Process Utilities#

Autoruns#

So many autostart locations… Its not just startup though. Login, IE launch, Media players, explorer, RUN, RUNONCE, Registry keys, services, toolbars, notifications… blah blah blah… you get the point. Theres a LOT.
SystInternals_Autoruns.png

Arguements#

Odly enough, none

autoruns -accepteula

ProcDump#

For monitoring an application for CPU spikes and generating crash dumps during a spike. As its also a feature of Process Explorer I wont include too much here.

Arguements#

There are some, just use process explorer though…

procdump -accepteula

Process Explorer#

Theres a lot to unpack here. Process Explorer is simply a way to examine the process running on the device and where this is linked.

Each process has a colour

  • Purple: Indicates files may be packed

  • Red: Process is exiting (stopping)

  • Green: Freshly spawned (just created)

  • Light Blue: Running bythe same account that started Process Explorer

  • Dark Blue: Currently selected

  • Pink: Process is a service

  • Grey: Process is suspended (manually)

Still more to do here….