Sysinternals icon
Sysinternals

The Sysinternals web site was created in 1996 by Mark Russinovich to host his advanced system utilities and technical information. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications.


Sysinternals Live

Sysinternals Live is a service that enables you to execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool's Sysinternals Live path into Windows Explorer or a command prompt as live.sysinternals.com/<toolname> or  \\live.sysinternals.com\tools\<toolname>.

You can view the entire Sysinternals Live tools directory in a browser at https://live.sysinternals.com/.

What's New RSS icon

What's New (November 3, 2022)

  • ProcDump v11.0
    This update to ProcDump, a command-line utility for generating memory dumps from running processes, adds ModuleLoad/Unload and Thread Create/Exit triggers, removes Internet Explorer JavaScript support, and improves descriptive text messages.

  • ProcDump 1.3 for Linux
    This update to ProcDump for Linux changes the CLI interface to match ProcDump for Windows, and adds a new process group trigger (-pgid) to allow monitoring all processes running in the same process group.

What's New (October 26, 2022)

  • Process Explorer v17.0
    This update to Process Explorer, an advanced process, DLL and handle viewing utility, adds dark theme support, multipane view in the main window with a new threads pane, startup performance optimization and more.

  • Handle v5.0
    This update to Handle, a tool that displays information about open handles for any process in the system, adds CSV output with a new -v switch and has an option to print the granted access mask with -g.

What's New (October 12, 2022)

  • ZoomIt v6.1
    This update to ZoomIt, a screen magnification and annotation tool, adds right-justified text input, an option to scale the screen recordings resolution, and usability fixes.

What's New (September 29, 2022)

  • Sysmon v14.1
    This update to Sysmon, an advanced host monitoring tool, adds a new event type, FileBlockShredding that prevents wiping tools such as Sysinternals SDelete from corrupting and deleting files.

  • Coreinfo v3.6
    This update to Coreinfo, a utility that reports system CPU, memory and cache topology and information, now has an option (-d) for measuring inter-CPU latencies in nanoseconds.

What's New (August 16, 2022)

  • Sysmon v14.0
    This major update to Sysmon, an advanced host monitoring tool, adds a new event type, FileBlockExecutable that prevents processes from creating executable files in specified locations. It also includes several performance improvements and bug fixes.

What's New (July 19, 2022)

  • ZoomIt v6.0
    This major update to ZoomIt, a screen magnification and annotation tool, adds built-in screen recording for easy demo recordings and now supports Unicode typing input.