Program’s Details (Pro edition)

Introduction

Program’s Details gives detailed Information about the selected program in Programs’ List Box in Task Manager to help you detect potential threats. To view Program’s Details, click Program’s Details button in the Programs’ toolbar in Task Manager.  

Summary

General Information

Displays general information about the exe file such as description and file version information.

General Risky Properties

Displays general risky behavior of the process. For example, the absence of a visible window for this program is considered a risky property. While the existence of a valid digital signature is considered a good property.

Overall Risk Rating

This is a general rating based on general risky properties of the program. If the program is monitored for risky functions, the rating will be based on general risky properties and the real-time risky functions that has been detected. To make the rating based on real-time risky functions, choose Risk Monitor from above toolbar.   

 

Processes

A list of processes that are owned by the specified program. (See What is the difference between a Program, Process, Thread and window for more information)

Processes’ List Box: A list of all processes that is created by this program. 
The column headings and descriptions are as follows: 

- Process ID: Identifier of the process. 
- No. of threads: Number of execution threads started by the process. 
- Priority: The priority of the process. (See Processes Priority for more information) 
- Committed memory: This is the amount of memory in the process's virtual address space that is allocated physical storage. 
- Reserved memory: This is the amount of memory that is reserved in the process's virtual address space.Reserved memory is not physically allocated any storage but it prevents that address space from being used by other allocation operations. 

- Free memory: This is the amount of memory in the process's virtual address space that is neither reserved nor committed.

- Local/Remote Port/Host: Any program that uses the network must have a local port and host, in addition to a remote port and host to which it connects.

 
Processes’ Toolbar (at the left): Some tools to manage processes, starting from the left, the buttons of the toolbar are: 
- Increase priority: Increases the priority of the selected process. (See Processes Priority for more information) 
- Decrease priority: Decreases the priority of the selected process. (See Processes Priority for more information) 
- Terminate Process: Terminates the selected process immediately. 

 

Modules (Not available on Win NT)

Modules are each module, executable file, or dynamic-link library (DLL), used by a specified process.

 
Modules’ List Box: A list of all Modules of the selected process. 
The column headings and descriptions are as follows: 
- Name: Module name.
- Handle: Handle to the module. The handle is displayed as long integer and in Hex decimal.
- Path: The location (path) of the module. 
- Size (in bytes): Size, in bytes, of the module.
- Base address: Base address of the module. The Base address is displayed as long integer and in hexdecimal. 
- Base priority: Initial priority level assigned to a thread.

In addition to Module File Version Information (product name, description, version, .. etc)

 

Readable Texts

Displays the data that is residing in the process memory or process exe file and looks like a readable text. EndTask analyzes the process memory/exe file and tries to identify readable texts. Sometimes analyzing the texts in process memory /exe file reveals some of what the process is doing in your Windows background.

 

Risk Monitor

Displays detailed information about monitoring result. To start monitoring, press Start Monitoring. If you closed Program's Details window, monitoring will not stop and you can open it again from Risk Monitor tool in Main Window.

What this program has done : A list of all the risky functions that the program has done till now.

Activity log : A detailed list of the risky functions that the program has done.

CPU usage : The CPU usage of the process.

For more information, see Risk Monitor tool.

Removal Tools

Provides you with a set of tools to manage the specified program and stop its danger if you think it's a threat.

 

Copying Histogram Data

To copy the data/image of any histogram in EndTask, right click it and choose Copy Graph as Image or Copy Graph Data