Hidden Process Detector (HPD) is our first tool that would run at the user end(client-side). This tool would detect and fix any hidden processes running on the system. This is a simple rootkit detection technique used for Windows rootkits.
HPD will run with a simple double-click on HPD.EXE, which generates 2 files - GetProc.txt and BfGetProc.txt. USCAN.EXE runs first when HPD.EXE is double-clicked, (in the background - invisible mode) to list the current processes in the memory (GetProc.txt and BfGetProc.txt). The button that says "SCAN" is used to scan the hidden processes. Once done, wait for few seconds to complete the procedure and list the hidden processes. Click "Clear" to clear the displayed process list.
Readme.txt (included in the ZIP) gives the password for the hpd.rar. On using the password (and/or by downloading/viewing any file from www.EvilFingers.com) you agree to the disclaimer listed there and on the "LEGAL" section of our site(www.EvilFingers.com/legal).
Credit: Jack O'Neill.
Contact contact.fingers @ gmail.com if you have any further questions.