Get to Know: Which Activities are Carried on Inside Your Computer
This is really very important to know which activities are being carried on inside your computer. The reason is there can be some hidden activities of some sort of Malware which can steal your data. Its happened the AntiVirus which you installed was unable to detect such activity. If you are a non-technical person, you may not be interested in knowing such activities and will leave everything on your security software. But for a person, who is a bit technical, this will be a great threat and one would like to know and kill such activities. The simplest tool is Windows Task Manager which can show you different running processes at the time but we want some tool which can tell us in depth with details. Yet Another Process Monitor (YAPM) is the tool to help us in such situation. Remember! YAPM will not tell which activity is bad but it will show you all activities in detail which makes you able to find running threat.
YAPM is a very powerful tool which can show services & processes, their modules, threads, handles, windows, Monitor, Services, TCP/UDP connections in a Windows based system. It has over 150 functions categorized under different modules and it is not possible for me to describe here all processes. I write a short review and remaining you can find on it website. Its Help file is also very usefull in explaining its functions.
You want to know about a process and all related activities, just double click on it in YAPM Process window and a new window will open. In this new window, you can see sub activities being carried on by this process. You will see general info, memory n cpu stat, performance, the different services related to that process, strings, networking activities, environment of the process, Modules (related .DLL files), threads, handles and its log. You can explore much more of it by using it. This is portable thus does not need to be installed in your computer. I will write few functions of Process module here but remaining you can read on its website:
¤} Kill (it will terminate the process instantly)
¤} Kill process tree (it will kill the selected process and all of its child processes)
¤} Stop (pause the process, use “resume” to resume it)
¤} Resume (resume the process after a “stop”)
¤} Change priority
¤} Reduce working set size
¤} Change affinity (select the processor(s) available for the process)
¤} Create dump file (create a custom dump file of the process)
¤} “Reanalize” (it will refresh fixed informations about a process, for example the path. It should be used when these informations are not available when the process has been added to the list. For example, if the path or the user name is not displayed, just reanalize the process to get the informations).
¤} Show XXXX (it will show XXXX for the selected processes in the XXXX tab if the main form. For example, if you choose ‘Show modules’, all modules loaded by the selected processes will be displayed in the ‘Modules’ tab.)
¤} File properties (open the Windows property dialog box about the executable)
¤} Open directory (open the directory which contains the executable)
¤} Show file details (show details of the executable in the ‘File’ tab)
¤} Internet search (search for the executable name on the Internet)
You can access Yet Another Process Monitor (YAPM) by opening the following link (copy and paste the link in browser).
http://sourceforge.net/projects/yaprocmon/
If the above link does not work, open the following link:
http://yaprocmon.sourceforge.net/
Brilliant…it can replace the default task manager completely. Best thing about it is that it's portable. I can play around with it wherever i go…XD