Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Hidden Treasures of Sysinternals

Posted by kdawson on from the right-tools-for-the-job dept.

Barence writes "PC Pro contributing editor Jon Honeyball has written a nice feature on the latest treasures to be found on the Windows Sysinternals website. Among them are a tool for creating virtual hard disks from physical drives, a hard disk read-write monitoring tool, and a utility for putting ISO images onto flash drives. They're free, but they're effective."

22 of 356 comments (clear)

  1. pstools best by far by Anonymous Coward · · Score: 2, Informative

    psexec has saved my ass SO many times it's not even funny. psexec \\almostcrashedserver cmd.exe

    1. Re:pstools best by far by afidel · · Score: 4, Informative

      Uh, it hasn't been third party for a long time.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  2. First? by I_have_a_life · · Score: 5, Informative

    Process Explorer is what Windows should ship with instead of task manager.

    Process Monitor is so kick ass... I can't even put it in words.

    1. Re:First? by Idbar · · Score: 2, Informative

      I start using it, because you were able to run a search of the files used by processes. Particularly, when you're trying to move or delete a file and Windows complains that "something is using the file". Since then, it's a must have on any Windows machine I use.

  3. Putting ISO's onto a usb stick and making bootable by gblackwo · · Score: 3, Informative

    This is very useful- I was one of the people who stuck the Windows 7 MSDNAA downloaded iso onto a flash drive in order to install it to my desktop and laptop.

    The more difficult part for normal users is not extracting the iso to the drive but making the drive bootable- which unless you have a utility (Like the one in the article)- requires some command line work. This would make the process way quicker.

  4. Be careful using the P2V tool. by mbourgon · · Score: 4, Informative

    Tried using it on my box as a backup tool for a clean install of Win7. AVOID IF YOU ARE GOING TO USE THE SAME PHYSICAL DRIVE. Windows 7 couldn't mount or boot it. Known issue, and extremely aggravating.

    --
    "Sometimes a woman is a kind of religion, she can save your soul & set you free from all your sins" - Bad Examples
    1. Re:Be careful using the P2V tool. by klocwerk · · Score: 5, Informative

      It says so in the readme file, and it's a feature not a bug to keep you from hosing your system because you didn't read the readme...

      When you first fire up the new VHD it replaces the disk ID with a new one so that it's unique. This causes much trouble if the computer has two of the same disk ID at the same time when it goes to change one, as you might imagine.

      --

      "You worthless post!"
      -Shakespeare, 2 Gentlemen of Verona, 1. 1. 147
  5. disk2vhd by micromuncher · · Score: 2, Informative

    This was a god send to me, after VMWare Converter could not/would not convert a machine of mine, even after registry and driver cleaning, it just failed near the end without a meaningful error message in the log.

    I used disk2vhd, booted up the image in VirtualBox, and bingo - working image.

    --
    /\/\icro/\/\uncher
  6. Nothing hidden about them... by syousef · · Score: 5, Informative

    They're excellent for a wide range of things. Filemon (now superceded but still available) is an excellent tool for working out what files a piece of software is opening (eg. if you're trying to find config files). Regmon does something similar for the registry. Process explorer is stellar for getting more detail on a process than task manager will ever give (like where the image is running from and what DLLs it's using). Sysinternals filled a gap in diagnostic software. In a Windows environment they're as basic to me as netstat or ping. (speaking of which check out sysinternals tcpview). Especially good for tracing a user mode process right through. There are a lot of other utils to unlock the power of your Windows environment too.

    Two sysinternals that weren't mentioned worth knowing about:

    streams - view or remove hidden file streams attached to a file not normally seen in explorer. Especially good for removing that pesky "downloaded files are bad" warning when something is marked as being from the Internet zone.

    junction - One of a handful of tools that allows you to create junctions (simliar to but not the same as hard directory links) in Windows XP.

    The other non-sys-internals thing that every power user should know about is windbg and the debugging symbols. Indespesible for tracking down the culprit if you get blue screens due to device drivers (though obviously non-developers are not going to be able to do much about fixing the fault apart from downloading a different version or removing the device driver)

    --
    These posts express my own personal views, not those of my employer
  7. Re:Duh by afidel · · Score: 4, Informative

    Nope, it was reborn as the MS diagnostic and recovery toolset. link

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  8. For speedy access by Spad · · Score: 5, Informative

    Don't forget live.sysinternals.com for instant access to any of the tools.

  9. Re:Best Buy by Anonymous Coward · · Score: 1, Informative

    ironically... mark sued geeksquad for using these and his other tools!

  10. Re:Is time for multidesktop for windows? by strength_of_10_men · · Score: 2, Informative

    The guy behind sysinternals tried to, and was almost a success, but nope.

    Is the failure you're talking about this?

    What are the shortcomings of Sysinternals' Desktops?

    I haven't tried other solutions but I occasionally use this and it works fairly well.

  11. Re:THIS is why I love Windows! by hduff · · Score: 4, Informative

    There is nothing like these tools for any other platform on the market. Mark Russinovich is THE MAN!

    You mean other than UNIX and Linux systems? I don't see any comparable functionality that is not already available on those systems. It's great that the MS environment gets some useful diagnostic funtionality too; sad they haven't always had it.

    --
    "I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
  12. Re:It's all stuff that ships with Linux by heffrey · · Score: 2, Informative

    Anyone who is capable of using these tools is capable of finding them. Personally, on all machines that I use I copy a folder containing around 200 useful utilities (e.g. grep, ls, cat, cp, bzip2, cpuz, console, depends, ps*, diff, gawk, gzip, less, strings, rapidee, sleep, tar, touch, whoami, whois, zip) and then add it to the path. But, I don't think my mum's going to be using psexec anytime soon.

  13. Re:Performance Monitor by eeeuh · · Score: 2, Informative

    Maybe you could give atop http://www.atoptool.nl/ a try?
    It shows (per process) disk-IO and nicely integrates cpu/disk/network/io statistics, it can also store statistics for later playback.

    When trying to trace which file is getting a lot of IO you might want to take al look at the filedescriptors in /proc//fd in conjunction with lsof/strace. I Don't know of a nicely integrated tool for that unfortunately.

  14. Re:Whatabout Virtualbox? by MikeDaSpike · · Score: 2, Informative

    It's possible. Create a hardware profile in the vista partition. In that profile change the hard disk controllers to generic ones. Now you can boot your vista partition without any bluescreens. For how to boot it in VB read section 9 of the VBox manual. http://www.virtualbox.org/manual/UserManual.html#rawdisk

  15. Re:Duh by Anonymous Coward · · Score: 5, Informative

    Might be a pain, but you can always use the /accepteula command-line switch...

  16. Re:Newsid by jtdennis · · Score: 2, Informative

    NewSID does work with Vista, but it was retired last year. Russinovich looked into the common belief of why everyone thought we needed to change the SID and determined that it wasn't necessary. His full post is here

    --
    -- "Freedom is the right of all sentient beings" -Optimus Prime
  17. Re:It's all stuff that ships with Linux by that+this+is+not+und · · Score: 2, Informative

    The Interix package (now called 'Services for Unix' and crippled after Microsoft bought the publisher) runs on the Native API. It's a complete POSIX subsystem that runs alongside the Win32 subsystem, independently.

    If you have real Interix, and not the gimped Microsoft product, you have an entire POSIX subsystem. It isn't like cygwin which is just a kludge that runs out of a Win32 dll file.

    Back in about 1999 when Softway Systems (the creators of Interix) were looking for direction from their market on which way to go, they sent out a questionnaire to customers asking if they should open-source publish the Interix toolchain. Less than a year later they were bought and absorbed into Microsoft.

  18. Re:It's Sysinternals, slashdotters by Ksevio · · Score: 2, Informative

    So that everyone else doesn't have to check, there isn't actually a porn website called "Sisinternals"...yet.

  19. Re:Duh by 0ld_d0g · · Score: 2, Informative

    bah.. ofcource. The damn tags screwed me over. http://pastebin.com/m622979a6

    Does anyone else thing its sad that a technical site has bugs preventing people from pasting code in comments?