Sysinternals Suite Januar 2024

ProcDump 3.1 for Linux
This update to ProcDump for Linux adds trigger support for multiple signals as well as the the -mc switch to control the size of the core dump file by choosing what is included.

For more information, please see the Medium article.

Sysmon v15.12


This update to Sysmon fixes a case of system hanging on uninstall, a crash occurring while parsing configuration files, and a memory leak.

ProcDump 3.0 for Linux


This update to ProcDump for Linux adds memory leak tracking and reporting.



Sysmon 1.3.2 for Linux


This update to Sysmon for Linux fixes a stack overflow bug.

Sysmon v15.11


This update to Sysmon resolves a bug resulting in spurious error events.

Sysmon v15.1


This update to Sysmon improves file hash and delete performance, adds a summary message on events dropped due to high system load, fixes a crash during uninstall, and fixes a system hang.


Sysmon v15.11


This update to Sysmon resolves a bug resulting in spurious error events.

ZoomIt v7.2


This update to ZoomIt adds translucent highlighter and blur to draw mode, microphone selection for recording, and copies the recorded file to the clipboard.

VMMap v3.4

This update to VMMap, a virtual and physical memory analysis utility, adds support for .NET 6 and higher, including .NET 8 preview.

Sysmon 1.3.1 for Linux

This update to Sysmon for Linux fixes file hashing for Linux distributions without OpenSSL 1.1.

ProcDump 2.2 for Linux

This update to ProcDump for Linux adds support for Azure Linux and fixes a couple of memory leaks.

Sysmon 1.3 for Linux

This update to Sysmon for Linux adds support for file hashes and fixes a bug with rule case matching.

Learn more about file hashing here.


Process Monitor v3.96

This update to Process Monitor speeds up the clear events operation, adds a security fix, and several bug fixes.

SDelete v2.05

This update to SDelete, a command line utility for secure file deletion, fixes console output and improves command line parameter parsing.

ZoomIt v7.1

This update to ZoomIt adds audio capture to screen recording.

ProcDump 2.0 for Linux

ProcDump for Linux, a flexible tool for manual and trigger-based process dump generation, receives two new .NET GC triggers (-gcm and -gcgen) and updates the existing memory trigger to allow for multiple thresholds.

Process Explorer v17.05

This update to Process Explorer, an advanced process, DLL, and handle viewing utility, fixes a crash generated by the process list, fixes a bug with thread affinity decoding on systems with multiple processor groups (more than 64 processors / cores), and makes Escape key handling more consistent.

RDCMan v2.93

This update to RDCMan, a tool for managing and connecting to Remote Desktop sessions, re-enables the option to scale thumbnails under the display settings.

VMMap v3.33

This update to VMMap, a tool that reports the virtual memory layout of a process, removes automatic loading of dbghelp.dll under "C:\Debuggers".

Sysmon v15.0

This update to Sysmon, an advanced host security monitoring tool, sets the service to run as a protected process, hardening it against tampering, adds a new event, FileExecutableDetected, for when new executable images are saved to files, and fixes a system hang occurring in certain situations due to an interaction between network and file system events.

Autoruns v14.1

This update to Autoruns, a utility for monitoring startup items, fixes a bug with detecting non-shortcut files in startup folders, fixes a bug with handling non-UNC, non-absolute paths, and improves theming support.

Process Monitor v3.95

This update to Process Monitor fixes a crash on loading certain PML files and improves boot logging.