The SysInternals suite of tools is simply a set of Windows applications that can be downloaded for free from their section of the Microsoft Technet web site. They are all portable, which means that not only do you not have to install them, you can stick them on a flash drive and use them from any PC. In fact, you can actually run them without installing through SysInternals Live (which we’ll illustrate in a bit).

The tools include utilities such as Process Explorer, which is a lot like Task Manager with a plethora of extra features, or Process Monitor, which monitors your PC for filesystem, registry, or even network activity from almost any process on your system.

Autoruns helps you deal with startup processes, TCPView shows you what is connecting to resources on the internet, and there is an entire set of tools that run from the command line to help you deal with processes, services, and more.

Most of these tools are going to require administrator access on your computer, so you’d be wise to test them out in a virtual machine or a test computer if you aren’t sure what you are doing — these are some heavy duty tools.

For example, say you have a really slow PC to troubleshoot, and you want to inspect all of the threads for a particular application, and then you want to see the entire stack for one of those threads to see exactly what DLLs and functions are being called. Process Explorer makes this trivial — you can simply double-click on the process, flip over to the Threads tab, and then click the Stack button.

https://www.howtogeek.com/school/sysinternals-pro/lesson1/