Search CFJ

Lijit Search

December 21, 2007

Replace your Task Manager: System Explorer 1.2.1.540

Posted by Rob Dunn at Friday, December 21, 2007 Tags: ,
System Explorer 1.2.1.540
http://systemexplorer.mistergroup.org/

The overall gist of this program is that you can identify any process that is running on your system, whether it be by a Google search, by checking it's MD5 hash, or where it is being referenced from in your system registry (as an example). There are just so many features to this program, I'm pretty sure that I can't list them all.

It seems to be a nice Task Manager and Process Explorer (System Internals/Microsoft) all wrapped into a single executable.

Tabs, tabs, tabs...

There are an impressive number of tabs that you can explore:
  • Processes - like Task Manager, you can end tasks, but unlike TM, you can also look up info re: each process via Google, ProcessLibrary.com, or VirusTotal.com, which analyzes the file for viruses. You can also get advanced file info like MD5 hash, created/modified date, etc. Finally, you can also see what DLLs or OCXs the exe has latched onto while running.
  • Performance - Again, somewhat similar to the TM, you can see a graphical indicator of your system memory and processor. However, you get quite a bit more info here as well (get used to this), such as the highest processor/memory using exe, I/O reads and page faults.
  • History - While you have System Explorer running, it will keep track of what processes have been created and deleted. Interesting if you are tracking down a suspicious process. You can also take snapshots of the events so you can look at them later, perhaps during a virus infection!
  • Windows - This shows all processes that are associated with open Windows, kind of like the 'Applications' tab in Task Manager.
  • Startup - Just like it sounds, this tab allows you view what items are running at Windows startup. Again, you can right-click on each entry and delete them, track them down in the registry, or look up additional information on the 'Net.
  • Explorer - I'm not too sure of this one, but I think it is a listing of all shell extensions, DLL's etc. that are loaded with Explorer.
  • IE Addons - This is a listing of IE Browser Helper Objects, toolbars, and extensions that are currently installed. This can also be helpful to isolate browser-based hijacks.
  • Uninstallers - This tab entry enumerates all found uninstallers (presumably by looking at the Uninstall key in the registry). Nifty that it is included here.
  • Services - Shows you a list of all installed services, and allows you to right-click and drill down to where they reside in your registry. Also shows you the running or stopped status. You can start/stop or delete a service from here as well.
  • Drivers - Shows a list of all installed drivers - again, giving you the ability to delete or look up info on anything here.
  • Connections - Just like the command-line tool netstat, you can view any open TCP connection, showing the destination host, the protocol type, what PID it is attached to, and what the status of the connection is (ex. Listening/Established/Close_wait, etc.).
  • Opened Files - A complete listing of any open files on the system, and what processes are attached to them...you'll see lots of entries for logfiles here at any given time.
There is a pane that you can hide/show that displays some quick information about the executable you clicked on in the listing above. You can also drag & drop any executable on this pane...nice!

Quick access to Windows utilities

In addition to all of this, the menu bar offers some quick links to handy utilities such as:
  • Windows Task Manager
  • Disk Defragmenter
  • Computer Management
  • Group Policy Management
  • Performance Monitor
  • Local Security Settings
  • Services Management
You can also use the menu-bar to shut down the system, log off, run a new task, or export a listing to a file. Another cool feature that is included is the ability to hide Microsoft-signed entries, which will show you just the stuff that isn't part of the operating system.

Finally, if this is enough to convince you to use this as a Task Manager replacement, you can use System Explorer's built-in menu option to replace it when you hit [ctrl]+[alt]+[del].

Likes
  • Tabs (the number is astounding!)
  • Familiar interface (akin to Task Manager)
  • Ability to replace Task Manager
  • Handy access to Windows utilities and Uninstall information
  • Portable version is also available
Dislikes
  • No documentation or help file! - (major)
  • Would like to see [alt]+[e] functionality to end a task (like task manager), instead of just [del] - (minor)
Give System Explorer a look - you can view the forums here.
Share | Spice IT

1 comments:

SRLaFleur said...

Max, your one in a Millian !

I feel like I've just left the Stone Age and entered the Age of Enlightenment.

I don't know what half this stuff is but good visualization can sure make the intuitive process go allot quicker.

As an old NetComm Lab Rat, I can sure appreciate a Superior monitoring tool.

Thanks Man!!

December 23, 2007 8:40 PM

Post a Comment

Subscribe to: Post Comments (Atom)