Sysinternals

The Sysinternals web site was created in 1996 by Mark Russinovich to host his advanced system utilities and technical information. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications.

• Read the official guide to the Sysinternals tools, Troubleshooting with the Windows Sysinternals Tools
• Read the Sysinternals Blog for a detailed change feed of tool updates
• Watch Mark's Sysinternals Update videos on YouTube
• Watch Mark’s top-rated Case-of-the-Unexplained troubleshooting presentations and other webcasts
• Read Mark’s Blog which highlight use of the tools to solve real problems
• Check out the Sysinternals Learning Resources page
• Post your questions in the Sysinternals Forum

---

Sysinternals@25: 
A special anniversary event

Find the individual videos at https://aka.ms/SysinternalsVideos.

Sysinternals Live

Sysinternals Live is a service that enables you to execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool's Sysinternals Live path into Windows Explorer or a command prompt as live.sysinternals.com/<toolname> or  \\live.sysinternals.com\tools\<toolname>.

You can view the entire Sysinternals Live tools directory in a browser at https://live.sysinternals.com/.

What's New

What's New (August 16, 2022)

• Sysmon v14.0
  This major update to Sysmon, an advanced host monitoring tool, adds a new event type, FileBlockExecutable that prevents processes from creating executable files in specified locations. It also includes several performance improvements and bug fixes.

What's New (July 19, 2022)

• ZoomIt v6.0
  This major update to ZoomIt, a screen magnification and annotation tool, adds built-in screen recording for easy demo recordings and now supports Unicode typing input.

What's New (February 16, 2022)

• ZoomIt v5.10
  This update to ZoomIt, a screen magnification and annotation tool, now supports pen and touch drawing.

What's New (January 27, 2022)

• ZoomIt v5.0
  ZoomIt, a screen zoom and annotation tool, now supports Windows 11 and antialiased line drawing. Note that under Windows 11 and Windows Server 2022 some UI elements might not react to mouse clicks when zoomed. The temporary workaround until a future Windows update is to store the ZoomIt executable under the Windows or the Program Files directories.

• RDCMan v2.90
  RDCMan, a tool for managing and connecting to Remote Desktop sessions, receives support for Restricted Admin (/restrictedAdmin from mstsc) and Remote Credential Guard (/remoteGuard from mstsc) and bug fixes.

What's New (October 26, 2021)

• Sysmon v13.30
  This Sysmon update adds user fields for events, fixes a series of crash-causing bugs - for example with the Visual Studio debugger - and improves memory usage and management in the driver.

What's New (October 14, 2021)

• Install Sysinternals Suite from the Microsoft Store
  Sysinternals Suite is now available in the Microsoft Store and Windows Package Manager (winget).

  PS C:\> winget install sysinternals
  

• Sysmon for Linux
  Sysmon is now available as an open source project for Linux.

What's New (August 18, 2021)

• Candid talk from the man behind your favorite Windows tools
  Mark talks with Larry Seltzer about the history and future of Sysinternals.

• Autoruns v14.0
  Autoruns, a utility for monitoring startup items, is the latest Sysinternals tool to receive a UI overhaul including a dark theme.