You can find details and usage information about the contig utility on the Microsoft TechNet site: To avoid fragmentation, use.
-->AccessChk
This tool shows you the accesses the user or group you specify hasto files, Registry keys or Windows services.
AccessEnum
This simple yet powerful security tool shows you who has what accessto directories, files and Registry keys on your systems. Use it tofind holes in your permissions.
CacheSet
CacheSet is a program that allows you to control the Cache Manager'sworking set size using functions provided by NT. It's compatiblewith all versions of NT.
Contig
Wish you could quickly defragment your frequently used files? UseContig to optimize individual files, or to create new files that arecontiguous.
Disk2vhd
Disk2vhd simplifies the migration of physical systems into virtualmachines (p2v).
DiskExt
Display volume disk-mappings.
DiskMon
This utility captures all hard disk activity or acts like a softwaredisk activity light in your system tray.
DiskView
Graphical disk sector utility.
Disk Usage (DU)
View disk usage by directory.
EFSDump
View information for encrypted files.
FindLinks
FindLinks reports the file index and any hard links (alternate filepaths on the same volume) that exist for the specified file. Afile's data remains allocated so long as at it has at least one filename referencing it.
Junction
Create Win2K NTFS symbolic links.
LDMDump
Dump the contents of the Logical Disk Manager's on-disk database,which describes the partitioning of Windows 2000 Dynamic disks.
MoveFile
Schedule file rename and delete commands for the next reboot. Thiscan be useful for cleaning stubborn or in-use malware files.
NTFSInfo
Use NTFSInfo to see detailed information about NTFS volumes,including the size and location of the Master File Table (MFT) andMFT-zone, as well as the sizes of the NTFS meta-data files.
Nebraska Department of Motor Vehicles 301 Centennial Mall South PO Box 94877 Lincoln, NE Phone: 402-471-3985 ×. The Department of Motor Vehicles requires new and renewal driver license and State ID Card applicants to provide a valid social security number or a valid US Citizenship and Immigration Services I-94 document. Any new resident with a valid license from another state must obtain a Nebraska license within 30 days. When applying for your initial Class O Driver's License you must bring the following documentation to the DMV: Proof of U.S. Citizenship or Lawful Status, containing Name and Date of Birth. Nebraska driver's license number. This service allows you to make payment using a credit card in an online transaction and is provided by a third party contracted by the State of Nebraska. Your Nebraska.gov transaction total will be displayed on the following pages.
PageDefrag
Defragment the Windows paging file and Registry hives.
PendMoves
See what files are scheduled for delete or rename the next time thesystem boots.
Process Monitor
Monitor file system, Registry, process, thread and DLL activity inreal-time.
PsFile
See what files are opened remotely.
PsTools
The PsTools suite includes command-line utilities for listing theprocesses running on local or remote computers, running processesremotely, rebooting computers, dumping event logs, and more.
SDelete
Securely overwrite your sensitive files and cleanse your free spaceof previously deleted files using this DoD-compliant secure deleteprogram.
ShareEnum
Scan file shares on your network and view their security settings toclose security holes.
Sigcheck
Dump file version information and verify that images on your systemare digitally signed.
Streams
Reveal NTFS alternate streams.
Sync
Flush cached data to disk.
VolumeID
Set Volume ID of FAT or NTFS drives.
The Sysinternals web site was created in 1996 by Mark Russinovich to host his advanced system utilities and technical information. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications.
- Read the official guide to the Sysinternals tools, Troubleshooting with the Windows Sysinternals Tools
- Read the Sysinternals Blog for a detailed change feed of tool updates
- Watch Mark’s top-rated Case-of-the-Unexplained troubleshooting presentations and other webcasts
- Read Mark’s Blog which highlight use of the tools to solve real problems
- Check out the Sysinternals Learning Resources page
- Post your questions in the Sysinternals Forum
Sysinternals Live
Sysinternals Live is a service that enables you to execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool's Sysinternals Live path into Windows Explorer or a command prompt as live.sysinternals.com/<toolname> or live.sysinternals.comtools<toolname>.
You can view the entire Sysinternals Live tools directory in a browser at https://live.sysinternals.com/.
What's New
What's New (December 20, 2019)
What's New (December 11, 2019)
Sysmon v10.42
This update to Sysmon addresses a number of memory leaks, introduces the 'Excludes Any' and 'Excludes All' filtering conditions and resolves a number of bugs.Zoomit v4.52
This update to Zoomit resolves a number of dual-monitor related issues.Whois v1.21
This refresh of Whois contains various bug fixes.
What's New (September 16, 2019)
- Sysmon v10.41
Resolves a config parsing issue with 10.4.
What's New (September 05, 2019)
Sysmon v10.4
This major update to Sysmon, a security event monitoring service, adds nested rule support to rule groups and “contains any” and “contains all” rule conditions for more flexible filtering, as well as several bug fixes.Process Explorer v16.30
This update to Process Explorer adds a Shared Commit column to the process view, fixes a bug that caused it to terminate when it is configured to run at logon and the system went to battery, and fixes bugs that prevented the system CPU graph from correctly showing multiple sockets.
What's New (June 20, 2019)
What's New (June 11, 2019)
- Sysmon v10.0
This release of Sysmon adds DNS query logging, reports OriginalFileName in process create and load image events, adds ImageName to named pipe events, logs pico process creates and terminates, and fixes several bugs. - Autoruns v13.95
This Autoruns updates adds support for redirected user Shell folders.
What's New (February 18, 2019)
- Sysmon v9.0
Sysmon v9.0 introduces rule groups that enable the specification of AND or OR matching logic across a set of rules. It also fixes a memory leak in signature verification.
What's New (December 18, 2018)
- Sysmon v8.04
This release reverted the filtering change made in 8.02 as this broke a number of configuration files. We are planning to revisit and enhance the filtering in the new year. It also fixed a BSOD in legacy named pipe filter used on Windows 7 and earlier, and a kernel memory leak that occurred when the configuration is reloaded.
What's New (October 17, 2018)
- Sigcheck v2.7
Windows WinVerifyTrust function reports signed MSI files that have malware appended to them as signed, so Sigcheck now indicates when appended conent is present.
What's New (September 17, 2018)
What's New (July 5, 2018)
Sysmon v8.0
Sysmon now includes the ability to tag rules so that event log entries include the rule tag that generated them, as well as several bug fixes.Autoruns v13.90
Autoruns now includes Runonce*Depend entries, adds GPO logon and logoff locations, and fixes a bug in WMI path parsing.
What's New (February 13, 2018)
Autoruns v13.82
This Autoruns release shows Onenote addins and fixes several bugs.Process Monitor v3.50
Process Monitor now includes a /runtime switch to control headless capture duration, correctly shows picoprocesses, displays details for file system APIs introduced in Windows 10, and includes numerous minor improvements and bug fixes.
What's New (January 2, 2018)
- Sysmon v7.0
Sysmon now logs file version information, and the option to dump the configuration schema adds the ability to dump an older schema or dump all historical schemas.
What's New (November 19, 2017)
Sysmon v6.20
This Sysmon release adds the ability to change the Sysmon service and driver names to foil malware that use them to detect its presence.Whois v1.20
Whois, a command-line utility that reports domain registration information for the specified domain, works with new whois registry server redirects.
What's New (September 11, 2017)
Sysmon v6.10
This update to Sysmon, a background monitor that records activity to the event log for use in security incident detection and forensics, adds monitoring of WMI filters and consumers, an autostart mechanism commonly used by malware, and fixes a bug in image load filtering.Process Monitor v3.40
Process Monitor, a file system registry, process and network real-time monitor, now includes a /runtime switch for terminating monitoring after a specified amount of time, when in hexadecimal mode shows process tree process IDs in hexadecimal, and fixes a bug in automated boot log conversion.Autoruns v13.80
This release of Autoruns, a utility for viewing and managing autostart execution points (ASEPs), adds additional autostart entry points, has asynchronous file saving, fixes a bug parsing 32-bit paths on 64-bit Windows, shows the display name for drivers and services, and fixes a bug in offline Virus Total scanning.
What's New (May 16, 2017)
- ProcDump v9.0
This major update to ProcDump, a utility that enables process dump capture based on a variety of triggers, introduces the ability to take capture multiple dumps sizes. This is particularly useful when capturing crash dumps of applications susceptible to termination due to unresponsiveness (e.g. IIS Ping killing w3wp.exe). This release also adds support for an associated Kernel Dump of the process that includes the kernel stacks of the process.
What's New (February 17, 2017)
- Sysmon v6
This release of Sysmon, a background monitor that records activity to the event log for use in security incident detection and forensics, introduces an option that displays event schema, adds an event for Sysmon configuration changes, interprets and displays registry paths in their common format, and adds named pipe create and connection events (thanks to Giulia Biagini for the contribution). Check out the related presentation from Mark’s RSA Conference, “How to Go From Responding to Hunting with Sysinternals Sysmon.” - Autoruns v13.7
Autoruns, an autostart entry point management utility, now reports print providers, registrations in the WMIDefault namespace, fixes a KnownDLLs enumeration bug, and has improved toolbar usability on high-DPI displays. - AccessChk v6.1
This update to AccessChk, a command-line utility that shows effective and actual permissions for file, registry, service, process object manager, and event logs, now reports Windows 10 process trust access control entries and token security attributes.
- Author: admin
- Category: Category