Sysinternals icon

The Sysinternals web site was created in 1996 by Mark Russinovich to host his advanced system utilities and technical information. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows and Linux systems and applications.

Sysinternals Live

Sysinternals Live is a service that enables you to run Sysinternals tools directly from the Web without manually downloading them.

Enter a tool's Sysinternals Live path in Windows Explorer as<toolname> or \\\tools\<toolname>. In a command prompt use \\\tools\<toolname>.

You can view the entire Sysinternals Live tools directory in a browser or Windows Explorer at

What's New RSS icon

What's New (June 17, 2024)

  • Process Monitor v4.0
    This update to Process Monitor, a utility for observing real-time file system, Registry, and process or thread activity, adds user interface improvements, enhances search, filtering and event counting performance, and introduces a new event column for the process start timestamp.

What's New (February 6, 2024)

  • ProcDump 3.2 for Linux
    This update tracks mmap and munmap syscalls as part of resource leak tracking.

  • ZoomIt v8.0
    This update to ZoomIt adds a new feature called DemoType that automates typing.

What's New (January 23, 2024)

  • ProcDump 3.1 for Linux
    This update to ProcDump for Linux adds trigger support for multiple signals as well as the the -mc switch to control the size of the core dump file by choosing what is included.

What's New (December 7, 2023)

What's New (November 9, 2023)

  • Sysmon v15.1
    This update to Sysmon improves file hash and delete performance, adds a summary message on events dropped due to high system load, fixes a crash during uninstall, and fixes a system hang.

  • ZoomIt v7.2
    This update to ZoomIt adds translucent highlighter and blur to draw mode, microphone selection for recording, and copies the recorded file to the clipboard.

What's New (October 18, 2023)

  • VMMap v3.4
    This update to VMMap, a virtual and physical memory analysis utility, adds support for .NET 6 and higher, including .NET 8 preview.

What's New (September 29, 2023)

  • ProcDump 2.2 for Linux
    This update to ProcDump for Linux adds support for Azure Linux and fixes a couple of memory leaks.

  • Sysmon 1.3 for Linux This update to Sysmon for Linux fixes a bug with rule case matching.