• Sysinternals updates: AdExplorer v1.3, VMMap v2.6, Disk2vhd v1.5, LiveKd v3.14, Sigcheck v1.66 3 hrs ago
  • Serious Apache vulnerability disclosed 13 hrs ago
  • The Argument against Disabling IPv6 1 day ago
  • Microsoft changes algorithm in Europe browser ballot 1 day ago

Archive for the 'sysinternals' Tag

Disk2vhd Last week, you couldn’t hardly find an IT-related blog that didn’t announce this new free Sysinternals tool. Disk2vhd copies the contents of a physical disk to a virtual disk in Microsoft’s VHD format. Since Disk2vhd uses Windows’ Volume Snapshot capability, you can use the tool while the physical machine is online. In theory, it is possible to convert a physical system drive to a VHD.

The size of the standalone tool is only 670KB, so you shouldn’t expect wonders. I tried Disk2vhd on a Windows 7 system. I encountered my first problem with it when I had to decide which partition to convert. My boot and my system partition are separated. I selected them both and Disk2vhd packed them in one VHD file without complaining. The result was that neither Virtual PC 2007 SP1 nor the successor Windows Virtual PC was able to recognize the VHD. I didn’t try it with Hyper-V, but, I guess, the result would have been the same. Perhaps, it would have worked If I ran the tool twice to create two separate VHD files. But I didn’t explore this path because I have a 64-bit system and Virtual PC doesn’t support 64-bit guests.

(more…)

Rate this tool: 1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 4.00 out of 5)
Loading ... Loading ...
Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

sysinternals-help-problem When I tried the new Procmon 2.6, I couldn’t access the tool’s help file, which is a problem I have often encountered when downloading a Sysinternals tool. I have figured out now what went wrong and I thought I should note down the solution once and for all. I think, my blog is the best place for it because I am probably not the only one who run into this problem: The table of contents in the left plane is displayed correctly, but the contents pane only shows “Navigation to webpage was cancelled – What you can try: Retype address.”

(more…)

process-monitor Sysinternals Process Monitor (Procmon) is one my favorite free tools. Microsoft recently released version 2.5, and just a few days ago Procmon 2.6 fixed a bug on Windows 7. I had a quick look at the new features. I just added this text to my former review of Process Monitor 2.0 at the end. If you already know Procmon, you can skip the introductory text and read about Procmon’s 2.6 new features.

This well-known Microsoft tool was already in the 4sysops free admin tool list, but I decided to add a new entry because a new version is now available. The old post was also about Process Explorer, which I reviewed two years ago. I transferred your votes to these articles.

I guess that Process Monitor is in the tool box of many admins, because it is one of the most important troubleshooting tools. The old version, 1.37, allowed you to monitor file system and registry activity. The most important new feature of version 2.0 is that you can now also monitor the network activity of processes.

(more…)

Rate this tool: 1 Star2 Stars3 Stars4 Stars5 Stars (15 votes, average: 4.20 out of 5)
Loading ... Loading ...
Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

Sysinternals Microsoft’s Sysinternals tools are now ”live”. When I read this today, I wondered how this could possibly work. I mean, how can you integrate a bunch of sophisticated system tools in a Web site? I was quite disappointed, when I saw that Sysinternals Live is nothing other than a directory on a Web Server, which contains all of the Sysinternals tools.

The directory only lists the DOS-style name of the Sysinternals tools. If you are not a Sysinternals geek, you will hardly find your way around in there. So what is the purpose of this? Well, you can launch the Sysinternals tools from the command prompt with \\live.sysinternals.com\tools\<toolname>. This is could be useful, if you work on a desktop where you don’t have your toolbox at hand.

(more…)

TCPViewTCPView is a free Sysinternals tool from Microsoft allowing you to monitor TCP and UDP endpoints. It has the same purpose as the command line tool netstat that comes with Windows. Contrary to netstat, TCPView is a GUI tool. Usually, it is the first tool I use if strange things are happening on a computer, i.e. if I think that it might have been infected by spyware or other malware.

TCPView lists the process, the local TCP port, the remote address and the state of the TCP connection. If you want to get more details about the program, for example where the exe file is located, you just have to right click and select “Process Properties”. You can also terminate a connection or end the process.
There is a command line version of TCPView (Tcpvcon) which is similar to netstat. TCPView runs Windows Server 2008/Vista/NT/2000/XP and Windows 98/Me.

TCPView

Rate this tool: 1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 3.83 out of 5)
Loading ... Loading ...
Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

runas_context_menu ShellRunas v.1.0 is a new Sysinternals tools by Mark Russinowich. It enables you to run a program with different credentials from Windows Explorer. The tool works with Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.

Tools such as RunAsAdmin or RunAsLimitedUser allow you to run commands only with a certain account. Windows XP and Windows Server 2003 already have this run as option in the context menu of Windows Explorer. Microsoft removed it for some reason in Windows Vista and Server 2008. ShellRunas weeds out this mistake. You can use ShellRunas from Windows Explorer by right clicking on the application you want to start and then on “Run as different user”.

(more…)

Rate this tool: 1 Star2 Stars3 Stars4 Stars5 Stars (6 votes, average: 3.83 out of 5)
Loading ... Loading ...
Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

Nick MacKechnie reports that some Sysinternals tools have been updated. PSExec v1.90 improves handling of arguments, BgInfo v4.12 offers improved reporting, Process Explorer v11.04 fixes a memory leak, ADExplorer v1.01, DebugView v4.72 and Process Monitor v1.26 fix some minor bugs.

Submitted by Christoph Kral

The Sysinternals Troubleshooting Utilities for the various aspets of Windows administration.
(Not only Procmon or Proc Explorer)

Sysinternals Suite

Rate this tool: 1 Star2 Stars3 Stars4 Stars5 Stars (23 votes, average: 4.30 out of 5)
Loading ... Loading ...
Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

Submitted by Colin Bowern – Blog: Colin Bowern

When it comes to figuring out why something isn’t operating the way it should having a view of the process, file, and registry activity gives you insight that is indispensible.

Process Monitor and Process Explorer

Microsoft has released the free Sysinternals Process Explorer 11. Most of the new features are related to Vista. Not everything is improved, though.

Process Explorer is certainly a must-have tool for any admin. I blogged about Process Explorer 10 a while ago. What I don’t like about it, is its sparse documentation. Some of the new features sound quite interesting, but searching for them in the Help file won’t reveal much in most cases. For example, I wanted to find out what “Show details for all processes elevation menu item on Vista” is supposed to mean. But my full text search for “elevation” got no hits.

(more…)

Rate this tool: 1 Star2 Stars3 Stars4 Stars5 Stars (10 votes, average: 4.10 out of 5)
Loading ... Loading ...
Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

I just ran across the new McAfee Rootkit Detective 1.0. There are so many anti-rootkit tools available now, and it’s about time that McAfee comes out with its own free rootkit detection utility.

(more…)

Microsoft released Process Monitor v1.2 just two weeks ago. Now there is a newer version available again. It is only a minor update, just as the ones for TCPview and PSExec. Since all three utilities belong in every admin’s tool box, it is worth a blog post.

(more…)

Microsoft released Process Monitor v1.2, a free tool to monitor real-time file system, registry and process/thread activity. There is an “interesting” SearchWinIT article about its new features. I guess the author never saw Process Monitor in his life.

(more…)

Active Directory Explorer v1.0 is a free new Sysinternals tool from Microsoft. It allows you to view and edit the Active Directory database. The utility is similar to ADSIedit from the Windows Server 2003 Support Tools. It offers two useful additional features: You can create snapshots and you can bookmark AD objects.

(more…)

Previous Posts