Attack Surface Analyzer is a free Microsoft tool which can highlight security issues in an application. It's aimed at developers and other expert users, but anyone with a little Windows experience will be able to get something from the program.
The process starts by running a baseline scan of your PC (beware, the tool is Windows 7 only). Close all running programs, launch an Attack Surface Analyzer scan, and this will itemise open files, active applications, Windows services and many other aspects of your PC.
Next, you need to install the program you'd like to check. Or, if you just want to monitor your system over time, you could simply leave your PC for, say, a week.
Finally, run another Attack Surface Analyzer scan, choose the "Generate standard attack surface report" option, and the program will compare the two scans and alert you to any security-related issues these suggest.
The final reports really aren't aimed at novices. We installed Apache on a test Windows 7 PC, for instance, and Attack Surface Analyzer complained that "the process ApacheMonitor.exe" was detected with the NX setting disabled". Not sure what that means? Unlucky: even clicking the "Explain" link won't help you very much.
Click the "Attack Surface" button, though, and you see the real benefit of the program: a lengthy list of everything that's changed between the two ASA scans. New programs, services, open network connections, file registrations, kernel objects, they're all listed here. If you need to understand more about how a program is affecting your PC - or you just want to see how your setup is changing over time - Attack Surface Analyzer provides a quick and fairly hassle-free way to find out.