Last Updated: July 18, 2006
The Sysinternals web site provides you with advanced utilities, technical information, and source code related to Windows internals that you won't find anywhere else. Mark Russinovich and Bryce Cogswell alone write and update everything here. We welcome all suggestions and comments. Before you enter, please read our Licensing terms.
We're pleased to announce The Sysinternals Video Library, a set of six DVDs that cover essential
Windows troubleshooting topics. Each video is personally presented by Mark Russinovich and David Solomon. The complete set is available for pre-order at a discounted price and the first video, Tour of the Sysinternals Tools, is free for download.
Hands-on Windows Internals and Advanced Troubleshooting: 2006
San Francisco : September 18-22
Join Mark Russinovich and Dave Solomon for a 5-day hands-on seminar that takes you deep inside Windows with the Windows kernel debugger and Sysinternals tools like Process Explorer, Filemon and Regmon.
TechEd On-Demand Webcast: Windows Hang and Crash Dump Analysis
Watch the recording of Mark's top-rated TechEd session in this free webcast from Microsoft TechNet. Learn to analyze Microsoft Windows crash dumps, diagnose the cause, pinpoint a solution, and resolve the problem. Intended for system administrators, this webcast explains how system crashes occur and what happens when you reboot a crashed system. Mark leads you through the crash dump analysis process step by step, introducing the latest tools from Microsoft and handy tricks for isolating the cause of a crash.
Check out Mark's most recent blog post: On My Way to Microsoft!
Microsoft Acquires Winternals and Sysinternals and Mark and Bryce are on their way to Microsoft!
TechEd On-Demand Webcast: Windows Hang and Crash Dump Analysis
Watch the recording of Mark's top-rated TechEd session in this free webcast from Microsoft TechNet.
Learn to analyze Microsoft Windows crash dumps, diagnose the cause, pinpoint a solution, and resolve the problem. Intended for system administrators, this webcast explains how system crashes occur and what happens when you reboot a crashed system. Mark leads you through the crash dump analysis process step by step, introducing the latest tools from Microsoft and handy tricks for isolating the cause of a crash.
Process Explorer v10.2
This release targets Windows Vista with new integrity level and virtualized columns as well as a signed driver for 64-bit Vista for x64 processors.
ZoomIt v1.14
This ZoomIt update now bounds the drawing cursor so that you can't lose track of it off the screen and includes new context menu entries and mouse behaviors so that its fully controllable with just a mouse.
Autoruns v8.52
Autoruns now includes an autostart location that's used by malware to hijack the desktop background.
Apple Hi-Res Screen Dump
Mark's first magazine article, one he published in Compute! in 1985 that describes a program he wrote to dump Apple ][ hi-resolution screen contents to Epson printers, is now on line!
The Sysinternals Video Library
We're pleased to announce The Sysinternals Video Library, a set of six DVDs that cover essential Windows troubleshooting topics. Each video is personally presented by Mark Russinovich and David Solomon. The complete set is available for pre-order at a discounted price and the first video, Tour of the Sysinternals Tools, is free for download.
RootkitRevealer Top 100 Products of 2006
RootkitRevealer has earned a spot in PC World's top 100 products of the year (it might be #100, but its still in)! We're honored to be in the company of products like the Xbox 360 and the iPod.
AccessChk v2.0
AccessChk now has an option to dump security descriptors and also has support for showing and filtering Vista object Integrity Levels.
Handle v3.2
This Handle update includes an option for not prompting on handle closes and also reports the sharing flags configured for open files.
Process Explorer v10.11
Through support from HP, Process Explorer is now available on 64-bit Windows for Itanium-based systems to support increased market demand. In addition, this release adds I/O counter columns and process statistics, system-wide and per-process I/O history graphs, memory and I/O minigraphs, service permissions editing, and support for Vista process cycle counters.
AccessChk v1.03
This new security utility shows you what accesses that a user or group you specify has to files, Registry keys or Windows services.
ZoomIt v1.11
As a result of more field testing ZoomIt
now includes a break timer hotkey and tweaks to its drawing behavior.
DebugView v4.6
This DebugView release adds support for Windows Vista and fixes a buffer overflow that could occur when the option to force carriage returns is off.
PsService v2.2
PsService now includes an option to dump service security descriptors.
ZoomIt v1.0
ZoomIt is a presentation tool that let's you zoom the screen and move around, draw on a zoomed image, and display a fullscreen break countdown timer. Mark wrote it specifically for use during his presentations.
Autoruns v8.5
This new Autoruns release adds scanning of LSA security, notification, and authentication providers as well as Explorer protocol handlers and extensions.
The Sysinternals Newsletter
Another issue of the Sysinternals newsletter has gone out to update you on what's going on at Sysinternals.
Mark to Speak at Microsoft TechEd 2006
Mark is copresenting a preconference tutorial on advanced malware cleaning at TechEd US in Boston on June 12. In addition, he's delivering breakout sessions on topics including Vista kernel changes, troubleshooting with Filemon and Regmon, analyzing Windows crashes and hangs, Vista security changes, and advanced malware cleaning techniques.
Sysinternals Licensing Update
The Sysinternals freeware license page now explains scenarios under which a paid commercial license is required for use.