Here is the February 2012 issue of VB Magazine.

1. 启动时不自动运行全局监控模式
2. 合并连续的相同日志
3. 修改驱动几个可能导致蓝屏的问题

v1.0.0.10更新日志

修改一个退出时可能导致蓝屏的BUG

v1.0.0.9 更新日志

这个版本优化了R0和R3的通讯协议，并没有做界面上的修改，所以对于用户使用来说感觉和上版没有区别，不过对于SysTracer来说也算是大的改动了，放上来希望大家能帮忙测试一下，多提宝贵意见！ ：）

v1.0.0.8 更新日志

1.     在界面显示中增加了内核HOOK的详细信息

2.    增加了对网络共享目录中运行程序的监控支持

v1.0.0.7 更新日志

1. 修改了界面显示的问题
2. 修改了跟踪单个进程不显示的问题
3. 修改了若干驱动的问题

v1.0.0.6更新日志：（2011-04-25）

1. 重新编写界面程序，提供更友好的日志查看。
2. 驱动增加了HOOK检查。
3. 修改REPORT文件格式。
4. 修改了一些BUG。

v1.0.0.5更新日志：(2011-03-11)

1. SysTracer新添加了报告显示功能，用户可以通过”文件”菜单中的”查看报告”菜单项或者工具栏中的”查看”按键来根据监控日志生成并显示报告，报告将会更直观的给用户呈现出监控的信息。新的界面：输出的HTML格式的日志：
2. “选项”菜单中的”设置选项”卡新增了设置字体功能，用户可以根据自己的需要来调整。

v1.0.0.4更新日志：(From v1.0.0.3)

1.将日志显示区进行了汉化处理

SysTracer汉化后的主界面如下：

请点这里下载SysTracer的最新版本！

Here is the January 2012 issue of VB Magazine.

Here is the December issue of VB Magazine.

Here is the October issue of VB Magazine.

Here is the September issue of VB Magazine.

As a Chinese, I noticed two Chinese Anti-virus companies: Qihoo and Rising are also in the list. According to the test results, they are surely not in the same level.

Qihoo is rising, while Rising is sinking.

Qihoo has a very high detection rate, which should not surprise you, since she integrates the engine from BitDefender which gets an excellent point too.

On the other side, The test result of Rising (I prefer ‘Sinking’) is a disaster, the detection rates of worms, bots and trojans are so low, and I think it is the champion of this test, in the reversed order.

Merely according to this table, it’s no wonder why Qihoo 360 Antivirus dominates the China anti-virus market now.

Oh, where is Kingsoft Antivirus, which is also a famous AV company in China? She did not attend the test, since she lost every tests she participated before and became desperate.(Please check the old vb100 magazines which are not hosted in my site.)

You could download VB100 August 2011 here.

BTW: If you want to keep up-to-date of our site, connect to us via the Chinese most popular twitter site: SINA WEIBO(Chinese only) —- http://weibo.com/sysreveal , thanks.

Major features:

• Support all Windows NT platforms: Windows 2000 ~ windows 7 both 32-bit and 64-bit
• Light weight and easy to use, no administrator privilege needed.
• Monitor all changes in a directory with flexible options.

Change history:

v1.0.1 (2011-08-05)

• Support both Chinese and English

Please download the latest version of DirMon here.

Download here

Download here

On the x64, Microsoft changes its way to handle exception. You could still use __try and __except to catch and handle exceptions, but the internal implements are totally changed by Microsoft. There are still some good articles talking about the x64 SEH:

A good article for major concepts:  Exceptional Behavior – x64 Structured Exception Handling

Series of articles in depth:  Programming against the x64 exception handling support

So why should we learn these details if we could still use __try and __except to handle all exceptions? The answer is: when you port your code from 32-bit to 64-bit, your SEH might not work if your code is dynamically generated. You have to use new Win64 APIs RtlInstallFunctionTableCallback and RtlAddFunctionTable to manually handle your code exceptions. Furthermore, some PE packers might not work when processing Win64 PE files since they could not take advantage of Win32 SEH tricks any more.