Install Sysinternals

Nov 21, 2023 by Thibault Debatty | 491 views

Windows Sysadmin Forensics

Sysinternals is a collection of powerful utilities for Windows. They can be used by system administrators to perform local or remote system administration, and also by analysts to perform some forensics tasks. The tools were originally developed by Mark Russinovich, and are now maintained by Microsoft. Here is how to install them...

Download and install

Sysinternals is distributed as a simple zip archive. So:

  1. Download from
  2. Extract the ZIP archive
  3. Optional: move the directory to a better place. For this demo I moved the folder to %USERPROFILE%\App



Sysinternals utilities are command line tools, so it's easier if their directory is added to the %PATH% environment variable. To modify your PATH:

  1. Open the Advanced System Settings


  1. Click on the Environment variables button


  1. Select the Path variable and click on Edit


  1. Finally, add to the list the full path to Sysinternals directory



To test your installation, you can for example open a terminal as Administrator, and run AutorunSC.exe utility. This utility will list all autorun programs on your system:


This blog post is licensed under CC BY-SA 4.0

This website uses cookies. More information about the use of cookies is available in the cookies policy.