PC Hunter displays low-level Windows system information
When you are tasked with analyzing a issue in detail on a PC running Windows, a malware attack for example, it is often necessary to look beyond the obvious and use tools that provide you with a detailed low-level view of what is going on.
While some recommend to start clean by formatting the PC and installing Windows anew, if you want to analyze what happened, you need specialized tools for that purpose.
Update: The PC Hunter website is no longer available and it appears that the program is no longer in active development. We have uploaded the latest release version of the program to our own download server for archiving purposes. You can download the program with a click on the following link: PC Hunter
PC Hunter is one of those specialized tools and while it may not be the easiest tool to use, it provides you with an extensive amount of information that comes close to the likes of Autoruns, Process Explorer or comparable tools.
The application is being made available as a portable 32-bit or 64-bit version that you can run right after you have extracted the archive.
It displays all running processes on start and more than ten additional tabs that list extensive information of their own.
The process explorer lists all processes by name and process ID, the process path, and the company that signed the file. A tree structure is used to visualize dependencies, and non-system (read Microsoft) processes are highlighted in blue for easier recognition.
A right-click on any process listed here opens a long context menu that displays many different actions to you. From verifying process signatures over suspending or killing processes to searching for information online or opening the folder of the process in Windows Explorer.
The next two tabs, Kernel Module and Kernel display information about loaded drivers, filters, worker threads or Direct IO.
The information that PC Hunter makes available can be overwhelming at times. That does not mean that they are not useful, quite the contrary, but most users may find some of the information more useful than others.
The network tab displays all current network connections for example which can be quite useful in determining which programs connect to local or remote services.
The network monitor leaves little to be desired as it offers a total of nine different sub-tabs for you to explore. From port information over the Hosts file to Internet Explorer specific data such as the list of Browser Helper Objects.
The startup tab too can be useful. It lists all programs and services that run on system start as well as scheduled tasks.
You can disable or enable items here, or even delete them which can be useful if you get a file not found error for some of them.
The other tab offers heaps of information as well. Here you find listed all file associations for example with options to repair associations or open the Registry Editor to manage the association manually.
Here you find listed all firewall rules, again with options to repair, manage or delete, users, IME/TIP information and options to enable or disable certain features of the operating system such as Registry Tools or Safe Boot.
You can generate a report under Examination. This adds information from all areas that the program covers -- and that you have selected -- to a text file which you can export.
PC Hunter offers extensive system information. Some of the information that it makes available are highly specialized, while others are useful to users of -- nearly -- all experience levels.
Inexperienced users may on the other hand prefer tools that are easier to use and don't display that many information to them.
“many low-level Windows system information”
@J – Dear Sir or Madam,
Is your German as good as Martin’s English? You should be grateful he writes so often and so well, and keep your petty complaints to yourself. I see no chance of misunderstanding what he meant.
Where did I complain, said I misunderstood, or was ungrateful? Do you have ADD?
I love your articles Martin.
This software amy be great, but I trust nothing from China.
“…opens a long contact menu…” *context*
I find this software to be extremely useful…. you can see just about everything … Thanks Martin for letting us now all about it…..
When I click on the landing page link, Bitdefender blocks access to the web page – says it is infected.
Same thing happens if I go to MajorGeeks and click the “download from author’s site” link.
if I download from MajorGeeks, I get no warning.
When I unzip and start to run the program, I get a notice that the program is signed, but the certificate is written in Chinese characters.
Too many red flags for me to try this program!
Yes… it’s in Chinese… do you know what translate software is???… i use it and maybe you should too. Don’t forget that the internet is a “world wide web”…. not just an american USA web…… do you get it??? And, by the way, i have used the “Chinese” software and it does an excellent job…..
Hello Martin! Yes, very good articles, description of the object, but for a while I notice that you do not want to put any link to the application you are talking about. What happened? Is it really hard? I do not it’s hard to look in Google, but I think it is more professional to guide the reader directly where it belongs. Don’t you think the same?
Links are in the summary section below the article.
The ink is at the bottom of the page… look again…….
Hey guys…. if you are looking for the download link for PC Hunter this is it >>> http://www.xuetr.com/download/PCHunter_free.zip ..this is for Wins 7-64 It’s a zip file portable Version 1.331 , the latest updated version which is adware and spyware free… Yes, i understand that it’s Chinese and lots of us don’t trust what ever comes from China but this is clean so give it a try….. i use it with out any issues or problems….
Contains the 32bit version btw.
Correct, it will run on 32 & 64 bit Wins 7 OS…. If you want to check-out another excellent tool it’s HiJack Hunter Portable and you can get it HERE >>> http://www.novirusthanks.org/products/hijack-hunter/ Check it out and if you know of any other tool please let me know.