Have you ever wished you could have ultimate control over your Windows PC?
Perhaps you are a computer technician looking to add some serious know-how to your Windows tool belt.
Sysinternals go almost as far back as Windows itself, with the first iteration dating back to 1996.
Sysinternals also receives regular updates with new utilities being added over time.
Best of all, the software is portable and doesn’t require you to install it.
How to Get Sysinternals
First, you’ll need to load Sysinternals onto your PC.
Thankfully, this isn’t difficult.
In your downloads folder, simplyright-clickonSysinternalsSuite.zipand selectExtract All.Then, configure a destination folder of your choice and click theExtractbutton.
Now you are free to explore and use the tools as you see fit.
Use the following syntax:\live.sysinternals.com\tools<toolname>
PressWin+Rto bring up the Run dialog.
Specify the tool name at the end of the path and hitEnteror pressOK.
Note that you’re able to view the entireMicrosoft Sysinternals Live tools directoryin your net internet ride.
What Can You Do With Sysinternals?
Autoruns helps you manage Windows startup processes as well as detect particularly pesky embedded malware.
Seehow to manage Windows Startup programs with Autorunsfor more information.
it’s possible for you to bring this key up by going toOptions>Color Selection.
Process Monitor: The Ultimate Windows Log
Process Monitor is quite different from Process Explorer.
Process Monitor allows you to capture a log of every single event that happens on your Windows PC.
With Process Monitor, you might see which registry keys are being updated by any tool.
When you first open Process Monitor, you will be greeted with an enormous amount of rows and data.
Double-clicking or right-clicking on an event and selectingPropertieswill open an additional dialog with a wealth of information.
From this dialog, you will be able to determine the class of the event (i.e.
File System or RegistryQueryKey,) the path to the physical operation, and the result.
By default, Process Monitor uses your gear’s virtual memory to store events which is temporary.
Task Manager, for example, has a dedicatedStartup appssection within its navigation pane.
The same information can also be found in theSettingsapp underApps>Startup.
In reality, there are many more sophisticated ways software can be configured to auto-start on Windows.
If you are looking for a comprehensive list of startup items then Autoruns is your answer.
By default, when you first open Autoruns you will land on theEverythingtab.
This displays every single startup item from each and every tab.
Naturally, you’ve got the option to cycle through the tabs to distill the information further.
Each tab gives you an idea of the mechanism being used by the startup item.
For example, theLogontab displays all items loaded when your user logs in to Windows.
To stop any startup item from running, simplyuncheckthe checkbox next to the program on the left.
That’s all there is to it.
We’ve only covered the basics of what’s possible using the tools in the Sysinternals suite.
Feel free to explore them on your own, but just remember with great power comes great responsibility.
