For a Linux geek like me, I always feel so much restrained when using Windows, due to the fact that I can’t really get into the internals of the system especially that now I am using Windows on my 2 year old notebook after the storage catastrophe. It looks like hard disks don’t really like to stay with me that long; or is it my own fault for overusing them? Oh well.
While browsing through this post from the F-Secure blog, I found out that Microsoft has bought Sysinternals in July 2006. Mark Russinovich and Bryce Cogswell must be millionaires now 😉
No wonder my friend who have just started today in F-Secure KL talked to me about the cool utilities. Now I know where he hangs out.
There are actually a bunch of tools, categorized into:
- File and Disk Utilities
- Networking
- Processes & Threads
- Security Utilities
- System Information
- Miscellaneous
I’ve actually tried only a few of the tools, which I chose based on my familiarity with the functions.
First of all there’s FileMon which monitors open files. It’s exactly like lsof on Linux (list open files) but of course, with GUI. If you used to run lsof by piping it into grep to filter, a filter function is provided with this utility.
Process monitor lists all of your running processes, with extended info more than the normal task manager can handle. If you want to go deeper, try Process Explorer where you’ll be able to see threads and process trees. Miss ps yet? The most important purpose for this application for me is to look for unwanted processes that are running without me knowing, especially malicious programs such as viruses or malware.
There are also some other useful (IMHO) tools such as the Registry Monitor and the Port Monitor (serial & parallel) which would be very useful for development of applications.
Running the Disk Monitor is quite exciting – now you can see what your PC is doing when the hard disk LED is flashing. It’s amazing to see how a typical disk I/O looks like.
But of course, these programs are not for the faint at heart. The information displayed can be too technical for the average PC user. Me? I am happy.
