Install or update your SysInternals Suite using PowerShell

I think a lot of you use the SysInternals tools on your machine. They are great tools at your disposal and have helped me a lot! You can install it using the Microsoft Store method, it will be updated like that too, but for your management server, it’s nice to have an installer that works without the Microsoft Store 🙂 In this blog post, I will show you how to install or update your SysInternals Suite.

How the script works

Running the script with the -InstallPath parameter will download and install the SysInternals Suite to your specified folder or update an existing installation showing which files were updated to which version. It downloads the latest version from the website, extracts it to a temporary folder, and starts the installation or upgrade. Afterward, it adds the installation folder to your system PATH variable for easy command-line access and cleans up the temporary file and folder.

Running the script

In the example output below, the script updates my current version in c:\Program Files (x86)\SysInterals Suite to the latest version. You can download the script to c:\scripts, for example, and run the Install-SysInternalsSuite function with the -InstallPath parameter (It will prompt you for the path you don’t, it’s mandatory).

PS C:\temp> Install-SysInternalsSuite -InstallPath 'c:\Program Files (x86)\SysInterals Suite'
Specified installation path c:\Program Files (x86)\SysInterals Suite found, continuing....
No previous download found in C:\Users\HarmV\AppData\Local\Temp\SysInternalsSuite, continuing...                                                                                                                                                                                                                                                                                                                                   
Downloading latest version to C:\Users\HarmV\AppData\Local\Temp\                                                                                                                                                                                                                                                                                                                                              Extracting files to C:\Users\HarmV\AppData\Local\Temp\SysInternalsSuite
- Updating AccessEnum.exe from version 1.33 to version 1.35- Updating ADExplorer.exe from version 1.51 to version 1.52- Updating ADExplorer64.exe from version 1.51 to version 1.52- Updating Bginfo.exe from version 4.31 to version 4.32- Updating Bginfo64.exe from version 4.31 to version 4.32
- Updating Contig.exe from version 1.81 to version 1.82
- Updating Contig64.exe from version 1.81 to version 1.82
- Updating Coreinfo.exe from version 3.52 to version 3.6
- Updating Coreinfo64.exe from version 3.52 to version 3.6
- Updating handle.exe from version 4.22 to version 5.0
- Updating handle64.exe from version 4.22 to version 5.0
- Updating notmyfault.exe from version 4.20 to version 4.21
- Updating notmyfault64.exe from version 4.20 to version 4.21
- Updating notmyfaultc.exe from version 4.20 to version 4.21
- Updating notmyfaultc64.exe from version 4.20 to version 4.21
- Updating procdump.exe from version 10.11 to version 11.0
- Updating procdump64.exe from version 10.11 to version 11.0
- Updating procexp.exe from version 16.43 to version 17.02
- Updating procexp64.exe from version 16.43 to version 17.02
- Updating Procmon.exe from version 3.91 to version 3.92
- Updating Procmon64.exe from version 3.91 to version 3.92
- Updating RDCMan.exe from version 2.90.1420.0 to version 2.92.1430.0
- Updating Sysmon.exe from version 13.34 to version 14.14
- Updating Sysmon64.exe from version 13.34 to version 14.14
- Updating ZoomIt.exe from version 6.01 to version 6.12
- Updating ZoomIt64.exe from version 6.01 to version 6.12
Adding c:\Program Files (x86)\SysInterals Suite with the SysInternalsSuite to the System Path
Cleaning extracted version in C:\Users\HarmV\AppData\Local\Temp
Cleaning downloaded file in C:\Users\HarmV\AppData\Local\Temp
Updated 26 files in c:\Program Files (x86)\SysInterals Suite from the downloaded 160 files

The script

Below are the contents of the script. Save it to c:\scripts, for example. You can add it to your PowerShell profile for easy access by running the following:

notepad $Profile
add ". c:\scripts\Install-SysInternalsSuite.ps1
Start new PowerShell Session
function Install-SysInternalsSuite {
    param (
        [parameter(Mandatory = $true)][string]$InstallPath

    #Create the installation folder if not already present
    if (-not (Test-Path -path $InstallPath)) {   
        try {
            New-Item -ItemType Directory -Path $InstallPath -ErrorAction Stop | Out-Null
            Write-Host ("Specified installation path {0} not found, creating now...." -f $InstallPath) -ForegroundColor Green
        catch {
            Write-Warning ("Install path {0} not found, creating now...." -f $InstallPath)
            Write-Warning ("Error creating path {0}, check path and permissions. Exiting now..." -f $InstallPath)
    else {
        Write-Host ("Specified installation path {0} found, continuing...." -f $InstallPath) -ForegroundColor Green

    #Check if the previous download folder is present. Remove it first if it is
    if (Test-Path -Path $env:temp\SysInternalsSuite) {
        Write-Warning ("Previous extracted version found in {0}, removing it now..." -f $env:temp)
        Remove-Item -Path $env:temp\SysInternalsSuite -Force:$true -Confirm:$false -Recurse 
    else {
        Write-Host ("No previous download found in {0}\SysInternalsSuite, continuing..." -f $env:temp) -ForegroundColor Green

    #Download and extract the latest version
    try {
        $ProgressPreference = "SilentlyContinue"
        Invoke-Webrequest -uri -Outfile $ENV:TEMP\ -ErrorAction Stop
        Write-Host ("Downloading latest version to {0}\" -f $env:temp) -ForegroundColor Green
        Expand-Archive -LiteralPath $ENV:TEMP\ -DestinationPath $env:temp\SysInternalsSuite -Force:$true -ErrorAction Stop
        Write-Host ("Extracting files to {0}\SysInternalsSuite" -f $env:temp) -ForegroundColor Green
    catch {
        Write-Warning ("Error downloading/extracting the SysInternalsSuite, exiting...")

    #Loop through the files and only overwrite older versions and report updated programs on-screen. 
    #Additional files which were not present in the installation folder will be added
    $totalfiles = (Get-ChildItem -Path $env:temp\SysInternalsSuite).count
    $updated = 0
    foreach ($file in Get-ChildItem -Path $env:temp\SysInternalsSuite) {
        if ((Test-Path -path "$($InstallPath)\$($file.Name)") -and (Test-Path -Path "$($env:temp)\SysInternalsSuite\$($")) {
            $currentversion = (Get-Item "$($InstallPath)\$($file.Name)").VersionInfo
            $downloadversion = (Get-Item "$($env:temp)\SysInternalsSuite\$($").VersionInfo
            if ($currentversion.ProductVersion -lt $downloadversion.ProductVersion) {
                try {
                    Copy-Item -LiteralPath "$($env:temp)\SysInternalsSuite\$($" -Destination "$($InstallPath)\$($file.Name)" -Force:$true -Confirm:$false -ErrorAction Stop
                    write-host ("- Updating {0} from version {1} to version {2}" -f $file.Name, $currentversion.ProductVersion, $downloadversion.ProductVersion) -ForegroundColor Green
                catch {
                    Write-Warning ("Error overwriting {0}, please check permissions or perhaps the file is in use?" -f $
        else {
            try {
                Copy-Item -LiteralPath "$($env:temp)\SysInternalsSuite\$($" -Destination "$($InstallPath)\$($file.Name)" -Force:$true -Confirm:$false -ErrorAction Stop
                write-host ("- Copying new file {0} to {1}" -f $file.Name, $InstallPath) -ForegroundColor Green
            catch {
                Write-Warning ("Error copying {0}, please check permissions" -f $

    #Add installation folder to Path for easy access if not already present
    if ((Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH).Path -split ';' -notcontains $InstallPath) { 
        Write-Host ("Adding {0} with the SysInternalsSuite to the System Path" -f $InstallPath) -ForegroundColor Green
        $OldPath = (Get-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH).Path
        $NewPath = $OldPath + ";$($InstallPath)"
        Set-ItemProperty -Path 'Registry::HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment' -Name PATH -Value $NewPath
    else {
        Write-Host ("The installation folder {0} is already present in the System Path, skipping adding it..." -f $InstallPath) -ForegroundColor Green

    #Cleanup files
    if (Test-Path -Path $env:temp\SysInternalsSuite) {
        Write-Host ("Cleaning extracted version in {0}" -f $env:temp) -ForegroundColor Green
        Remove-Item -Path $env:temp\SysInternalsSuite -Force:$true -Confirm:$false -Recurse 
    if (Test-Path -Path $env:temp\ {
        Write-Host ("Cleaning downloaded file in {0}" -f $env:temp) -ForegroundColor Green
        Remove-Item -Path $env:temp\ -Force:$true -Confirm:$false

    #Display totals and exit
    Write-Host ("Updated {0} files in {1} from the downloaded {2} files" -f $updated, $InstallPath, $totalfiles) -ForegroundColor Green

Download the script(s) from GitHub here

13 thoughts on “Install or update your SysInternals Suite using PowerShell

  1. When I click on the above DOWNLOAD SCRIPT FROM GITHUB link, I do see the (Sysinternal) Powershell script. Am I supposed to cut and paste it or is there a convenient downlaod button that I am overlooking?

    • You can click the file and use the Copy button to copy/paste the contents in c:\scripts\Install-SysInternalsSuite.ps1 or you could use the Go to file button. In the overview of files. search for Install-SysInternalsSuite and Right-Click followed by Save As.

      • But there is a copy button if you click on the link on github… You can also click on the script in my post itself and there’s a hovering menu to copy it too.. Options 😅

      • When I click on your link: DOWNLOAD THE SCRIPT FROM GITHUB HERE, it sends me to:
        ‘ or update SysInternals Suite’
        but I see no convenient copy button for the ‘ps1’ file shown; right-clicking on it (at least in Firefox) only offers a SAVE LINK AS option, no SAVE AS option.

  2. I don’t see a COPY button and though the GOTO button shows the entire script, right-clicking only offers SAVE LINK AS which saves the HTML (3,346 lines!), not the script contents. I know I can cut and paste the script into NOTEPAD but I was hoping Github (which I’m not that familiar with) had an easier way.

  3. I checked it again, it you hover your mouse cursor over the script in this post you will see a floating button containing Raw / Copy / Extern (Only in the first few lines) That should work to copy the lines, otherwise selecting them with your mouse en right-click copy too.

    In Github when following the link, you can click on the .ps1 file line which takes you here . In the line that says 99 lines there’s a Copy raw button next to the Raw. and blame button left of the trashcan icon.

  4. Firefox does not show the COPY button but EDGE does (haven’t checked CHROME), so all is well!

    Do you anticipate changing your script and if so, am I on your mailing list?
    Thanks for your timely replies and more importantly, your script.

  5. Ah! And I’m using Edge too, didn’t think that Firefox wouldn’t show that button 🙂 And I don’t think it need changes, but you could Follow my blog using your WordPress account ( for new blogs but I’m not sure it that will give you an email for example if this post changes.

    There are a few checkboxes beneath the Reply field, if I update it I will leave a reply and that should get you notified.

    No problem, glad to help out the community and usually I can respond pretty quick 🙂

    • Great! I’ll check the 2 checkboxes and stop in occasionally to see if there is an update (I assume Github will post a date or a version number).
      Thanks again for sharing.

  6. This would be great if the script actually worked. Instead, all it does it throw up a bunch of errors about ampersands being invalid or The ‘<‘ operator is reserved for future use.

  7. Even better, when I finally did get it to run, it tried to download a virus and was stopped by BitDefender: Heur.BZC.ZFV.Boxter.341.F43CE571

    • I have no idea why the ampersand errors were there, copied the GitHub code again in the blogpost to be sure if there was no error there, but your other remark about the virus?! As you can see in the code, it downloads the file from which is actually Microsoft since they bought it 😅

      I used this Thursday and updated my installation with it and without any problems, you can copy the code from the blog post or github using the link. Hope is fixes the ampersand things. Think Bitdefender scans the download or the temporary extracted files and thinks it’s a virus. What file does it report? Psexec was flagged as a virus many times because of the remote execution possibilities in it…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.