Sysinternals Suite--微軟實用工具包

介      紹： 沒啥好介紹的，百度下一大堆。應急響應必備裝備兵器庫。

官網連接：http://technet.microsoft.com/en-US/sysinternals

下載地址：http://technet.microsoft.com/en-us/sysinternals/bb545027

功能介紹：http://technet.microsoft.com/en-us/sysinternals/bb545027

單文件下載：http://live.sysinternals.com/

Top10：

• Process Explorer

• Find out what files, registry keys and other objects processes have open, which DLLs they have loaded, and more. This uniquely powerful utility will even show you who owns each process.

• 進程查看器
  

• AutoRuns

• See what programs are configured to startup automatically when your system boots and you login. Autoruns also shows you the full list of Registry and file locations where applications can configure auto-start settings.

• 開機啓動項配置
  

• Process Monitor

• Monitor file system, Registry, process, thread and DLL activity in real-time.

• 實時監視文件系統，註冊表，進程，線程以及DLL的活動。可抓取進程指定分析
  

• PsTools

• The PsTools suite includes command-line utilities for listing the processes running on local or remote computers, running processes remotely, rebooting computers, dumping event logs, and more.

• 大黑闊們內網再熟悉不過了，自查.
  

• PageDefrag

• Defragment your paging files and Registry hives.

• 碎片整理
  

• RootkitRevealer

• Scan your system for rootkit-based malware.

• RootKit掃描
  

• TcpView

• Active socket command-line viewer.

• 必備TCP鏈接查看
  

• BgInfo

• This fully-configurable program automatically generates desktop backgrounds that include important information about the system including IP addresses, computer name, network adapters, and more.

• 將系統IP地址、網絡情況貼到桌面背景上，裝逼神器
  

• BlueScreen

• This screen saver not only accurately simulates Blue Screens, but simulated reboots as well (complete with CHKDSK), and works on Windows NT 4, Windows 2000, Windows XP, Server 2003 and Windows 95 and 98.

• 模擬藍屏重啓的桌面保護程序
  

• Desktops

• This new utility enables you to create up to four virtual desktops and to use a tray interface or hotkeys to preview what’s on each desktop and easily switch between them.

• 虛擬桌面