The Sysinternals Appreciation Thread

[Burnsy2023]

I have for a long time been following the work of the legendary Mark Russinovich and of course Bryce Cogswell as well.

Mark is still updating the sysinternals tools and ProcessExplorer now can even map GPU usage through the internal DirectX APIs that he now has access to being part of Microsoft.

So this thread is to profess our love to Mark as well as share times when the tools have fixed that really annoying problem that mystified you or otherwise helped you.

I'll start, I've used tools such as Psexec for years in various scripts which have saved me countless hours, especially in getting system information during audits. I'd have to say procmon or processexplorer are probably my favourite tools though as they've helped me the most with the really, really difficult issues.

 

[masterluke]

+1 on psexec. Its a massively helpful tool that has saved me countless hours supporting remote systems. No remote software needs to be in place, all you need is a privilaged userid and you're free to do as you wish.

 

[theheyes]

Mark is a legend. Used disk2vhd the other week to turn an instance of Server 2003 on a broken raid array into a virtual machine with no fuss whatsoever. And I'm sure the download was < 1MB.

There is a sysinternals administrators reference book out now which gets a "pretty good" from me.

 

[MarcLister]

Every so often I check the Sysinternals site for an update copy. I always download the full pack so that I have all the programs should I need them. I mainly use Process Explorer if I need to look at what is causing computers at work to be slow.

Great bit of software.

 

[Burnsy2023]

There is a sysinternals administrators reference book out now which gets a "pretty good" from me.

I just ordered that from work, not had much time to read it yet though.

 

[j1nxy100]

I have to agree. the software is often a good time saver, I have used regmon and filemon at work and it can be really helpful when you get stuck.

 

[bledd]

Yup

Awesome software

Nirsoft also have a whole range of useful tools.

Mark is a god

 

[SoundsGood]

I have soo many scripts that rely on PsExec, life would be much more difficult without it. PsLoggedOn and PsGetsid have come in handy recently too.

 

[NathanE]

He's on the stackexchange podcast right now... http://www.livestream.com/stackexchange

 

[Ev0]

Used Regmon and Filemon pretty much non stop for a year when working on a big project and was doing software packaging.

Needed the tools to see what was access was required so that I could set permissions on folders and reg keys correctly when stuff was installed in the locked down environment.

And also to see what apps were doing with regards to registration/activation so that I could, er, fudge it so that the apps installed and didn't require user input

 

[Burnsy2023]

He's on the stackexchange podcast right now... http://www.livestream.com/stackexchange

The sounds is really jittery for me

 

[lurkio]

+1
epic tool kit of utils

 

[Deception]

Yup

Awesome software

Nirsoft also have a whole range of useful tools.

Mark is a god

love the outlook pass view tool on nirsoft. Helps a lot when moving profiles around in work and people cant remember the passwords for their emails.

I like PSEXEC too as it helps me remotely install software such as VNC, so I help people in the office without leaving my chair (or for those people who constantly keep ringing up saying something isnt working )

 

[sidethink]

Mark R is a legend. His talks are awesome and his tools get rid of a lot of headaches.

 

[J.B]

We use psexec all the time to execute pwdump and retrieve the password hashes of remote machines.

It's probably one of the best sysinternals I think.

 

[platypus]

I use them on a regular basis, awesome tools .