Ctrl2cap also shows how to use NtDisplayString to print messages to the initialization blue-screen. DebugView v4. It allows for viewing and recording of debug session output on your local machine or across the Internet without an active debugger. Desktops v2. Disk2vhd v2. DiskExt v1. Diskmon v2. DiskView v2. Disk Usage DU v1. EFSDump v1. FindLinks v1. A file's data remains allocated so long as at it has at least one file name referencing it. Handle v4. Hex2dec v1.
Junction v1. LDMDump v1. ListDLLs v3. LiveKd v5. LoadOrder v1. LogonSessions v1. MoveFile v1. NotMyFault v4. NTFSInfo v1. PendMoves v1. PipeList v1. PortMon v3. It knows about all standard serial and parallel IOCTLs and even shows you a portion of the data being sent and received. Version 3. ProcDump v It also serves as a general process dump creation utility and can also monitor and generate process dumps when a process has a hung window or unhandled exception.
Process Explorer v This uniquely powerful utility will even show you who owns each process. Download Process Monitor 3. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon , and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such as session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more.
Its uniquely powerful features will make Process Monitor a core utility in your system troubleshooting and malware hunting toolkit. The best way to become familiar with Process Monitor's features is to read through the help file and then visit each of its menu items and options on a live system.
Run now from Sysinternals Live. Typing Ctrl-C terminates the remote process. If you omit a user name, the process will run in the context of your account on the remote system, but will not have access to network resources because it is impersonating. Note that the password and command are encrypted in transit to the remote system. This article I wrote describes how PsExec works and gives tips on how to use it:. This command copies the program test. Specify the full path to a program that is already installed on a remote system if its not on the system's path:.
PsExec is part of a growing kit of Sysinternals command-line tools that aid in the administration of local and remote systems named PsTools. Skip to main content. This browser is no longer supported. Download Microsoft Edge More info. Contents Exit focus mode. PsExec v2. Is this page helpful?
0コメント