Sysinternals April 2020 update brings major enhancements to Sysmon and more


29, 2020

Author Rahul // in News

Sysinternals utilities help you manage, troubleshoot, and diagnose your Windows systems and applications. The April 2020 update for Sysinternals brings major Sysmon enhancements including Logs process creation with the full command line for both current and parent processes, the use of Multiple hashes at the same time, many more.


  • Sysmon v11.0
    This major update to Sysmon includes file delete monitoring and archive to help responders capture attacker tools, adds an option to disable reverse DNS lookup, replaces empty fields with ‘-‘ to work around a WEF bug, fixes an issue that caused some ProcessAccess events to drop, and doesn’t hash main data streams that are marked as being stored in the cloud.
  • Sysinternals April 27 Update Video
    Mark Russinovich covers what’s new in this update, with a demo of Sysmon’s new file delete monitoring and capture capability.

You can execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool’s Sysinternals Live path into Windows Explorer or a command prompt as or  \\\tools\.

You can view the entire Sysinternals Live tools directory in a browser at

Leave a Reply

Your email address will not be published. Required fields are marked *

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}