- Understanding Azure service accounts - Fri, Mar 31 2023
- Azure PowerShell vs. Azure CLI - Wed, Mar 15 2023
- Use Azure Storage for backup - Thu, Feb 23 2023
The four reasons why I enjoy the Microsoft Sysinternals utilities so much are:
- They consume very little system resources
- They are self-contained—there is no installer and you can run the tools directly from USB media
- They are extremely well documented
- They are free!
What are the Sysinternals utilities, you ask? This is a collection of freeware Windows system tools originally developed by these two geniuses from Austin, Texas, Mark Russinovich and Bryce Cogswell. Microsoft bought the toolset (and company) from Russinovich and Cogswell in 2006 and took the men on as employees, where they continue to enhance the tools, write about them, and so forth.
Accessing the tools
You can find download links to the free Sysinternals tools all over the Internet. However, both for security’s sake, as well as my desire to obtain the latest bits for any software I install, I always download the utilities from Microsoft’s own site, live.sysinternals.com, shown in the screenshot below
The sysinternals app library
No, the live.sysinternals.com site isn’t anything pretty to look at, but the site hosts the latest versions of these tools, and they are so small that you can download and use them at any time on any Windows system with a single mouse click. Can’t beat that for convenience, can you?
If you want a “glossier” front end to the Sysinternals utilities, you can always visit the Windows Sysinternals home page at the Microsoft TechNet Web site.
Tool #1: Autoruns
The reason why I love Autoruns is that the tool provides clear insight into exactly which processes and services are set to auto-start on the target system. Thus, you can use Autoruns to quickly diagnose a slow or malware-infested system, and take corrective action directly from the interface.
Check out the Autoruns home page for full documentation on this wonderful utility.
Tool #2: Contig
Contig is a command-line file defragmenter. I use Contig on a regular basis to defragment my Microsoft Outlook .PST archive files. This tool really speeds up my Outlook performance, let me tell you!
You can learn everything you ever wanted to know about Contig by visiting the Contig documentation home page at TechNet.
Tool #3: Process Explorer
Like Autoruns, Process Explorer provides you with keen insight into what processes are running on the target system. However, Process Explorer lets you know what processes are currently in memory. Not only that, you also can display those processes in a tree view to determine parent-child relationships among those processes.
The second thing I love about Process Explorer is the flexibility the tool gives you in managing running processes. As you can see in Figure 5, right-clicking on a process in the process list allows you not only to kill the process, but also kill the entire process tree, change runtime priority, debug the process, restart it, and so forth.
Process control options
Visit the Process Explorer home page for full documentation for this tool.
Tool #4: ZoomIt
Because I am a trainer, I do a lot of live presentations. To this end, it is oftentimes useful, if not absolutely required, that I make my screen readable to my students or attendees.
ZoomIt runs in the system tray and enables you to magnify your screen with a single keystroke. The default zoom toggle is Ctrl+1; however, as you can see in Figure 6, you can change the key binding to your preference.
ZoomIt, Zoom tab
Not only does ZoomIt allow you to quickly and easily zoom your display, but it also enables you to annotate, or mark up, your display!
ZoomIt, Draw tab
In my opinion ZoomIt is a required utility not only for technical trainers but for any IT professional who gives presentations.
Visit the ZoomIt home page for full usage instructions.
I hope that this piece “fired you up” with enthusiasm for the Windows Sysinternals utilities; they are really awesome. Although we focuses on just four tools in this article, I use almost every tool in the suite. However, if I were to select three runners-up, they would be:
- Bginfo: Create custom desktop backgrounds that display system information
- Desktops: Spawn up to four virtual desktops on your PC
- TCPView: I call this “netstat on steroids”
For Further Study
- Windows Sysinternals Home Page
- Windows Sysinternals Administrator’s Reference
- Windows Sysinternals Learning Resources
- Windows Sysinternals Tutorials
Want to write for 4sysops? We are looking for new authors.
You can also receive the entire Sysinternals Suite, in one compressed file, from Microsoft’s site, at:
I use that URL with a script that downloads and unzips/overwrites the suite onto a flash drive, whenever my rss reader sees the words “update” and “sysinternals” inside of a feed.
http://live.sysinternals.com/Files/SysinternalsSuite.zip works as well
I use Sysinternals tools every single day in my job. Paramount to solving all sorts of technical issues.
I can’t believe that you did not mention Process Monitor. It has identified issues for me which I’ve then been able to rectify.
Thanks for the post and I’ll continue reading this blog with enthusiasm.
I had totally forgotten about ZoomIt!
I teach Excel and Access classes every week and that tool would have come in handy often.
Bryce Cogswell retired last year… Only Mark remains at Microsoft
Totally agree with 4. Process Explorer and Proc Mon are the most usefull…
Many tools defragment for free (piriform)
Zoom it can be useful too, but not the prefered.
Useful detailed information can be gleamed from Microsoft Press book “Windows Sysinternals Administrator Reference” written by the author Mark Russinovich. Well worth having