.NET Tips and Tricks

Blog archive

The Incredibly Useful Sysinternals Suite

If you like knowing what's going on with your computer -- even if it doesn't have much to do with .NET development -- you'll like the Sysinternals kit from Microsoft. The Sysinternals kit bundles up almost 70 utilities that extract information from Windows. And, while not aimed specifically at .NET developers, it's surprising (to me) how often I've found some of these tools useful when building business applications.

For instance, if you place BigInfo in your StartUp folder, it adds a bitmap to your desktop with your computer's TCP/IP address, OS version, service pack, and last time the computer was rebooted (among other information). I include BigInfo as a matter of course on all my development VMs and test machines.

One of my clients found that, after installing a Windows Service I built for them, that the service gradually took over the whole computer. We used RamMap to track how memory was being allocated by Windows and discovered that, while my service was taking over the whole computer, it was because the computer had nothing else to do. Given another application to run, Windows gave that other application the memory it needed.

If you've ever wondered exactly what DLLs a running process is using -- or what processes are using a particular DLL -- ListDlls will tell you. I was trying to replace a DLL on a computer that some process owned and it was ListDLL that identified the process. I then used another utility in the suite, PsKill, to end that process (PsKill also has the power to kill processes on other computers -- a power I've never used but have really, really wanted to, on occasion).

I will admit that I've never used MoveFile or AutoRuns for development purposes. But MoveFile will tell you what files are going to be updated after your next reboot (for instance, after an installation program tells you have to reboot), so you can make a semi-informed decision about putting off the reboot.

AutoRuns gives you a complete list of what programs are set up to run when your computer starts up, including items from the Startup Folder and programs being executed through the various Run* registry keys. I'm only interested in third party tools when I use AutoRuns, so I use the –m option to hide the Microsoft applications.

I used Strings (which lists all the Unicode and ASCII strings embedded in EXEs or DLLs in a folder, or its subfolders) against a third-party DLL once. Strings let me track down all the config files the application was using -- something not obvious from the documentation.

There's lots more goodies in the suite, but if you want to run one of them without going to the trouble of downloading it, you can use Systinternals Live. In Windows Explorer (or a command prompt), just enter \\live.sysinternals.com\tools\ followed by the name of the tool you want.

Posted by Peter Vogel on 06/14/2012

comments powered by Disqus


Subscribe on YouTube