You are here

Home » Forums » Development Forums » Beta Testing

[Discontinued] ProcAlyzer Portable

5 posts / 0 new
Log in or register to post comments
Last post
May 21, 2010 - 7:19pm
#1
scriptdaemon
Offline
Last seen: 5 years 2 days ago
Developer
Joined: 2008-10-10 17:40
[Discontinued] ProcAlyzer Portable

Application: ProcAlyzer
Category: Utilities
Description:

Next to the standard process list known from other tools, including our RunAlyzer, this one allows you to peek into the live memory of running processes, dump them to your harddisk, or even manipulate them in memory, changing the behaviour of running applications.

This can come in handy for example when fighting rootkits to change filters to unhide items. That functionality is not recommended for users who do not understand the underlying concepts though!

[Link removed. Reason: discontinued; uncertain of the base app's future.]

Release Notes:
1.0.0.6 Beta Development Test 2 (2010-05-21)

  • Fixed launcher leaving behind "ProcAlyzer Dumps" directory in the current drive's root directory

1.0.0.6 Beta Development Test 1 (2010-05-21): Initial release

Notes:

  • Administrator rights are required for this app to run
  • For personal use only
  • Bundled with permission
I was told that a while back PortableApps.com had been granted permission to bundle Spybot as a portable application. I wanted to verify this was true myself (since nobody else has packaged it yet, I figured why not possibly do it myself), and ask if this applied to any of your other utilities (RegAlyzer, FileAlyzer, etc.). I'm quite busy with classes at the moment so Spybot Portable might take a bit, however your other utilities seem to be much easier to package for the time being. If I was told wrong and we have not been given permission to do so, then I apologize for not further checking first.

Hello Kenny,

There should not be a problem with this, as long as you make clear that this is only for the private use. Smile

Best regards
Sandra
Team Spybot

Top
May 21, 2010 - 11:23pm
scriptdaemon
Offline
Last seen: 5 years 2 days ago
Developer
Joined: 2008-10-10 17:40
Updated.

Updated.

Top
May 22, 2010 - 1:05pm
Mark Sikkema
Offline
Last seen: 13 years 2 months ago
Developer
Joined: 2009-07-20 14:55
Hi scriptdaemon ,

What can I use this for, I think you've forgotten the discription to this app !
[edit: Discription:

Next to the standard process list known from other tools, including our RunAlyzer, this one allows you to peek into the live memory of running processes, dump them to your harddisk, or even manipulate them in memory, changing the behaviour of running applications.

This can come in handy for example when fighting rootkits to change filters to unhide items. That functionality is not recommended for users who do not understand the underlying concepts though!

Formerly Gringoloco
Windows XP Pro sp3 x32

Top
May 22, 2010 - 5:18pm
scriptdaemon
Offline
Last seen: 5 years 2 days ago
Developer
Joined: 2008-10-10 17:40
Oops.

I suppose I did. Fixed.

Top
May 22, 2010 - 9:59pm
horusofoz
horusofoz's picture
Offline
Last seen: 1 year 2 months ago
Joined: 2008-04-03 22:45
Regshot for ProcAlyzer Portable 1.0.0.6 DT2

XP Pro SP3, admin rights.

----------------------------------
Values added:2
----------------------------------
HKU\S-1-5-21-436374069-796845957-682003330-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\G:\PortableApps\ProcAlyzerPortable\ProcAlyzerPortable.exe: "PortableApps.com Launcher"
HKU\S-1-5-21-436374069-796845957-682003330-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\G:\PortableApps\ProcAlyzerPortable\App\ProcAlyzer\ProcAlyzer.exe: "View running processes and their details and get into their memory."

----------------------------------
Values modified:4
----------------------------------
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: E6 6E 53 EA E7 68 23 9E 7E 95 36 26 2F 5A FC 1D 5A 07 38 72 A5 A1 47 DF 45 EB C0 E4 8B CC 58 94 7F E0 79 A6 38 DC 2C 43 1A C9 83 58 3A 6B C0 2C 45 92 E2 FE E1 6A 18 2E 5F 85 A4 58 87 A1 8A AB F7 A5 AE 1C 2A A9 8E 12 91 80 9B 15 D3 FE 22 90
HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed: FC 77 96 E7 24 E4 63 6C 65 FD FE 9C F9 15 B1 1B F4 15 3D A9 60 87 4D 14 D7 BF 4A 6F 7F D8 01 A1 9E 63 58 BE EC D5 F1 7F FF 0E B7 E0 B9 3E 02 C3 2A 94 D7 2E B2 2B 6E 32 E4 33 96 56 17 98 C4 AE 82 A8 24 31 24 91 59 55 0A C5 06 57 36 AC 9B AF
HKLM\SOFTWARE\Microsoft\SchedulingAgent\LastTaskRun: DA 07 05 00 00 00 17 00 0B 00 0C 00 01 00 00 00
HKLM\SOFTWARE\Microsoft\SchedulingAgent\LastTaskRun: DA 07 05 00 00 00 17 00 0B 00 11 00 01 00 00 00
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher\TracesProcessed: 0x00000211
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher\TracesProcessed: 0x00000215
HKU\S-1-5-21-436374069-796845957-682003330-1003\SessionInformation\ProgramCount: 0x00000003
HKU\S-1-5-21-436374069-796845957-682003330-1003\SessionInformation\ProgramCount: 0x00000001

----------------------------------
Files [attributes?] modified:6
----------------------------------
C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\log\usntr.log
C:\Documents and Settings\All Users\Application Data\Microsoft\Search\Data\Applications\Windows\MSS.chk
C:\Documents and Settings\USERNAME\NTUSER.DAT
C:\Documents and Settings\USERNAME\ntuser.dat.LOG
C:\WINDOWS\system32\config\software.LOG
C:\WINDOWS\Tasks\User_Feed_Synchronization-{39448300-1B40-4EF3-9577-8EC695BD80AC}.job

----------------------------------
Total changes:12
----------------------------------

PortableApps.com Advocate

Top
Log in or register to post comments