Pendmoves v1.2 : This update to Pendmoves adds support for 64-bit directories. Process Explorer v15.3 : This major Process Explorer release includes heat-map display for process CPU, private bytes, working set and GPU columns, sortable security groups in the process properties security page, and tooltip...

Autoruns v11.41 : This Autoruns update reports the hosting image target of link shortcut references. Handle v3.51 : This minor update to Handle, a command-line utility that dumps process handle tables, fixes a bug in its file share drive letter formatting. Movefile v1.01 : Movefile, a utility for...

PsPing v1.0 : PsPing is a new Sysinternals PsTools command-line utility for measuring network performance. In addition to standard ICMP ping functionality, it can report the latency of connecting to TCP ports, the latency of TCP round-trip communication between systems, and the TCP bandwidth available...

Autoruns v11.34 : This release of Autoruns fixes a bug that caused it to not show some Internet Explorer extensions. ProcDump v5.0 : Procdump is an advanced utility for capturing process memory dumps based on a variety of triggers including CPU usage, memory usage, performance counter values, and...

LiveKd v5.0: LiveKd, a tool that enables live kernel debugging of Windows systems, can now debug and generate kernel dump files of Hyper-V Windows virtual machines from the parent partition without having to boot the target virtual machine in debug mode. See Mark’s most recent blog post, “...

Mark’s Blog: The Case of the Unexplained IE Crash - Mark goes on a detective hunt to find out the likely culprit of an IE crash he recently experienced. In the post, he shows how to find which process out of multiple running the same executable crashed and how to get additional information from...

AdExplorer v1.3: This update to AdExplorer, an Active Directory editor, has major node expansion performance improvements and a number of minor bug fixes. VMMap v2.6: VMMap, a powerful process virtual and physical memory analysis tool, now shows both graphical and numeric breakdowns of private virtual...

ProcDump v1.72: This update changes the dump file date and time format to be ISO compliant and fixes a bug that prevented ProcDump from exiting when the process termination condition was active. Desktops v1.02: v 1.02 works around another issue that could prevent Alt+Tab from working on alternate...

ProcDump v1.7: This update to ProcDump, a command-line utility that will generate memory dumps of processes based on various selectable criteria, now supports periodic timed dumps as well as dumps based on virtual memory thresholds. AccessChk v4.24: AccessChk, a utility that shows effective security...

Mark’s Windows Internals Session at the Professional Developer’s Conference, Part 1 Mark’s Windows Internals Session at the Professional Developer’s Conference, Part 2 : Mark dives deep to cover Windows 7 and Windows Server 2008 R2 kernel changes in his top-rated session from...

NewSID Retirement and the Machine SID Duplication Myth: Mark’s latest blog post debunks the myth that having duplicate machine SIDs causes problems, explaining why the Sysinternals NewSID tool has been retired. Disk2vhd v1.3: This update to Disk2vhd makes more Windows XP and Windows Server 2003...

Sigcheck v1.6: This update adds checking for .NET strong signatures and extends the output of the -i option, which shows the image signers, to also print the path of the catalog that stores a file's signature. Strings v2.41: This Strings update fixes a bug that sometimes resulted in the omission of...

Process Monitor v2.0: This major update to Process Monitor adds real-time TCP and UDP monitoring to its existing process, thread, DLL, file system and registry monitoring. You can now see the TCP and UDP activity processes performed, including the operation (e.g. connect, send, receive), local and remote...

Sysinternals Live: We're excited to announce the beta of Sysinternals Live, a service that enables you to execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool's Sysinternals Live path into Windows Explorer or a command prompt as \\live...

ShellRunas v1.0: ShellRunas provides functionality similar to that of the Runas tool to launch programs as a different user via a convenient shell context-menu entry. This makes it more convenient than Runas for heavy Explorer users. Process Explorer v11.10: This Process Explorer update adds a number...