Process Monitor源代码

Process Monitor for Windows NT 32 bit Copyright � 2004 Michel van Kerkhof http://home.wxs.nl/~wijk0550/ michel000@planet.nl Process Monitor is made as a replacement for windows task manager it will give you a lot more details about all the processes running on your system than task manager does. It will also give you a lot more control like: terminate every processes, terminate threads, unloading dll's, changing windows styles and a lot more. Process Monitor is also a very useful tool to use if you are infected with mallware (worm virii trojan etc.) Most of the time a good look add all process details will tell you what program is mallware (Startup keys, open tcp or udp ports, cpu usage and version info). If you don't know where to look for Process Monitor also has a option to save details from one or all processes to a file this way you could send them to a friend that does know where to look for. Using Process Monitor Currently process Monitor doesn't have a complete help file (and i think it doesn't really need one) To run Process Monitor you will need Administrator privileges if you are not a Administrator you can still use it but a lot of the features doesn't work. Also you can only run this program on windows NT and higher (Note: i only tested this program on Windows XP Home and Pro). You don't need to install this program you can just run it from every place you want. When you run Process Monitor for the first time it will show you 2 Lists, The upper one contains all the processes currently running on your system the lower one contains detailed process information. If you look in the menu bar below view you can see you can select from 3 different process details to view: Process Info: Shows you all sorts of details of the process selected like threads, windows, open ports, parent process, command line, Possible Startup key's, services registered and some more. Dll's: Lists all dll's loaded by the selected process. Handles: Lists all handles owned by the selected process. Copyright (C) 2004 Michel van Kerkhof This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ******************************************************* If you like my work and you have a job for me please contact me at: michel000@planet.nl *******************************************************