Sysinternals Site Discussion
Handle v4.22, NotMyFault v4.20, Process Explorer v16.25, Sysmon v10.1
Handle v4.22 This release of Handle fixes a race condition in the driver that could lead to a crash....
Author: Mark Russinovich Date: 06/15/2019
Sysmon v10.0, Autoruns v13.95, VMMap v3.26
Sysmon 10.0 This release of Sysmon adds DNS query logging, reports OriginalFileName in process...
Author: Mark Russinovich Date: 06/12/2019
Sysmon v9.0, Autoruns v13.94
Sysmon 9.0 Sysmon v9.0 introduces rule groups that enable the specification of AND or OR matching...
Author: Mark Russinovich Date: 02/19/2019
Autoruns v13.93, Handle v4.21, Process Explorer v16.22, SDelete v2.02, Sigcheck v2.71, Sysmon v8.02 and VMMap v3.25
Autoruns 13.93 This Autoruns update fixes a bug that prevented UserInitMprLogonScript from being...
Author: Mark Russinovich Date: 12/09/2018
Sigcheck 2.70, BgInfo v4.26, and VMMap v3.22
Sigcheck v2.70 Windows WinVerifyTrust function reports signed MSI files that have malware appended...
Author: Mark Russinovich Date: 10/21/2018
Sysmon v8.0, Autoruns v13.90
Sysmon v8.0 This update to Sysmon adds rule tagging, which results in tags appearing in event log...
Author: Mark Russinovich Date: 07/05/2018
RAMMap v1.51
RAMMap v1.51 This update to RAMMap fixes an incompatibility with the latest version of Windows 10.
Author: Mark Russinovich Date: 06/01/2018
Sysmon v7.03
Sysmon v7.03 This update to Sysmon fixes a service executable crash that could result from long file...
Author: Mark Russinovich Date: 05/14/2018
Sysmon v7.02
Sysmon v7.02 This update to Sysmon, an advanced security logging service, fixes memory leaks in its...
Author: Mark Russinovich Date: 04/30/2018
Bginfo v4.25
Bginfo v4.25 This release fixes a bug introduced in v4.20 that caused Bginfo to read ASCII text...
Author: Mark Russinovich Date: 01/19/2018
Sysmon v7.01
Sysmon v7.01 This release fixes a bug in v7.01 that could cause the sysmon config change event to be...
Author: Mark Russinovich Date: 01/05/2018
Sysmon v7.0
Sysmon v7.0 Sysmon now logs file version information, and the option to dump the configuration...
Author: Mark Russinovich Date: 01/02/2018
Bginfo v4.24
Bginfo v4.24 This update to Bginfo fixes reported regressions in v4.23 and is compatible with all...
Author: Mark Russinovich Date: 12/31/2017
Autoruns v13.81, Bginfo v4.23, Handle v4.11
Autoruns v13.81 This update to Autoruns fixes a Wow64 bug in Autorunsc that could cause 32-bit paths...
Author: Mark Russinovich Date: 12/12/2017
Sysmon v6.2, AccessChk 6.20, Sigcheck v2.60, Whois v1.20
Sysmon v6.20 This Sysmon release adds the ability to change the Sysmon service and driver names to...
Author: Mark Russinovich Date: 11/22/2017
Sysinternals Update: Sysmon v6.10, Process Monitor v3.40, Autoruns v13.80, AccessChk v6.11
Sysmon v6.10 This update to Sysmon, a background monitor that records activity to the event log for...
Author: Mark Russinovich Date: 09/12/2017
Sysinternals Update: Sysmon v6.03
Sysmon v6.03 This release of Sysmon fixes a bug that prevented imageload include filters from...
Author: Mark Russinovich Date: 06/17/2017
Sysinternals Update: Sysmon v6.02, Sigcheck v2.55
Sysmon v6.02 This release of Sysmon, an advanced background monitor that records process-related...
Author: Mark Russinovich Date: 05/22/2017
Sysinternals Update: ProcDump v9, Autoruns v13.71, BgInfo v4.22, LiveKd v5.62, Process Monitor v3.33, Process Explorer v16.21
ProcDump v9 This major update to ProcDump, a utility that enables process dump capture based on a...
Author: Mark Russinovich Date: 05/16/2017
Update: Sysmon v6, Autoruns v13.7, AccessChk v6.1, Process Monitor v3.32, Process Explorer v16.2, LiveKd v5.61, and BgInfo v4.21
Sysmon v6 This release of Sysmon, a background monitor that records activity to the event log for...
Author: Mark Russinovich Date: 02/17/2017
Announcing a new book, Troubleshooting with the Windows Sysinternals Tools
Announcing a new book, Troubleshooting with the Windows Sysinternals Tools Become a Windows...
Author: Mark Russinovich Date: 12/01/2016
Sysmon v5, Process Explorer v16.20, Procdump v8.2, LiveKd v5.6
Sysmon v5 This major update to Sysmon, a background monitor that records activity to the event log...
Author: Mark Russinovich Date: 12/01/2016
Update: Sysmon v4.12, Autologon v3.1, Sigcheck v2.54, Process Monitor v3.31
Sysmon v4.12 This release of Sysmon, an advanced background monitor that records process-related...
Author: Mark Russinovich Date: 08/29/2016
Update: Sysmon v4, Procdump v8, Sigcheck v2.51
Sysmon v4.0 This release of Sysmon, an advanced background monitor that records process-related...
Author: Mark Russinovich Date: 04/28/2016
Update: Sigcheck v2.5, Process Explorer v16.11, Whois v1.13, RAMMap v1.5
Sigcheck v2.5This update to Sigcheck, a command-line utility that reports detailed information about...
Author: Mark Russinovich Date: 02/02/2016
Update: Sigcheck v2.4, Sysmon v3.2, Process Explorer v16.1, Autoruns v13.51, AccessChk v6.01
Sigcheck v2.4This update to Sigcheck, a powerful command-line utility that reports image file and...
Author: Mark Russinovich Date: 01/05/2016
Update: Autoruns v13.5, Sigcheck v2.3, RAMMap v1.4, BgInfo v4.21, Sysmon v3.11, ADInsight v1.2
Autoruns v13.5This update to Autoruns, the most comprehensive autostart viewer and manager available...
Author: Mark Russinovich Date: 10/26/2015
Update: Sysmon v3.1, LogonSessions v1.3, VMMap v3.21
Sysmon v3.1This update to Sysmon, a background service that logs security-relevant process and...
Author: Mark Russinovich Date: 07/22/2015
Update: AccessChk v6.0, Autoruns v13.4, Process Monitor v3.2, VMMap v3.2
AccessChk v6.0This update to AccessChk, a command-line utility that shows effective and actual...
Author: Mark Russinovich Date: 05/26/2015
Update: Sysmon v3.0, Autornus v13.3, Regjump v1.1, Process Monitor v3.11
Sysmon v3.0This release of Sysmon, an advanced background monitor that records process-related...
Author: Mark Russinovich Date: 04/20/2015
Update: LiveKd v5.4, Autoruns v13.2, Sigcheck v2.2, Process Explorer v16.05
LiveKd v5.4This update to Livekd, a tool that enables live kernel debugging for Windows systems and...
Author: Mark Russinovich Date: 03/10/2015
Update: Autoruns v13.01
Autoruns v13.01 This release fixes a bug in v13 that caused autostart entry lines not to show when...
Author: Mark Russinovich Date: 02/09/2015
Update: Autoruns v13.0
Autoruns v13.0 This major update to Autoruns, an autostart execution point (ASEP) manager, now has...
Author: Mark Russinovich Date: 01/29/2015
Updates: Sysmon v2.0, Accesschk v5.21, RU v1.1
Sysmon v2.0This major update to Sysmon, a service that records process activity to the Windows event...
Author: Mark Russinovich Date: 01/19/2015
Updates: Autoruns v12.02, Coreinfo v3.31, Sysmon v1.01, Whois v1.12
Autoruns v12.02: This fixes a bug that could cause Autoruns to crash on startup, updates the image...
Author: DMK_WA Date: 08/19/2014
New: Sysmon v1.0; Updates: Autoruns v12.01, Coreinfo v3.3, Procexp v16.03
Sysmon v1.0: We’re excited to announce Sysmon, a new Sysinternals utility that monitors and...
Author: safarr_msft1 Date: 08/08/2014
Mark's Latest Novel and TechEd Presentations Now Available
Mark's Latest Novel, Rogue Code: The third book in Mark’s Jeff Aiken technothriller series...
Author: safarr_msft1 Date: 05/28/2014
Updates: Autoruns v12.0, Procdump v7.0
Autoruns v12.0: This release of Autoruns, a Windows application and command-line utility for viewing...
Author: safarr_msft1 Date: 05/13/2014
Updates: AccessChk v5.2; PsExec v2.11; Sigcheck v2.1; VMMap v3.12
AccessChk v5.2: This release of AccessChk, a security command-line utility that reports the...
Author: safarr_msft1 Date: 05/02/2014
Updates: Process Explorer v16.02, Process Monitor v3.1, PSExec v2.1, Sigcheck v2.03
Process Explorer v16.02: This minor update adds a refresh button to the thread’s stack dialog...
Author: safarr_msft1 Date: 03/07/2014
Updates: Process Explorer v16.01, Sigcheck v2.02
Process Explorer v16.0: This release fixes a bug that could cause a crash when the VirusTotal column...
Author: safarr_msft1 Date: 02/04/2014
Updates: Process Explorer v16.0, PsPing v2.01
Process Explorer v16.0: Thanks to collaboration with the team at VirusTotal, this Process Explorer...
Author: safarr_msft1 Date: 01/29/2014
Updates: Disk2vhd v2.01, PsPing v2.0
Disk2vhd v2.01: This update fixes a bug that could result in Disk2vhd crashing when converting to...
Author: safarr_msft1 Date: 01/21/2014
Updates: Coreinfo v3.21, Disk2vhd v2.0, LiveKd v5.31
Coreinfo v3.21: CoreInfo is a command-line tool for reporting processor topology, NUMA performance,...
Author: safarr_msft1 Date: 12/19/2013
Updates: RAMMap v1.32, Sigcheck v2.01
RAMMap v1.32: This fixes a bug in v1.30 that caused RAMMap to fail on Windows 8. Sigcheck v2.01:...
Author: safarr_msft1 Date: 11/01/2013
Update: RAMMap v1.31
RAMMap v1.31: This update fixes a bug in v1.30 that caused RAMMap to fail on Windows 8.
Author: safarr_msft1 Date: 10/28/2013
Updates: PsExec v2.0, RAMMap v1.3, Sigcheck v2.0
PsExec v2.0: PsExec, a popular utility for executing processes on remote systems, introduces a new...
Author: safarr_msft1 Date: 10/23/2013
Autoruns v11.70, Bginfo v4.20, Disk2vhd v1.64, Process Explorer v15.40
Autoruns v11.70: This release of Autoruns, a powerful utility for scanning and disabling autostart...
Author: safarr_msft1 Date: 08/01/2013