Sysinternals

From aldeid
Jump to navigation Jump to search

Description

INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.

Tools

Tool Description
accesschk.exe
AccessEnum.exe
ADExplorer.exe
ADInsight.exe
adrestore.exe
Autologon.exe
autorunsc.exe GUI that shows programs configured to autostart during boot
autoruns.exe CLI version of autoruns
Bginfo.exe
Cacheset.exe
Clockres.exe
Contig.exe
Coreinfo.exe
ctrl2cap.exe
Dbgview.exe
Desktops.exe
disk2vhd.exe
diskext.exe
Diskmon.exe
DiskView.exe
du.exe
efsdump.exe
FindLinks.exe
handle.exe
hex2dec.exe
junction.exe
ldmdump.exe
Listdlls.exe Reports the DLLs loaded into processes
livekd.exe
LoadOrd.exe
logonsessions.exe
movefile.exe
ntfsinfo.exe
pagedfrg.exe
pendmoves.exe
pipelist.exe
portmon.exe
procdump.exe
procexp.exe List running processes and show information about handles and DLLs used and loaded by processes
Procmon.exe Monitoring tool for Windows that shows real-time file system, Registry and process/thread activity
PsExec.exe Remotely execute commands
psfile.exe Remotely display open files
PsGetsid.exe Display a computer or a user SID
PsInfo.exe Show information about a system
pskill.exe Stop processes by name or ID
pslist.exe Show details about processes
PsLoggedon.exe Show logged on users on locally and via resource shares
psloglist.exe List and remove events logs entries
pspasswd.exe Change passwords
psping.exe
PsService.exe Display and manage services
psshutdown.exe Stop and restart a computer
pssuspend.exe Stop processes
RAMMap.exe
RegDelNull.exe
regjump.exe
RootkitRevealer.exe
ru.exe
sdelete.exe
ShareEnum.exe
ShellRunas.exe
sigcheck.exe
streams.exe View and delete Alternate Data Streams (ADS)
strings.exe
sync.exe
Sysmon.exe
Tcpvcon.exe
Tcpview.exe
vmmap.exe
Volumeid.exe
whois.exe
Winobj.exe 32-bit Windows NT program that uses the native Windows NT API (provided by NTDLL.DLL) to access and display information on the NT Object Manager's name space
ZoomIt.exe

Comments

Keywords: sysinternals windows malware