QuickCrypto Help

System Monitor

System Monitor

Previous topic Next topic  

System Monitor

Previous topic Next topic JavaScript is required for the print function Mail us feedback on this topic!  

 

The QuickCrypto System Monitor takes a snapshot of your critical system resources and alerts you to any changes that may otherwise occur without your knowledge. The System Monitor takes a snapshot of a PCs critical system processes and applies a date and time-stamp to:

 

       Start-Up Items (software that is loaded alongside the Windows operating system start up)
       System Services (background software that runs silently)
       Tasks (any software that is run on the PC)
       Processes (running software or components of Tasks or Services)
       'win.ini', 'system.ini' and 'hosts' files - files often targeted by malware
       File Associations - which software program is launched for which file extension
       Internet Explorer Start Up Items
       Internet Explorer Helper Objects
       Scheduled Tasks
       Core Operating System Facets (system status, windows folder, system folder, BIOS status)
       Installed Applications

 

 

If any of the above monitored aspects change, then a dynamic alert is flashed to the top right hand side of the screen and the changes are logged for your further investigation.

 

Many of the alerts (especially when the System Monitor is 'learning' about the usual software in use) will be benign and nothing to worry about.

 

However, any malware or logging software that may infect your system in the future will be flagged to help protect your privacy and help to keep the cryptographic integrity of the PC QuickCrypto is running on.

 

 

system monitor0

 

 

'Switch On Monitoring' Button

 

Clicking this button turns on the system monitor and routine logging and tracking of critical system components is started. Note that this also instructs QuickCrypto to load on Windows start-up to allow monitoring to continue during future sessions of system use.

 

The following temporary alert window will indicate that monitoring has been enabled and appears for several seconds in the top right of the monitor screen in use:

 

switch-on monitoring alert1

 

 

This button now changes its name to 'Switch Off Monitoring' - clicking this button in this state turns off system monitoring. This will be confirmed with the following alert:

 

switch off monitoring1

 

 

 

"Start-Up" Button

 

Displays the software processes that are set to start just after the Windows operating system loads. Many of the processes are needed, but many are not (many non essential software applications set themselves up to run on start-up of Windows). Often malware starts via this method too.

 

QuickCrypto will log when these start-up items get added - in this way you will be able to see recent additions.

 

 

"Processes" Button

 

Displays and logs the running software processes that are executing on the system.

 

QuickCrypto will log when new processes run - in this way you will be able to see recent additions.

 

 

"Critical Files" Button

 

Displays and logs some of the critical Windows files, e.g. the 'hosts' file - this is used by Internet Explorer as an over-ride to the normal routing of web addresses (URLs). Malware often changes this file to re-route web traffic.

 

QuickCrypto will log and alert you to changes in the host file (and others) and take a back-up of the hosts file when monitoring starts.

 

 

"IE StartUp" Button

 

Displays the start-up helpers used in Internet Explorer - these type of add-on software plug-in helpers can be exploited for malware and spyware purposes - e.g. the re-routing of the 'start' / 'home' page and the search engine defaults used in the browser - 'home page hi-jacking'.

 

QuickCrypto logs and alerts to any changes to these Internet Explorer components.

 

 

"Sched. Tasks" Button

 

The Windows Task Scheduler initiates the start of application software and system processes. QuickCrypto displays and monitors changes and additions to these task scheduler items.

 

 

"Op. Sys." Button

 

Displays the local system configuration details and monitors the key items.

 

 

"Services" Button

 

Displays and logs a special kind of running software process called a 'service'.

 

QuickCrypto will log when new service processes run - in this way you will be able to see and check out recent additions.

 

 

"Tasks" Button

 

Displays and logs all tasks that are initiated on the local system.

 

 

"File Assoc." Button

 

Displays and logs the file associations Windows uses to launch software applications from the last part of file names.

 

 

"IE Helpers" Button

 

Displays the add-on helpers to Internet Explorer - these type of add-on software plug-in helpers can be exploited for mal-ware and spy-ware purposes.

 

QuickCrypto logs and alerts to any changes to these Internet Explorer components.

 

 

"Hidden Files" Button

 

Hidden files are displayed. All drives and folders are searched for hidden files, so this process can take several minutes to complete depending on the size of the file storage installed. Changes to hidden files are not dynamically monitored.

 

 

"Installed Apps" Button

 

All  installed software applications are displayed and changes are monitored. The original installation date is displayed along with the QuickCrypto first logged date.

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

"View Log" Button

 

Displays the historical log of events that the System Monitor has captured.

 

 

"Export Log" Button

 

Exports the 'View Log' log to a text file ready to save.

 

 

"Clear Log" Button

 

Deletes the 'View Log' log.

 

 

"Diagnostic Snapshot Log"

 

Creates and exports a log of all the current monitored events as at the current point in time. These are useful to save periodically to enable comparison across time, when for example a severe malware event is encountered.

 

 

"Prevent Dynamic Alerts" Check Box

 

Stops the dynamic alert windows appearing on a monitored item change event. Does NOT prevent the logging process though.