The PSTools suite is one of those things that you’ll find new uses for every time you play with it. The PSTools suite was developed by Mark Russinovich who worked on the original NTFS file system, and hence has a rather unique insight into the inner workings of Windows systems.
The PSTools suite is comprised of the following utilities:
- PsExec – execute processes remotely
- PsFile – shows files opened remotely
- PsGetSid – display the SID of a computer or a user
- PsInfo – list information about a system
- PsKill – kill processes by name or process ID
- PsList – list detailed information about processes
- PsLoggedOn – see who’s logged on locally and via resource sharing (full source is included)
- PsLogList – dump event log records
- PsPasswd – changes account passwords
- PsService – view and control services
- PsShutdown – shuts down and optionally reboots a computer
- PsSuspend – suspends processes
- PsUptime – shows you how long a system has been running since its last reboot (PsUptime’s functionality has been incorporated into PsInfo)
While these tools work locally (and in most cases work better than the native Windows utilities, or provide functionality that is not available natively), they really shine when it comes to working with remote machines. If I had nothing else but a fresh (default) Windows install, I could probably continue to administer my network using the PSTools.
Notice I said nothing but a default windows install. Microsoft has done something rather unique with the PSTools suite (in fact with the entire Sysinternals utilities collection), and made them usable from a “live” website (to get an overview of what is available, just type live.sysinternals.com\tools into your browser’s address bar).
Now all these tools are stand alone executables (no need to install), so they can be run from a USB drive (SWEET!!!), however being able to run them without even having the executables on the machine is just awesome!