Sysinternals
   HOME
*





Sysinternals
Windows Sysinternals is a website that offers technical resources and utilities to manage, diagnose, troubleshoot, and monitor a Microsoft Windows environment. Originally, the Sysinternals website (formerly known as ntinternals) was created in 1996 and was operated by the company Winternals Software LP, which was located in Austin, Texas. It was started by software developers Bryce Cogswell and Mark Russinovich. Microsoft acquired Winternals and its assets on July 18, 2006. The website featured several freeware tools to administer and monitor computers running Microsoft Windows. The software can now be found at Microsoft. The company also sold data recovery utilities and professional editions of their freeware tools. Winternals Software LP Winternals Software LP was founded by Bryce Cogswell and Mark Russinovich, who sparked the 2005 Sony BMG CD copy protection scandal in an October 2005 posting to the Sysinternals blog. On July 18, 2006, Microsoft Corporation acquired the comp ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Mark Russinovich
Mark Eugene Russinovich (born December 22, 1966) is a Spanish-born American software engineer and author who serves as CTO of Microsoft Azure. He was a cofounder of software producers Winternals before it was acquired by Microsoft in 2006. Early life and education Russinovich was born in Salamanca, Spain and was raised in Birmingham, Alabama, United States, until he was 15, when he moved with his family to Pittsburgh, Pennsylvania. His father was a radiologist and his mother was a business administrator of his father's radiology practice in Pittsburgh. Russinovich is of Croatian descent. He was introduced to computers when his friend's father got an Apple II in the 1970s. He was able to reverse engineer its ROM and write programs for it. At age 15, he bought himself his first computer, a Texas Instruments TI99/4A. About six months later his parents bought him an Apple II+ from his local high school when it upgraded the computer labs to Apple IIes. He also wrote magazine ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Process Monitor
Process Monitor is a tool from Windows Sysinternals, part of the Microsoft TechNet website. The tool monitors and displays in real-time all file system activity on a Microsoft Windows or Unix-like operating system. It combines two older tools, ''FileMon'' and ''RegMon'' and is used in system administration, computer forensics, and application debugging. Overview Process Monitor monitors and records all actions attempted against the Microsoft Windows Registry. Process Monitor can be used to detect failed attempts to read and write registry keys. It also allows for filtering on specific keys, processes, process IDs, and values. In addition it shows how applications use files and DLLs, detects some critical errors in system files and more. History RegMon and its sister application Filemon were primarily created by Mark Russinovich and Bryce Cogswell, employed by NuMega Technologies and later SysInternals prior SysInternals being bought out by Microsoft in 2006. The two tools were ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Process Explorer
Process Explorer is a freeware task manager and system monitor for Microsoft Windows created by SysInternals, which has been acquired by Microsoft and re-branded as Windows Sysinternals. It provides the functionality of Windows Task Manager along with a rich set of features for collecting information about processes running on the user's system. It can be used as the first step in debugging software or system problems. Process Explorer can be used to track down problems. For example, it provides a means to list or search for named resources that are held by a process or all processes. This can be used to track down what is holding a file open and preventing its use by another program. As another example, it can show the command lines used to start a program, allowing otherwise identical processes to be distinguished. Like Task Manager, it can show a process that is maxing out the CPU, but unlike Task Manager it can show which thread (with the callstack) is using the CPU – informa ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  




RootkitRevealer
RootkitRevealer is a proprietary freeware tool for rootkit detection on Microsoft Windows by Bryce Cogswell and Mark Russinovich. It runs on Windows XP and Windows Server 2003 (32-bit-versions only). Its output lists Windows Registry and file system API discrepancies that may indicate the presence of a rootkit. It is the same tool that triggered the Sony BMG copy protection rootkit scandal. RootkitRevealer is no longer being developed. See also *Sysinternals *Process Explorer *Process Monitor *ProcDump ProcDump is a command-line application used for monitoring an application for CPU spikes and creating crash dumps during a spike. The crash dumps can then be used by an administrator or software developer to determine the cause of the spike. ProcD ... References Microsoft software Computer security software Windows security software Windows-only software Rootkit detection software 2006 software {{Windows-software-stub ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


ProcDump
ProcDump is a command-line application used for monitoring an application for CPU spikes and creating crash dumps during a spike. The crash dumps can then be used by an administrator or software developer to determine the cause of the spike. ProcDump supports monitoring of hung windows and unhandled exceptions. It can also create dumps based on the values of system performance counters. Overview Initially, ProcDump was only available for Microsoft Windows. In November 2018, Microsoft confirmed it is porting Sysinternals tools, including ProcDump and ProcMon, to Linux. The software is open source. It is licensed under MIT License and the source code is available on GitHub. The Linux version requires Linux kernels version 3.5+ and runs on Red Hat Enterprise Linux / CentOS 7, Fedora 26, Mageia 6, Ubuntu 14.04 LTS. It currently does not have full feature parity with the Windows version (e.g. custom performance counters). Example Create 5 core dumps 10 seconds apart of the targ ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Contig (defragmentation Utility)
Contig is a command line defragmentation utility for Windows developed by Microsoft as part of the Sysinternals Suite. Operation Contig is designed to defragment individual files, or specified groups of files, and does not attempt to move files to the beginning of the partition. Unlike the Windows built-in defragmenter tool, Contig can defragment individual files, individual directories, and subsets of the file system using wildcards. Contig does not move any data except that belonging to the file in the question, so the amount it can defragment a file is limited to the largest contiguous block of free space on a system. Use of contig exchanges decreased file fragmentation for increased free space fragmentation. Combined usage of the -s parameter and the wildcard symbol * allows whole directories and drives to be defragmented: for example, contig -s C:\* will defrag all the files on hard drive C. The -s parameters means to browse directories recursively. Directories, for ex ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


PageDefrag
PageDefrag is a program, developed by Sysinternals (now distributed by Microsoft), for Microsoft Windows that runs at start-up to defragment the virtual memory page file, the registry files and the Event Viewer's logs (files such as AppEvent.Evt, SysEvent.Evt, SecEvent.Evt and so on). Overview Using PageDefrag may improve performance. Since PageDefrag only affects a few files, it takes a relatively short time to run when compared to entire-disk defragmenters such as Windows Defrag, so long as the page file is not fragmented. If the page file is fragmented, PageDefrag can take as long or longer than Windows Defrag. PageDefrag does not defragment the contents of the registry files, only the placement of these files on the hard drive. Other utilities such as NTREGOPT can optimize the registry files. PageDefrag runs on Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003. Though the website erroneouslyOfficial forum moderator promised in January 2009 to try to get th ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Rootkit
A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software. The term ''rootkit'' is a compound of "root" (the traditional name of the privileged account on Unix-like operating systems) and the word "kit" (which refers to the software components that implement the tool). The term "rootkit" has negative connotations through its association with malware. Rootkit installation can be automated, or an attacker can install it after having obtained root or administrator access. Obtaining this access is a result of direct attack on a system, i.e. exploiting a vulnerability (such as privilege escalation) or a password (obtained by cracking or social engineering tactics like "phishing"). Once installed, it becomes possible to hide the intrusion as well as to maintain privileged acc ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  




NTFSDOS
The company Winternals (later purchased by Microsoft) used to provide three kinds of programs for DOS that could handle NTFS formatted drives. The NTFSDOS programs NTFSDOS The first program was NTFSDOS - a freeware utility for DOS (''NTFSDOS.EXE'') that allows read-only access to NTFS formatted drives from a DOS environment. NTFSDOS Tools The second program was NTFSDOS Tools - an add-on package for NTFSDOS that contains two commercial utilities for DOS - NTFSCopy and NTFSRen. The former (''NTFSCOPY.EXE'') could be used to overwrite corrupt files with fresh versions. The latter (''NTFSREN.EXE'') could be used to change the names of bad drivers so Windows wouldn't load them. NTFSDOS Professional The final program was NTFSDOS Professional - a whole commercial solution for handling read and write operations in NTFS from a DOS environment. It must be installed as a package for Microsoft Windows first. The downloaded version comes in demoware form. The user can only use the ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

CBS Interactive
Paramount Streaming (formerly CBS Digital Media Group, CBS Interactive, ViacomCBS Streaming), a division of Paramount Global, oversees the company’s streaming technology and offers direct-to-consumer services, free, premium and pay. These include Pluto TV, which has more than 250 live and original channels, and Paramount+, a subscription service that combines breaking news, live sports, and premium entertainment. History As CBS Interactive On May 30, 2007, CBS Interactive acquired Last.fm for £140 million (US$280 million). On June 30, 2008, CNET, CNET Networks was acquired by CBS and the assets were merged into CBS Interactive, including Metacritic, GameSpot, TV.com, and Movietome. On March 15, 2012, it was announced that CBS Interactive acquired video game-based website Giant Bomb and comic book-based website Comic Vine from Whiskey Media, who sold off their other remaining websites to BermanBraun. This occasion marked the return of video game journalism, video game jou ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


ZDNet
ZDNET is a business technology news website owned and operated by Red Ventures. The brand was founded on April 1, 1991, as a general interest technology portal from Ziff Davis and evolved into an enterprise IT-focused online publication. History Beginnings: 1991 to 1995 ZDNET began as a subscription-based digital service called "ZiffNet" that offered computing information to users of CompuServe. It featured computer industry forums, events, features and searchable archives. Initially, ZiffNet was intended to serve as a common place to find content from all Ziff-Davis print publications. As such, ZiffNet was an expansion on an earlier online service called PCMagNet for readers of PC Magazine. Launched in 1988, PCMagNet in turn was the evolution of Ziff Davis' first electronic publishing venture, a bulletin board, which launched in 1985. On June 20, 1995, Ziff-Davis announced the consolidation of its online information services under a single name, ''ZD Net''. The service had ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Geek Squad
Geek Squad Inc. is a subsidiary of American and Canadian multinational consumer electronics corporation Best Buy, headquartered in Richfield, Minnesota. The subsidiary was originally an independent company founded by "Chief Inspector" Robert Stephens on June 16, 1994, and offers various computer-related services and accessories for residential and commercial clients. In 2002, they merged with Best Buy, retaining Stephens as the primary corporate leadership for the subsidiary. The Geek Squad provides services in-store, on-site, and over the Internet via remote access, and also provides 24-hour telephone and emergency on-site support. Geek Squad no longer works solely on computer-related devices. It now diagnoses issues in and repairs all consumer electronics, as well as appliances. Locations and partnerships Geek Squad precincts exist in most Best Buy stores in the United States, Puerto Rico, Canada, and the Netherlands. They offer in-store, in-home, online, and remote/over the ph ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]