Tuesday, 16 January 2007

Sysinternals: Windows Utilities So Useful, Microsoft Bought Them!

by Charles Pooter

I was first introduced to Mark Russinovich's Sysinternals utilities by a colleague in my first serious computing job. My reaction was one of embarrassment, as I realised straight away that these programs were indispensable to anyone who wanted to know what was going on under the surface of their Windows installation. In July last year Microsoft bought Sysintenals and now the utilities are available from Microsoft's Technet website. For those those that haven't encountered these useful little programs before, here's my list of the most handy in order of helpfulness:

  1. Autoruns: Tells you exactly which programs are being started when your computer is turned on and when you login. More importantly, it lets you get rid of programs you'd rather not start automatically.
  2. Process Explorer: Task Manager on steroids. Task Manager will only tell you that a process named hongkongworm.exe is running, Process Explorer will tell you where the program is located and a heap of other information.
  3. Filemon: This will let you see exactly where programs are trying to read and write data. I find this useful when I'm trying to work out why a program won't work from a non-administrator account. OK, maybe that's only useful for systems administrators!
  4. Regmon: Like Filemon, but for the registry.

No comments: