Windows SysInternals is a website that hosts a set of small software tools. In its early days, they were known as NTinternals. In addition, these tools are aimed at system administrators and developers. On the other hand, they were created by software engineer Mark Russinovich in 1996. Ten years later they were acquired by Microsoft. Indeed, Mark Russinovich now works at Microsoft Azure. Therefore, sysinternals.com redirects to a section of Microsoft’s website. However, the tools have continued to be updated and expanded. Moreover, most of them are portable. These applications are essential for system administration. So today we will get to know the most popular ones. Look some SysInternals utilities for Windows administration.
Some SysInternals utilities for Windows Administration
AccessEnum
This is an elementary security tool. However, it is very useful for detecting misuse in the system. Indeed, it can show which users have access to files, folders, or registry keys. Additionally, it shows which permissions differ from the top folder. It is therefore possible to detect vulnerabilities in the security policy.
Autoruns
This tool allows you to check which services start with the system. In addition, it groups them in tabs according to their nature. It also allows you to hide Microsoft applications. It is then possible to identify those of other developers. Ideal for identifying apps that slow down Windows startup.
BGInfo
This application displays technical information about the system. With the addition that it does it directly on the Windows desktop. This application displays technical information about the system. With the addition that it does it directly on the Windows desktop. Very useful to know quickly the information of several equipments.
Disk2vhd
Disk2vhd makes a copy of the contents of a physical disk. In addition, it converts it into a VHD file. Therefore, you can use it in Microsoft virtual machines.
Process Explorer
This tool works as an advanced version of the Windows task manager. But it also has interesting additions. Indeed, it shows which files, folders or registry key any process is loading. It also monitors system resources.
Process Monitor
It is also a tool for monitoring the processes running in Windows. However, it focuses on one specific aspect. Specifically, on events triggered by specific processes. This is useful to determine the interaction of these processes with the system.
TcpView
TcpView allows live listing of all TCP/UDP port activity. Consequently, we will be able to know which connections Windows establishes. Therefore, we will be able to determine any suspicious activity originated by malware.
Ultimately, we have seen utilities to manage Windows. Previously we talked about similar tools. So you can better manage the system. See you soon!