As requested, we\’re going to go through a collection of really handy tools that Microsoft created just for Windows, and is possibly one of the most valuable software suites ever created. It\’s called Sysinternals and has existed since the dawn of time, but is not included in Windows. Therefore, if you were unaware of it, you are truly missing out.
There are far too many programs included to cover in a single post, and some of them are either obsolete or of limited utility, so I\’m going to highlight what I believe is suite\’s coolest and most useful products.
1. Process Explorer
Which is already rather well-known. It\’s essentially a task manager enhanced. It will not only show you which programs are running but also which sub-processes are being used and a million more facts about which I am too knowledgeable to explain.
One interesting feature is the ability to search for any process using a website called Virus Total, which is really owned by Google, and which will run the file through a variety of antivirus programs. Thus, if you notice a process that appears to be suspicious, you can scan it to confirm. Additionally, you can search for \”handles,\” which refers to the files that applications use.
Therefore, if you are attempting to relocate a file and are unable to do that because it is in use, you can search for that file and determine what is utilizing it. Additionally, you have the option of replacing the standard task manager with the Process Explorer if desired. There is a great deal more you can do with this one, but for the sake of time, you can explore it on your own.
2. Process Monitor
As the name implies, the process monitor monitors what all running processes on your computer are doing and logs literally everything, depending on the criteria you select. And if you\’ve ever wondered what happens to your computer when it\’s \”idle,\” you\’re in for a treat. Hundreds of thousands of procedures will very certainly take place in a matter of seconds.
These could be configured to call registry keys, write to files, read from files, or make network requests; pretty much EVERYTHING that happens in your computer will be mentioned here. Given the volume of data, it\’s probably better to filter for certain applications and operations, but if you\’ve ever encountered a program behaving strangely or crashing, a process monitor may be an excellent place to begin investigating why.
Which is a small but powerful tool that displays a list of all the programs that startup with your machine. While Windows includes a capability similar to this, it does not always display EVERYTHING that is loaded. Autoruns will not only show you which programs start up at boot, but also which services, registry keys, scheduled tasks, and drivers are loaded. It will also show you which media codecs are loaded. None of that will be seen in the task manager or MSConfig panel.
Thus, this is really valuable, particularly if you see something starting up with Windows but are unsure how or why; you\’ll almost certainly find it in here and can figure it out. Oh, and yes, you will once again be able to scan everything with Virus Total via the settings.
It is entirely dependent on network activity. To put it simply, it will display every network connection that enters and exits your computer, the software that uses it, the port on which it is connected, and more. This is handy in a variety of scenarios, such as when something is hogging a lot of bandwidth and you\’re not sure what it is. You could start with Windows\’ built-in \”resource monitor,\” which will tell you which software is consuming the bandwidth, but you\’re probably more interested in knowing what it\’s connected to.
That is where this comes into play. Additionally, here is another great feature. When you locate the process you\’re looking for, it will display the external IP address, but this information is useless. If you right-click and select \”Whois,\” a whois search will be initiated, providing information about the IP address and, ideally, the website or service associated with it. You can even disconnect the connection manually if you like. However, keep an eye out if it restarts. Nonetheless, there are numerous applications for this provided you know what you\’re doing.
This one is ideal for presentations because it enables you to effortlessly zoom in and out on the screen. As you can see, all you have to do is hit Ctrl + 1 to zoom in and move around. Excellent if you need to demonstrate anything little. Additionally, if you wish to draw something on the screen, you can do it by pressing Ctrl 2, followed by Escape to cancel.
Thus, a neat little program that you may find useful in the future. The following one is actually rather amusing. It\’s named \”NotMyFault,\” and it does exactly what it says on the tin: it crashes your computer. Yes, deliberately. Apart from pranking your buddies, you may be wondering what else this thing may be used for.
To be honest, it may be beneficial if you want to learn about the many sorts of crashes, and as you can see, there are quite a few to select from. Perhaps you\’d like to use it as an example, or even induce a blue screen in order to obtain a dump file.
Which is used to verify the authenticity of files. As this is command-line software, it must be executed via the command prompt. To do so quickly, click in the address bar of Explorer, type CMD, and the command prompt will open in that directory. Then, simply input the program\’s name to launch it. There are numerous choices, but the simplest way to use it is to scan a specific directory and only the executable files included within.
Which is capable of safely deleting files or directories in such a way that they can never be recovered by repeatedly overwriting them. I\’m not going to inquire as to who you\’re hiding from, but perhaps you should. Additionally, this is command-line software. SDelete also includes certain additional capabilities, such as cleaning up free space created by previously removed files. Alternatively, you can fill all available space with zeros.
Pretty easy; it simply displays the files that the operating system is about to relocate till the computer is rebooted. As you may know, when an OS cannot move a file that is in use, it waits till you restart and free it up. This is also why certain programs require a restart after installation. This may also indicate whether any files are scheduled for deletion.
This one enables you to schedule file transfers to perform after a reboot. If a file is being recalcitrant for any reason, you can just use the command MoveFile, the file to be moved, and the destination, and that\’s it. It will move once you reboot it. Additionally, you can specify no destination with only two quotation marks, which will destroy the file upon reboot.
This one is more interesting than helpful, as it scans and visually displays the structure of your entire drive. You can view any disc fragmentation and even the locations of fragmented files. Because disk defragmentation is performed automatically in newer versions of Windows and you don\’t want to do it at all on SSDs, this application is somewhat obsolete. However, I believe it is still interesting to study how the drive saves data.
As the name implies, it simply terminates processes. You simply write pskill followed by the process\’s name or process ID, push enter, and it\’s gone. You can even kill the entire process tree using the -t argument, which kills any processes created directly or indirectly by the primary one. It even includes certain network options, so if you want to terminate a process on a local computer, you can input the computer\’s name.
Thus, this one may be useful if a program appears to be extremely persistent and refuses to exit even when using the task manager. I should also mention that Sysinternals includes numerous other \”PS\” programs dubbed \”PSTools,\” each of which performs a modest but useful duty. It\’s worth looking at a list of what each of them does.
Which is another command-line tool that will provide you with a wealth of information about your CPU. Simply starting the program without any settings will provide a list of all the features supported by the CPU, including virtualization.
Therefore, if you ever come across something that states \”only works with CPUs that support whatever,\” this can swiftly inform you. You can even go further if you choose, and obtain information relevant to the CPU cache, all cores, virtualization features, and a variety of other things. Perhaps not much that the average person would know what to do with, but perhaps interesting to watch.
That\’s it; those are some of the most interesting utilities in the Sysinternals suite that you probably didn\’t know existed. However, you may now dazzle all your friends with your computer abilities.