There are instances when windows task manager/ Process Explorer is disabled by malware infections and the malware doesn't allow you to enable it. In such a case there is an alternative to windows task manager or process explorer named TaskManager.xls.
As the name suggests it is a Excel/VBA and can be run on any windows operating system. It can list the running processes; and terminate, suspend or resume selected processes.
It will also come in handy when fixing an infected machine, where the malware prevents one from launching Task Manager or Process Explorer.
Push button “List processes” to list all processes:
Here’s how you would use it to disable malware. List processes, identify malicious processes, type command s (suspend) in column Command for the malicious processes you want to disable. Push button “Execute commands”, this will suspend the selected processes.
Now terminate them with the t command:
Doing this in 2 steps (suspend and terminate) in stead of just terminating, is more suited for multi-process malware that monitors itself.
Download TaskManager.xls
Thanks to Didier Stevens
As the name suggests it is a Excel/VBA and can be run on any windows operating system. It can list the running processes; and terminate, suspend or resume selected processes.
It will also come in handy when fixing an infected machine, where the malware prevents one from launching Task Manager or Process Explorer.
Push button “List processes” to list all processes:
Doing this in 2 steps (suspend and terminate) in stead of just terminating, is more suited for multi-process malware that monitors itself.
Download TaskManager.xls
Thanks to Didier Stevens
No comments:
Post a Comment