Questions tagged [sysinternals]
Usually refers to applications from the Sysinternals Suite (eg. Process Explorer, Process Monitor, RAMMap, ...)
110
questions
1
vote
1
answer
443
views
Sysinternals procmon "Process Active Summary" is missing most processes
I am trying to track CPU usage of our build script and of all the processes it spawns to accomplish the task of creating a release. I ran a procmon64.exe (with profiling) session during the course of ...
1
vote
0
answers
233
views
How to run as admin an .Net exe with PSExec ( doesn't work on some of EXE)
I use PsExec to run some exe with administrators right on a Windows Server 2016.
It works.
Saddly, i have a .net exe which run not in admin right despite the use of psExec. I think it's due to the exe ...
1
vote
0
answers
757
views
Process Monitor: Any way to tell what process is terminating another?
I use Process Monitor from SysInternals to view logs from users' when they're being unable to launch an application. Very often users are running various security software they're not even aware of, ...
- 81
1
vote
1
answer
629
views
Bypassing agreement prompt for DiskUsage.exe?
I am running du.exe on a remote windows machine and do not want to have to access the remote machine's desktop, but the first run of du.exe is requiring an acceptance of the agreement which would ...
- 13
1
vote
1
answer
995
views
What determines a DLL's "create time" in the ListDLLs output?
I've run ListDlls on an EXE that I'm unsure should be running no my computer. The dates are all over the place for the DLLs in the output. I'm curious as to how the "create time" field is set.
- 11
1
vote
0
answers
320
views
In Process Monitor, is it possible to see what data is written/read per entry?
In Process Monitor, is it possible see what data is being read/written to a particular item, be it a file or registry? For example, if a program added "platform=x64" to settings.ini somewhere, Process ...
- 5,994
1
vote
0
answers
715
views
PSEXEC OpenSCManager fails when execute command for workgroup from domain
I am trying to run sysinternals' PSEXEC from my domain machine to workgroup machine and vice versa:
Cmd Line:
Psexec \\\MachineName -u "username" -p "password" -i -s -d cmd.exe
If I run this ...
- 11
1
vote
0
answers
2k
views
Windows sessions: Process Explorer vs. Logonsessions.exe
In researching a problem with an API call that is limited to particular sessions, I found some information that implied when you use runas to create a process as another user, a new security token is ...
- 1,765
1
vote
2
answers
607
views
Starting Autoruns.exe or procexp.exe hard-boot the PC
I am currently backpacking in India for several months and have to use public PC to check my email and write my blog.
The first thing I do when after I plugged in my hard-drive is to use SysInternals'...
- 13.9k
1
vote
0
answers
142
views
Can I change the sysinfo export language?
I just noticed that when I export the sysinfo logfile for diagnosis that all the stuff in there is in my national locale! This is of course bad if I want help from international / English speaking ...
- 784
0
votes
1
answer
260
views
How are Windows SysInternal Utilities Licensed? [closed]
Specifically I want to know about SDELETE by Mark Russinovich. I didn't find any license attached, although he holds a Copyright for it..
I want to know because I want to distribute it in my own ...
- 534
0
votes
1
answer
1k
views
Cmd instantly closes
So my cmd instantly closes, I tried following this: https://stackoverflow.com/questions/5373137/cmd-exe-closes-immediately-after-calling-win7-64 this kind of solves the problem but it introduces a new ...
- 43
0
votes
1
answer
487
views
How to launch a program on different desktop, using sysinternals desktops
Is there a way to start a program on a different desktop? Say if Desktop 2 is currently displayed, how could I open Notepad on Desktop 4?
- 111
0
votes
1
answer
73
views
sysinternal Process explorer only show registry events
I have my process explorer installed on my windows machine(sandbox). I run the malware, then capture events in process explorer, after 5 minutes, i stop the capture. to my surprise, it only show the ...
0
votes
2
answers
384
views
Sysinternals Handle prints question marks "?" instead of non ASCII symbols
For files that contain non ASCII symbols, The Sysinternals Handle utility prints the file names with ?. A similar problem is also reported in the following places:
Handle encoding problem
Russian ...
- 533