Skip to main content

Windows Sysinternals

El sitio web de Sysinternals lo crearon en 1996 Mark Russinovich y Bryce Cogswell para alojar sus utilidades de sistema avanzadas, junto con información técnica. En julio de 2006, Microsoft adquirió Sysinternals. Tanto profesionales como desarrolladores de TI encontrarán utilidades en Sysinternals para facilitar la administración y el diagnóstico de sistemas y aplicaciones de Windows, así como la solución de problemas que pudieran surgir al respecto. Si tiene alguna duda sobre una herramienta o sobre cómo utilizarla, visite el foro de Sysinternals para encontrar respuestas y ayuda de otros usuarios o de nuestros moderadores.

  • Utilidades de disco y archivos

    Utilidades para ver y supervisar el acceso a los discos y archivos, así como el uso que se hace de ellos.

  • Red

    Herramientas de red, desde monitores de conexión a analizadores de seguridad de recursos.

  • Procesos y subprocesos

    Utilidades para consultar de forma subyacente los procesos en ejecución y los recursos que consumen.

  • Utilidades de seguridad

    Utilidades de administración y configuración del sistema de seguridad, con programas de rootkit y de captura de spyware.

  • Información del sistema

    Utilidades para consultar el uso y la configuración de los recursos del sistema.

  • Varios

    Una colección de utilidades variadas que incluye un protector de pantalla, ayuda de presentación y una herramienta de depuración.

Novedades

Microsoft TechNet: Windows Sysinternals

Updates: Handle v4.0. Procdump v7.01, Procexp v16.04, Regjump v1.02, Autoruns v12.03
Handle v4: Handle is a command-line utility that can show which processes have a handle to a file or other resource open, or show all open handles. Version 4 now works with standard-user rights, allowing standard users to identify the handles open by their processes. ProcDump v7.01: This release fixes several bugs, including one that affects the UI hang trigger, one that causes misnamed dump files for reflected dumps, and another that would cause .NET applications Procdump monitors for first-chance exceptions to terminate with Procdump. Process Explorer v16.04: This update fixes a bug in Virus Total file submission that could cause a crash, and now shows Windows Store package names on the Image page of the process properties dialog. RegJump v1.02: Regjump, a utility that opens Regedit to the registry key specified as a command-line argument, now works on 64-bit Windows. Autoruns v12.03: This update to Autoruns adds the registered HTML file extension, fixes a bug that could cause disabling of specific entry types to fail with a “path not found” error, and addresses another that could prevent the Jump-to-image function from opening the selected image on 64-bit Windows.
Updates: Autoruns v12.02, Coreinfo v3.31, Sysmon v1.01, Whois v1.12
Autoruns v12.02: This fixes a bug that could cause Autoruns to crash on startup, updates the image path parsing for Installed Components to remove false positive file-not-found entries, and correctly reports image entry timestamps in local time instead of UTC. Coreinfo v3.31: This update fixes a bug that could prevent the Coreinfo driver from loading. Sysmon v1.01: This fixes the manifest registration so that Sysmon event logs can be interpreted without installing Sysmon, and now includes unique UDP connections within 15-minute intervals. Whois v1.12: This release fixes the verbose output to not show the final record twice.
New: Sysmon v1.0; Updates: Autoruns v12.01, Coreinfo v3.3, Procexp v16.03
Sysmon v1.0: We’re excited to announce Sysmon, a new Sysinternals utility that monitors and reports key system activity via the Windows event log, including detailed information about process creation, network connections and file creation timestamp changes. With Sysmon installed on your systems, you can collect and analyze these events to identify the presence of attackers, and correlate events across your network to track them as they traverse your network. Autoruns v12.01: This update to Autoruns, a utility that comes in Windows application and command-line forms, has numerous bug fixes, adds a profile attribute/column to CSV and XML output, and interprets the CodeBase value for COM object registrations. Coreinfo v3.3: Coreinfo is a command-line utility that reports comprehensive information about a system’s processors, including their cache sizes and topology, memory latency, and processor features, now reports virtual memory address width as well as support for many additional instructions, including PT, SHA, MPX, CFLUSHOPT, and AVX variants. Procexp v16.03: This release of Process Explorer, a process viewing and control utility, fixes several bugs, including one where moving the mouse over the information graphs could cause it to crash and another that could cause a crash when checking Virus Total results.
Mark's Latest Novel and TechEd Presentations Now Available
Mark's Latest Novel, Rogue Code: The third book in Mark’s Jeff Aiken technothriller series was published on May 20. In Rogue Code, Jeff is hired to penetration test the New York Stock Exchange. When he reaches the heart of the trading engine he discovers malware that’s manipulating trades to skim money while blending in with high-frequency trading (HFT) algorithms. He’s accused of hacking and goes on the run in a race against the clock to clear his name and prevent a multi-billion dollar heist that could cause the collapse of the US financial system. As with his previous novels, Mark doesn’t compromise technical accuracy while building a thrilling story. Rogue Code is available in Audible, ebook, and hard cover versions. Mark’s TechEd Presentations: Mark delivered five top-rated and top-attended presentations at TechEd North America this year. They included: his latest edition of the ever-popular “Case of the Unexplained” on Windows troubleshooting; a new “Malware Hunting with the Sysinternals Tools” that highlights the latest malware trends; a presentation with Nathan Ide on pass-the-hash mitigations introduced in Windows 8.1; a talk on Azure’s security architecture and its design for hostile multitenancy; and a wide-ranging conversation with IT Pro luminary Mark Minasi on cloud computing trends and considerations. If you missed being there in person, you can watch them now on demand at the TechEd webcast site.

más >

Microsoft está realizando una encuesta en línea para comprender su opinión del sitio web de. Si decide participar, se le presentará la encuesta en línea cuando abandone el sitio web de.

¿Desea participar?