Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Hidden Treasures of Sysinternals

Posted by kdawson on from the right-tools-for-the-job dept.

Barence writes "PC Pro contributing editor Jon Honeyball has written a nice feature on the latest treasures to be found on the Windows Sysinternals website. Among them are a tool for creating virtual hard disks from physical drives, a hard disk read-write monitoring tool, and a utility for putting ISO images onto flash drives. They're free, but they're effective."

20 of 356 comments (clear)

  1. Duh by afidel · · Score: 5, Insightful

    There's a reason MS bought the company and hired Mark, he consistently puts out the most useful tools for in the trenches Windows diagnostics. Heck MS's PSS would routinely have you use his tools even before the purchase because nothing they put out internally was nearly as useful.

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    1. Re:Duh by afidel · · Score: 4, Informative

      Nope, it was reborn as the MS diagnostic and recovery toolset. link

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    2. Re:Duh by bertok · · Score: 5, Funny

      There's a reason MS bought the company and hired Mark, he consistently puts out the most useful tools for in the trenches Windows diagnostics. Heck MS's PSS would routinely have you use his tools even before the purchase because nothing they put out internally was nearly as useful.

      And the very first thing they did, within mere days of the acquisition, is they took his ultra-efficient, elegant little tools and put a 200KB EULA popup into every one of them.

      A GUI popup.

      Even into the command line tools.

      I threw up in my mouth a little when I saw that.

    3. Re:Duh by Anonymous Coward · · Score: 5, Informative

      Might be a pain, but you can always use the /accepteula command-line switch...

    4. Re:Duh by RAMMS+EIN · · Score: 4, Insightful

      ``And the very first thing they did, within mere days of the acquisition, is they took his ultra-efficient, elegant little tools and put a 200KB EULA popup into every one of them.''

      A fine example of how proprietary software is so much more user-friendly than open-source software.

      ``A GUI popup.

      Even into the command line tools.''

      That, of course, is to make them more user-friendly. Everybody knows the command-line is just for Unix hippies who still live in the 1970s.

      --
      Please correct me if I got my facts wrong.
  2. Comment removed by account_deleted · · Score: 5, Funny

    Comment removed based on user account deletion

  3. First? by I_have_a_life · · Score: 5, Informative

    Process Explorer is what Windows should ship with instead of task manager.

    Process Monitor is so kick ass... I can't even put it in words.

  4. It's Sysinternals, slashdotters by Anonymous Coward · · Score: 5, Funny

    Not to be confused with the Sisinternals porn website.

  5. free BUT effective by Anonymous Coward · · Score: 5, Funny

    > They're free, but they're effective.

    What an unusual combination of attributes!

  6. Be careful using the P2V tool. by mbourgon · · Score: 4, Informative

    Tried using it on my box as a backup tool for a clean install of Win7. AVOID IF YOU ARE GOING TO USE THE SAME PHYSICAL DRIVE. Windows 7 couldn't mount or boot it. Known issue, and extremely aggravating.

    --
    "Sometimes a woman is a kind of religion, she can save your soul & set you free from all your sins" - Bad Examples
    1. Re:Be careful using the P2V tool. by klocwerk · · Score: 5, Informative

      It says so in the readme file, and it's a feature not a bug to keep you from hosing your system because you didn't read the readme...

      When you first fire up the new VHD it replaces the disk ID with a new one so that it's unique. This causes much trouble if the computer has two of the same disk ID at the same time when it goes to change one, as you might imagine.

      --

      "You worthless post!"
      -Shakespeare, 2 Gentlemen of Verona, 1. 1. 147
  7. Re:It's all stuff that ships with Linux by heffrey · · Score: 4, Insightful

    Let me see if I've got this straight. A great set of tools that run on Windows demonstrates how rubbish Windows is. A great set of tools that run on Linux demonstrates how fantastic Linux is.

    This sounds a bit like Raymond Chen's post today: http://blogs.msdn.com/oldnewthing/archive/2010/02/09/9960102.aspx.

  8. Free doesn't imply ineffective (and vice-versa) by noidentity · · Score: 4, Insightful

    They're free and they're effective

    There, fixed that for you. Saying "free but effective" suggests that free implies ineffective.

  9. Nothing hidden about them... by syousef · · Score: 5, Informative

    They're excellent for a wide range of things. Filemon (now superceded but still available) is an excellent tool for working out what files a piece of software is opening (eg. if you're trying to find config files). Regmon does something similar for the registry. Process explorer is stellar for getting more detail on a process than task manager will ever give (like where the image is running from and what DLLs it's using). Sysinternals filled a gap in diagnostic software. In a Windows environment they're as basic to me as netstat or ping. (speaking of which check out sysinternals tcpview). Especially good for tracing a user mode process right through. There are a lot of other utils to unlock the power of your Windows environment too.

    Two sysinternals that weren't mentioned worth knowing about:

    streams - view or remove hidden file streams attached to a file not normally seen in explorer. Especially good for removing that pesky "downloaded files are bad" warning when something is marked as being from the Internet zone.

    junction - One of a handful of tools that allows you to create junctions (simliar to but not the same as hard directory links) in Windows XP.

    The other non-sys-internals thing that every power user should know about is windbg and the debugging symbols. Indespesible for tracking down the culprit if you get blue screens due to device drivers (though obviously non-developers are not going to be able to do much about fixing the fault apart from downloading a different version or removing the device driver)

    --
    These posts express my own personal views, not those of my employer
  10. For speedy access by Spad · · Score: 5, Informative

    Don't forget live.sysinternals.com for instant access to any of the tools.

  11. Wonderful tools by Sycraft-fu · · Score: 5, Interesting

    These have been available for a long time, used to just be from a site called Sysinternals run by Russonivich before Microsoft hired him. This guy is, literally, the person who wrote the book on Windows. Windows Internals is the current name, used to be called Inside Windows 2000. A wonderful technical document of the internal workings of Windows.

    At any rate, Russonivich produces extremely useful tools. Not the sort of thing you want in the hands of inexperienced users, as many of them can break your system, but extremely powerful. I use them all the time in the course of my job, especially when there's manual malware removal that needs to be done. So far, malware is unaware of the ability to suspend a process, which Process Explorer will do. So you suspend the malware, its watcher process doesn't know to restart it. You then use autoruns to remove the startup entries. At that point you can reboot, it won't start, and you can clean up the residuals.

  12. Re:THIS is why I love Windows! by hduff · · Score: 4, Informative

    There is nothing like these tools for any other platform on the market. Mark Russinovich is THE MAN!

    You mean other than UNIX and Linux systems? I don't see any comparable functionality that is not already available on those systems. It's great that the MS environment gets some useful diagnostic funtionality too; sad they haven't always had it.

    --
    "I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
  13. Re:the iso to usb tool only accepts win7 isos by interiot · · Score: 4, Interesting

    There are no silver-bullet solutions for booting ISOs via USB. A silver-bullet solution requires doing "floppy emulation", which is something that can't be easily done in a general-purpose way. For CD booting, each BIOS has this functionality implemented differently. For USB booting, the bootloader has to figure out how to do this. MEMDISK and GRUB4DOS are the only ones I know that do floppy emulation.

    But then you have to do CD drive emulation too.

    The way almost all ISO=>USB booters work is to pull the pieces apart and make them work without floppy+CD drive emulation. But this requires intimate knowledge of how that ISO normally boots, and thus it can't be a silver-bullet solution.

  14. Re:pstools best by far by afidel · · Score: 4, Informative

    Uh, it hasn't been third party for a long time.

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
  15. Re:Is time for multidesktop for windows? by devent · · Score: 4, Insightful

    Oh yes, that's really easier that to type ls -l, ps -ef or ps -ef|grep firefox

    Sorry, but the real advantages in the *nix shells is that every output is just plain simple text. That means, I can grep it, parse it, format it what ever I like and won't be restricted to the PowerShell to do anything use full.

    --
    http://www.mueller-public.de - My site http://www.anr-institute.com/ - Advanced Natural Research Institute