Let's start with the system administrator's operating system. Personally, I worked and work only on Windows OS. It used to be Windows 7, now Windows 10. Below I will write my opinion on these OSes. For now, I'll just explain why Windows.

Of course, I have had experience with various linux distributions. I easily work with this system, but for the user I do not see any advantages compared to windows. You can argue endlessly on this topic, I will only note how windows is better than linux in my opinion:

1. Better software and driver support. You will almost never have problems with the fact that some driver or program is not available for your system.
2. Stable and reliable performance. Basically, this plus applies to Windows 7, I won’t say this about the top ten. But the seven worked for me without problems and has been working for months without rebooting.
3. Easy integration into other information systems. It is easy to connect a network folder, a printer in a new office, connect to vpn. I often move between offices, this is important for me.

Windows is an operating system for those who just want to sit down and start working, and not configure the system, look for drivers for the touchpad, hibernation graphics cards, etc. to work correctly.

Nothing else came to mind :) Of course, the first point is of decisive importance. For example, there is a Windows-only Citrix XenCenter application for managing XenServer. Of course, with virtual machines, this issue is smoothed out a bit, but nevertheless, I prefer when all the working tools are on the same system. Under Windows, there is a huge amount of software for every taste. Below I will just tell you what programs under windows I use for system administration.

A couple of years ago, I switched from Windows 7 to Windows 10. There were very few motives for this transition:

1. I liked the new task manager.
2. I wanted to use ctrl+c and ctrl+v in cmd.
3. It was just curious to see the new system.

The transition did not bring me any special conveniences. I liked the first two points, but everything else constantly annoys me. The disadvantages of this system are many. I'll try to collect my thoughts and list all the bad things that I myself encountered:

1. Annoying update system. How much I tormented with her, but I did not defeat her. Resigned and regularly updated. Well, at least there are no errors yet.
2. All settings are messed up. Part of the Control Panel remained, part moved to Settings. Not only is it so inconvenient, but in the Settings themselves, the location of the settings changes from update to update. Connecting to a VPN, seeing the status of a network connection, allowing the display of tray icons has become very inconvenient. It's good that the old control panel still remains. What will happen if it is removed - I do not know.
3. The system periodically does something in the background, loads the processor and eats up the battery life on the laptop. For me, this is very important, since I have a Thinkpad x220 with a very capacious battery. I can work from it for several hours, but not when windows 10 decides to count something in the background. Moreover, the system process is running and you cannot understand what exactly the system is doing. I approached this problem this way and that, but I still didn’t understand what exactly needs to be done so that the system stops conducting incomprehensible activities. Even completely disabling the update did not help. Sometimes the system did something anyway. I immediately noticed this, as the fans on the laptop begin to hum louder. Sometimes restarting the computer helped, sometimes not.
4. Buggy clipboard. Sometimes he slows down. Sometimes question marks come out of it. Sometimes it adds a lot of spaces between lines. This is a real disaster, as it greatly interferes with work. Reboot helps, but in the middle of the working day, during active work, rebooting is not an option.

There are many more minuses, I don’t want to focus on this now, since the article is about something else. But these particular things really annoy me and in general I don’t like this system. It's not comfortable for work. I'm not switching back to Windows 7 as it will be out of support in less than 2 years and I don't like reinstalling systems. A lot of time is spent on this. That's where the shortcomings come in. Perhaps reinstalling the system on the LTSB version will solve the problems, but so far I'm not going to reshuffle.

Everything about the operating system. Here is an example of a system administrator's desktop, i.e. me :)

SSH client

The first place in the list of system administrator programs is occupied by the ssh client. It is in ssh that I spend most of my working time. I work with linux a lot more than windows. During my work, I tried everything that came across on the topic of ssh client. Like most, I started with putty, then used kitty. This option is suitable for those who occasionally need to connect somewhere via ssh. Also for those who have 5-10 servers in charge with one password or certificate for all servers.

As soon as the number of servers grows, the question arises of finding a more convenient program for ssh connections. As a result, I use two programs, which I will talk about in more detail.

mRemoteNG

I got acquainted with this program a long time ago, even before it was forked and NG was added at the end. It combines all popular methods of remote connection to servers. Specifically, I used the following:

It is very convenient to connect to different servers from one place. All connections are located in one program window in separate tabs. In this program, I was satisfied with almost everything, except for one annoying bug that has not yet been fixed. If you connect via ssh, then alt + tab switching does not work correctly for you. If you switch from mRemoteNG to another window, through alt tab, and then return back with the same combination, you will not end up in mRemoteNG, but in another program.

This behavior is due to the fact that putty is used for ssh connection, the program itself is written in .net. This bunch somehow works incorrectly in terms of switching windows. I read reviews about this bug on the developer's site, there are all the details. They write that until they leave putty, it is impossible to fix this bug. It's a pity, since the program suits me 100%, but the eternal problems with alt + tab forced me to look for a replacement for ssh. And I found it, and I use mRemoteNG for rdp and vnc connections.

This program has a ported version and is easily synchronized through cloud file storages, which adds to its advantages. Of the minuses, just the use of putty, in which I personally really do not like the fact that it uses its own private key format. You have to use puttygen to convert the keys.

This program became indispensable for me when the number of managed servers exceeded 30-40. With its help, you can build a tree structure of attachments for connections, save credentials. And all this in one place for all protocols. mRemoteNG is a great system administrator tool. I've never seen better functionality. Maybe someday the shortcomings will be corrected.

The downside, as I said, is the incorrect alt + tab switching when working with ssh and the lack of a startup password. This is important, since all your passwords are stored in the program, while it is also ported. As a result, I removed all ssh connections from it and began to use another program.

Xshell 5

This ssh client for windows suited me with everything. It has a lot of settings, after installation I dealt with them for a long time to make everything beautiful and convenient. Here is an example of why I love this client.

You can arrange windows, for example, like this and debug something. If you have multiple monitors, like I do, you can place different instances of the program with different connections on different monitors. For example, I like to test the load on the web server this way. On one monitor I open ssh windows with the necessary metrics, on the other, graphics from zabbix. I give the load and see in real time what is happening on the server.

Xshell 5 gets rid of all the shortcomings of the previous program:

• Switches correctly by alt+tab.
• Has a password to run the program.
• Uses a standard private key format, unlike putty.

The interface is well customizable. I removed all unnecessary from the program window. I remember the hot keys and use them only to create connections, change, etc. Ssh connections can be organized in a tree structure, have a lot of settings. You can change console colors, window title colors, and so on. Thus, you can conveniently mark the most important servers with a separate color, or test ones. I do this for some servers. You can separate the servers of different organizations in different colors.

Password storage

Let's move on to the next most important category of software for a system administrator - password storage. Any system administrator has a lot of various accounts that need easy access. About 3 years ago I used for a long time password commander. A simple and convenient password storage, where there is everything you need and nothing more. But the program has not been developed for a long time, it was no longer possible to register it. Although it was free for residents of the CIS, you still had to register, otherwise an information window would pop up at the start. At some point I got tired of watching this window and I decided to change the program.

The choice immediately fell on KeePass, as this is the most popular password storage program that exists for all popular systems. There are many plugins for it that expand the functionality, but I personally do not use anything. All passwords are stored in one encrypted file, which can be stored on a cloud drive. It is convenient to access it both from a computer and from a mobile phone. Personally, I do not store passwords on my mobile phone, but if absolutely necessary, you can download this file via the Internet and see the desired password. It's comfortable.

Remote access programs

System administrators often need to connect to remote workstations. To implement this functionality, there are many programs. The most popular and well-known is teamviewer. But it is paid, and in the free version there are restrictions that often do not allow you to use it. You have to look for compromises.

There is a good analogue - LiteManager. The free version has a limit of 30 seats. If you have fewer of them or you use a program to access some technical machines where rdp is not suitable for some reason (access control server, video surveillance client, etc.), then this program may be enough for you.

If you have more than 30 jobs and need remote access to all machines, then the solution is a vnc server. I prefer TightVNC. The solution is only suitable for a local network, or for a channel of at least 30-50 megabits. Vnc has a very slow protocol and it is simply impossible to use it at a low link speed.

If you need remote access via vnc to the local network, then you can use vpn, or a simpler option is to connect somewhere to LAN via rdp, and then via vnc. With modern Internet speeds, it turns out to be a completely working option. I use in some situations. For security, I simply restrict access via rdp at the ip level. I have the ability to connect from multiple static ip addresses.

Software for sysadmin notes

System administrators constantly accumulate all sorts of notes, cheat sheets, notes, etc. For this, it is better to use a specialized program. I've been using the free version for taking notes for many years. Evernote. The limitation of the free version is enough for me - 2 devices. I have a work laptop and smartphone.

There are many similar programs. I will be glad to advice in the comments. Tell us what you use to store text records.

Where do admins keep a to-do list?

I am absolutely convinced that any system administrator needs a program for maintaining to-do lists, of which he always has a huge amount. The program can in extreme cases be replaced by a text notepad. That's how I had a long time, until I met and tried the program Todoist. Since then, I've been doing all my business with her.

It is important not to forget anything when working with customers. Everything that was discussed and planned with you, you write down and complete on time. If these are personal conversations, then I make notes in a notebook and then I will definitely check if I have forgotten something. If I don't write it down, I'll probably forget. During the day there is a constant incoming flow of information that needs to be organized. Commitment and punctuality create a good impression and allow you to find and maintain long-term relationships with good customers.

What are you running your business in?

In which program to draw a network diagram

For me, the question of choosing a program for drawing visual diagrams of an information system is still open. I tried a lot of things, but did not decide where to do it more conveniently and more beautifully. I will list the programs where I myself drew diagrams of networks and information systems.

Microsoft Visio

A well-known and popular program for drawing various diagrams and maps. I could not visually draw a diagram of a server room on it. It turned out something like this:

I did not like. It looks like nothing, but the connections can not be laid clearly. I do not accept this scheme. Tried different icon sets. In general, I approached visio from different angles, but in the end I abandoned it.

Edraw Max

A good program for drawing diagrams. It turns out visually and even in places beautifully (for an amateur), but is only suitable for small networks. I couldn't draw anything big on it.

Eventually, I stopped using it too. Ultimately, I settled on another program.

Dia

When I first met, I didn't like it at all. Everything seemed kind of clumsy and unsightly. Editing elements is not intuitive. I made a lot of mistakes in the first place. I inherited several network diagrams drawn in this program, so I worked with it to a minimum to edit these networks.

But once again, when I was looking for a convenient program for drawing a diagram of a large project, I did not find anything suitable. Decided to try Dia. And somehow, I liked it. I got used to the interface and functionality and began to draw diagrams in it. Now I use this program constantly for drawing block diagrams, diagrams of local, information networks. It turns out something like this if you draw a physical network:

There are more complex schemes, but there is a lot to gloss over, I will not show :)

Tried different online services for drawing diagrams. The functionality seems to be normal and it turns out well, but it’s corny inconvenient for me to draw in the browser.

I would be glad for useful advice on programs for drawing flowcharts and network maps. Dia is a good thing, but I still don't like it 100%. I hope to find something more beautiful and comfortable.

Smartphone system administrator software

I’ll briefly go over the programs that I have on my smartphone, although in reality I don’t use them often, since I work mostly remotely. But nevertheless, according to old memory, a set of system administrator programs has been preserved, which, although rarely, find their application.

My smartphone is on Android, so programs for it.

• wifi manager- allows you to quickly and visually assess the workload of the wifi frequency by channel.
• WiFi Analyzer- with its help, I check the work from Mikrotik. Using the program, you can see many points behind one SSID and connect to them by MAC address. This is one of the possibilities that is interesting to me personally. The program has many other useful features.
• speed test Everything is clear with this program. Mobile analogue of the popular service. Useful for everyone, not just system administrators.
• Evernote— mobile version of the program for notes.
• RD Client- an application from Microsoft for connecting via rdp. Surprisingly handy. I use regularly.
• KeePass— mobile version of the password manager. Opens the password file stored on the laptop.
• Zadarma SIP- sip telephony client. I use when. The service is convenient for free as a test trunk during setup and testing.
• Keyboard for passwords- a simple application that allows you to easily enter passwords that are invented in the Russian layout, but are entered in English. I myself do not like to use such, but I have to work with them. It is very inconvenient to enter them without a Russian keyboard.
• openvpn for android- a regular vpn client for openvpn.
• JuiceSSH- ssh client. I rarely use it, because it is very inconvenient to work via ssh through a smartphone, no matter what client you take.
• PingTools— a set of useful network utilities. You can ping, trace something directly from your smartphone.

That's probably all of the programs on the smartphone, which directly or indirectly relates to system administration.

I end with this. I also planned to tell you about my workplace - a table, a laptop, monitors, etc. But for another time. The article turned out to be voluminous.

I will be glad to comments with useful and unfamiliar software for me. I want to try something more comfortable than what I have.

Online course "DevOps practices and tools"

If you have a desire to learn how to build and maintain highly available and reliable systems, learn how to continuously deliver software, monitor and log web applications, I recommend getting acquainted with online course "DevOps practices and tools" in OTUS. The course is not for beginners, for admission you need basic knowledge of networks and installing Linux on a virtual machine. The training lasts 5 months, after which successful graduates of the course will be able to be interviewed by partners. Test yourself on the entrance test and see the program in more detail.

PC remote control programs are well known to any system administrator or technical support employee, since in their daily activities they are constantly faced with the task of administering servers and PCs of local network users. The most common utility for remote PC control is, of course, Remote Desktop Connection, which is included with the Windows operating system. This fact is explained not so much by its functionality, but by the fact that it is an integral part of the OS, and therefore it is not necessary to purchase it separately. As for the functionality of this utility, in practice it is usually not enough, so specialized third-party software packages are often used. In this article, we will consider specialized software packages designed for remote control of computers.

If you try to classify remote control programs, then they can be conditionally divided into two types: utilities that provide access to the desktop of a remote PC, and utilities that provide access to the command line of a remote PC. The first of these provide users with the ability to work with a remote PC in the same way as with a local one. Utilities of the second type allow you to automate network operation by running the same or different applications on several selected network computers, as well as, for example, creating a schedule for launching programs on remote PCs. It is completely pointless to try to compare these two types of utilities, as they are used in different situations and for different purposes.

Note that most remote control programs operate on the "client-server" principle, that is, they imply the presence of the server and client parts of the program, which are respectively installed on the managed computer and on the PC from which the control is performed. To gain control over a remote PC, it is necessary that the appropriate program module (server part) be launched on it. Some remote management utilities allow you to remotely install the server part (if you have the appropriate administrative rights), and sometimes this procedure is completely transparent to the local PC user (as a rule, in this case, the server part is installed as a service on a remote PC). But some utilities require a "manual" installation of the server part of the program.

In this article, we will present to your attention remote control programs focused on use with Windows platforms. It should be noted that in the process of preparing the publication, we looked through several dozen utilities for remote control of a PC (fortunately, finding them on the Internet is not difficult). However, as it turned out, not all utilities are efficient and generally deserve mention. Therefore, we will focus only on those that really work and have been tested by us in a real local network.

Anyplace Control 3.3 (www.anyplace-control.com )

Anyplace Control 3.3 is a client-server application.

The Host module is installed on the managed PC, and the Admin module of the program is installed on the PC from which control is performed. Of course, it is possible to simultaneously install both modules on any PC in the local network. But the most interesting thing is that the Anyplace Control 3.3 program provides the ability to remotely install the Host module on any computer on the local network. And all that is needed for this is to select a computer on the local network and start the procedure for remote installation of the Host module. Naturally, for this you need to have administrator rights.

Note that the Anyplace Control 3.3 program supports the Russian-language interface.

Anyplace Control 3.3 allows you to work in two modes: view and control. In the first mode, it is possible to display the desktop of a remote PC on the screen and observe the user's actions, and in the control mode, it is possible to completely intercept control of the remote PC. An interesting feature of the remote control mode is that the work of the remote PC user himself is not blocked. However, in both modes, the user of the remote PC receives a notification in the form of an icon in the system tray that his computer is "under the hood".

To connect to a remote PC, you must first select it from the list. The built-in scanner allows you to display all computers on the local network (domain or workgroup), and you can configure the filter to display only PCs that already have the client part of the program installed, that is, those that you can connect to.

After selecting the computers to which you want to connect, they are added to the list and become available for remote management (Fig. 1).

Rice. 1. The main window of the Anyplace program
Control 3.3 with a displayed list of computers,

The undoubted advantage of this utility is that it allows you to remotely control several PCs at the same time. In this case, it is possible to simultaneously execute commands such as shutdown, reboot and end the user session on managed PCs.

To prevent unauthorized access to the PC during the installation of Anyplace Control 3.3, you can set a password to access the managed computer. Other interesting features of the program include setting up traffic encryption for remote PC control and the use of a shared clipboard between the managed computer and the PC from which the control is performed. True, it will not work to transfer pictures through this buffer, but text fragments are transferred without problems.

In conclusion, we note that the demo version of Anyplace Control 3.3 is valid for 30 days after installation. The price of the full version of the program depends on the number of PCs on which it is installed, at the rate of $17.5 per PC.

Access Remote PC 4.12.2 (www.access-remote-pc.com )

The Access Remote PC 4.12.2 utility also belongs to the category of client-server applications and allows you to intercept the desktop and get full access to any PC where the server part of this program is installed from any other computer (Fig. 2). Note that the server part of the program is installed on the managed PC, and the client part is installed on the computer from which the control is performed. When installing the server part of the application on computers subject to remote control, the user name for which remote control is authorized and the access password are specified.

Rice. 2. Transfer files between computers
in the Access Remote PC 4.12.2 utility

The Access Remote PC 4.12.2 program provides the ability to control computers both over a local network and over the Internet, and even through modem connections. With remote control of the computer, the work of the local user is not blocked, and the local user can find out that the computer is controlled from the outside, as well as who exactly controls the computer, by the icon in the system tray. In addition, the server part of the program allows, if necessary, to disconnect all remote users from the PC, change passwords, and view statistics for each remote control session.

Access Remote PC 4.12.2 provides two modes of operation: full control mode of the remote PC and monitoring mode.

The disadvantages of this utility include the impossibility of remote simultaneous control of multiple PCs using a single interface. However, you can run multiple connection sessions at the same time (each in its own window), and then you can manage multiple remote computers. Another drawback of the program is the impossibility of remote installation of its server part.

The advantages of Access Remote PC include the fact that it can work with firewalls, supports dynamic IP addresses and, importantly, practically does not slow down even on slow network connections, including modem ones. In addition, this utility allows you to easily transfer files between computers, for which a special Transfer Files mode is provided (Fig. 2), and also supports working with the clipboard, that is, it allows you to synchronize clipboards on a local and remote PC, which simplifies the transfer of text fragments between PC. Another advantage of the program is the support for encryption when transmitting data using the RC4 algorithm with a 160-bit key.

The free version of the program is fully functional, but the number of launches is limited - only 30 times.

LanHelper 1.61 (www.hainsoft.com)

LanHelper 1.61 (Fig. 3) is a small utility that allows you to automate the process of managing a local network.

Rice. 3. Main window of LanHelper 1.61 utility

With its help, you can remotely shutdown or restart several computers on the network at the same time. Applications can be launched on remote PCs (if they support launching from the command line), in addition, simultaneous launch of the same applications on a group of managed PCs is supported.

The LanHelper utility has a built-in set of commands that can be executed on remote PCs (Figure 4). At the same time, it is possible to specify the time when the application is launched, and the time interval according to which the applications are launched on the PC (minimum interval 1 minute). You can also schedule applications to run on remote PCs. The most important advantage of the program is that it does not require installation of the client part on remote PCs to implement all its features.

Rice. 4. Remote command execution
simultaneously on multiple computers
using the LanHelper 1.61 utility

In addition to remote command execution, the LanHelper 1.61 utility allows you to view, start and stop various services on remote PCs (Fig. 5), as well as send messages to users (to implement this feature, you must activate the Messenger service on all PCs).

Rice. 5. Working with services on a remote PC
using LanHelper 1.61 utility

To implement the ability to run applications and execute commands on remote PCs, you must have administrator rights.

The demo version of LanHelper LanHelper 1.61 has a limited validity period of 30 days and a license price of $49.95.

DameWare NT Utilities 5.5.0.2 (www.dameware.com)

DameWare NT Utilities 5.5.0.2 is a powerful remote LAN administration system. It is based on a set of Microsoft Windows NT administration utilities, united by a very convenient single interface. Most of the included utilities in the Microsoft Windows NT administration utilities have advanced features, and it also contains a number of unique utilities. In particular, the package includes the DameWare Mini Remote Control utility, which allows you to fully control the desktop of a remote PC, as well as a utility for implementing command line mode on a remote PC.

When DameWare NT Utilities 5.5.0.2 is launched, the entire network is automatically scanned and the main program window displays all available domains and workgroups, as well as computers in the selected domain/workgroup (Fig. 6).

Rice. 6. Main window of DameWare NT Utilities 5.5.0.2

Let's briefly list the features of the DameWare NT Utilities 5.5.0.2 package: it can be used to view information about hard drives on remote PCs, get acquainted with the contents of the Event Log, view information about connected printers, running processes and services, about installed applications, collect detailed information about PC configuration, receive service information about PCs activated by users, and much more. There are also additional features: you can quickly edit the registry on a remote PC, send messages to users via the Messenger service, remotely shut down or restart computers, and, as already mentioned, take full control of a remote PC through the command line or desktop.

The undoubted advantage of this software package is that for the implementation of remote control it is not required to manually install the client part of the program on a remote PC. When you try to control a remote PC through the desktop or command line, DameWare NT Utilities 5.5.0.2 automatically prompts you to install and start the required service on the remote PC. In this case, the user of this remote PC will find out about the interception of control in a pop-up window that displays information about which particular PC the remote control is being performed from.

The advantages of DameWare NT Utilities 5.5.0.2 include the ability to simultaneously connect to multiple computers to manage them, as well as the fact that the remote control does not block the work of a local user.

All in all, this software package is a powerful and convenient network management tool.

The demo version of the program is fully functional, but with a limited validity period of 30 days. The price per license is $289. Alternatively, you can purchase the DameWare Mini Remote Control package separately for remote control of computers via the desktop, one license will cost $89.95.

Omniquad Instant Remote Control 2.2.9 (www.omniquad.com )

The current version of the Omniquad Instant Remote Control utility - 2.2.9 - is far from new, but still remains one of the best in its class.

The Omniquad Instant Remote Control 2.2.9 utility allows you to get full control over a remote PC through the desktop. A distinctive feature of this utility is that it does not require installation of the client part on the managed PC. When accessing a remote PC, the corresponding service is initially launched on it in hidden mode, and the user of the PC controlled using this program does not receive any notification and has no way of knowing that control of his computer has been intercepted. This allows you to use this utility for covert monitoring of user actions. Note that not all remote control utilities have the ability to control a PC without prior notice to the user.

When the program starts, the network is automatically scanned, and the computers in the network environment are displayed in the main program window (Fig. 7). After selecting any computer by pressing the Remote Control button, control of the remote PC is intercepted. The work of the local user is not blocked. In addition, it is possible to launch this utility in the mode of monitoring the desktop of a remote PC.

Rice. 7. The main window of the Omniquad Instant Remote Control 2.2.9 utility

Note that for remote control, you must have the appropriate rights to access the PC. If you use a firewall (Firewall) on a remote PC, you must open port 6003, which is used by this utility by default. In addition, you can assign any other port to Omniquad Instant Remote Control (and open ports can be scanned).

The disadvantage of the program is that it does not support simultaneous connection with several remote computers.

The demo version of the utility has a limited validity period of 30 days, the license price is $39.

EMCO Remote Desktop Professional 4.0 (www.emco.is )

In terms of functionality, this product (Fig. 8) is somewhat similar to DameWare NT Utilities 5.5.0.2. The EMCO Remote Desktop Professional software package is a set of functional tools for implementing remote control of a local network and monitoring its status.

Rice. 8. Main window of EMCO Remote Desktop Professional utility

When you start the program, you can activate a network scanner that allows you to collect detailed information about all computers on the local network, about applications installed on them, running processes, versions of the operating system, installed equipment, etc. In addition to automatically collecting information about network computers (this process takes a long time), PCs can also be added to the list manually.

The package allows you to remotely start and stop services, restart and shut down computers. The most interesting feature of this program is the ability to gain full control over a remote computer - just select the desired computer in the list and go to the Viewer tab. If you are managing a computer for the first time, then you need to install the NetServer service on the remote PC. This procedure is carried out remotely and is completely invisible to the local user. Once the NetServer service is running on a remote PC, you can connect to it, take full control of the management, and then work with the remote PC in the same way as with the local one. When managing a computer remotely, the work of a local user is not blocked; however, if you use the mouse at the same time, it is unlikely that anything will work.

Because the local user is not notified that the computer is being controlled from outside, EMCO Remote Desktop Professional can be effectively used to covertly monitor user activities.

Another important advantage of the program is that it allows you to remotely control multiple PCs at the same time. In this case, a special window is assigned for each connection session with a remote PC.

Among the shortcomings of this program, we note the complexity of its configuration when using Windows XP SP2 on a managed PC. Moreover, as practice shows, the need for configuration depends on which patches are installed. Of course, the program is accompanied by step-by-step instructions for the changes that will have to be made in this case (more precisely, the program downloads the appropriate instructions from the site), but all this is rather inconvenient and impractical.

The demo version of the program is designed for 30 days and supports only 25 computers on the local network. The package price depends on the number of computers in the network: 50 computers (minimum quantity) - $135; 1000 computers - $1295

Radmin 3.0 Remote Control (www.radmin.com)

Of all the products we have reviewed, Famatech's Radmin 3.0 Remote Control utility is the "freshest" - its new version was released in early 2007.

This utility is designed to monitor and gain full control over a remote PC within a local network.

Radmin 3.0 Remote Control is equipped with only the most necessary tools for managing a remote PC and is very easy to configure (Fig. 9). Thanks to this, it is easy to master it. The utility works on the principle of a client-server application and includes two parts: the first (server) part is installed on the managed PC, and the second part is installed on the PC from which it is controlled.

Rice. 9. Main window of the Radmin 3.0 Remote Control utility

The disadvantages of the program include the lack of built-in tools for remote installation of the server part (Radmin Server) on a managed PC, so if you need to gain control over any PC on the network, you will first have to install the appropriate module on it locally.

A serious, in our opinion, disadvantage of this utility is the lack of a built-in network scanner, which does not allow you to get a list of PCs that you can connect to.

Well, the last drawback that was discovered during testing of this program is that for the utility to work correctly, you need to configure or simply disable the Firewall on the managed PC if it uses Windows XP SP2.

The utility works in several modes: file transfer, full control, view only, Telnet, shutdown and command line mode. There is a built-in file manager with which files are transferred from one PC to another. The program keeps statistics of the traffic used and can encrypt data.

With the help of Radmin 3.0 Remote Control, you can manage both one remote computer and several at once, while each one has its own password. To provide an increased level of security, you can take additional precautions: enable password protection and create a list of banned IP addresses.

The latest version of the program has a lot of interesting innovations:

• support for Windows Vista;
• text and voice chat with the possibility of conferences and private messaging and password protection;
• enhanced security that provides protection against attacks and protection of active data on the network;
• different access rights for each user;
• IP filters to restrict access to specific IP addresses and subnets.

In general, it should be noted that this utility loses in its functionality to similar remote control utilities. The lack of a built-in network scanner, the need to install the Radmin Server module locally - all this significantly limits its functionality.

In conclusion, we note that the cost of a license for Radmin 3.0 Remote Control is $49 per PC.

Atelier Web Remote Commander 5.59 (www.atelierweb.com)

Atelier Web Remote Commander 5.59 (fig. 10) is a small utility that, by design, should provide complete control of a remote PC. It consists of two parts and works on the "client/server" principle. In addition, it provides the ability to remotely collect information about the hardware configuration of a PC, etc. However, it hardly makes sense to list all the features of the utility in this case, since it is so crude that it is unlikely to be used.

Rice. 10. Information window of the utility
Atelier Web Remote Commander 5.59

Of the obvious shortcomings, one can single out the lack of reference. In addition, the program does not have a built-in network scanner, which makes it necessary to explicitly enter the name or IP address of the computer to which you want to connect, which is extremely inconvenient. But the main drawback is that in order to connect to a remote PC, you first need to install the appropriate program module on it (there are no built-in tools for remote installation) and somehow configure it.

Unfortunately, no matter how we configured the program, we did not succeed in making a remote connection (the connection was made via a local network between two computers running Windows XP SP2). Although the program is paid (the demo version has a limited validity period), it is absolutely useless and inoperable. Our verdict - "into the furnace" such programs.

Remote Desktop Control 1.7 (www.remote-desktop-control.com )

The Remote Desktop Control 1.7 program belongs to the category of client-server applications, that is, the host module of the program is installed on the managed PC, and the Admin module is installed on the PC from which the control is performed.

In terms of its interface (Fig. 11) and functionality, the Remote Desktop Control 1.7 package is very similar to Anyplace Control 3.3, but it also has some important differences (and for the worse), for example, it lacks the ability to implement remote installation of the Host module on any local computer. networks. In addition, for the Remote Desktop Control 1.7 package to work, it is necessary to configure the Firewall on the managed computer (add the program to the list of allowed ones), while the Anyplace Control 3.3 program does this automatically.

Rice. 11. Main program window
Remote Desktop Control 1.7 with a displayed list of computers,
to which you can connect remotely

In terms of functionality, Remote Desktop Control 1.7 is similar to Anyplace Control 3.3: it allows you to work in two modes: view and control; in view mode, you can display the desktop of a remote PC on the screen and observe user actions, and in control mode, you can completely intercept control of a remote PC.

Utilities allow you to remotely control multiple PCs at the same time. This provides for the simultaneous execution on managed PCs of such commands as shutdown, reboot and end the user session.

In conclusion, we note that the demo version of Remote Desktop Control 1.7 is valid for 30 days after installation. The price of the full version of the program depends on the number of PCs on which it is installed - $15 per PC.

TightVNC for Windows 1.3.8 (www.tightvnc.com)

TightVNC for Windows 1.3.8 is an absolutely free utility for remote computer control that works on the principle of "client-server" and has two modules: TightVNC Viewer and TightVNC Server. The TightVNC Server module is installed on the managed PC, and the TightVNC Viewer is installed on the managed PC. There are no tools to remotely install the TightVNC Server module. In addition, before starting work, you must configure the TightVNC Server module by specifying a connection password. To connect to a remote PC, just specify its DNS name or IP address and select the connection type (Fig. 12).

Rice. 12. Connecting to a remote PC using the utility
TightVNC for Windows 1.3.8

The only function of TightVNC for Windows 1.3.8 is to get full access to the desktop of a remote computer and control it using the mouse and keyboard. Given that the utility is absolutely free, it can be recommended to home users.

UltraVNC 1.0.2 (www.uvnc.com)

The UltraVNC 1.0.2 utility is another completely free, but nevertheless very effective utility for remote control of a PC, working according to the "client-server" scheme. The UltraVNC Server module is installed on the managed computer, and the UltraVNC Viewer module is installed on the computer from which the management is performed. There are no tools for remote installation of the UltraVNC Server module in the program, so you need to install the modules locally.

The UltraVNC Server module has a lot of settings (Fig. 13) and allows you to set a password for the connection, select the ports used, etc.

Rice. 13. Configuring the UltraVNC Server module

When accessing the desktop of a remote PC in full control mode, the work of the local user is not blocked. In addition, the UltraVNC 1.0.2 utility offers a number of additional features. For example, there is a built-in chat with which you can exchange messages with a remote PC. It also provides the ability to transfer files. In addition, the UltraVNC 1.0.2 utility provides encryption of transmitted data, for which key exchange between computers is provided.

In general, it can be noted that the UltraVNC 1.0.2 utility is a highly efficient tool for remote PC control and can be recommended for both home users and corporate use (especially considering that the utility is free).

RealVNC (www.realvnc.com)

There are three versions of the RealVNC program: Free Edition, Personal Edition and Enterprise Edition, which differ from each other in functionality and cost.

RealVNC Free Edition has minimal functionality and is absolutely free. Actually, in this case we are talking only about the possibility of gaining access to the desktop of a remote PC.

RealVNC Personal Edition offers a number of additional features. First of all, this is traffic encryption using the AES algorithm with a key length of 128 bits (Fig. 14), and automatic generation of the encryption key is supported. In addition, it is possible to use user authentication, as well as transfer files between computers, and much more.

Rice. 14. Setting up traffic encryption
and user authentication
in RealVNC Personal Edition

A distinctive feature of the RealVNC Enterprise Edition variant is its multiplatform nature. That is, this program, having all the functionality of RealVNC Personal Edition, can be used to remotely control computers on which both Linux, Solaris, HP-UX and MAC operating systems are installed, as well as Windows 95/98/Me/NT 4/2000/ XP/2003/Vista.

The cost of the RealVNC program depends on the number of licenses (number of managed computers) and on the delivery option. For example, the Personal Edition costs $30 per license, while the Enterprise Edition costs $50 per license.

Hidden Administrator 1.5

Hidden Administrator 1.5 (Figure 15) is another free program for remote computer management, and, as the name suggests, it allows you to covertly monitor computers.

Rice. 15. Main window of the Hidden Administrator 1.5 utility

The program works on the principle of "client-server". The server part is installed on a managed computer, and there are no tools for remote installation.

In addition to the function of gaining access to the desktop of a remote computer in full control mode, Hidden Administrator 1.5 offers a number of additional features: get information about the configuration of a remote PC, exchange files with a remote PC, send messages to a remote PC, turn off or restart a remote computer, work with registry of a remote PC, receive and send the clipboard, run programs on a remote PC, and much more (Fig. 16). Listing everything that this program is capable of would take a lot of time. Note that the only thing she can't do is encrypt traffic. Naturally, it is possible to set a password for connecting to a remote PC and even configure an IP filter on computers from which remote control is possible.

Rice. 16. Select action with remote PC
in Hidden Administrator 1.5

This utility is the best in its class and can be recommended to home users.

A wide range of administration programs for every taste!

↓ New in the Administration category:

Free
Wakeup 1.6 is an application that allows you to turn on your computer over a network. The Wakeup application uses Wake-On-Lan (WoL) technology, and to perform a power-up, you only need to select the desired computer in the list and click on the power button.

Free
NetOp Remote Control 9.0 is an application that will help you remotely control and administer other computers using a TCP / IP network or the Internet.

Free
TeamViewer 7.0.12979 is an application that will help you access your remote computer even if it has a firewall installed, ports blocked or NAT-routed for local IP addresses.

Free
Advanced Administrative Tools 5.92 Build 1610 is a large set of powerful and unique utilities for working and exploring the network. Among others, the application is equipped with utilities: Resource Viewer, Proxy Analyzer, Email Verifier, Port Scanner, Links Analyzer, Trace Route, Whois, Network Monitor and others.

Free
Hidden Administrator 4.1.777 is an application that allows you to manage remote computers on a network or via an Internet connection.

Free
LanSpy 2.0.0.155 is a scanner for discovering computers on a network. The LanSpy application allows you to get a lot of information about your computer from the network.

Free
LanSpector 1.3.108 is a LAN application. The LanSpector application will help you view the available shared resources on the local network, as well as scan the ranges of specified ip addresses to search for commonly used services.

Free
X-NetStat Professional 5.57 is an application that provides information such as your current internet or network connections. The X-NetStat Professional application will help you track your online activities, online activities, Internet connection activities and much more at any time.

Free
IP-Tools 2.58 is an indispensable application for active Internet users, as well as administrators of any local networks. The IP-tools application consists of a large set of a wide variety of utilities that amaze with their capabilities for analyzing and collecting data from the network and computers connected to networks.

Free
Bopup Scanner 2.1.7 is an application that acts as a free network scanner. The Bopup Scanner application can scan the space and display all available computers, as well as the names of logged in users, MAC or IP addresses and determine the presence of HTTP or Web servers.

Free
NetOp Remote Control 9.0 is an application that will help you remotely control and administer other computers using a TCP / IP network or the Internet. The NetOp Remote Control application allows you to use a built-in set of numerous tools that can manage and collect data about remote servers and workstations.

Free
Radmin 3.4 is the best application for secure remote control and management of reporting computers.

Free
LanShutDown 3.0.2 is an application that can shut down or restart computers connected to a network. The LanShutDown application will also help you write a message and it will be displayed to the user before the shutdown.

Free
Lan Keylogger 1.1.3 is an application that constantly monitors the Internet and the local network. The Lan Keylogger application will help track all the activities of network users and will be most useful when used by administrators with a large number of reporting computers.

Free
RAdmin Client 2.1 is a new word in the field of applications for remote administration. The RAdmin Client application will greatly facilitate the work of any administrator who controls many computers.

Free
WinGate 7.0.8 Build 3364 is an application that is an advanced firewall and mail server proxy server that will allow you to connect to the Internet on a LAN using an IP address or a single modem. The WinGate application works with protocols such as SMTP, HTTP, POP3, FTP, NNTP and others.

Free
Network Inventory of Office Equipment 1.0 is a handy application that frees IT professionals from the responsibilities of routine inventory of office equipment. The application "Network Inventory of Office Equipment" makes it possible to keep records of the material part, repairs made and installed software. The application is divided into two parts: resident and server.

Free
Inventory of Computers on the Network 3.95.1755 is a tool for automatic inventory of computer networks. The program "Inventory of Computers on the Network" can display all information about hardware or software in the form of a report, with the choice of any combination of parameters.

Free
AdmAssistant 1.1 is a free program with the ability to remotely manage computers on a local network, as well as having the ability to remove the configuration from remote computers and carry out their inventory. The program also allows you to restart or turn off the remote computer, as well as install the necessary programs on it or remove unnecessary ones.

November 27, 2014 at 03:31 pm

Free programs for remote control of computers

• server administration,
• Network technologies ,
• System administration

Remote computer management programs allow you to remotely control another computer over the Internet or on a local network. This is convenient when you need to help a not very experienced user, for example, a relative or friend who is poorly versed in the computer, to do something on it without leaving his comfortable chair and without wasting his nerves and time on telephone conversations. It is also convenient to use such programs for remote work, for example, from home to connect to the office and vice versa - to access your home PC, for system administration of a whole fleet of computers and servers.

We will conduct a comparative analysis of remote control programs, highlight their advantages and disadvantages.

teamviewer

One of the most popular programs for remote access, it can be quickly downloaded and installed or launched immediately, without installation, even an inexperienced user can handle it. When launched, the program displays a window with an ID and password to access this computer, and TeamViewer allows you to connect to another computer by setting its ID and password.

Advantages:
The program has several basic modes of operation, such as remote control, file transfer, chat, and sharing your desktop. The program allows you to configure round-the-clock access to your computer, it will be convenient for system administration. The speed of work is quite decent, there are versions for all mobile platforms, for various operating systems, which is very pleasing. A simple and understandable interface plus a number of additional utilities to expand the functionality of the program will be useful for remote support services.

Disadvantages:
Although the program is free, but only for non-commercial use, and when working with it for more than 5 minutes, a number of difficulties arise, for example, TV can block a remote connection session, recognizing it as commercial use. For round-the-clock remote access or administration of several computers, a computer network, you will have to pay for additional program modules. The cost of the program is high.

Outcome:
This program is ideal for a one-time remote connection or use it for short periods of time. It is convenient to use from mobile platforms, but not to administer a large number of computers. You will have to pay extra for additional modules.

LiteManager

A simple, but quite powerful program in terms of its capabilities, it consists of two parts, the first is the Server that needs to be installed or run on a remote computer and the Viewer, which allows you to control another computer. To work, the program requires a little more skills and experience from the manager, although working with the server is even easier than in TeamViewer, the server can be installed once and no more actions are needed from the user, the ID will always be constant, you can even set it yourself manually, which very easy to remember. The LiteManager Free version is free for personal and commercial use.

Advantages:
In addition to the main remote access modes: remote control, file transfer, chat, task manager, registry editor, the program also has unique functions, for example: inventory, screen recording, remote installation. The program is free for use on 30 computers, it can be used for round the clock access without any additional modules. There are no restrictions on working time. It is possible to set up your own server ID to set up a corporate helpdesk. The program does not have any restrictions on the time of work and blocking.

Disadvantages:
There is not enough client for mobile platforms or other systems, there are restrictions on 30 computers in the free version, to administer more you need to purchase a license. Some specific modes of operation are only available in the Pro version.

Outcome:
The Litemanager program is suitable for providing remote support, for administering several dozen computers absolutely free of charge, for setting up your own remote support service. The cost of the program is the lowest in its segment and the license is not limited in time.

Ammy admin

The program is basically similar to TeamViewer, but a simpler option. There are only basic modes of operation - viewing and managing, file transfer, chat. The program can work without installation, free for non-commercial use.

Advantages:
A simple and lightweight program, you can work both on the Internet and on a local network, it has minimal settings and does not require any special skills and abilities. Compared to TeamViewer, the licensing policy is softer.

Disadvantages:
Minimum functions for remote management, it will be difficult to administer a large fleet of computers, with long-term use, more than 15 hours per month, the session may be limited or blocked, paid for commercial use,

Outcome:
This program is more suitable for a one-time connection to a computer and not very complex manipulations, for example, as an assistance to an inexperienced user in setting up a computer.

RAdmin

One of the first remote control programs and known in its circle, I could not help but mention it, more intended for system administration, the main emphasis is on security. The program consists of two components: server and client. Requires installation, it will not be easy for an inexperienced user to figure it out, the program is mainly designed to work by IP address, which is not very convenient for providing those. support via the Internet. The program is paid, but has a free trial period.

Advantages:
The program has a high speed, especially in a good network, thanks to the desktop capture video driver, increased reliability and security. Built-in Intel AMT technology, which allows you to connect to the BIOS of a remote computer and configure it. Only the main operating modes are implemented - remote control, file transfer, chat, etc.

Disadvantages:
There is almost no way to work without an IP address, ie. connect by ID. There is no client for mobile systems. No free version, only 30 days trial period. To work with the program requires the skills of an experienced user. When a video is connected, the driver may disable the Aero graphical shell, sometimes the screen flickers.

Outcome:
The program is more suitable for system administrators to administer computers and servers on a local network. To work over the Internet, you may need to set up a VPN tunnel.

Each system administrator sometimes has to service the computers of friends or make home visits. In this case, a proven set of utilities helps him. Our review will only talk about free ones that do not require installation and have become the de facto standard.

autoruns

This program became the hallmark of Mark Russinovich and Winternals Software (better known by the name of the site - Sysinternals.com), long ago absorbed by Microsoft. Now it is still developed by the author, but legally belongs to the technical department of Microsoft. The current version 13.3 was written in April 2015. With v.13.0, the program has not only become more convenient, it has received a number of new features, in particular advanced filtering tools, integration with other system utilities and online services.

Autoruns displays the most comprehensive and most detailed list of autorun components, regardless of their type. The utility shows how to load all drivers, programs (including system ones) and their modules by registry keys. It even lists all Windows Explorer extensions, toolbars, auto-started services, and many other things that other similar programs usually elude.

Color-coding helps you quickly identify standard components that are digitally signed by Microsoft, suspicious files, and erroneous lines that refer to non-existent files in a list of hundreds of entries. To disable the ability to autorun any component, just uncheck the box next to it on the left.

Ghosts of autorun objects in Autoruns are highlighted in yellow

Some components are automatically loaded only when you log in with a specific account. In Autoruns, you can select the entries corresponding to each account and view them separately.

The command line mode also deserves attention. It is extremely convenient for exporting a list of startup items to a text file, creating advanced reports, and selective anti-virus scanning of all suspicious objects. Full help can be read on the site, but here I will give an example of a typical command:

Autorunsc -a blt -vrs -vt > C:\Autor.log
Here `autorunsc` is a program module that runs in command line mode. The `-a` option indicates that the objects to check are listed after it. There are three of them in the example: b - boot execute (that is, everything that is loaded after the system starts and before the user logs in); l - logon, specific user startup components and t - scheduled tasks. If you specify an asterisk (*) instead of the blt enumeration, then all startup objects will be checked.

The `-vrs` and `-vt` switches specify the mode of operation with the VirusTotal online service. The first set sends only those files that do not have a Microsoft digital signature and have not been previously verified. If at least one antivirus out of fifty considers the file to be malicious, a detailed report will open in a separate browser tab. The second set of keys is needed so that each time the tab with the user agreement on the use of the VirusTotal service does not open and you do not have to confirm agreement with it.

The Autorunsc report is usually obtained in tens and hundreds of kilobytes. It is inconvenient to read it on the screen, so in the example the output is redirected to a log file. This is a plain text format encoded in UCS-2 Little Endian. Here is an example of a record from it with one false positive:

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run Adobe ARM "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Adobe Reader and Acrobat Manager Adobe Systems Incorporated 1.801.10.4720 c :\program files (x86)\common files\adobe\arm\1.0\adobearm.exe 11/20/2014 9:03 PM VT detection: 1/56 VT permalink: (link to VirusTotal report).


Two unsigned drivers turned out to be clean, and there is a VT reaction to one signed driver

Process Explorer

The GUI version of Autoruns can work with another utility by the same author, Process Explorer (PE). If you start PE first, and then Autoruns, then the menu of the latter appears additional items about viewing the properties of each active process from the autorun menu.

In the PE settings, you can specify the desired way to display all active processes: a simple list sorted by name or CPU usage, or a tree-like list with dependencies. An option is also set there that allows you to check unknown files (determined by hash) in VirusTotal. If you turn it on, then after a while the result of the check will appear on the right. All objects that at least one antivirus swears at will be highlighted in red.

When you press the window is divided horizontally, and the bottom part displays full information about the selected process and its actions in the system. pressing will bring up an additional window with indicators of CPU, GPU, RAM, I/O activity, storage usage, and network usage. For each component, the total load and the most resource intensive process are displayed. For the GPU, it even shows the percentage of used video memory and the load on each chip, if there are several of them. This is especially true now, as many (malicious) programs actively use video cards for non-graphical computing. This behavior is especially typical for Trojan cryptocurrency miners.

The test trojan does not look suspicious yet, and four antiviruses are already swearing at µTorrent

By right clicking on any process from the PE list, a context menu appears. It duplicates all the functions of the built-in task manager and adds a few new ones. In particular, with one click you can send the file corresponding to the suspicious process for analysis in VirusTotal, search for its description on the Internet, make a dump or suspend (suspend) execution. A paused process stops responding to any commands (including internal ones) and becomes easier to analyze. After you figured it out, you can send the “resume” command through Process Explorer. Of course, without urgent need, you should not do this with system processes and utilities that perform low-level operations. Flashing BIOS / UEFI, changing disk layout, partition alignment and other similar operations are best left uninterrupted.

Usually, the title of each window contains the name of the application that created it, but sometimes they remain unnamed. This is especially true for Trojans that mimic well-known programs or small dialog boxes with error codes. Process Explorer has a handy "find process by window" feature. It is enough to press this button on the top panel and, holding the left mouse button, move the cursor to the area of ​​the strange window. The corresponding process will automatically be highlighted in the PE table.

Test Trojan suspended via Process Explorer

To take full advantage of Process Explorer, you will need to run it as an administrator and (in some cases) install Debugging Tools for Windows. They can be downloaded separately or downloaded as part of the Windows Driver Kit. The latest version of Process Explorer can be downloaded from the Microsoft website.

Unlocker

Without a doubt, Mark Russinovich is a real guru among the authors of system utilities for Windows, but his programs were created as universal tools. Sometimes it is worth using more highly specialized tools. Such as the creation of the French programmer Cedric Collomb. His tiny Unlocker utility can do only one thing: unlock a file system object occupied by some process in order to regain control over it. Although the latest version was released in 2013, the program still performs its functions better than all analogues. For example, it allows you to unload dynamic libraries from memory, delete the index.dat file, work with file names forbidden in Windows, and perform most actions without rebooting.

Some process is blocking the uninstallation of Safari

Unloker defines handles to running processes that are currently blocking access to the desired file or directory. This locking is required to avoid interference between applications in a multitasking environment. With the normal functioning of the OS and programs, it eliminates the accidental deletion of used files, but sometimes there are errors. As a result of one of them, the application may hang or remain in memory after the window is closed. The file system object can then remain locked long after it is no longer necessary.

Today, the list of active processes for an ordinary user starts from fifty, so you can search for zombies among them for a long time. Unlocker helps you immediately determine which process is blocking the modification or deletion of the selected file or directory. Even if it cannot figure it out due to Win32 API restrictions, it will offer to force the desired action: rename, move, or delete the object.

Unlocker did not find the reason for blocking, but can delete the recalcitrant file

Sometimes several programs can access the same directory at once, so several descriptors are defined among the processes blocking it at once. Unlocker has the ability to unblock all with one button.

Since version 1.9.0 64-bit versions of Windows are supported. The utility can be integrated into the Explorer context menu or run in graphical mode as a portable application. You can also install Unlocker Assistant. It will hang in the tray and automatically invoke Unlocker whenever the user tries to manipulate a locked file. Running with the `-h` option will print help about command line mode. The utility is available in forty languages, although there is nothing special to translate in it - everything is already intuitive.

AVZ

Looking at the list of features of the AVZ utility, I would like to call it analytical, not anti-virus. The tiny program of Oleg Zaitsev has a lot of irreplaceable functions that make the daily tasks of the administrator and the life of an advanced user easier. It will help you perform a system scan, restore misconfigured OS built-in components to their defaults, detect any changes since the last audit, find potential security issues, remove Trojans from SPI Winsock and restore Internet connectivity, detect strange program behavior and detect rootkits of the level kernels.

AVZ contains many system analysis tools

Known malware is best removed using other antivirus scanners. AVZ will come in handy to fight unknown evil, find holes through which it can leak, and eliminate the consequences of infection. In most cases, AVZ allows you to do without reinstalling the OS even after a severe virus attack.

You can use AVZ as a portable application, but the full functionality of the utility will only be revealed if you install AVZPM, its own kernel-mode driver. It monitors all modules, drivers, and active applications, making it easy to detect masquerading processes and any spoofing technologies.

AVZGuard is another kernel mode driver that can be activated from the AVZ menu. It restricts the access of active processes by suppressing anti-virus activity on the infected computer. This approach allows you to run any application (including another antivirus) from the AVZ window in protected mode.

One of the tricky anti-malware technologies is the method of blocking its files and recreating elements removed by the antivirus at the next OS boot. Manually, it is partially bypassed using Unlocker, but AVZ has its own technology - Boot Cleaner. This is another kernel-mode driver that enhances Windows' built-in delayed deletion on restart feature. It loads earlier, logs the results of its work, and can delete registry entries as well as files.

The AVZ antivirus scanner itself also has a lot of know-how. It is able to check alternative NTFS streams and speed up the check by excluding from it files identified as safe by the Microsoft catalog or its own database. All threats can be searched by certain types - for example, immediately exclude the HackTool category. There are separate modules for searching for keyloggers, ports opened by Trojan horses, and behavioral analysis. AVZ allows you to copy suspicious and deleted files to separate folders for their subsequent detailed study.

Creation of a detailed study protocol in AVZ

The requirement to send reports to AVZ and its System Research module has become standard practice in many forums of virologists, where they turn to for help in solving non-trivial problems.

Of course, an experienced administrator's first aid kit can include more than a dozen programs, but these four utilities will be enough to solve most of the tasks. The rest you can easily find in the collections at the links indicated in the article.

WARNING!

Using system utilities requires understanding the logic of their work and the structure of the OS itself. Read the help before making changes to the registry and interfering with active processes.

Subscribe to Hacker