UI tour
The window is a set of tabs above a status bar, driven by a menu bar. Every tab opens with a one-line help banner explaining what it does; hover any column header for a description of that column.
Tabs at a glance
| Tab | Live? | What you do there |
|---|---|---|
| Processes | ● live | Sort, filter, inspect and kill processes |
| All Connections | ● live | Watch every network connection |
| Threats | on demand | Heuristic risk scan of running processes |
| Disk Cleanup | on demand | Size cache/temp locations |
| App Data | on demand | Browse per-app data folders |
| Registry | on demand | Explore + scan application registry keys |
| Broken Links | on demand | Find shortcuts with a missing target |
| MCP | opt-in | Local server for AI assistants |
Menus
- File — Settings… (theme + refresh interval) and Exit.
- Tools — run any single scan, or Run All Scans to start them all at once.
- View › Theme — switch between Dark, High Contrast and Lilac live.
- Help — Documentation (this site), Source on GitHub, and About.
Shared conventions
Every table behaves the same way, so what you learn on one tab carries over:
- Sort by clicking a column header. Numeric columns sort numerically (even for multi-gigabyte byte sizes).
- Filter with the box in the toolbar — it matches across all columns, case-insensitively.
- Right-click a row for non-destructive actions — Open in Explorer, Copy path, and tab-specific extras.
- Colour is meaningful: green = healthy/established, amber = review, red = broken/critical, blue = informational.
The read-only guarantee
The scan tabs (Threats, Disk Cleanup, App Data, Registry, Broken Links) are strictly read-only. Where a Clean… / Remove… / Delete… button appears, it is intentionally disabled — the app reports what you may want to review, and you act on it yourself. This is a deliberate safety design, not a missing feature.