Process Monitor -
"shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more."
http://www.microsoft.com/technet/sysinternals/FileAndDisk/processmonitor.mspx
Process Explorer -
"shows you information about which handles and DLLs processes have opened or loaded."
http://www.microsoft.com/technet/sysinternals/utilities/processexplorer.mspx
Auto Runs -
"has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys."
http://www.microsoft.com/technet/sysinternals/utilities/autoruns.mspx
Sources:
http://www.microsoft.com/technet/sysinternals/default.mspx
http://blogs.msdn.com/progressive_development/archive/2007/10/09/motley-says-the-only-tool-i-need-is-the-debugger-part-1.aspx
No comments:
Post a Comment