Monitored Windows processes get killed at the moment after they are started instead of being blocked outright so that even a start is not possible anymore. A few small scripts can slip through at the moment because of this behavior as it takes some time to recognize a newly launched application and send the kill command to the computer system.

Process Blocker uses a simple text file that is placed in the same installation directory as the main application. This text file contains names of executables that are not allowed to be launched on a computer system. The program itself is added as a Windows Service to the system which has to be restarted after making changes to the text file.

Process Blocker will display a user notification in the Windows System Tray whenever a process has been blocked by the service. A similar application that provides a better user experience is the process manager Process Lasso. The developers of Process Blocker on the other hand are not even halfway through their roadmap. The next step will move the management of processes from the text file to a Group Policy administrative template. Other planned features are killing processes and applications using its crc (in case they get renamed) or full path, recording process errors and information in Windows Event log, allowing users to only run applications from specified folders (e.g. program files and Windows) and changing process killing to process execution prevention.

Related posts

• Windows Process Blocker SPKiller (1)
• Process Lasso a Process Manager (3)
• Windows Services Manager (3)
• Vista Services Optimizer (5)
• Security and Privacy Complete (2)

The basic actions that can be defined in the Windows application monitor are to close the application if the memory or cpu usage exceeds parameters, to start additional programs if the application starts or ends or to turn off the computer when it ends. The advanced rules are only available in the commercial version of the application monitor.

Kiwi will collect statistics about application usage and resource consumption. The Windows application monitor will for example dsiplay the average running time per day or session, the average memory usage and the maximum peak memory usage.

The last option that might be interesting for some users is to define minimum and maximum allowed working set in Megabytes. Kiwi uses just a few Megabytes of computer memory and about 30 Megabytes of virtual memory while minimized which should be acceptable for users who would like to monitor their applications and make use of the additional options of the program.

Related posts

• Grouped Access Tools (0)
• End multiple programs at once (6)
• Bill2’s Process Manager (3)
• Zip Repair (3)
• Zen Key An All Purpose Application Manager (3)

The main window of the Access Tools presents the running processes on the system. Information like memory usage, company and ID are presented in the interface which is automatically updated in real time. The lower pane contains an event viewer that displays events such as starting or closing processes. A click on a process displays additional information about that process such as its parent process or system path.

This is one of the areas that Process Explorer handles in a better way. The Sysinternal’s application displays all processes in a tree view with child processes beneath their parent’s processes which guarantees a better overview.

Grouped Access Tools would be nothing more than a better Windows Task Manager if that would be the complete functionality. Thankfully though it is not. A right-click on a process opens a quick access menu to functions like terminating, suspending, resuming or wiping the memory of the selected process.

It is a bit strange that not all of the functions are available in the right-click menu, especially those that open windows with extensive information about the selected process. More than half of the available functions are only accessible from the top menu.

The Process Information window for instance contains five tabs with extensive information about modules, threads, handles, file information and process information.

Grouped Access Tools comes with a memory dump and memory editing function which could be quite interesting for debugging purposes. Below is a list of features taken from the developer’s homepage which the Access Tools have that Process Explorer does not.

• Auto Filing/ Move on Boot
• Auto Processing
• Hidden Process Scanning
• Module (DLL) Termination
• Multiple methods of ending a process
• Multiselection and handling
• Process Logging
• Running programs in System Mode

Process Explorer on the other hand provides access to several tools that Grouped Access Tools provide only partially or not at all.

Grouped Access Tools runs on all Windows NT systems including Windows XP and Windows Vista. Provided are a portable version and a version that has to be installed.

Related posts

• Windows Application Monitor Kiwi (7)
• Windows System Explorer (6)
• What is connecting to the Internet (4)
• svchost Viewer (7)
• End multiple programs at once (6)

The process manager displays a list of processes currently running on the system. By default hidden processes are hidden but they can easily be revealed in the interface. A right-click provides several possibilities to interact with the process. It is possible to open the program directory, perform a Google search, to set the priority of the process, look at its properties and create a rule for it.

The rules are basically permanent changes to the process. Everyone can set a process priority in the task manager but those priorities are reset when the process is killed. With rules users can make those changes permanent as long as the process manager is running in the background.

Even more interesting is the fact that you can set process priorities for visible and minimized applications and set a cpu core affinity and that each instance of the process should be distributed to different cores. Another interesting aspect are the special actions. Those can be defined if a process is started, ended or idle. Actions include to launch another application, to restart the process, to kill it or to show a tooltip.

Related posts

• End multiple programs at once (6)
• Windows Application Monitor Kiwi (7)
• What is running on my system ? (0)
• Monitor CPU Core Temperatures (3)
• Automatically Adjust the Process Priority (4)

End it all is a program that lets you close all selected processes and programs except for several system processes and those that you have selected not to close. When you start End it all you get a view that resembles the Windows Task Manager. All open processes and applications are displayed. Icons define if a process will be closed or killed if you press the buttons that initiate that.

A right click on a process  makes it possible to change the behavior to allow that it can be closed and / or killed when the button is pressed. Some processes are locked and can’t be changed at all to ensure that Windows continues to work properly.

The yellow icon means that End it all can close or kill the process, a red icon indicates a protected process that cannot be killed or closed. The icon with the X and the green border indicates processes that can be closed but not killed while a skull with a red border allows to kill the process but not to close it.

Talking about the difference between closing and killing. Closing gives the process a chance to close normally with special operations that are probably required during shutdown while killing a process stops it immediately which can lead to data loss.

Once everything is setup you can create a batch file that uses command line options to perform the required operation, i.e closing or killing all defined processes. The command START enditall /K would kill all processes. A full list of command line parameters can be obtained with the /? parameter.

Related posts

• Bill2’s Process Manager (3)
• Windows Application Monitor Kiwi (7)
• What is running on my system ? (0)
• Find Software Alternatives (5)
• Control Running Programs (2)

One way to find out additional information is to use a program like process explorer which displays more information about the processes currently running on your system. Process Explorer adds a description and company tab which reveals some information about the process.

You can configure process explorer to replace the task manager. Still, you might have information about the company and a description but sometimes there is no information about the process. What if there is no description but a company name like CMCEI. Would you be suspicious abot it ? I definately would be and now we come to websites that contain process lists of nearly every process on windows machines.

I would like to start with the list of the websites that are not spam, some websites give you some information but their main purposes is to sell a product. Two of the following sites have buttons to purchase products but they contain valuable information that make up for that. Don’t click on those buttons and you have nothing to fear.

• Process Library
• Windows Process and Task List
• Castle Cops
• Sysinfo

All but one of the websites mentioned above have a site search – simply enter a filename that you don’t know about and they will display the information they have about it. It is a very good idea to cross-check the results before you take action.

If the information states that the file could be a virus, trojan or worm you should take appropriate measures. The first one would be to download a anti-virus program like Free AV (AVG Antivirus, Avast)and scan your system using that tool. Make sure the antivirus software is up to date. You might also want to take a look at my article about free online scan websites, most require Internet Explorer but some work in Firefox as well.

You should also download and run anti-spyware programs like Spybot Search and Destroy or Adaware. I’ve written another article “how to detect and remove spyware” which might be helpful as well.

To sum it up:

• Download process explorer
• Use the websites mentioned above to find out more about the process in question
• Scan your system with antivirus software
• Scan your system with anti-spyware software

Related posts

• Kill Tasks from the System Tray (2)
• End multiple programs at once (6)
• Bill2’s Process Manager (3)
• Windows Task Manager Replacement DTaskManager (7)
• Windows Process Blocker (9)