Search Tools Links Login

Logoff User After Idle

Recently, there was a request for our team to implement a new security requirement for workstations. Specifically, If a user remains logged in, but is idle for a specific period of time, that user should be logged out. 

After consulting the interwebs for a few minutes, all I could find were hacky solutions using vbscript, PowerShell, task scheduler, or screensavers that may or may not work. I don't need weird, chained together items. I just need something that works.


But, you've come here looking for a tool to help you get your goal accomplished. You can download the tool above, and documentation has been listed directly below. The "Fluff" is below that. I highly recommend you read the fluff, though.

I've begun splitting up the documentation for SystemIdleCheck in the hopes of making usage of the program clearer. Below listed are links to the main sections. This will be expanded, as will the accompanying posts for each section, as new functionality is added. This subnav bar will appear at the bottom of each page related to SystemIdleCheck.


So, I cracked open my favorite Rapid Application Development (RAD) environment, and built something that fits the bill.  I had a few requirements, though.

The program that I've put together meets all the criteria above. By utilizing API calls that are standard across the Windows product line, the program will run anywhere. Heck, it might even work in WINE, but I haven't tried it.

Further, no DLLs or other extras need to be distributed with it. No registering of random DLLs or any of that.


I've created a short guide which shows how to utilize SIC in an Active Directory domain environment, through the use of Group Policy Objects (GPO).

The guide can be found here.

About this post

Posted: 2017-09-27
By: dwirch
Viewed: 96,115 times



Free Stuff



SysAdmin Tools

Posted: 9/13/2021 6:45:44 PM
Size: 20,188 bytes


This program has no outside dependencies, and should run with no issues on Windows XP and higher, including Windows 10 or Windows 2016.

Special Instructions


This program will forcefully log off the currently logged on user. It is possible for the user to lose anything they were working on that was not saved.

You have been warned. Neither I nor anyone affiliated with this site is responsible for the use or misuse of this software. It is provided free of charge, and there are no requirements for payment of any kind.

This program is no longer maintained.

I'll leave it available here, but I won't be adding or modifying it any further.

Loading Comments ...


AnonymousCoward posted this comment on 2017-12-08:

This is perfect, is the code available or could you create one that switches users instead of log out this way the work is not lost.

dwirch posted this comment on 2017-12-09:

Sorry - the source is not available. I might be able to manage locking the workstation, but why wouldn't simply enforce a screensaver at that point?

AnonymousCoward posted this comment on 2017-12-16:

this sounds perfect thanks- it's crazy this still isn't baked into the OS. How can I get this to apply to specific users or groups (ie. users not admins)?

dwirch posted this comment on 2017-12-16:

GPO for the win. Turn it on for Domain Users, then farther down in your GPO turn it off for admins (Domain Admins, Server Operators, etc.)

AnonymousCoward posted this comment on 2017-12-23:

Hmm, sorry - I cannot find this as one of the "turn-off options". Can you point me to where that would be in the GPO for turning off start at user logon for Admins?

dwirch posted this comment on 2017-12-23:

You'd simply make a second GPO, farther down in the precedence, where the option is Disabled rather than Enabled. Both GPOs reference the same setting. Domain users would be enabled, domain admins would be disabled. It's important to note that the domain admins GPO would need to be processed second.

AnonymousCoward posted this comment on 2018-01-22:

Is there any current option or thought to implement the option to show a message box warning the user that they will be logged out in x number of seconds unless they are active? (much like Grimadmin Screensaver Operations

dwirch posted this comment on 2018-01-22:

I had not thought of that, nor had I been asked for it. I will get to work on it as soon as possible, and update the post when it is ready. Thanks for the suggestion!

dwirch posted this comment on 2018-01-27:

Feature added. When sixty seconds remains before logoff, a warning will pop up in the middle of the screen, warning of the impending logoff. Also includes a countdown timer.

AnonymousCoward posted this comment on 2018-03-20:

This .exe file gets blocked by windows defender and says it contains a virus?

dwirch posted this comment on 2018-03-20:

That's very possible.  The program works by hooking the keyboard system-wide.  This is seen by some A/V software as a keylogger.

AnonymousCoward posted this comment on 2018-03-25:

Referring back to 12-23 post for implementing this for either a specific user or user group, Can you give a bit more of a walk through on that.  I'm doing this on a single home PC. New to GPO; was able to get this to work for all users based on the usage instructions provided, but could use more details for the second GPO.  I have one household user that never logs off that I'd like to have systemidlecheck sign out after a set number of inactive hours. 

Thank you!

dwirch posted this comment on 2018-03-25:

@AnonymousCoward on 2018-03-25:

I'll post up a GPO basics tutorial as soon as possible. I'm working on some other issues at the moment, but I will get to this next.

AnonymousCoward posted this comment on 2018-04-26:

Can you modify the alert to display in the foreground instead of the backgound so users see it if they are using apps like IE or chrome?

dwirch posted this comment on 2018-04-26:

It should pop to the front already, but I will add code to ensure it is on top. 

I won't get to it until this weekend, but I will get to it! Look for v1.0.0.7 sometime this weekend. I will post a follow up on this thread, or in the forums, under FortyPound Software.

Thanks for checking it out!

dwirch posted this comment on 2018-04-28:

@AnonymousCoward on 2018-04-26: 

Your wish is my command. The request functionality has been added, and is now available by using the links at the top of this page.

dwirch posted this comment on 2018-06-06:

v1.0.0.8 has been released, which adds event logging functionality. 

See this forum post for details.

AnonymousCoward posted this comment on 2018-06-19:

Would it be possible to add a command line switch to allow a configurable warning timer? It would be nice to be able to set that a little longer like 5 or 10 minutes.

Also, any chance of getting Cylance to not detect on your program? Shoot them an email and see what they say. They false-positive on a lot of these logoff utilities and that is annoying:

Nice work!

dwirch posted this comment on 2018-06-19:

@AnonymousCoward on 2018-06-19 - 

Ask, and ye shall receive.  I will add a second switch to the app, for configuring the warning message. I'll get to it as soon as I can, most likely later this week.

dwirch posted this comment on 2018-06-19:

Oh, and I will see what I can do about Cylance and other A/V programs.


dwirch posted this comment on 2018-06-21:

For v

SHA256 hashes:
ZIP file: A054757E5D44107D3B09F2721A8AC9F7162F8063D2DF17707910ADBA40A402B4
EXE file: F7E1E00BE3EFC89DB77C5477AC129C03E87FBA8E179FB3377F4626975C0B1C00

AnonymousCoward posted this comment on 2018-07-26:

Thank you for this great tool.

Unfortunately on our Win 10 x64 only the last version ( works fine. The previous versions give a Run-time error '13': Type mismatch.
Ideally we'd like v since we want it to stay hidden and only show up before logging off the user but giving them the option to stop the log off process. The above everything version is too stressful for our users to see and takes up screen estate.

Thank you.

dwirch posted this comment on 2018-07-26:

@Anonymous on 2018-07-26 - 

I'm sorry that you're having issues with v1.0.0.6, and I will help as much as I can.

Can you give me a little more info?  For example:

  • are there any matching event log entries when this error happens?
  • can the problem be reproduced consistently? If so, what are the conditions?
  • Is SystemIdleCheck being executed in the system context, user context, or service account context?
  • What version of Windows, including service pack level (if applicable) does the error occur on?

I'd be more than happy to help you through this issue, and I will do what I can to resolve the problem.  

If you'd like, you can send any information you might have to, and I will be happy to work with you through private email, rather than this public place.

Thanks for trying the program, and for the valuable feedback.


jwajer posted this comment on 2018-08-09:

Great program. There are 2 suggestions I have. First add a switch to hide the box or minimize it. Second is reset it to a minimum of 2 minutes after idle

jwajer posted this comment on 2018-08-09:

I checked the latest version out on Windows 7 pro 64bit. Did the countdown but never logged the user out.

dwirch posted this comment on 2018-08-09:


Did you happen notice anything in the security or application event logs? For example, was the request to log out denied?

As for your first request, I will try and add the functionality you requested this weekend. 

dwirch posted this comment on 2018-08-09:

Also @ jwajer:

I'll do some testing against a Win7 x64 machine this weekend as well, if not sooner. Any special configurations I need to take in to account?

AnonymousCoward posted this comment on 2018-08-16:

Hi. Itested on Win10x64 1803, and the auto logoff did not work.

dwirch posted this comment on 2018-08-17:

Apologies for the problem with I inadvertantly left the program in debug mode the last time I compiled it.  I've reset the flag to false, recompiled, and have now re-uploaded to this page.  

Once again, sorry for the confusion.  New file hashes are:

Filename SHA256 Hash
SystemIdleCheck.exe E9DE8BD0B04E027F880ED3A31F3DE62A92B3FB0D855D7A40E72937AB1E39B927 482BF90F7C11B4E08F80CE9D575D137B23E27AF544FDFAF889543C49650B30E8

AnonymousCoward posted this comment on 2018-09-17:

This is great, thanks!

I appreciate you taking time to share this.

I'll test it out and leave feedback when I have given it a good tryout with real-world users.
I have a company that always forgets to log their remote computers off while using VNC.



AnonymousCoward posted this comment on 2018-10-01:

On Win 10 1709 the screen is locking after 15 minutes rather than logging out the user.

Any thoughts?

dwirch posted this comment on 2018-10-01:

I will check it when I get home. Which version of systemidlecheck are you using?

AnonymousCoward posted this comment on 2018-10-01:

I would like to see the WARNING box stand out better - bolder colours and larger warning box.

Can keyboard entry and mouse click also be used to stop the countdown to logout, as well as mouse move event.

dwirch posted this comment on 2018-10-01:

I'll see what I can do about the warning box.

AnonymousCoward posted this comment on 2018-10-04:

Really great little utility. We are currently testing it's suitability for use in a University environment. I second the request for a more obvious warning. It would also be really great if the warning message display time was configurable, 60 seconds is a little short if you have set a long timeout (hours).

AnonymousCoward posted this comment on 2018-10-04:

Following on from my time adjustable warning box suggestion, I have a couple more.

Stealth Mode - Which hides/disguises it's presence in Task Manger. Otherwise users can easily find and kill the process.

Stuck Key Detection - A classic way to defeat things like this is to leave a book sat on the keyboard. If the utility could recognise and ignore repeating keys that would be awesome.

dwirch posted this comment on 2018-10-04:

Looks like I have some coding to do this weekend!

I'll hopefully have a new version with these asks for you before Monday. Thanks for the ideas!

dwirch posted this comment on 2018-10-05:

I figured I would tackle the easy part first. How's this look?

dwirch posted this comment on 2018-10-07:

I've added a new switch, IdleWarningSeconds, which configures the time prior to log off for the warning dialog to appear.

Also, I've reconfigured the warning dialog to more noticeable.  It's larger, redder, and flashier.  If someone doesn't notice this, they ​really need to get their eyes checked.

Filename SHA256 Hash
SystemIdleCheck.EXE 7A1AEA3C6F4D55AA4687FBBA74E935AC7573985BB88D9764608A20550BCBCC1F F06E673BDE3AB7D5CF78A9F7895A517CA093F166297E675DDB8D4FC429E3C4E6

AnonymousCoward posted this comment on 2018-10-08:

Thanks for the new version. The new warning is much more noticable and the customisable display time will be useful.

I think a slight bug has be introduced in that the TimeOut is defaulting to 60 seconds rather than 5 minutes. If you do SystemIdleCheck I:60 the warning displays immediately.

What would help with the the Stealth Mode is if the process description was less descriptive. Currently it says, "Watches for system activity by monitoring the mouse for movement and the keyboard for the mashing of keys". Which is a bit of a giveaway if you are a nosey user. Perhaps something a little more vague like, "System Idle Check".

As it stands, will the utility support very long TimOut periods; e.g. 8 hours? 

dwirch posted this comment on 2018-10-08:

Thanks for the feedback!  I'm on my morning commute at the moment, but I will check out that bug when I get home this evening.  

I'd be interested in know if the timeout ignores the T​ switch as well? For example, if you use something like:

SystemIdleCheck T:300 I:120

That should give you a timeout of five minutes, with the warning popping up when two minutes remain before logoff.

I'll change the description on the executable as well, making it something less descriptive. Something like, oh, say, "Utility Service".

The program uses 32-bit long integers to track time, so it *should* support up to 32,767 seconds (just over 9 hours) for any of its inputs. As a reference, there are 86,400 seconds in a day. I never envisioned a "regular" user logon being longer than that, so I didn't bother using another data type. It is possible to use a different data type to track the time, or just use time math itself to track it. It'd be pretty easy to change over to a 64-bit variable type to track seconds, but a little more in depth to do time math. Because I suck at time math. ;)

AnonymousCoward posted this comment on 2018-10-09:

If you specify the TimeOut then it works fine, it is just the default which seems to have got messed up, so not a big deal.

My thought on the long timeout is for people who leave their computer unattended whilst encoding or rendering, during which there would be no keyboard or mouse activity. 8 hours would probably be enough, but if it is straightforward to switch to 64-bit then that would give it more flexibility. Calculating time can get a little tricky once you have to start dealing with clock changes and leap years.

It would be really cool if it had an option to also monitor CPU usage. So if CPU usage has been above n% for the past 5 minutes, the computer is not idle and so reset the timer.

AnonymousCoward posted this comment on 2018-10-10:

If there is more users logged in, the system will logout the ative one? And will show the warning message? i want the system to logout the idle users ano do not send messages to the atives users.

dwirch posted this comment on 2018-10-11:

Are you thinking of like, say, a remote desktop services/terminal services type environment?  

I haven't tested it in that environment, but I can say that the process runs in the currently logged on users context.  SO, it should only warn/logoff the user that is idle (ie, the context of the user it is running under).

Z posted this comment on 2018-10-15:

This is a great program, It's almost exactly what i was looking for. The only problem I have with this program is I wish that it had the option of locking the computer instead of logging the user off. I know windows is capable of locking an account without this app, but that warning sign that comes up is why I would use this application.  Is there a way of doing this or editing the application so it can? 

dwirch posted this comment on 2018-10-15:


How about we replace the L switch (LogoffAfterAddle:true|false) into a three-way switch? Make it something like TimeOutAction, with three options:

  • Warn Only
  • Logoff
  • Lock

Anyone else have thoughts on this?  Yes? No? 

AnonymousCoward posted this comment on 2018-10-16:

dwirch, yes to three-way L switch.

On a separate note, here is our scenario. We share desktop among several users in our manufacturing line. Users would rather use 'switch user' than log-out eventually leading to multiple users logged-on resulting to slower system. If 'switch user' happened before the SystemIdleCheck time-out, then potentially the changed user is still stuck in the system. Or will the SystemIdleCheck continue to monitor the individual logged user separately and smart enough that any keyboard or mouse action is only applicable to the current user and will eventually logged-off those on the idle?   



dwirch posted this comment on 2018-10-16:

I will have to do some multi user testing to make sure, but *should* only affect the current user. The caveat is that each user session will be running a copy of systemidlecheck, so each user will be treated to logoff by their independent timers, regardless of who the active user is.I'll know more after I do some testing.

AnonymousCoward posted this comment on 2018-10-16:

Thanks dwirch!  The preferred action is to log-off the idle users (background) when they reach their individual timeout even if the current user is busy with the keyboard and mouse. Will also do additional testing on our end. Great tool by the way!

Z posted this comment on 2018-10-17:


Wow I didn't expect you to respond that same day sorry for leaving you hanging! The three way L-switch sounds perfect! Just to let you know, I also noticed the "I" switch problem that was mentioned before. I was wondering if you know of any applications similar to this for mac. I was origianally looking for a windows solution, but after my supervisor saw how well this would work in the department she wanted to use it on the mac computers as well. 

dwirch posted this comment on 2018-10-17:

@Zhaha I try to be on top of these messages, and get back in a timely manner. As for Mac type programs, I don't know of any, but I will ask around for you!

dwirch posted this comment on 2018-10-20:

As requested, the new vesion ( has been posted. 

NOTE​ that the L switch has been changed to a three-way, which now includes the lock functionality.

I am still doing some multi-user testing, though. I hope to have some news about that soon. 


Z posted this comment on 2018-10-22:

Nice! I cant wait to run this on the pc's. 

AnonymousCoward posted this comment on 2018-10-29:

Hi, looks very nice app. One thought still, could there be restart switch in addition to logoff? We have Kiosk machines and restart instead logoff would reset more settings.

dwirch posted this comment on 2018-10-29:

I'll see what I can do. Shouldn't be a problem, though.

dwirch posted this comment on 2018-11-02:

Two new switches added: Reboot and Shutdown.  


AnonymousCoward posted this comment on 2019-01-05:

Nice little utility.  Thanks for creating.  My initial testing is good.  I found myself looking for a "cancel" switch. I ran it a few times, trying a /? and mistakenly trying the "T" as a lower case.  After I ran it once with a 61-second logoff and then immediately (after 1 second) seeing the warning prompt I then had to figure out how to cancel it.  I didn't see a "cancel" switch (perhaps I missed it) so I went to Task Manager.  There I found several instances of "sic.exe" running.  I wonder if that's another opportunity - to have a second run of the program alter the initial run rather than launch a new process.  I'm not evern sure that's what you'd want... just brainstorming with you a bit.

Again, so far it looks like it will do what I want and need.  What do you feel is the best way to implement it or call it?  Just have a shortcut to it copied to the All Users' Startup folder?  Call it from a login script?  Something else?

dwirch posted this comment on 2019-01-07:

That's definitely not expected behavior.  Once the window pops up, all you should have to do is move the mouse or press a key. The window should disappear at that point, while the program continues to run in the background.  

Multiple copies should not be getting fired, unless the program is manually executed. Can you let me know how you ended up with multiple copies running?


drew2018 posted this comment on 2019-01-09:

I have been testing sic and love the simplicity and relaibility.  So far it has done everything I need but I do have a question.  Is there a way to make the dialogue screen customizable?  For instance instead of !!!! WARNING !!!!, allow this to be customized so I can enter this as a title, the the NO user activity .... be also customizable.  I would like to enter my own messages with a countdown.  I am including a example.


1. Replace !!!! WARNING!!!! WITH  - - - - ->>>>> custmized message a admin can add - > called TITLE

2. Replace No User activity has been detected.... - - - >> customized message a admin can add  - > called MESSAGE

3. Replace Logoff in xx seconds - - - ->> xx seconds remaininig on computer XXXXcomputer name

4. Add Logoff Now button and or Cancel button in dialogue window

I was trying to send a screen shot but looks like the paste function only works for text.  Let me know.


Thank You





dwirch posted this comment on 2019-01-09:

Hey Drew -

I like your suggestions, and they should all be pretty straightforward to implement:

1 & 2 - How about give the ability to configure custom title and message, but fall back to a default if not specified?

3 - Can do. I just need to add a small piece of code to grab the local machine name, and poke that to the "... seconds remaining ..." message.

4 - Logoff now button is no problem.  But the cancel button would be redundant, I think.  The act of moving the mouse to go click the button would already cancel the logoff, so the user would never be able to poke the cancel button.

I'll get started on your ideas this weekend!

dwirch posted this comment on 2019-01-12:

@drew2018 - logoff button most likely a no go.  When the user goes to move the mouse to click the button, idle time is ended, and the warning goes away. This prevents the user from clicking the "Logoff Now" button.

Working on your other requests, though!

AnonymousCoward posted this comment on 2019-01-25:

Hi, looks like just what i'm after, few newbie questions though.

all i need to do is run the exe and then run the command on the cmd line that i want to apply, is that right?

how would I switch it off so that it didn't run any commands anymore?


dwirch posted this comment on 2019-01-25:

Yup, all you need to do is run the program as described. Applying the command line switches is optional; the switches are used to modify the operation of the program, as desired.

Once the program is running, there is no interface visibile until the timer expires. If you want to stop the program from running, you need to open your task manager, and end the task named SIC.EXE.

AnonymousCoward posted this comment on 2019-01-25:

excellent, thanks very much


AnonymousCoward posted this comment on 2019-02-05:

Greta tool.  Thanks!  I find myself wanting to have the ability to have it write a quick message into a text/log file of my choice when it logs the user out (or restarts the machine or whatever).  I'd kinda like to know how much the utility is being called upon to do its job.  I do this sort of thing lots with scripts that I write.  I'll usually choose to have all my machines or login sessions write to a centralized (network shared) location and append their activity to the same text file.  That way I can look at that one file and see a network-wide recap of whatever event I'm capturing.  I can even use a tool like SnakeTail to view additions to the file in real time.

dwirch posted this comment on 2019-02-05:

Thank for the input. 

SystemIdleChecker current logs to the Windows event log, in the Application log.  Unique event IDs for different events (startup, timeout expired, logging off, etc) are captured.

I chose to use the Windows event log as a repository for a couple of reasons:

  • It's already there, and manages itself.
  • Can be queried by other tools, utilities and scripting languages:
    • PowerShell
    • SCOM
    • Splunk
    • etc. etc. etc.

I thought about a centralized text repo for capturing the data (gets big, fast), or even writing a matching server app with a database to interface with (need the time to design and dev), but I opted for the cheaper solution, built-in to Windows, and is available on every Windows computer.

I've toyed with the idea of building a system monitoring solution for years.  Heck, I could I even integrate a software distribution function (already written), and have SystemIdleCheck be a "child tool" of this solution.  *sigh* Someday ...

AnonymousCoward posted this comment on 2019-03-21:

First want to start off by saying, love the program and it is exactly what I have been looking for. I run a vdi floating pool environment here at work and have been looking for a way to force logoff computers after our users forget to log off. My only issue is the fact I cannot edit the execution time for the message as well as the actual action of logging the user off. 5 minutes is just too short, and from what I can tell using the command line is the only way to adjust the default values. Is it possible for you to build a template that has a default time of 15 minute log off and 14 minute warning display? 

AnonymousCoward posted this comment on 2019-03-27:

Re: Windows Defender A/V protection:  Just turned off real-time protection, downloaded the file, extracted it to a folder, then added the file [path]/sic.exe as an exclusion.  re-activated real-time protection.  All good.  Also added a shortcut to the common startup folder so that it startsup on logon for every user.  HTH someone.

AnonymousCoward posted this comment on 2019-04-08:

In case you don't know already, some anti-virus systems are categorizing your program as malware.  We use Cylance and it suspects the program as a virus. reports that several systems consider it a virus (Comodo, Ikarus, McAfee, McAfee-GW Edition, Microsoft, Palo Alto, and Qihoo-360 is the compelte list currently).



dwirch posted this comment on 2019-04-08:

Yup, this is known behavior. The program implements a system-wide keyboard hook, in order to watch for keypress events.  From VirusTotal:

The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function. 

Another type of program that does this is called a keylogger.  A keylogger actually captures your keystrokes, and either stores them or sends them off to be used for nefarious purposes.

Why should you trust that I have built this program with no malicious intent?  Simple: you shouldn't. The fact that you are checking the program for "badness" with such tools as VirusTotal shows that you actually give more than two hoots about what gets introduced in to your environment.  You don't know me from a bump on a frogs butt.

All I can do is tell you that I have no malicious intent. I haven't written in a keylogger or any other bad stuff.  I've no need to. But, like I said, doesn't matter what I say.  I'm just some random guy on the internetz.

What you can do to validate the safety of the program is to clean-room it.  Put it on an isolated box, run filemon, regmon, procmon, and heck, stick wireshark on there to watch for network traffic.  Let the program do its thing.

Let me know if it does anything it shouldn't be doing. Like poke random crap in the registry. Squirting out files. Or trying to talk to the internet. You most likely won't find it does much, except watch the keyboard and mouse, and count seconds.

You may have noticed that I include a file hash for both the ZIP file as well as the executable. This is not done for my security.  This is done for the security of the good people that use my program. If the hash don't match, throw it away. 

Questions? I'm all ears.

AnonymousCoward posted this comment on 2019-05-14:


Your application appears to address an issue that we have been dealing with for quite a while. I have read through the posts and have a question related to the operation in a lab environment. Multiple users log into a system and each of their sessions consumes a license of a particular program. We are constantly receiving tickets indicating that users cannot log in the application. Will your program log off each user as a distinct entity? The systems are in a Windows 2008 domain and are a mixture of Windows 7 and Windows 10 Professional desktops. I apologize if I missed that detail in the posts above. Thanks for any clarification you can provide.

dwirch posted this comment on 2019-05-14:

The program runs in the context of the currently logged in user. So it should only log off the session of the user whos time has expired. 

For each user that is logged on to a terminal server, a new instance will fire off, if you have it set up to execute in a login script or some such method. If you look at task manager, you should see multiple instances of the app running, one in each user space. Each instance only has permissions to manage its own login session, and Windows will not allow it to "cross over" in to another users session.

The program is tiny, and doesn't do much in the way processing, so resource utilization should not be an issue.

I haven't tested in an RDP type environment, so this is only theoretical. 

NRIACONE posted this comment on 2019-05-15:

Just to clarify, I have six users logged into a workstation and each users session is locked. As each users' time expires the application will log them off. Just trying to make sure I understand the environment. This could be a combination of local and RDP sessions, but the typical situation is just local users on the workstation.

dwirch posted this comment on 2019-05-15:

That is the expected behavior.  Each session runs its own copy of SIC.  Each user session, as the idle timer expires, should be logged off independently.


AnonymousCoward posted this comment on 2019-07-17:

Hi, this looks perfect for me.  But I downloaded the file, extracted it, read the readme.txt file, ran sic.exe as administrator, and nothing happened.  Tried it again, no dice.  Any idea why?

AnonymousCoward posted this comment on 2019-07-17:

Okay, I figured out how to do the basic commands (the three switches), but I don't know how to customize the title and message information.  Can you put that info at the top of the page with the switch information and examples?

dwirch posted this comment on 2019-07-17:

See the email I just sent you. Also, the functionality for custom title and text has not been added to the released version as of yet. I'm getting more and more requests for it, so I probably should finish it up ;)

AnonymousCoward posted this comment on 2019-08-18:

Hello dwirch, Thank you for making this program. I greatly appreciate it.

I ran the program and I pasted  the following in the command terminal in order to modify the settings:

sic SystemIdleCheck T:800 I:120 L:logout

Then I got the following error:

 'sic' is not recognized as an internal or external command,
operable program or batch file.

What should I do?

Thank you for all you do to support us.

dwirch posted this comment on 2019-08-18:

It looks like the program is in a location that is not referenced by the default path of your Windows installation.  

In order for the program to be accessible from "anywhere" on your system, it needs to be in a location Windows knows about, otherwise known as your Path.

You can get your current path from a command prompt thus:

C:\Users\user>echo %path%

The output will be something like this:

C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;D:\Program Files\Git\cmd;C:\Users\user\AppData\Local\Microsoft\WindowsApps;;C:\Users\user\AppData\Local\Programs\Microsoft VS Code\bin

As you can see, this jumble actually contains a list of directories on your computer where Windows will look for a program. When you type sic T:800 I:120 L:logout, each directory listed in the path is searched in turn. If the program is not found in any of the directories, then the error you mentioned will be displayed.

For more information on the Path environment variable, see this article.

AnonymousCoward posted this comment on 2019-10-08:

What is the latest HASH for version

dwirch posted this comment on 2019-10-08:

I've posted file hashes, as well as other similar items, on the version history page.

The file hashes for are:

EXE: D64F84A3C0BCA70DF9CD49AB86105314C2AAEA99B0F57E19BAE22C4BF0155474
ZIP: 4317B5D05593056BAFB9D46A43E6245B10167342D97C5C62CCA0E756031CDFEB

AnonymousCoward posted this comment on 2019-10-22:

Your program solves an issue that many of us have, great work!

Any progress on the custom message, being able to customise that will make this tool perfect (for me anyway :)  )

Thanks for your great work

dwirch posted this comment on 2019-10-23:

Unfortunately, a recent promotion at my day job has been taking a lot of my time.  The modification is half written, and I simply need to make time to do some final testing and debugging. 

I promise I will get to it as soon as I can, and get it posted here.  Sorry for the delay.

AnonymousCoward posted this comment on 2019-12-26:

All the best of the season to you!

Like a couple of the posters above, I am keen to see if you have had time to make any more progress on the custom messaging. I am happy to assist with debuuging if you need.

AnonymousCoward posted this comment on 2020-01-02:

If someone was to deploy this in a gpo to a couple of servers, would you recommend batch, VB or Powershell to launch it in the session?

I haven't tested it enough but curious to know if it has precedence or not over RDS session settings?

We have lots of Citrix XenApp, XenDesktop and just plain RDS application servers and wondering if the mix of settings they get either from a GPO or Citrix policies will be overridden by this beauty of a tool.

What we want to acheive is to only logoff console sessions (SESSIONAME = console) not remote sessions as that is already well under control.

dwirch posted this comment on 2020-01-02:

I'd fire it off as part of a batch file or login script.  PowerShell would be overkill (I think) for simply firing off another program.

I am assuming you have your console users in a particular security group, while your RDP/Citrix users are in a different group.  Using this, you could filter the GPO to only apply to console users only, leaving RDP/Citrix users alone.

AnonymousCoward posted this comment on 2020-01-04:

By the way for beginners like me who just like to use the default sixty seconds and the computer just log-ins to one user account, I just saved this program somewhere it's not easy to find like system32 folder and then followed Option 1 from

Hope that helps someone here. :)

AnonymousCoward posted this comment on 2020-01-10:

So for some reason, I'm not seeing any warning prior to the lockout event...


dwirch posted this comment on 2020-01-11:


Can you share the command line that you are using?

AnonymousCoward posted this comment on 2020-01-17:

Great program DW, thanks for publishing it!

AnonymousCoward posted this comment on 2020-02-27:

Hello dwrich! This program is exactly what we need to implement for our conference room machines. This may be a bit of a noob question, so forgive my ignorance! The way I want to set up the program on our WIndows 10 machines is: log off the user after 3 hours (or 10800 seconds) and display the warning at 20 seconds. I have added sic to the common startup folder on each machine I want to use it on: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp then I run a CMD as admin and use the logoff switch, so it looks like this: in CMD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp>sic T:10800 I:20 L:logout

After I run this switch, the warning still pops up at 2 minutes, and the user is logged off after 3 minutes. Furthermore, if I set this for one user (an admin account), does it reflect to all others as well? Is there somewhere else I should move the sic file to and then change the directory on CMD to that, adn THEN run the switch, or am I doing this entirely wrong to begin with? Thanks in advance!


dwirch posted this comment on 2020-02-27:


Thanks for the heads up. It looks like your command line is correct.  I will do some testing when I get home this evening, and let you know what I find.  

If you are so inclined, and want to work directly with me for support, please feel free to contact me via

dwirch posted this comment on 2020-03-15:

See the guide here for instructions on how to deploy via GPO.

dwirch posted this comment on 2020-03-19:

The latest version of SystemIdleCheck (SIC) v1.1.0.0 has now been digitally signed. I've re-uploaded the zip file, and the new hashes are shown below.


AnonymousCoward posted this comment on 2020-07-30:

im trying to write a simple batch file that will auto start the executions for the command prompt, then throw it in my startup folder along with sic.exe. However i can not get the command propmt to close after execution when typing exit in the batch file. is there a specific way to do this. here is what it looks like: 

@echo off
cd C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp & sic T:30 I:20 L:logout

AnonymousCoward posted this comment on 2020-08-20:

This is great, however is there any possibility to force lock after say 5 min and then full logout after an hour?  Also i dont need the warning, i have been able to mostly avoid it by setting it to -1, but is there an option to disable the warning alltogether?

Thank you for your work on this, this is the best solution i have found so far

dwirch posted this comment on 2020-08-20:


That's a good idea.  I'm working on the next version, and I'll see if I can get that functionality put in there without too much hassle.

AnonymousCoward posted this comment on 2020-10-05:

This seems to be exactly what I am looking for.     After I extract the files what do I do?   Is there a setup?  Are there defaults such as logoff idle user after 15 minutes or 30 minutes?
I am so excited!


dwirch posted this comment on 2020-10-05:

@Laura - All your questions can be answered by checking the documentation.

AnonymousCoward posted this comment on 2020-10-07:

This looks great and is really appreciated.

One option that feels missing is to disconnect the session, via a call like:


There's a subtle difference between Locked and Disconnected status, and that difference can matter to other applications in the session.

AnonymousCoward posted this comment on 2020-10-09:

Great effort!!!

One thing I am missing. All messages are in english now. I would love to have the ability to show custom messages or at least in the language of the OS. Would that be an interesting feature request?

And maybe even change the colors of the message.


Kind regards,


AnonymousCoward posted this comment on 2021-01-19:

Hello there!

First of all thank you so much dwirch for this easy and simple but very very useful tool, it saves my life due to some important computers that are shared at my company but users never logoff their sessions and make the next user to suffer a mess up!!!

I also found the same issue as @AnonymousCoward and found out how to fix it until you do it on a new you are the solution:

1) Copy sic.exe to a local folder (E.G. C:\ADMIN\)
2) Open Local Computer Group Polity Editor --> Run gpedit.msc
3) Go to 'User Configuration\Windows Settings\Scripts (Logon/Logoff)'
4) Open Logon
5) Click on Add... and then click on Browse...
6) Select the sic executable you copy locally --> Click Open
7) On "Script Parameters" you put the instructions for sic.exe like --> SystemIdleCheck T:600 I:120 L:logout
8) Run on cmd gpupdate /force

And that's all, every time every user on this computer logon, sic will be run silentlly and will work as configured :D


AnonymousCoward posted this comment on 2021-01-19:


it's me again, I just send you a request dwirch:

Is there a way you could configure sic.exe to know that the user is not moving mouse but there is a videoconference working?

I mean, my two main computers where I configured sic.exe are computers on our Showrooms that users do videoconference with them. My problem is that during videoconference user didn't touch keyboard nor mocing mouse so sic.exe think computer is idle and after timeout show the warning in the middle of the screen with the videocall...

I workaround that putting 1 hour for logout on sic.exe, and most of users have no problem with that, but I prefer if we could find the way to avoid warning to be shown if screen is on for example...with that is enough.



AnonymousCoward posted this comment on 2021-07-25:

Greetings.  Been using v1.1.0.0 for a while now, and I see that there is a new version available.  I don't see the hashes for v1.3.0.0.  Would you please provide those?

dwirch posted this comment on 2021-07-26:

ZIP File Hash:


EXE File Hash:


AnonymousCoward posted this comment on 2021-07-29:

This little app is perfect. Microsoft should have baked in this kind of functionality years ago. Thank you for taking the time to develp this solution.

dwirch posted this comment on 2021-09-07:

My mistake.  Looks like the codesigning certificate has expired.  It'll take a couple days to renew the certificate, and I'll get the re-signed executable up on the download page.


dwirch posted this comment on 2021-09-13:

Certificate has been renewed, and I've re-uploaded the signed executable.  It's available at the top of this page.

AnonymousCoward posted this comment on 2021-09-21:

Great little app, works well! Recently deployed it onto a couple of shared PCs.

However, initial end user feedback is that the popup is a little too startling, and I've been asked to remove it again. Would it be possible to have the option of a more subtle popup design, or ever better, perhaps have the ability to customise it (e.g. pass in the path to an image to display)?

AnonymousCoward posted this comment on 2021-10-21:

Is there a way to have no warning?

dwirch posted this comment on 2021-10-21:

Set the warning value to 0

AnonymousCoward posted this comment on 2021-11-04:

Is there a way to do lock and then logoff. Right now the only way I can think of is to run 2 instances to work around it. I want to lcok the workstation after 15 minutes and then if the user doesn't come back to it after 30 minutes it logsoff.

AnonymousCoward posted this comment on 2021-11-29:

I did notice an interesting quirk. I was working in excel which i often just use my keyboard only in that app and I received the warning. It didn't go away until I moved the mouse. not sure if that is related to my double instance workaround or not. 

AnonymousCoward posted this comment on 2022-01-18:

Is there any way to get this to apply only after primary business hours?  Ex. Only have the sic application apply between the systems hours of 6pm and 8am ?

AnonymousCoward posted this comment on 2022-01-20:

I have had one of the test users that we have applied this to ask if it is possible to get the application to send them an email instead of a pop up warning, since they may be away from their PC, and wouldn't see the alert, but they would recieve an email on their mobile device/phone.  Especially if the user has a long running task that they don't want to die until it is completed.


Thanks again!

AnonymousCoward posted this comment on 2022-08-24:

I just want to clarify something.  You state at the beginning, "If a user remains logged in, but is idle for a specific period of time".  I suspect what you mean is that if a user remains logged in and the *system* is idle for a period of time, right?  IOW, this application doesn't log off idle users, it logs off users of an idle machine, correct?

Thus, if User1 logs in, then locks the computer and User2 logs in (using "Switch user" or "Other user"), User1 is idle the entire time User2 is working, but because the machine isn't idle, User1 will not be logged off.  I'm curious, what happens of User2 walks away and the machine does become idle with this running?  Do both users get logged off, or just User2?

If you have explained this and I missed it, my appologies.  Maybe you could adjust/add to the wording at the very beginning to make it more clear?


dwirch posted this comment on 2022-08-24:


That's a really good question, and I actually hadn't considered Fast User Switching in this scenario.  But yes, as it sits ...

If User1 logs in, then User2 logs in without User1 logging off, as long as User2 is active, User1 won't be logged off, since the system is still active, and User1's session is effectively "paused".  Think console access.

When used in a RDP instance, the behaviour is a bit different.  Each user on an RDP server has a seperate instance of SIC running in their own system space, so it works as designed. 

AnonymousCoward posted this comment on 2022-08-25:

Thank you for the reply.  The reason I'm investigating this is because we have workstations on which User1 logs in and then has to step away.  Because they might be gone for just 30 seconds rather that closing everything and logging off, they just lock the machine.  It turns out they are kept away for longer, and in the mean time, User2 needs to use the machine.  Usually their login works, but somewhere between User2 and User 4, the machine stops responding getting stuck at "welcome" and has to be forcibly rebooted.  I'm trying to find a way to log off User1 (for example) after a period of time during which someone else may be logged in.  It is my belief that if the number of logged in console users remains at 2 or less, the machines should function just fine.  If you have any tricks up your sleeve to make that possible with SIC, please consider showing them off. 

AnonymousCoward posted this comment on 2023-03-23:

Hi!How can i turn it off once i need to modify or just disable it from system? thanks so much!

dwirch posted this comment on 2023-03-23:

Once it is running, and if you no longer want it running, you should first remove it from any processes that automatically start it. 

If you don't want to reboot, you can end the task from the task manager.  You can also reboot to remove it from memory, provided you have stopped it from auto-starting.

stuarta posted this comment on 2023-10-10:

Is there any possibility of having this monitor for touch screen events? We've noticed on our Windows 11 devices that are touch screen only that this logs the user off after the set period of inactivity, no matter how active the users are

dwirch posted this comment on 2023-10-10:

It should work fine with touch screen events.  As I recall, and I could be wrong here, but touch screen events typically count as mouse events at the system level.  For example, when you touch the screen, the mouse cursor (even if it is not visible) moves to that location. 

Honestly, I've not tried it with a touch screen, and I don't have a device I can test with.  But I will try to find a cheap Windows tablet so I can test this scenario.

stuarta posted this comment on 2023-10-10:

After we noticed this not working as expected on the touch only devices, I found a bit of PowerShell that let me check the time since any input occurred here: looks like that method at least would accurately count how long the system had been idle after touch events

smajor posted this comment on 2023-11-20:

We just dicovered this and are testing in a couple of locations. We found that for some users the Warning message is confusing to the non-technical. Could the message be customizable by us or maybe just add something like "This workstation will be rebooted when the timer expires. Move the mouse to continue using it."

We also found that using a presentation remote for PowerPoint wouldn't be seen as "usage" so eventually they'd get a warning. That might be beyond the scope of this software to fix, but perhaps the message above is enough for them to act on in that case.

You must be logged in to make a comment.