The Sysinternals web site was created in 1996 by Mark Russinovich to host his advanced system utilities and technical information. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications.
- Read the official guide to the Sysinternals tools, Troubleshooting with the Windows Sysinternals Tools
- Read the Sysinternals Blog for a detailed change feed of tool updates
- Watch Mark's Sysinternals Update videos on YouTube
- Watch Mark’s top-rated Case-of-the-Unexplained troubleshooting presentations and other webcasts
- Read Mark’s Blog which highlight use of the tools to solve real problems
- Check out the Sysinternals Learning Resources page
- Post your questions in the Sysinternals Forum
Sysinternals Live is a service that enables you to execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool's Sysinternals Live path into Windows Explorer or a command prompt as live.sysinternals.com/<toolname> or \\live.sysinternals.com\tools\<toolname>.
You can view the entire Sysinternals Live tools directory in a browser at https://live.sysinternals.com/.
What's New (November 3, 2022)
ProcDump 1.3 for Linux
This update to ProcDump for Linux changes the CLI interface to match ProcDump for Windows, and adds a new process group trigger (
-pgid) to allow monitoring all processes running in the same process group.
What's New (October 26, 2022)
Process Explorer v17.0
This update to Process Explorer, an advanced process, DLL and handle viewing utility, adds dark theme support, multipane view in the main window with a new threads pane, startup performance optimization and more.
This update to Handle, a tool that displays information about open handles for any process in the system, adds CSV output with a new
-vswitch and has an option to print the granted access mask with
What's New (October 12, 2022)
- ZoomIt v6.1
This update to ZoomIt, a screen magnification and annotation tool, adds right-justified text input, an option to scale the screen recordings resolution, and usability fixes.
What's New (September 29, 2022)
This update to Sysmon, an advanced host monitoring tool, adds a new event type, FileBlockShredding that prevents wiping tools such as Sysinternals SDelete from corrupting and deleting files.
This update to Coreinfo, a utility that reports system CPU, memory and cache topology and information, now has an option (-d) for measuring inter-CPU latencies in nanoseconds.
What's New (August 16, 2022)
- Sysmon v14.0
This major update to Sysmon, an advanced host monitoring tool, adds a new event type, FileBlockExecutable that prevents processes from creating executable files in specified locations. It also includes several performance improvements and bug fixes.
What's New (July 19, 2022)
- ZoomIt v6.0
This major update to ZoomIt, a screen magnification and annotation tool, adds built-in screen recording for easy demo recordings and now supports Unicode typing input.