Process Monitor is an advanced Windows OS and application monitoring tool (equivalent of Filemon + Regmon), specially designed for system troubleshooting and malware hunting for experienced users. It’s released in the excellent Windows Sysinternals, and offered by Microsoft TechNet, so its accuracy and reliability are needless to say.
Continue reading Process Monitor – Microsoft’s official real-time process monitor and manager
Speaking of Windows Internals, you must have heard of it as long as you are interested in the Windows architectures and internals. For it is committed to the underlying mechanism, it won’t cover all Windows contents, such as Windows window management, graphics, COM/COM+, .NET, etc. If you are willing to know more about Windows underlying principle, then this book is very suitable to you.
Continue reading Windows Internals, 6th Edition Part 1 & 2 HD PDF, EPUB
Sysinternals Suite is a tool set originally developed by Winternals company for internal use, aimed at resolving all sorts of problems that engineers might encounter in their usual work. Later it was placed on the Internet for free downloads, and some tools also opened source. Till today, Sysinternals has long been popular with high praise in the IT industry.
Continue reading Sysinternals Suite – Microsoft official free practical tool set
Desktops (virtual desktop) is one of practical freeware utilities of Sysinternals Suite released by Microsoft Windows, it’s lightweight, handy and portable, so is very suitable for people who need multiple-window operations at the same time.
Continue reading Desktops – Virtual multi-desktop freeware from Microsoft
As long as a Trojan is running in memory, it has to open a port, as long as a hacker is accessing your computer, there is must be a new thread. TCPView is a small viewer for checking computer ports and threads, which will show every port or thread to you at a glance.
Continue reading TCPView – Port / thread complete view
Process Explorer is one of the famous Sysinternals‘ products – enhanced Task Manager, its biggest characteristic is killing any process at once, even including the key system processes, this is too far behind to catch up for the Task Manager.
Continue reading Process Explorer – Windows Task Manager enhanced version
Autoruns is a very good system startups management tool, not only can manage the boot startups and services, but also can directly control the registry. In addition, Autoruns can directly use Google to make a internet search (right-click/Search Online…), directly control the different system logon users, and save the operation records to a file at any time.
Continue reading Autoruns – Completely control system startup items