Sysinternals Update: ProcDump v9, Autoruns v13.71, BgInfo v4.22, LiveKd v5.62, Process Monitor v3.33, Process Explorer v16.21

ProcDump v9 This major update to ProcDump, a utility that enables process dump capture based on a variety of triggers, introduces the ability to take capture multiple dumps sizes. This is particularly useful when capturing crash dumps of applications susceptible to termination due to unresponsiveness (e.g. IIS Ping killing w3wp.exe). This release also adds support…


Update: LiveKd v5.4, Autoruns v13.2, Sigcheck v2.2, Process Explorer v16.05

LiveKd v5.4This update to Livekd, a tool that enables live kernel debugging for Windows systems and Hyper-V guest Windows virtual machines, now includes ‘live dump’ support for generating fast-snapshot crash-consistent kernel dump files using support introduced in Windows 8.1 and Windows Server 2012 R2. Autoruns v13.2In addition to bug fixes to CSV and XML output,…


Updates: Coreinfo v3.21, Disk2vhd v2.0, LiveKd v5.31

Coreinfo v3.21: CoreInfo is a command-line tool for reporting processor topology, NUMA performance, and processor features. The v3.21 release adds microcode reporting. Disk2vhd v2.0: Disk2vhd, a utility for performing physical-to-virtual conversion of Windows systems, adds support for VHDX-formatted VHDs (thanks to Brendan Gruber for contributions), now supports WinRE volumes, can capture removable media, and includes…

0

Updates: Coreinfo v3.1, Desktops v2.0, Livekd v5.3, PsPasswd v1.23, Testlimit v5.22, Whois v1.11

Coreinfo v3.1: This update to Coreinfo, a command line utility that reports detailed information about a system’s processor topology, CPU features, and cache topology, fixes a bug affecting the calculation of NUMA node costs and adds support for several more processor features, including RDRAND, LAHF/SAHF, Prefetchw and Intel Speedstep. Desktops v2.0: Desktops, a virtual desktop…

0

Updates: Autoruns v 11.3, LiveKd v 5.2, Strings v 2.5 and Trojan Horse, Mark’s sequel to Zero Day, available for pre-order

Autoruns v11.3: This update to Autoruns, a utility that shows the executables, drivers, and DLLs configured to autostart, adds several new autostart locations, sets a file association for its log file extension, reports the target of Rundll32 and other host executables, and fixes several bugs. LiveKd v5.2: LiveKd, a command-line utility for performing live read-only…

0

Updates: LiveKd v5.0 – and a related Mark’s Blog post, Disk2vhd v1.63, Sigcheck v1.71

LiveKd v5.0: LiveKd, a tool that enables live kernel debugging of Windows systems, can now debug and generate kernel dump files of Hyper-V Windows virtual machines from the parent partition without having to boot the target virtual machine in debug mode. See Mark’s most recent blog post, “Debugging Virtual Machines with LiveKd” for more information….

0

Updates: LiveKd v4.0, AccessChk v5.0, LogonSessions v1.2 and serveral PsTools and a new Mark’s Blog Post – The Case of the Printing Failure

Mark’s Blog: The Case of the Printing Failure – Mark’s most recent post in the Case of the Unexplained series describes the troubleshooting steps, which include use of Procdump and Process Monitor, an administrator went through when printing failed on one of the systems in their network. AccessChk v5.0: A command-line tool for viewing the effective…

0

Updates: AdExplorer v1.3, VMMap v2.6, Disk2vhd v1.5, LiveKd v3.14, Sigcheck v1.66

AdExplorer v1.3: This update to AdExplorer, an Active Directory editor, has major node expansion performance improvements and a number of minor bug fixes. VMMap v2.6: VMMap, a powerful process virtual and physical memory analysis tool, now shows both graphical and numeric breakdowns of private virtual memory, as well as heap configuration flags. Disk2vhd v1.5: Disk2Vhd…

0

Updates: ProcDump v1.7, AccessChk v4.24, Sigcheck v1.64, Desktops v1.01, LiveKd v3.13

  ProcDump v1.7: This update to ProcDump, a command-line utility that will generate memory dumps of processes based on various selectable criteria, now supports periodic timed dumps as well as dumps based on virtual memory thresholds. AccessChk v4.24: AccessChk, a utility that shows effective security permissions for files, registry keys, services, and more, now supports…

0

Updates: Disk2vhd v1.3, Sigcheck v1.61, Process Monitor v2.8, LiveKd v3.12 and a new Mark’s blog post

NewSID Retirement and the Machine SID Duplication Myth: Mark’s latest blog post debunks the myth that having duplicate machine SIDs causes problems, explaining why the Sysinternals NewSID tool has been retired.   Disk2vhd v1.3: This update to Disk2vhd makes more Windows XP and Windows Server 2003 VHDs bootable by updating their MBR and boot sectors…

0