Tuesday, October 13, 2009

Useful sysinternal tools.

The Sysinternals is a set of advanced system utilities and technical tools. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications.

Can be downloaded from here
File and Disk Utilities


  1. Disk2vhd: simplifies the migration of physical systems into virtual machines (p2v).

  2. Diskmon: captures all hard disk activity or acts like a software disk activity light in your system tray.

  3. ntfsinfo: Use NTFSInfo to see detailed information about NTFS volumes, including the size and location of the Master File Table (MFT) and MFT-zone, as well as the sizes of the NTFS meta-data files.

  4. Pendmove: See what files are scheduled for delete or rename the next time the system boots.

  5. Process Monitor: Monitor file system, Registry, process, thread and DLL activity in real-time.

  6. psfile: See what files are opened remotely.

  7. pstool: The PsTools suite includes command-line utilities for listing the processes running on local or remote computers, running processes remotely, rebooting computers, dumping event logs, and more.

  8. PsExec - execute processes remotely

  9. PsFile - shows files opened remotely

  10. PsGetSid - display the SID of a computer or a user

  11. PsInfo - list information about a system

  12. PsKill - kill processes by name or process ID

  13. PsList - list detailed information about processes

  14. PsLoggedOn - see who's logged on locally and via resource sharing (full source is included)

  15. PsLogList - dump event log records

  16. PsPasswd - changes account passwords

  17. PsService - view and control services

  18. PsShutdown - shuts down and optionally reboots a computer

  19. PsSuspend - suspends processes

  20. SDelete: Securely overwrite your sensitive files and cleanse your free space of previously deleted files using this DoD-compliant secure delete program.

  21. sigcheck: Dump file version information and verify that images on your system are digitally signed.

  22. Sync: Flush cached data to disk. This tool can be used before removing your thump drive


Networking Utilities


  1. TCPView Active socket command-line viewer.

  2. Whois See who owns an Internet address.


Process Utilities


  1. Autoruns: See what programs are configured to startup automatically when your system boots and you login.

  2. Handle: This handy command-line utility will show you what files are open by which processes, and much more. Use Process Expolorer for the UI version.

  3. ListDll: List all the DLLs that are currently loaded, including where they are loaded and their version numbers. Version 2.0 prints the full path names of loaded modules.

  4. Process Explorer: Find out what files, registry keys and other objects processes have open, which DLLs they have loaded, and more. This uniquely powerful utility will even show you who owns each process.

  5. Process Monitor: Monitor file system, Registry, process, thread and DLL activity in real-time.

  6. ShellRunas: Launch programs as a different user via a convenient shell context-menu entry

  7. VMMap: See a breakdown of a process's committed virtual memory types as well as the amount of physical memory (working set) assigned by the operating system to those types. Identify the sources of process memory usage and the memory cost of application features.

No comments:

Post a Comment