The Sysinternals tools

Following the series on "how to be more productive", the free tools available at are extremely handy. I’ll mention the ones I use more often.


This one is great for anybody who does presentations (either at conference, user groups, or even for internal meetings). Sometimes it’s hard for some people to really see what the presenter is focusing on the screen, either because the fonts are not big enough, or because the presenter is talking about something that’s on the top-right corner, and the attendee is looking somewhere on the screen. For sometime I’ve tried to use the Windows Magnifier tool, but never really liked it. So ZoomIt comes to the rescue.

ZoomIt runs on the background, and whenever the presenter wants to zoom into an area of the screen, the Alt+1 shortcut will "freeze" the screen and allow the user to drag the mouse around the zoomed screen. The mousewheel can be used to zoom in or out. 

The other feature of it that I love is the one that turns the mouse pointer into a pen, so that the user can draw on the screen. So, you can zoom in a specific area, then click on the screen, and start drawing on it (say, drawing a circle around the area you want attendees to focus, or something like that). And you don’t need to zoom in in order to use the pen; you can also press Alt+2, which turns the mouse pointer into a pen, and "freezes" the screen, so that you can draw on it. This is so much better than having the speaker point to the projected screen with his hands… usually the person’s arm is not long enough to reach what’s been shown, and if it’s a big room with 4 large screens, well, pointing to just one screen does not help people who aren’t close to it. Using a tool like ZoomIt improves a lot the attendee’s experience. I’ve been receiving great feedback from people that see me presentation using this little handy tool.


Process Explorer

I don’t know about you, but I don’t really like the Windows Task Manager. It usually does not give me enough information to troubleshoot problems I’m having. SysInternals’ Process Explorer is a great replacement for the Task Manager, since it gives you everything the Task Manager does, and a lot more.


Is shows the processes in a hierarchical way, so to make it easier to understand which process launch what. If the process running is a .NET assembly, it’s highlight in yellow, and you can quickly see things like how many appDomains, classes and assemblies are loaded.

Also, double-clicking on the file gives you a dialog with a lot more information, such as the .NET tab, which puts together information from the Performance Counters, so that you can see a lot more data about things like what’s loaded by the CLR, Garbage Collection activities, memory consumption, etc.

File Monitor

File Monitor does what the name implies: monitors files. You run it, set a filter on which files you want to watch (such as *.DLL), and the tool will keep listing any sort of access that occurs on files that fulfill the criteria defined.

This is great to troubleshoot a variety of problems. For instance, if you’re having security problems, you can check out what files were being accessed, and whether or not the operating system was able to open them. A few months back I was trying to run a .NET app, and I kept getting an error message that didn’t tell me a whole lot. After running File Monitor, I could see what was the last file being accessed before the application crashed, and that way I found out I forgot to deploy a third-party control with the app. 


This tool is great to see what programs runs when you start Windows. Every once in a while you open the Task Manager and see some files running that you have absolutely no idea what they are; for instance, TkBellExe. How can you figure out what they are, and get rid of them you can you don’t need it? Autoruns to the rescue.

The tool shows you everything that "auto runs" in your computer. You can then see that TkBellExe is the RealNetworks Scheduler, and like myself, decide to uncheck this file, so that it won’t start up automatically anymore.

When you uncheck a file, it’ll not be "uninstalled"; instead, it’s just moved to a separate folder on the Windows Registry, so that if you want to check it back in, you can always do that at any point in time.

There’s a lot more!

There is just a lot more on the website. Make sure you check it out and you’re very likely to find other little tools that can help you a lot. There is a great DNRTV episode on the subject, where Scott Hanselman walks you through a bunch of the tools. Check it out!!

  1. Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: