Page 1 of 2 12 Last
  1. #1

    Join Date
    Feb 2012
    Posts
    2,065
    Blog Entries
    7

    Sysinternals Tools Updates

    http://blogs.technet.com/b/sysintern...ill-v1-14.aspx

    Updates: Process Explorer v15.2, Testlimit v5.21, Pskill v1.14
    BethBr
    7 Jun 2012 1:20 PM

    0

    [B]Process Explorer v15.2:[/B] This major update to Process Explorer, a Task Manager replacement, merges Autoruns functionality by adding a new Autostart Location column and property to the process and DLL views that indicates where an image is configured to automatically start or load. It also adds .NET stack walking support to the thread stack dialog, adds a process timeline column that graphically depicts a process’s lifetime relative other processes, and uses the Windows 8 private ETW logger which enables better coexistence with other ETW-based tools.

    [B]Testlimit v5.21:[/B]This update clarifies some of the output messages.

    [B]Pskill v1.14:[/B] This release to PsKill, a command-line tool for terminating processes, includes some minor bug fixes.

    Process Explorer, Syinternals, Testlimit, PsKill, procexp
    marsmimar, satrow, Corrine and 1 others say thanks for this.


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2

    Join Date
    Mar 2012
    Posts
    469

    Re: Process Explorer update - includes Autoruns functionality

    Thank you for bringing this to attention. I especially like the .NET stackwalking support as that previously was rather elusive given how managed code works.

  3. #3
    Temmu's Avatar
    Join Date
    Apr 2012
    Location
    far reaches of the galaxy, but you knew that...
    Posts
    436

    Re: Process Explorer update - includes Autoruns functionality

    likewise, thanks, sysinternals is a great set of tools.

  4. #4

    Join Date
    Feb 2012
    Posts
    2,065
    Blog Entries
    7

    Re: Process Explorer update - includes Autoruns functionality

    Latest update out: Autoruns v11.32, Process Explorer v15.21, Process Monitor v3.02, PSKill v1.15, RAMMap v1.2

    Autoruns v11.32: This update fixes a bug that prevented Autoruns from correctly elevating when the Run as Administrator option is selected.

    Process Explorer v15.21: This update fixes a bug related to the autostart functionality introduced in v15.2, a tooltip display bug, and a bug that prevented display of kernel stacks.

    Process Monitor v3.02: This release fixes an external logging issue that prevented certain registry paths from display correctly when run with App-V and fixes a bug in the save logic.

    PsKill v1.15: This fixes a bug in the remote kill functionality introduced by the v1.14 update.

    RAMMap v1.2: This release to RAMMap, a utility that displays a detailed map of a system’s physical memory usage, now supports systems with more than 16GB of RAM, Windows 8, and includes keyboard navigation improvements.
    satrow says thanks for this.

  5. #5

    Join Date
    Feb 2012
    Posts
    2,065
    Blog Entries
    7

    Re: Sysinternals Tools Updates

    Latest updates out: Handle v3.5, Process Explorer v15.22, Process Monitor v3.03, RAMMap v1.21, ZoomIt v4.3

    Handle v3.5: This update to Handle, a command-line utility that lists open handles, uses the most recent Process Explorer driver so that it now resolves system process handles and types.

    Process Explorer v15.22: This release addresses a bug that caused Process Explorer to crash when viewing .NET thread stacks of 64-bit Windows XP and 64-bit Windows Server 2003.

    Process Monitor v3.03: A bug that caused some symbols to not resolve in stack traces is fixed in this release.

    RAMMap v1.21: This fixes a bug that causes RAMMap to sometimes report an error on 32-bit versions of Windows.

    ZoomIt v4.3: This update to ZoomIt, a screen magnification and annotation utility, adds an option that enables you to configure it to automatically start when you login.
    jcgriff2, niemiro and satrow say thanks for this.

  6. #6
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    7,863

    Re: Sysinternals Tools Updates

    From http://technet.microsoft.com/en-US/sysinternals

    What's New (September 10, 2012)


    • Mark Publishes New Technothriller: Trojan Horse
      Mark’s sequel to his popular debut technothriller Zero Day is now available in ebook and hard cover. Watch the video trailer and read the reviews on Mark’s website.
    • ProcDump v5.0
      Procdump is an advanced utility for capturing process memory dumps based on a variety of triggers including CPU usage, memory usage, performance counter values, and exceptions. Version 5.0 is a major upgrade that adds the ability to configure exception filters based on managed and native exception types, extends support to Windows 8 modern applications, and integrates with Process Monitor’s debug output logging.
    • Sigcheck v1.8
      This update to Sigcheck, a command-line file version and digital signature verification utility, shows detailed certificate information such as certificate usage, validity dates, and thumbprints, and also shows a file’s counter-signing chain if it has one.
    BTW, I was notified yesterday that I won a copy of Mark's new book, "Trojan Horse". I enjoyed "Zero Day" and look forward to reading "Trojan Horse".


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  7. #7
    jcgriff2's Avatar
    Join Date
    Feb 2012
    Location
    New Jersey Shore
    Posts
    14,413

    Re: Sysinternals Tools Updates

    Awesome, Corrine!

    BSOD Posting Instructions - Windows 10, 8.1, 8, 7 & Vista ` ` `Carrona Driver Reference Table (DRT)
    https://www.sysnative.com/
    Sysnative Hex-Decimal-UNIX Date Conversion

    Has Sysnative Forums helped you?
    Please consider donating to help support the forum.
    Thank You!

    Microsoft MVP 2009-2015

  8. #8
    Wrench97's Avatar
    Join Date
    Feb 2012
    Location
    S.E. Pennsylvania
    Posts
    2,506

    Re: Sysinternals Tools Updates

    Congrats Corine, the titles sound like something my son would read but I'll bet that Zero Day had nothing to with a WW II attack and Trojan Horse isn't about Odysseus and the Greeks

  9. #9
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    7,863

    Re: Sysinternals Tools Updates

    Right you are.

    Trojan Horse: A Novel by author Mark Russinovich
    It’s two years post-Zero Day, and former government analyst Jeff Aiken is reaping the rewards for crippling al-Qaida’s attack on the computer infrastructure of the Western world. His cyber – security company is flourishing, and his relationship with Daryl Haugen intensifies when she becomes a part of his team.

    But the West is under the East’s greatest threat yet. The Stuxnet virus that successfully subverted Iran’s nuclear defense program for years is being rapidly identified and defeated, and Stuxnet’s creators are stressed to develop a successor. As Jeff and Daryl struggle to stay together, they’re summoned to disarm the attack of a revolutionary, invisible trojan that alters data without leaving a trace. As the trojan penetrates Western intelligence, the terrifying truth about Iran is revealed, and Jeff and Daryl find themselves running a desperate race against time to reverse it – while the fate of both East and West hangs in the balance.

    Like Zero Day, Trojan Horse is a thrilling suspense story, a sober warning from one of the world’s leading experts on cyber-security, Microsoft Technical Fellow Mark Russinovich. Trojan Horse exposes the already widespread use of international cyber-espionage as a powerful and dangerous weapon, and the lengths to which one man will go to stop it.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  10. #10

    Join Date
    Feb 2012
    Posts
    2,065
    Blog Entries
    7

    Re: Sysinternals Tools Updates

    Latest update: Updates: Autoruns v11.5, Du (Disk Usage) v1.5, Procdump v5.14, Procmon v3.04, Ru (Registry Usage) v1.0 - Sysinternals Site Discussion - Site Home - TechNet Blogs

    Updates: Autoruns v11.5, Du (Disk Usage) v1.5, Procdump v5.14, Procmon v3.04, Ru (Registry Usage) v1.0
    safarr_msft1
    27 Mar 2013 4:23 PM

    0

    Autoruns v11.5: This update to Autoruns, a utility for managing autostarting applications and components, now reports the image timestamp of executables and the last-modified timestamp of other file types and autostart locations to help with forensic analysis. The jump-to-entry feature is also improved to navigate directly to files rather than their parent directory.

    Disk Usage (Du) v1.5: Du, a command-line utility for reporting the disk space consumed by directories and their files, has expanded CSV output that includes file and directory counts, as well as an option for tab-delimiting, which is a format more convenient for import into Excel than comma-delimited.

    ProcDump v5.14: This release of Procdump, a command-line utility that enables the capture of process dumps based on numerous trigger types including on-demand, doesn’t report process exceptions unless the exception trigger is specified.

    Process Monitor v3.04: Procmon, a power system activity monitor, now includes support for new Windows 8 file information query types and fixes a bug in the tooltip handling.

    Registry Usage (RU) v1.0: Ru (Registry Usage) is a new command-line utility that reports the size, value and subkey counts of registry keys. Like its Sysinternals Du (Disk Usage) counterpart, Ru can help you find the keys that contribute to registry bloat.
    LilBambi, GZ, satrow and 1 others say thanks for this.

  11. #11
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    7,863

    Re: Sysinternals Tools Updates

    Process Explorer was updated and is now integrated with VirusTotal APIs. From http://technet.microsoft.com/en-us/s.../default.aspx:

    What's New (January 29, 2014)

    Process Explorer v16.0
    Thanks to collaboration with the team at VirusTotal, this Process Explorer update introduces integration with VirusTotal.com, an online antivirus analysis service. When enabled, Process Explorer sends the hashes of images and files shown in the process and DLL views to VirusTotal and if they have been previously scanned, reports how many antivirus engines identified them as possibly malicious. Hyperlinked results take you to VirusTotal.com report pages and you can even submit files for scanning.
    Download: Process Explorer v16.0
    jcgriff2, satrow, mgrzeg and 1 others say thanks for this.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  12. #12
    ganjeii's Avatar
    Join Date
    Dec 2013
    Location
    Boston, MA
    Posts
    142

    Re: Sysinternals Tools Updates

    Aweommmmeeeeeee!!!
    Don't over think, you will create a problem that wasn't there in the first place.







  13. #13
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    7,863

    Re: SysInternals Suite

    Via Twitter, https://twitter.com/markrussinovich/...24363965632513

    Just posted Sysinternals updates: Autoruns w/WMI support and Procdump with a slew of enhancements: Windows Sysinternals: Documentation, downloads and additional resources
    What's New (May 13, 2014)


    • Autoruns v12.0
      This release of Autoruns, a Windows application and command-line utility for viewing autostart entries, now reports the presence of batch file and executable image entries in the WMI database, a vector used by some types of malware.
    • ProcDump v7.0
      Procdump, a utility for capturing process dump files based on CPU, memory, and other triggers, has improved support for lightweight reflection dumps on Windows 7 and Windows 8, adds debug print statements as a new trigger type, has support for memory commit duration triggers, and now includes an option to unregister Procdump as the system last-chance exception debugger.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  14. #14
    Digerati's Avatar
    Join Date
    Aug 2012
    Location
    Nebraska, USA
    Posts
    2,781
    • specs System Specs
      • Manufacturer:
        BrightWorks Systems
      • Model Number:
        BWS-6 E-IV
      • Motherboard:
        Gigabyte GA-Z170-HD3
      • CPU:
        Intel Core i5-6600 Skylake Pushed to 3.9GHz
      • Memory:
        2 X 8GB Corsair Vengeance DDR4 3000
      • Graphics:
        MSI Radeon R7 370 2GD5T OC 2GB 256-Bit GDDR5
      • Sound Card:
        Integrated
      • Hard Drives:
        None
      • Disk Drives:
        Samsung 850 Pro 256GB SSD, 850 EVO 250GB SSD, Blu-ray R/W
      • Power Supply:
        EVGA Supernova 550W Gold
      • Case:
        Fractal Design Define R4 Mid Tower w/Window
      • Cooling:
        2 x 140mm case fans, OEM CPU Cooler
      • Display:
        2 x Samsung S24E650BW 24 inch WS
      • Operating System:
        Windows 10 Pro 64-Bit

    Re: SysInternals Suite

    Thanks Corrine!
    Bill (AFE7Ret)
    Freedom is NOT Free!
    MS MVP Windows and Devices for IT, 2007 - 2017

    Heat is the bane of all electronics!

  15. #15
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    7,863

    Re: Sysinternals Tools Updates

    From Update: AccessChk v6.0, Autoruns v13.4, Process Monitor v3.2, VMMap v3.2 :
    AccessChk v6.0
    This update to AccessChk, a command-line utility that shows effective and actual permissions for registry keys, files, services, kernel objects, and more, can now show the permissions and security descriptors assigned to event logs, and incorporates owner-rights accesses in its permissions evaluations.

    Autoruns v13.4
    Autoruns, the most comprehensive utility available for showing what executables, DLLs, and drivers are configured to automatically start and load, now reports Office addins, adds several additional autostart locations, and no longer hides hosting executables like cmd.exe, powershell.exe and others when Windows and Microsoft filters are in effect.
    Process Monitor v3.2
    Process Monitor, a real-time system monitoring utility that captures registry, file system, process and thread, CPU, DLL and network activity, adds an option to show all file system values in hexadecimal, adds additional error code and file system control strings, and fixes a bug that prevented boot capture on Windows 10.
    VMMap v3.2
    This release of VMMap, a powerful tool for analyzing the virtual and physical memory usage of a process, fixes a bug that prevented it from working with the 2 TB reserved memory region introduced to support Control Flow Guard (CFG).
    usasma, Digerati, satrow and 1 others say thanks for this.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  16. #16

    Join Date
    Feb 2012
    Posts
    2,065
    Blog Entries
    7

    Re: Sysinternals Tools Updates

    Thanks Corrine!
    Autoruns and Process Monitor updates are particularly significant.

  17. #17
    Digerati's Avatar
    Join Date
    Aug 2012
    Location
    Nebraska, USA
    Posts
    2,781
    • specs System Specs
      • Manufacturer:
        BrightWorks Systems
      • Model Number:
        BWS-6 E-IV
      • Motherboard:
        Gigabyte GA-Z170-HD3
      • CPU:
        Intel Core i5-6600 Skylake Pushed to 3.9GHz
      • Memory:
        2 X 8GB Corsair Vengeance DDR4 3000
      • Graphics:
        MSI Radeon R7 370 2GD5T OC 2GB 256-Bit GDDR5
      • Sound Card:
        Integrated
      • Hard Drives:
        None
      • Disk Drives:
        Samsung 850 Pro 256GB SSD, 850 EVO 250GB SSD, Blu-ray R/W
      • Power Supply:
        EVGA Supernova 550W Gold
      • Case:
        Fractal Design Define R4 Mid Tower w/Window
      • Cooling:
        2 x 140mm case fans, OEM CPU Cooler
      • Display:
        2 x Samsung S24E650BW 24 inch WS
      • Operating System:
        Windows 10 Pro 64-Bit

    Re: Sysinternals Tools Updates

    Thanks Corrine! And yeah, Autoruns and Process Monitor are two of my favorite utilities too.
    Bill (AFE7Ret)
    Freedom is NOT Free!
    MS MVP Windows and Devices for IT, 2007 - 2017

    Heat is the bane of all electronics!

  18. #18
    jcgriff2's Avatar
    Join Date
    Feb 2012
    Location
    New Jersey Shore
    Posts
    14,413

    Re: Sysinternals Tools Updates

    Same here.

    BSOD Posting Instructions - Windows 10, 8.1, 8, 7 & Vista ` ` `Carrona Driver Reference Table (DRT)
    https://www.sysnative.com/
    Sysnative Hex-Decimal-UNIX Date Conversion

    Has Sysnative Forums helped you?
    Please consider donating to help support the forum.
    Thank You!

    Microsoft MVP 2009-2015

  19. #19
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    7,863

    Re: Sysinternals Tools Updates

    From Update: Autoruns v13.5, Sigcheck v2.3, RAMMap v1.4, BgInfo v4.21, Sysmon v3.11, ADInsight v1.2 - Sysinternals Site Discussion:

    Autoruns v13.5
    This update to Autoruns, the most comprehensive autostart viewer and manager available for Windows, now shows 32-bit Office addins and font drivers, and enables resubmission of known images to Virus Total for a new scan.
    Sigcheck v2.30
    Sigcheck, a command-line utility for displaying detailed file version information, image signing status, catalog and certificate store contents, includes updated Windows 10 certificate OIDs, support for checking corresponding MUI (internationalization strings) files for more accurate version data, and now shows the version company name as well as signature publisher for signed files.
    RAMMap v1.4
    This release of RAMMap, a tool that reports detailed information about physical memory usage, is compatible with Windows 10 and includes a bug fix that could cause a crash when a long file name was scrolled into view in the file summary page.
    BgInfo v4.21
    BgInfo, a utility that displays customization text and system information on the desktop wallpaper, now correctly reports Windows 10 and Windows Server 2016, and fixes a bug that could cause incorrect desktop bitmap sizes on systems with high DPI.
    Sysmon v3.11
    Sysmon is a system utility that logs security relevant process, network and file events to the event log. This update fixes a memory leak for DLL image load event monitoring and removes a misleading warning when processing configuration files.
    ADInsight v1.2
    ADInsight, a real-time monitoring tool, now includes support for 64-bt Windows as well as numerous bug fixes.
    JMH says thanks for this.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

  20. #20
    Digerati's Avatar
    Join Date
    Aug 2012
    Location
    Nebraska, USA
    Posts
    2,781
    • specs System Specs
      • Manufacturer:
        BrightWorks Systems
      • Model Number:
        BWS-6 E-IV
      • Motherboard:
        Gigabyte GA-Z170-HD3
      • CPU:
        Intel Core i5-6600 Skylake Pushed to 3.9GHz
      • Memory:
        2 X 8GB Corsair Vengeance DDR4 3000
      • Graphics:
        MSI Radeon R7 370 2GD5T OC 2GB 256-Bit GDDR5
      • Sound Card:
        Integrated
      • Hard Drives:
        None
      • Disk Drives:
        Samsung 850 Pro 256GB SSD, 850 EVO 250GB SSD, Blu-ray R/W
      • Power Supply:
        EVGA Supernova 550W Gold
      • Case:
        Fractal Design Define R4 Mid Tower w/Window
      • Cooling:
        2 x 140mm case fans, OEM CPU Cooler
      • Display:
        2 x Samsung S24E650BW 24 inch WS
      • Operating System:
        Windows 10 Pro 64-Bit

    Re: Sysinternals Tools Updates

    Really glad to see BGInfo updated. I really like this little program and have it displaying all my hardware and network information on my second monitor. Really handy for me. But sadly, this new update does NOT correctly report Windows 10. It still says Windows 8.
    Bill (AFE7Ret)
    Freedom is NOT Free!
    MS MVP Windows and Devices for IT, 2007 - 2017

    Heat is the bane of all electronics!

Page 1 of 2 12 Last

Similar Threads

  1. SysInternals SIGCHECK (Windows 8.1 /8 /7 /Vista)
    By jcgriff2 in forum Windows 8 | Windows RT Tutorials
    Replies: 2
    Last Post: 04-11-2014, 12:36 PM
  2. Sysinternals Updater - batch file
    By jcgriff2 in forum Windows Tips & Tricks
    Replies: 0
    Last Post: 11-04-2012, 05:27 PM
  3. Sysinternals Suite
    By JMH in forum Microsoft News
    Replies: 0
    Last Post: 08-04-2012, 02:19 AM
  4. SysInternals Suite
    By jcgriff2 in forum Windows Tips & Tricks
    Replies: 25
    Last Post: 05-19-2012, 07:14 AM

Log in

Log in