RAMMap is a small, free but professional tool for analyzing and cleaning up physical memory usage, developed by Microsoft. It presents detailed RAM usage information in different ways, enabling you to understand the memory usage of your system and applications and how Windows manages the memory allocation. In addition, it can effectively clean up memory.

Speaking of Windows Internals, you must have heard of it as long as you are interested in the Windows architectures and internals. For it is committed to the underlying mechanism, it won't cover all Windows contents, such as Windows window management, graphics, COM/COM+, .NET, etc. If you are willing to know more about Windows underlying principle, then this book is very suitable to you.

Sysinternals Suite (AKA: Windows Sysinternals Suite) is a tool set originally developed by Winternals company for internal use, aimed at resolving all sorts of problems that engineers might encounter in their usual work. Later it was placed on the Internet for free downloads, and some tools also opened source. Till today, Sysinternals has long been popular with high praise in the IT industry.

As long as a Trojan is running in memory, it has to open a port, as long as a hacker is accessing your computer, there is must be a new thread. TCPView is a small viewer for checking computer ports and threads, which will show every port or thread to you at a glance.

Autoruns is a very good system startups management tool, not only can manage the boot startups and services, but also can directly control the registry. In addition, Autoruns can directly use Google to make a internet search (right-click/Search Online...), directly control the different system logon users, and save the operation records to a file at any time.