The Information Security Office makes a number of tools available to the campus community. Note that these tools are not supported by the Computing Services Help Center. Please contact the appropriate vendor for technical questions.
Automated Malware Removal Tools
- Windows Defender Offline: Windows Defender Offline is a tool that can be used to boot your system and attempt to clean malware from it prior to malware being able to run on your system.
- MalwareByes Anti-Malware: This program is freeware courtesy of MalwareBytes For personal use only. (It cannot be installed on a CMU owned machine).
Malwarebytes is an easy-to-use, simple, and effective anti-malware application. Whether you know it or not your computer is always at risk of becoming infected with viruses, worms, trojans, rootkits, dialers, spyware, and malware that are constantly evolving and becoming harder to detect and remove. Only the most sophisticated anti-malware techniques can detect and remove these malicious programs from your computer. Malwarebytes' Anti-Malware can detect and remove malware that even the most well known anti-virus and anti-malware applications fail to detect.
File Analysis Tools
- Filemon: This program is freeware courtesy of Sysinternals.
FileMon monitors and displays file system activity on a system in real-time. Its advanced capabilities make it a powerful tool for exploring the way Windows works, seeing how applications use the files and DLLs, or tracking down problems in system or application file configurations. Filemon's timestamping feature will show you precisely when every open, read, write or delete, happens, and its status column tells you the outcome. FileMon is so easy to use that you'll be an expert within minutes. It begins monitoring when you start it, and its output window can be saved to a file for off-line viewing. It has full search capability, and if you find that you're getting information overload, simply set up one or more filters.
- Process Explorer: This program is freeware courtesy of Sysinternals.
Process Explorer shows you information about which handles and DLLs processes have opened or loaded. The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you’ll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you’ll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded. The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work. This program is freeware courtesy of Sysinternals.
Port Scanning Tools
- Process Monitor
- Shields Up!: This scan is hosted by Gibson Research.
Shields Up! is a popular, quick and free Internet security checkup and information service. There are MANY FREELY AVAILABLE "scanners" being run by those who are sweeping the Internet looking SPECIFICALLY for computers running Windows File and Printer Sharing. And if those shares are password protected and sufficiently interesting, any freely available password cracker will silently pound on your password until your defenses have been penetrated. This quick and easy on-line utility will warn you about potential dangers to your system and how to correct them.
Advanced Security Tools
- Microsoft Baseline Security Analyzer (MBSA)
- PSLoggedOn: This program is freeware courtesy of Sysinternals.
PsLoggedOn is an applet that displays both the locally logged on users and users logged on via resources for either the local computer, or a remote one. If you specify a user name instead of a computer, PsLoggedOn searches the computers in the network neighborhood and tells you if the user is currently logged on. This program is freeware courtesy of Sysinternals.
Need to report a concern?