Using Sysinternals Console Tools via PowerShell (Part 2)

by Sep 5, 2022

In our previous tip we used PowerShell to download and set up the Sysinternals suite of console commands. Here is what we did:

$destinationZipPath = "$env:temp\"
$destinationFolder  = "$env:temp\pstools"
$link = ""
Invoke-RestMethod -Uri $link -OutFile $destinationZipPath -UseBasicParsing
Unblock-File -Path $destinationZipPath
Expand-Archive -Path $destinationZipPath -DestinationPath $destinationFolder -Force
Remove-Item -Path $destinationZipPath
explorer /select,$destinationFolder

Now how can you run a command via PowerShell? Since the Sysinternals suite consists of console commands, you can directly launch them; for example, psloggedon64.exe which tells you the user names of users that are currently logged on to a machine:

$destinationFolder  = "$env:temp\pstools"
& "$destinationFolder\PsLoggedOn64.exe"

The result looks similar to this:

PsLoggedon v1.35 - See who's logged on
Copyright (C) 2000-2016 Mark Russinovich
Sysinternals -
Users logged on locally:
     29.08.2022 17:11:48          XXXX
Users logged on via resource shares:
     30.08.2022 08:18:32          (null)\XXX
     30.08.2022 08:18:32          XXX\XXX   

Note: Do not use Start-Process to run the tools, or else the output will show in a separate console window which closes again in a split-second.

When you run any Sysinternals tool for the first time, a EULA window pops up. Once you accept it, you can run commands unattended in the future.

In our next tip we show you how you can get rid of the EULA via PowerShell so you don’t even need to click the EULA once.

Twitter This Tip! ReTweet this Tip!