Free Sysinternals Windows utilities now available online, 24/7

Summary:If you troubleshoot Windows PCs for fun or profit, then chances are you've used one or more tools from Sysinternals. Microsoft bought the company and its amazing library of diagnostic and troubleshooting utilities in 2006, and the collection has been continually updated ever since. A few weeks ago, I ran into Sysinternals co-founder Mark Russinovich at a technical conference, where he told me about a new Sysinternals service that was in private beta testing. Today, I'm pleased to break the news that Sysinternals Live is now open to the public.

If you troubleshoot Windows PCs for fun or profit, then chances are you've used one or more tools from Sysinternals. Microsoft bought the company and its amazing library of diagnostic, troubleshooting, and management utilities in 2006, and the collection has been continually updated ever since. It's also still completely free.

A few weeks ago, I ran into Sysinternals co-founder Mark Russinovich at a technical conference, where he told me about a new Sysinternals service that was in private beta testing. Today, I can finally break the news that Sysinternals Live is now open to the public.

Sysinternals Live offers direct access to world-class Windows utilities
The new service enables you to execute the most recent version of any Sysinternals tool directly from an Internet-connected PC, without having to hunt for the executable file and manually download it first. To access the complete library of tools, use either of these methods from a Windows-based PC:

  • Go to the Sysinternals Live directory (http://live.sysinternals.com) and click the name of the tool you want to run. Because the directory listing is a bare-bones HTML file, it can be used in any browser.
  • If you know the name of the executable file for the tool you want to use, enter it directly, using the syntax \\live.sysinternals.com\tools\<toolname>, where <toolname> is the name of the executable file. (Note the UNC syntax uses backslashes, not slashes, as in a URL. Start with a pair of backslashes to indicate that live.sysinternals.com is the remote server, and don't include the angle brackets with the tool name.)

If you've never used Sysinternals tools before, you'd do well to start at the Sysinternals home page, which includes descriptions of each tool, along with download links and installation instructions. But if you are already familiar with one or more tools in the library, you can create direct shortcuts to those tools on your desktop or on the USB flash drive you keep with your emergency toolkit.

Here are three shortcuts to get you started, all of which have been updated in 2008:

Process Explorer (\\live.sysinternals.com\tools\procexp.exe) - This Task Manager replacement occupies the number-one slot on my top 10 list of all-time favorite Windows programs. As I noted in that writeup, "It provides system information, a hierarchical view of all running processes (including services), and an overwhelming number of technical details about how each process uses CPU and memory. It all runs in real time, making it an ideal troubleshooting tool."

AutoRuns (\\live.sysinternals.com\tools\autoruns.exe) - Are you still using Msconfig to see which processes are automatically running when you start a Windows PC? Then you literally don't know what you're missing. There are dozens of nooks and crannies in the Windows file system and registry where auto-starting programs can park themselves. This tool finds them all. More importantly, it allows you to disable or remove any entry you find.

Process Monitor (\\live.sysinternals.com\tools\procmon.exe) - If you're trying to figure out exactly what a program or process is doing (especially if you're actively on the hunt for malware), this tool is your best friend. It combines the features of the now-retired Filemon and Regmon utilities to trace (and capture in an optional log file) the impact of a process as it starts, runs, and exits.

The "live" tools should work equally well in x86 and x64 versions of Windows Vista and Server 2008; I ran into a bug with Process Explorer and Handle.exe in my x64 testing, but corrected versions of both utilities were scheduled to go online today before Sysinternals Live opened to the public. Also, in Windows Vista and Server 2008 you can use "live" versions of command-line tools, but most require that you enter the command name in UNC syntax from an elevated prompt (click Start, type cmd in the Search box, select Cmd.exe from the results list, and press Ctrl+Shift+Enter).  The command-line tools I tested worked perfectly exactly as expected.

If you're a Sysinternals fan, you'll love Sysinternals Live.

Update 30-May-2008: For instructions on how to create a Windows Explorer shortcut in the Computer folder that displays the contents of the Sysinternals Live Tools folder, see Working with Sysinternals Live.

Topics: CXO

About

Ed Bott is an award-winning technology writer with more than two decades' experience writing for mainstream media outlets and online publications. He has served as editor of the U.S. edition of PC Computing and managing editor of PC World; both publications had monthly paid circulation in excess of 1 million during his tenure. He is the a... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.