Windows 操作系统上。

System Repair Engineer 2.4.12.806
System Repair Engineer 2.4.12.806

iproffice

冰刃 IceSword 1.20 中文版 修正号061022

   IceSword是一斩断黑手的利刃(所以取这土名，有点搞e，呵呵)。它适用于Windows 2000/XP/2003操作系统，用于查探系统中的幕后黑手(木马后门)并作出处理，当然使用它需要用户有一些操作系统的知识。
    在对软件做讲解之前，首先说明第一注意事项 ：此程序运行时不要激活内核调试器(如softice)，否则系统可能即刻崩溃。另外使用前请保存好您的数据，以防万一未知的Bug带来损失。
    IceSword目前只为使用32位的x86兼容CPU的系统设计，另外运行IceSword需要管理员权限。
    如果您使用过老版本，请一定注意，使用新版本前要重新启动系统，不要交替使用二者。
    IceSword内部功能是十分强大的。可能您也用过很多类似功能的软件，比如一些进程工具、端口工具，但是现在的系统级后门功能越来越强，一般都可轻而易举地隐藏进程、端口、注册表、文件信息，一般的工具根本无法发现这些“幕后黑手”。IceSword使用大量新颖的内核技术，使得这些后门躲无所躲。

IceSword 1.20 中文版 修正号061022
IceSword 1.20 English Version
IceSword For Vista

[ 本帖最后由 iproffice 于 2007-4-3 09:58 编辑 ]

iproffice

Windows 进程管理器V4.00

??您是否想了解系统中的每个进程是做什么用的？您是否担心系统中潜伏着病毒或木马的危害？Windows 进程管理器可以帮助您清楚地了解系统中的进程信息，它强大的进程信息库收录了几乎全部的系统进程和许多常见应用软件进程，以及病毒和木马的进程……
??Windows 进程管理器除了提供进程查询功能外，还提供了强大的进程管理功能和系统监视功能。它一定是你了解、管理进程和维护系统安全与稳定的好帮手。

Windows 进程管理器V4.00
点击下载最新进程信息数据库 [2007-03-05]
(注：下载 db.rar 后请解压覆盖原 db.mdb)

iproffice

Process Viewer  for Windows 5.2.15.1

PrcView is a process viewer utility that displays detailed information about processes running under Windows. For each process it displays memory, threads and module usage. For each DLL  it shows full path and version information. PrcView comes with a command line version that allows you to write scripts to check if a process is running, kill it, etc.

Download free process viewer for Window NT/2000/XP and 95/98/Me (370K)
The command-line utility 5.2.2.1 that uses the same engine as the GUI version is available separately, follow this link to download it.
If you are looking for an older version,  follow this link to download PrcView 3.7.3.1

iproffice

Norton Process Viewer 5.2.11 Build 1

这是从 Norton Systemwork 2006 中提取出来的小巧的进程查看
器。即原来的PrcView，现被 Norton收购。此工具可以查看目前
系统中正在运行的所有进程。并且可以查看某个进程所调用的全
部模块、运行的全部线程、以及内存的使用情况，还能强行终止
进程的运行。

yama_14

好多啊，谢谢分享/:06

庄家

谢谢您了。。进程那个我收了！