I haven’t posted any updates on Sysinternals in quite some time, so here are the latest updates from Sysinternals. It’s nice to see that my favorite applications are being regularly updated ie. Process Explorer and Autoruns.
What’s New (February 5, 2013)
- Process Explorer v15.3
This major Process Explorer release includes heat-map display for process CPU, private bytes, working set and GPU columns, sortable security groups in the process properties security page, and tooltip reporting of tasks executing in Windows 8 Taskhostex processes. It also creates dump files that match the bitness of the target process and works around a bug introduced in Windows 8 disk counter reporting.
What’s New (January 24, 2013)
- Procdump v5.13
This update to Procdump, a command-line utility that generates on-demand and trigger-based process crash dump files, now supports triggers for when process CPU usage, memory consumption or arbitrary performance counters fall below a specified value.
- Sigcheck v1.9
Sigcheck, a command-line file-version and signature verification tool, now reports certificate publisher names, capitalizes hash values, and fixes a certificate chain validation bug.
What’s New (January 11, 2013)
- Mark’s Blog: Hunting Down and Killing Ransomware
In Mark’s latest post he takes you behind the scenes of the current ransomware scourge, showing examples of how they try and coerce users to paying, explaining how they work and detailing how you can use Sysinternals tools to clean them from an infected system.
- Autoruns v11.4
Autoruns v11.4 adds additional startup locations, fixes several bugs related to image path parsing, adds better support for browsing folders on WinPE, and fixes a Wow64 redirection bug.
Remember that these guys didn’t always work for Microsoft, they had process explorer and other applications way back in the day, and since then it had matured to the point where the authors were hired by Microsoft. If you have used task manager in Windows 8, it looks quite similar to Process Explorer.