Stack Overflow
Stack Overflow

Questions tagged [sysinternals]

Windows Sysinternals is a part of the Microsoft TechNet website which offers technical resources and utilities to manage, diagnose, troubleshoot, and monitor a Microsoft Windows environment.

The Sysinternals web site was created by Mark Russinovich and Bryce Cogswell to host their advanced system utilities and technical information.

The website featured several freeware tools that aid in the adminstration of local and remote Windows systems.

Sysinternals is now part of the Microsoft TechNet website.

166 questions
51
votes
3 answers

PsExec gets stuck on licence prompt when running non-interactively

I have a Hudson build script which calls the SysInternals PsExec utility. Normally, when PsExec is run for the first time by a given user it pops up a dialog box asking the user to accept the licence. The build agent runs as a service and I can see…
EMP
  • 59,148
  • 53
  • 164
  • 220
28
votes
6 answers

CMD.exe closes immediately after calling (Win7 64)

Has anyone found such behavior when Command Processor (cmd.exe) closes immediately after calling it? I’ve run McAfee AV and Windows System File Check (sfc.exe) and nothing wrong was detected, I’ve even copied cmd.exe file from other win 7 machine…
Random
  • 4,519
  • 2
  • 38
  • 46
11
votes
5 answers

PSexec copyright output

Does anyone know, how to disable "copyright header" from appearing when running PSExec? Everutime I run "./psexec ..." command I see this message: PsExec v2.11 - Execute processes remotely Copyright (C) 2001-2014 Mark Russinovich Sysinternals -…
Martinecko
  • 1,719
  • 4
  • 22
  • 35
11
votes
2 answers

Correspondence between ProcMon and CreateFile disposition options

Process Monitor shows disposition option for CreateFile operation as "Open", "OpenIf", "Overwrite", "OverwriteIf" (may be something else). How does the options which contain "If" differ from those that do not? And to which CreateFile WinAPI function…
user10101
  • 1,704
  • 2
  • 20
  • 49
10
votes
4 answers

Run PowerShell scripts on remote PC

I have installed PS 1.0 on a remote PC(RPC001). I used Windows Sysinternals tool PSExec.exe to execute the following process on the remote: PSExec \\RPC001 -u myID -p myPWD PowerShell C:\script\StartPS.ps1 par1 par2 I can see the PowerShell.exe…
David.Chu.ca
  • 37,408
  • 63
  • 148
  • 190
9
votes
1 answer

How to make the feature 'Replace Task Manager' of Process Explorer?

Process Explorer has a nice feature Replace Task Manager I just wondered how Mark Russinovich implements this. What trick is used for implementing this?
Benjamin
  • 10,085
  • 19
  • 80
  • 130
8
votes
6 answers

Alternatives to DebugView?

I'm using Sysinternals DebugView for debugging/logging during testing, and it's pretty good. However I was thinking is there more advanced tool. Features I'm looking for: Live filters - log everything (well, everything "interesting"), change view…
Harriv
  • 6,029
  • 6
  • 44
  • 76
8
votes
3 answers

Getting started with dump file analysis

I am working with a legacy VB6/COM application which sometimes causes Windows 7 to crash. I have now generated a .dmp file of one of these crashes using the ProcDump tool from Sysinternals. However, I have never worked with dump files before. Which…
user181813
  • 1,861
  • 6
  • 24
  • 42
8
votes
1 answer

Registry key for Global Flags (gflags)

I'm currently having an error while trying to remove the flag "Enable heap tagging by DLL" with the debug tool GFlags for so-called "image": the application I was debugging. I get an "Unable to save the registry error 5". However there are no…
Stephane Rolland
  • 38,876
  • 35
  • 121
  • 169
8
votes
1 answer

Managed Stacks in Process Monitor

Is it possible to see managed stack traces in Process Monitor for file access events of a given process? If not, is there the other way to accomplish such task?
user10101
  • 1,704
  • 2
  • 20
  • 49
7
votes
1 answer

Why is WMI so much slower tha using utilities like PsExec or PsList?

I'm doing various OS management and querying tasks using WMI, but it allways take a long time for first WMI call(10 to 15s). When I tried few tools from sysinternals I found that they are so much faster and I want to know how is this possible. For…
Primoz
  • 4,079
  • 17
  • 56
  • 67
7
votes
6 answers

Convert a Cygwin PID to a Windows PID

I have a process I spawn with a Cygwin shell script, and I am unable to kill it with the kill command. Even with the Cygwin kill with the -f option, I get this message: kill: couldn't open pid 1234 I would like to try to kill it with PsKill, but I…
Jazz
  • 5,747
  • 5
  • 43
  • 55
6
votes
3 answers

What's all this uncommitted, reserved memory in my process?

I'm using VMMap from SysInternals to look at memory allocated by my Win32 C++ process on WinXP, and I see a bunch of allocations where portions of the allocated memory are reserved but not committed. As far as I can tell, from my reading and…
Art
  • 311
  • 3
  • 9
6
votes
2 answers

Executing a batch file in a remote machine through PsExec

I am trying to run a batch file (in the batch file I have just written 'notepad') on a remote PC through PSExec. The psexec command below runs in my laptop but fails to do anything on the remote PC. I don't even see 'notepad' running on the list of…
user3565150
  • 884
  • 5
  • 21
  • 49
6
votes
1 answer

SYSTEM_HANDLE_INFORMATION structure

From where does this structure originates? I know that it is declared in famous ntdll.h and is a part of undocumented windows API. But isn't it vary between different versions of windows? Is there a way to dump this structure from working system? I…
striker
  • 61
  • 1
  • 1
  • 3
1
2 3
10 11