Super User Stack Exchange
Super User Stack Exchange

Questions tagged [sysinternals]

Usually refers to applications from the Sysinternals Suite (eg. Process Explorer, Process Monitor, RAMMap, ...)

enter image description here

The Sysinternals web site was created in 1996 by Mark Russinovich and Bryce Cogswell to host their advanced system utilities and technical information. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications.

Sysinternals Suite

The Sysinternals Suite is a suite of applications for administrators to better manage their Windows Systems.

Notable applications include:

106 questions
97
votes
5 answers

How can I change the timestamp on a file?

Possible Duplicate: How to modify timestamp in a dll or exe? Windows equivalent of the Linux command 'touch'? How can I set the timestamp for a file via the command-line to a specific date? My specific situation is Windows 7.
Joseph Hansen
  • 4,338
  • 4
  • 25
  • 28
56
votes
3 answers

Restore the original task manager after replacing it with the Sysinternals process explorer

After replacing the default Windows task manager with Sysinternals’ process explorer via the Options → Replace task manager menu, how do you undo that action, i.e. restore the original task manager? I’ve already tried clicking that menu again, but…
9999years
  • 2,311
  • 4
  • 12
  • 13
30
votes
2 answers

MKLINK vs. Junction.exe

SysInternals has a program junction.exe that creates Junctions (aka. reparse points, aka. symlinks) in Windows. However, Windows also comes with a mklink which seems to do the same thing. Is there a significant difference? I tend to believe that if…
abelenky
  • 963
  • 2
  • 11
  • 23
29
votes
3 answers

Equivalent to Sysinternals Process Explorer on Linux

I am using Ubuntu 11.10 and am looking for an equivalent to Process Explorer on Linux. There is System Monitor but it's not nearly as good as Process Explorer with all of its detailed information about processes. Any suggestions?
Gautam
  • 603
  • 1
  • 7
  • 14
27
votes
4 answers

What does the path '\REGISTRY\A\...' in Sysinternals Procmon log mean?

I use Sysinternals Procmon utility to monitor the registry access by some programs. Most log entries have the Path property starting from HKCU\… or HKLM\…, that corresponds to the registry hives HKEY_CURRENT_USER and HKEY_LOCAL_MACHINE that can be…
Vladimir Reshetnikov
  • 777
  • 1
  • 8
  • 20
13
votes
1 answer

How to exclude every process in Sysinternal's Process Monitor in the filter except for one process?

How to exclude every process in SysInternal's Process Monitor in the filter except for one process? Some kind of using a wildcard filter.
Tony_Henrich
  • 11,506
  • 28
  • 86
  • 116
11
votes
3 answers

Could not start PSEXESVC service on [MachineName]: Access is denied

I'm trying to use PsExec to start a process on a remote machine. I posted this question on SO, but I realized it's probably better suited here. I also have spent a few hours trying to figure this out, and haven't really gotten anywhere. Here is one…
Sean Cogan
  • 213
  • 1
  • 2
  • 6
11
votes
1 answer

SysInternals Desktops not launching Chrome

I'm using Desktops from SysInternals on Windows 8 and experiencing a problem launching Chrome. Even if I go to the exe of Chrome it will not launch in anything but the first Desktop. Does anyone know why that might occur?
Crowie
  • 244
  • 2
  • 15
11
votes
1 answer

Does Psexec execute Remote Procedure Calls?

I've heard of RPCs and that they get executed via TCP port 135. I just executed ipconfig via psexec.exe on a remote PC and wondered if this is a RPC. As I've seen in Wireshark, the whole process is beeing done via SMB port 445 not DCE/RPC port…
JohnnyFromBF
  • 4,858
  • 19
  • 58
  • 72
11
votes
1 answer

Why windows executables show incorrect compiler timestamps?

I have observed that windows executable files show incorrect timestamps when I view them in PE studio. For example this Notepad.exe file shows a compiler timestamp of 0x86FCBD69 (Mon Oct 07 03:45:05 2041 ) To validate this today (3 May 2021),I…
Monk
  • 123
  • 6
10
votes
2 answers

Is there open source software which is to Process Monitor what ProcessHacker is to Process Explorer?

Process Hacker is an open source alternative to the famous Process Explorer by Mark Russinovitch. Is there in the same vein a piece of open source software that can be a serious alternative to Process monitor?
Benoit
  • 6,993
  • 4
  • 23
  • 31
9
votes
1 answer

Is there a way to reset the toolbar minigraphs in Process Explorer?

Windows Sysinternals Process Explorer includes in its toolbar some minigraphs showing recent usage history for CPU, Memory, and so on: These are nice. However, an inadvertent click on the 'thumb' of one of these will cause it to maximize within the…
AakashM
  • 254
  • 3
  • 15
9
votes
0 answers

How does rebooting a computer work?

Possible Duplicate: How does a computer restart itself? How does a computer's reboot command actually work? How is the computer told that it shouldn't stay down after powering off, and that it should actually start itself again? Are rebooting and…
Knight Samar
  • 136
  • 5
9
votes
3 answers

PsExec requirements on local computer

What services and settings are required to run psexec on local computer? (e.g. psexec -s -i -d regedit)
Ogmios
  • 359
  • 1
  • 3
  • 8
8
votes
1 answer

What does "I/O Reads or Writes" and "I/O Read Bytes or Write Bytes" mean?

In Task Manager (and Sysinternals' Process Explorer) there are columns called "I/O Reads", "I/O Writes", "I/O Read Bytes" and "I/O Write Bytes". So what do these counters mean exactly? What else, besides disk and network activity, do they…
skr3am
  • 91
  • 1
  • 1
  • 3
1
2 3 4 5 6 7 8