The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,619 other followers

Archive for the ‘SysInternals’ Category

dzComputerInfo: a small tool that shows a window on top of all other windows displaying the computer name and currently logged on user.

Posted by jpluimers on 2018/05/18

Interesting as bgInfo does not support top most windows or overlay: it only does the Desktop background, and you need to go through hoops to recreate the background on each logon:

Enter dzComputerInfo. It’s a small tool that I wrote the evening after the above incident which does exactly one thing: It shows a window on top of all other windows displaying the computer name and currently logged on user. Since the window is so small and it places itself automatically just above the start button, it does not really become a nuisance.

The tool and the source code is available from sourceforge, if anybody else thinks he has a use for it.

The G+ thread also the interesting comment by Gaurav Kale:

The Classic Shell Start button supports environment variables in its tooltip. So just specify: %username% on %computername% for the Setting called “Button Tooltip”. Then to see the currently logged on user and computer name, you just have to HOVER over the Start button!

–jeroen

Posted in Power User, SysInternals, Windows | Leave a Comment »

wget for nirsoft

Posted by jpluimers on 2017/08/11

Since they require a referer:

wget --referer=http://launcher.nirsoft.net/downloads/ -m -np http://download.nirsoft.net/nirsoft_package_1.20.10.zip
wget --referer=http://launcher.nirsoft.net/downloads/ -m -np http://download2.nirsoft.net/nirsoft_package_enc_1.20.10.zip

The latter has password nirsoft9876$

The filenames change over time (the 2016 archive of http://launcher.nirsoft.net/downloads/ shows http://download.nirsoft.net/nirsoft_package_1.20.5.zip and http://download2.nirsoft.net/nirsoft_package_enc_1.20.5.zip

Need to check out if I can automate this, as they seem to keep a SysInternals link http://download.nirsoft.net/sysinternals4.nlp

–jeroen

Posted in NirSoft, Power User, SysInternals, Windows | Leave a Comment »

SDelete hangs at 100% – Sysinternals Forums – revert back to v.1.61

Posted by jpluimers on 2016/10/07

I’m a fan of sdelete, but the most recent v2.0 update seems – released alongside SysInternals support for nano server – to be a lot slower than the v1.61 version:

I have the same problem with Sdelete on my SSD.The resource monitor showed v.2 writing the disk at approx 40Mb p/swhile v.1.61 at 1,300 Mb p/s SDelete v.2.0 is faulty (shows 100% all the time) and dead slow, don’t use it.Google v.1.61 , it works just fine.

Source: SDelete hangs at 100% – Sysinternals Forums [WayBack]

–jeroen

Posted in Power User, sdelete, SysInternals, Windows | Leave a Comment »

SysInternals sdelete: zero wipe free space is called -z instead of -c

Posted by jpluimers on 2016/09/20

In the 2009 past, sdelete used the -c parameter to zero wipe clean a hard drive and -z would clean it with a random pattern.

That has changed. Somewhere along the lines, -c and -z has swapped meaning which I didn’t notice.

This resulted in many of my virtual machines image backups were a lot larger than they needed to be.

The reason is that now:

  • -c does a clean free space with a random DoD conformant pattern (which does not compress well)
  • -z writes zeros in the free space

Incidently, -c is a lot slower than -z as well.

TL;DR: use this command

sdelete -z C:

Where C: is the drive to zero clean the free space.

–jeroen

Posted in Batch-Files, Development, Fusion, Hyper-V, Power User, Proxmox, Scripting, sdelete, Software Development, SysInternals, View, VirtualBox, Virtualization, VMware, VMware ESXi, VMware Workstation, Windows | Leave a Comment »

Sysinternals Suite – lots of tools are now available as 64-bit as well

Posted by jpluimers on 2016/07/08

In the past the Sysinternals Suite used to have only a few 64-bit versions of their tools, but recently they added many more.

The documentation doesn’t reflect this yet, but the online versions do:

These are 64-bit:

     Wednesday, June 29, 2016  9:42 PM       403120 accesschk64.exe
     Wednesday, June 29, 2016  9:42 PM       841904 Autoruns64.exe
     Wednesday, June 29, 2016  9:42 PM       742064 autorunsc64.exe
     Wednesday, June 29, 2016  9:42 PM       154792 Clockres64.exe
     Wednesday, June 29, 2016  9:42 PM       268960 Contig64.exe
     Wednesday, June 29, 2016  9:42 PM       158376 diskext64.exe
     Wednesday, June 29, 2016  9:42 PM       190104 du64.exe
     Wednesday, June 29, 2016  9:42 PM       169136 FindLinks64.exe
     Wednesday, June 29, 2016  9:42 PM       226464 handle64.exe
     Wednesday, June 29, 2016  9:42 PM       164520 hex2dec64.exe
     Wednesday, June 29, 2016  9:42 PM       236200 junction64.exe
     Wednesday, June 29, 2016  9:43 PM       220336 Listdlls64.exe
     Wednesday, June 29, 2016  9:43 PM       156840 LoadOrd64.exe
     Wednesday, June 29, 2016  9:43 PM       188584 LoadOrdC64.exe
     Wednesday, June 29, 2016  9:43 PM       249536 logonsessions64.exe
     Wednesday, June 29, 2016  9:43 PM       154792 movefile64.exe
     Wednesday, June 29, 2016  9:43 PM       265904 notmyfault64.exe
     Wednesday, June 29, 2016  9:43 PM       271032 notmyfaultc64.exe
     Wednesday, June 29, 2016  9:43 PM       158896 ntfsinfo64.exe
     Wednesday, June 29, 2016  9:43 PM       156336 pendmoves64.exe
     Wednesday, June 29, 2016  9:43 PM       234160 pipelist64.exe
     Thursday, April 28, 2016 12:25 AM       310440 procdump64.exe
     Wednesday, June 29, 2016  9:43 PM       374944 PsExec64.exe
     Wednesday, June 29, 2016  9:43 PM       168608 psfile64.exe
     Wednesday, June 29, 2016  9:43 PM       326824 PsGetsid64.exe
     Wednesday, June 29, 2016  9:43 PM       351912 PsInfo64.exe
     Wednesday, June 29, 2016  9:43 PM       318624 pskill64.exe
     Wednesday, June 29, 2016  9:43 PM       202400 pslist64.exe
     Wednesday, June 29, 2016  9:43 PM       170160 PsLoggedon64.exe
     Wednesday, June 29, 2016  9:43 PM       168616 pspasswd64.exe
     Wednesday, June 29, 2016  9:43 PM       293032 psping64.exe
     Wednesday, June 29, 2016  9:43 PM       210608 PsService64.exe
     Wednesday, June 29, 2016  9:43 PM       321704 pssuspend64.exe
     Wednesday, June 29, 2016  9:43 PM       164024 RegDelNull64.exe
     Wednesday, June 29, 2016  9:43 PM       160400 ru64.exe
     Wednesday, June 29, 2016  9:43 PM       165544 sdelete64.exe
     Wednesday, June 29, 2016  9:43 PM       856752 sigcheck64.exe
     Wednesday, June 29, 2016  9:43 PM       153768 streams64.exe
     Wednesday, June 29, 2016  9:43 PM       162472 strings64.exe
     Wednesday, June 29, 2016  9:43 PM       158360 sync64.exe
     Thursday, April 28, 2016 12:25 AM       862888 Sysmon64.exe
    Tuesday, February 2, 2016 10:04 PM       221360 Testlimit64.exe
     Wednesday, June 29, 2016  9:43 PM       169648 Volumeid64.exe
     Wednesday, June 29, 2016  9:43 PM       169632 whois64.exe

These do not have 64-bit equivalents yet or (like procexp.exe) have 64-bit versions embedded (some will likely never get them):

  Wednesday, November 1, 2006  1:06 PM       174968 AccessEnum.exe
 Wednesday, November 14, 2012 10:22 AM       479832 ADExplorer.exe
    Tuesday, October 27, 2015 12:13 AM      2425496 ADInsight.exe
  Wednesday, November 1, 2006  1:05 PM       150328 adrestore.exe
   Tuesday, February 22, 2011  2:18 PM       148856 Autologon.exe
    Tuesday, October 27, 2015 11:28 PM      2049168 Bginfo.exe
  Wednesday, November 1, 2006  1:06 PM       154424 Cacheset.exe
      Monday, August 18, 2014  7:29 PM       892088 Coreinfo.exe
  Wednesday, November 1, 2006  1:05 PM       150328 ctrl2cap.exe
     Monday, December 3, 2012 10:10 AM       468056 Dbgview.exe
  Wednesday, November 1, 2006  9:06 PM       158520 DEFRAG.EXE
  Wednesday, October 17, 2012  5:28 PM       116824 Desktops.exe
  Wednesday, November 1, 2006  1:06 PM       224056 Diskmon.exe
    Wednesday, March 24, 2010  1:00 PM       580984 DiskView.exe
      Wednesday, May 20, 2015  2:24 AM       146232 efsdump.exe
  Wednesday, November 1, 2006  1:06 PM       154424 ldmdump.exe
   Tuesday, December 17, 2013  4:01 PM       559808 livekd.exe
  Wednesday, November 1, 2006  1:06 PM       215928 pagedfrg.exe
     Friday, January 13, 2012  4:35 PM       451392 portmon.exe
   Thursday, February 4, 2016 10:19 PM      2694816 procexp.exe
        Friday, June 12, 2015 12:34 AM      2046608 Procmon.exe
      Tuesday, April 27, 2010 10:04 AM       178040 psloglist.exe
     Monday, December 4, 2006  4:53 PM       207664 psshutdown.exe
    Tuesday, February 2, 2016 10:04 PM       625816 RAMMap.exe
  Wednesday, November 1, 2006  9:05 PM       146232 Reghide.exe
    Tuesday, February 2, 2016 10:04 PM       117920 regjump.exe
  Wednesday, November 1, 2006  1:07 PM       334720 RootkitRevealer.exe
  Wednesday, November 1, 2006  1:07 PM       260976 ShareEnum.exe
 Wednesday, February 27, 2008  5:51 PM       103464 ShellRunas.exe
     Wednesday, July 28, 2010  2:47 PM       199544 tcpvcon.exe
        Monday, July 25, 2011 11:40 AM       300832 Tcpview.exe
        Monday, July 20, 2015 11:45 PM      1194128 vmmap.exe
       Tuesday, June 18, 2013  2:12 PM       596160 ZoomIt.exe

–jeroen

Posted in Power User, SysInternals, Windows | Leave a Comment »

 
%d bloggers like this: