We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

Sysinternals tools

5 most useful SysInternals tools for optimizing your Windows PC
Winsage
February 20, 2025

5 most useful SysInternals tools for optimizing your Windows PC

SysInternals is a suite of 74 utilities from Microsoft designed to enhance the performance and reliability of Windows PCs. Users can download the entire suite or select individual tools from the Microsoft SysInternals Learn page. 1. AutoRuns: Identifies unnecessary background processes and obsolete registry entries, providing detailed information about each entry. It allows users to review installed drivers and spot potentially harmful entries. Launched via Start menu or by typing Autoruns.exe in the Run dialog. 2. TCPView: Monitors all TCP and UDP connections in real-time, categorizing them by version and displaying ports and connection timestamps. It helps identify bandwidth-hogging processes. Launched via Start menu or by typing tcpview.exe in the Run dialog. 3. RamMap: Provides an in-depth analysis of memory consumption across processes, helping identify memory-hogging applications and diagnose memory leaks. It offers options to clear memory, including emptying working sets, standby lists, and modified lists. Launched via Start menu or by typing rammap.exe in the Run dialog. 4. DiskView: Offers detailed insights into hard drive usage with a color-coded map of disk sectors, helping users identify fragmentation and unused space. Launched via Start menu or by typing diskview.exe in the Run dialog. 5. CacheSet: Optimizes the Windows file system cache by allowing users to adjust cached data management settings and clear the cache with a single click. Launched by typing cacheset.exe in the Run dialog. The SysInternals Suite is cost-free, effective, and compatible with Windows Recovery mode, making it a practical choice for users looking to enhance their PC's performance.
9 SysInternals tools that should be built into Windows
Winsage
February 11, 2025

9 SysInternals tools that should be built into Windows

Windows is a popular operating system known for its versatility but often lacks advanced troubleshooting and system monitoring tools. SysInternals is a suite of utilities developed by Microsoft for power users and IT professionals, offering enhanced control over systems. Key tools in the SysInternals suite include: - Process Explorer (procexp.exe): Provides a detailed overview of running processes, including resource usage and file access, and allows users to identify locked files and potential malware. - Process Monitor (procmon.exe): Records file system, registry, and process activities in real-time, with filtering options to diagnose performance issues and application errors. - Autoruns (autoruns.exe): Displays all startup programs and processes, allowing users to disable or delete unnecessary entries to improve performance and security. - TCPView (tcpview.exe): Shows active TCP and UDP connections, detailing which processes are using network connections, enabling users to manage network activity. - SDelete (sdelete.exe): A command-line tool for secure file deletion that overwrites data to prevent recovery, useful for safeguarding sensitive information. - ZoomIt (zoomit.exe): Enhances presentations by allowing users to zoom in on screen areas and annotate, beneficial for educators and IT professionals. - RamMap (rammap.exe): Analyzes physical memory allocation, helping identify memory leaks and inefficient usage. - PendMoves (pendmoves.exe): Lists files scheduled for movement or deletion upon reboot, aiding in troubleshooting file modification issues. - BgInfo (bginfo.exe): Generates a desktop background displaying vital system information, customizable for user needs. The integration of these tools into Windows would enhance its diagnostic and troubleshooting capabilities, benefiting both everyday and power users.
0-Day Vulnerabilities in Microsoft Sysinternals Tools Allow Attackers To Launch DLL Injection Attacks on Windows
Winsage
February 5, 2025

0-Day Vulnerabilities in Microsoft Sysinternals Tools Allow Attackers To Launch DLL Injection Attacks on Windows

A critical 0-Day vulnerability has been identified in Microsoft Sysinternals tools, allowing attackers to exploit DLL injection techniques to execute harmful code. This vulnerability has been verified and remains unresolved despite being disclosed to Microsoft over 90 days ago. The Sysinternals tools, including Process Explorer, Autoruns, and Bginfo, are widely used for system analysis and troubleshooting but lack integration with the Windows Update system, requiring manual management of security patches. The vulnerability stems from how Sysinternals tools load DLL files, prioritizing untrusted paths over secure system directories. Attackers can place a malicious DLL in the same directory as a legitimate Sysinternals executable, leading to the execution of arbitrary code under the user's privileges. A real-world example demonstrated that an attacker could deploy a Trojan via the Bginfo tool by loading a malicious DLL from a network directory. The vulnerability affects multiple Sysinternals applications, and a comprehensive list is available from the researcher. Microsoft has classified the issue as a "defense-in-depth" enhancement rather than a critical vulnerability, focusing on local execution rather than risks associated with network paths. As of December 2024, the vulnerability remains unpatched, prompting users to take precautionary steps such as avoiding running tools from network locations and verifying DLL integrity.
Search