Windows Sysinternals

The Sysinternals web site was created in 1996 by Mark Russinovich and Bryce Cogswell to host their advanced system utilities and technical information. Microsoft acquired Sysinternals in July, 2006. Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows systems and applications. If you have a question about a tool or how to use them, please visit the Sysinternals Forum for answers and help from other users and our moderators.

File and Disk Utilities Utilities for viewing and monitoring file and disk access and usage. Networking Utilities Networking tools that range from connection monitors to resource security analyzers. Process Utilities Utilities for looking under the hood to see what processes are doing and the resources they are consuming.

Security Utilities Security configuration and management utilities, including rootkit and spyware hunting programs. System Information Utilities for looking at system resource usage and configuration. Miscellaneous Utilities A collection of diverse utilities that includes a screen saver, presentation aid, and debugging tool.

What's New

What's New (April 7th, 2008)

• Process Monitor 1.30
  This major Process Monitor update adds support for importing and exporting filters, records system information in log files, presents more information about specific operations, includes translation of additional operation error codes, and tracks CPU and memory activity that it displays in a revamped process summary.
• Mark’s Blog: The Case of the System Process CPU Spikes
  See Mark’s latest blog entry where he shows how he used Process Monitor to track down a device driver causing CPU spikes.

What's New (March 10th, 2008)

• ZoomIt 1.8
  This update to the popular ZoomIt screen magnifier and annotation presentation tool adds support for undo while drawing and resizable text fonts.

• Inside Windows Server 2008 Kernel Changes
  Mark goes deep inside the Server 2008 kernel to describe enhancements to memory management and I/O processing, as well as how Server 2008 implements new features like Hyper-V, self-healing NTFS, SMB2, and more. This article complements the three-part series Windows Vista kernel changes series and UAC internals articles Mark also published in TechNet Magazine.
• Mark Hosts Virtual Roundtable on Deploying Vista
  Watch Mark Russinovich and a panel of industry experts and IT pros have an interactive roundtable discussion on Windows Vista adoption and deployment, including challenges, workarounds, and solutions.

What's New (February 26th, 2008)

• ShellRunas v1.0
  ShellRunas provides functionality similar to that of the Runas tool to launch programs as a different user via a convenient shell context-menu entry. This makes it more convenient than Runas for heavy Explorer users.

• Process Explorer v11.10
  This Process Explorer update adds a number of enhancements, including support for high DPI, display of paging and standby list sizes on Vista, and display of  cycles consumed on threads tab on Vista. It also reports the COM object running inside of Dllhost processes and the tasks running inside of Vista Taskeng host processes in the process view hover tooltip.

What's New (February 4th, 2008)

• Autoruns v9.10
  Autorunsc, the command-line version of Autoruns, has a new option to print output in XML format and now displays the MD5, SHA1 and SHA256 hashes of autostart images to more precisely identify files, which is especially useful in computer forensic investigations.

• Sigcheck v1.50
  Sigcheck, a command-line file version display and signature checking utility, adds a new option for displaying file hashes.
• The Case of the Unexplained…Live!
  Mark’s “The Case of…”  blog posts come alive in this  recorded webcast of his #1-rated TechEd/ITforum session. Learn how to troubleshoot the toughest Windows and application problems by watching Mark use Sysinternals and other advanced tools to solve real-world examples.
• Inside Vista SP1 File Copy Improvements
  Find out how Windows Vista SP1 improves copy file performance in Mark’s latest blog post where he describes the evolution of the file copy. (Link updated March 4, 2008.)

Sysinternals Video Library We're pleased to announce The Sysinternals Video Library, a set of six DVDs that cover essential Windows troubleshooting topics. Each video is personally presented by Mark Russinovich and David Solomon. The complete set is available for order at a discounted price and the first video, Tour of the Sysinternals Tools, is free for download.